modelling and verification 2006
play

Modelling and Verification 2006 Lecture 13 Untimed bisimilarity - PowerPoint PPT Presentation

Aug 24, 2022 •309 likes •628 views

Equivalence Checking Problems Regions Region Graph Networks of Timed Automata Modelling and Verification 2006 Lecture 13 Untimed bisimilarity Region graph and the reachability problem Networks of timed automata Model checking of timed

  1. Equivalence Checking Problems Regions Region Graph Networks of Timed Automata Modelling and Verification 2006 Lecture 13 Untimed bisimilarity Region graph and the reachability problem Networks of timed automata Model checking of timed automata Lecture 13 Modelling and Verification 2006

  2. � � � � Equivalence Checking Problems Regions Untimed Bisimilarity Region Graph Networks of Timed Automata Example of Timed Non-Bisimilar Automata ���� ���� ���� ���� ���� ���� ���� ���� A A’ x ≤ 1 x ≤ 2 a a ���� ���� ���� ���� x :=0 x :=0 B B’ x ≤ 3 x ≤ 3 a a ���� ���� ���� ���� C C’ Lecture 13 Modelling and Verification 2006

  3. Equivalence Checking Problems Regions Untimed Bisimilarity Region Graph Networks of Timed Automata Untimed Bisimilarity Let A 1 and A 2 be timed automata. Let ǫ be a new (fresh) action. Untimed Bisimilarity We say that A 1 and A 2 are untimed bisimilar iff the transition systems T ( A 1 ) and T ( A 2 ) generated by A 1 and A 2 where every → for d ∈ R ≥ 0 is replaced with d ǫ transition of the form − − → are strongly bisimilar. Remark: a − → for a ∈ N is treated as a visible transition, while d → for d ∈ R ≥ 0 are all labelled by a single visible action ǫ − − → . Corollary Any two timed bisimilar automata are also untimed bisimilar. Lecture 13 Modelling and Verification 2006

  4. Equivalence Checking Problems Regions Untimed Bisimilarity Region Graph Networks of Timed Automata Untimed Bisimilarity Let A 1 and A 2 be timed automata. Let ǫ be a new (fresh) action. Untimed Bisimilarity We say that A 1 and A 2 are untimed bisimilar iff the transition systems T ( A 1 ) and T ( A 2 ) generated by A 1 and A 2 where every → for d ∈ R ≥ 0 is replaced with d ǫ transition of the form − − → are strongly bisimilar. Remark: a − → for a ∈ N is treated as a visible transition, while d → for d ∈ R ≥ 0 are all labelled by a single visible action ǫ − − → . Corollary Any two timed bisimilar automata are also untimed bisimilar. Lecture 13 Modelling and Verification 2006

  5. � � � � Equivalence Checking Problems Regions Untimed Bisimilarity Region Graph Networks of Timed Automata Timed Non-Bisimilar but Untimed Bisimilar Automata ���� ���� ���� ���� ���� ���� ���� ���� A A’ x ≤ 1 x ≤ 2 a a ���� ���� ���� ���� x :=0 x :=0 B B’ x ≤ 3 x ≤ 3 a a ���� ���� ���� ���� C C’ Lecture 13 Modelling and Verification 2006

  6. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Automatic Verification of Timed Automata Fact Even very simple timed automata generate timed transition systems with infinitely (even uncountably) many reachable states. Question Is any automatic verification approach (like bisimilarity checking, model checking or reachability analysis) possible at all? Answer Yes, using region graph techniques. Key idea: infinitely many clock valuations can be categorized into finitely many equivalence classes. Lecture 13 Modelling and Verification 2006

  7. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Automatic Verification of Timed Automata Fact Even very simple timed automata generate timed transition systems with infinitely (even uncountably) many reachable states. Question Is any automatic verification approach (like bisimilarity checking, model checking or reachability analysis) possible at all? Answer Yes, using region graph techniques. Key idea: infinitely many clock valuations can be categorized into finitely many equivalence classes. Lecture 13 Modelling and Verification 2006

  8. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Automatic Verification of Timed Automata Fact Even very simple timed automata generate timed transition systems with infinitely (even uncountably) many reachable states. Question Is any automatic verification approach (like bisimilarity checking, model checking or reachability analysis) possible at all? Answer Yes, using region graph techniques. Key idea: infinitely many clock valuations can be categorized into finitely many equivalence classes. Lecture 13 Modelling and Verification 2006

  9. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Preliminaries Let d ∈ R ≥ 0 . Then let ⌊ d ⌋ be the integer part of d , and let frac ( d ) be the fractional part of d . Any d ∈ R ≥ 0 can be now written as d = ⌊ d ⌋ + frac ( d ) . Example: ⌊ 2 . 345 ⌋ = 2 and frac (2 . 345) = 0 . 345. Let A be a timed automaton and x ∈ C be a clock. We define c x ∈ N as the largest constant with which the clock x is ever compared either in the guards or in the invariants present in A . Lecture 13 Modelling and Verification 2006

  10. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Preliminaries Let d ∈ R ≥ 0 . Then let ⌊ d ⌋ be the integer part of d , and let frac ( d ) be the fractional part of d . Any d ∈ R ≥ 0 can be now written as d = ⌊ d ⌋ + frac ( d ) . Example: ⌊ 2 . 345 ⌋ = 2 and frac (2 . 345) = 0 . 345. Let A be a timed automaton and x ∈ C be a clock. We define c x ∈ N as the largest constant with which the clock x is ever compared either in the guards or in the invariants present in A . Lecture 13 Modelling and Verification 2006

  11. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Intuition Let v , v ′ : C → R ≥ 0 be clock valuations. Let ∼ denote untimed bisimilarity of timed transition systems. Our Aim Define an equivalence relation ≡ over clock valuations such that 1 v ≡ v ′ implies ( ℓ, v ) ∼ ( ℓ, v ′ ) for any location ℓ 2 ≡ has only finitely many equivalence classes. Lecture 13 Modelling and Verification 2006

  12. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Clock (Region) Equivalence Equivalence Relation on Clock Valuations Clock valuations v and v ′ are equivalent ( v ≡ v ′ ) iff Lecture 13 Modelling and Verification 2006

  13. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Clock (Region) Equivalence Equivalence Relation on Clock Valuations Clock valuations v and v ′ are equivalent ( v ≡ v ′ ) iff 1 for all x ∈ C such that v ( x ) ≤ c x or v ′ ( x ) ≤ c x we have ⌊ v ( x ) ⌋ = ⌊ v ′ ( x ) ⌋ Lecture 13 Modelling and Verification 2006

  14. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Clock (Region) Equivalence Equivalence Relation on Clock Valuations Clock valuations v and v ′ are equivalent ( v ≡ v ′ ) iff 1 for all x ∈ C such that v ( x ) ≤ c x or v ′ ( x ) ≤ c x we have ⌊ v ( x ) ⌋ = ⌊ v ′ ( x ) ⌋ 2 for all x ∈ C such that v ( x ) ≤ c x we have frac ( v ′ ( x )) = 0 frac ( v ( x )) = 0 iff Lecture 13 Modelling and Verification 2006

  15. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Clock (Region) Equivalence Equivalence Relation on Clock Valuations Clock valuations v and v ′ are equivalent ( v ≡ v ′ ) iff 1 for all x ∈ C such that v ( x ) ≤ c x or v ′ ( x ) ≤ c x we have ⌊ v ( x ) ⌋ = ⌊ v ′ ( x ) ⌋ 2 for all x ∈ C such that v ( x ) ≤ c x we have frac ( v ′ ( x )) = 0 frac ( v ( x )) = 0 iff 3 for all x , y ∈ C such that v ( x ) ≤ c x and v ( y ) ≤ c y we have frac ( v ′ ( x )) ≤ frac ( v ′ ( y )) frac ( v ( x )) ≤ frac ( v ( y )) iff Lecture 13 Modelling and Verification 2006

  16. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Regions Let v be a clock valuation. The ≡ -equivalence class represented by v is denoted by [ v ] and defined by [ v ] = { v ′ | v ′ ≡ v } . Definition of a Region An ≡ -equivalence class [ v ] represented by some clock valuation v is called a region. Theorem For every location ℓ and any two valuations v and v ′ from the same region ( v ≡ v ′ ) it holds that ( ℓ, v ) ∼ ( ℓ, v ′ ) where ∼ stands for untimed bisimilarity. Lecture 13 Modelling and Verification 2006

  17. Equivalence Checking Problems Motivation Regions Intuition Region Graph Clock Equivalence Networks of Timed Automata Regions Let v be a clock valuation. The ≡ -equivalence class represented by v is denoted by [ v ] and defined by [ v ] = { v ′ | v ′ ≡ v } . Definition of a Region An ≡ -equivalence class [ v ] represented by some clock valuation v is called a region. Theorem For every location ℓ and any two valuations v and v ′ from the same region ( v ≡ v ′ ) it holds that ( ℓ, v ) ∼ ( ℓ, v ′ ) where ∼ stands for untimed bisimilarity. Lecture 13 Modelling and Verification 2006

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CLASSI C CLASSI C CLASSI C Modelling , Specification , and Verification using UPPAAL Kim

CLASSI C CLASSI C CLASSI C Modelling , Specification , and Verification using UPPAAL Kim

CLASSI C CLASSI C CLASSI C Modelling , Specification , and Verification using UPPAAL Kim Guldstrand Larsen Finite State Machines Modelling using UC UC b Modelling processes A process is the execution of a sequential program.

1.41k views • 108 slides
Modelling and Verification of Component Compatibility by Composition MOCA'04 Third Workshop on

Modelling and Verification of Component Compatibility by Composition MOCA'04 Third Workshop on

Modelling and Verification of Component Compatibility by Composition MOCA'04 Third Workshop on Modelling of Objects, Components and Agents Aarhus, Denmark October 11-13, 2004 Donald C. Craig and Wlodek M. Zuberek Department of Computer

293 views • 14 slides
Modelling and Verification of a Distributed Interlocking System using UPPAAL and UMC Van Anh Thi

Modelling and Verification of a Distributed Interlocking System using UPPAAL and UMC Van Anh Thi

Modelling and Verification of a Distributed Interlocking System using UPPAAL and UMC Van Anh Thi Trinh & Per Lange Laursen DTU Compute, Technical University of Denmark 22. maj 2019 DTU Compute Outline Objectives Modelling with

418 views • 11 slides
Infrastructure for DEVS Modelling and Experiment Hongyan Song August 2006 Modelling,

Infrastructure for DEVS Modelling and Experiment Hongyan Song August 2006 Modelling,

Infrastructure for DEVS Modelling and Experiment Hongyan Song August 2006 Modelling, Simulation, and Design Lab School of Computer Science McGill University Outline Motivations and Ideas DEVS Visual Modelling Representing DEVS in

631 views • 19 slides
Probabilistic Modelling and Verification of Introduction Biological Systems Biological Systems

Probabilistic Modelling and Verification of Introduction Biological Systems Biological Systems

Probabilistic Modelling and Verification of Biological Systems Paolo Milazzo Outline Probabilistic Modelling and Verification of Introduction Biological Systems Biological Systems as Concurrent Systems Examples of Models Discussion on

840 views • 34 slides
Authenticated Encryption in TLS Same modelling Poor TLS track record & verification

Authenticated Encryption in TLS Same modelling Poor TLS track record & verification

Authenticated Encryption in TLS Same modelling Poor TLS track record & verification approach - Many implementation flaws - Attacks on weak cryptography concrete security: each lossy step (MD5, SHA1, ) documented by a game and a

514 views • 27 slides
A rule-based Control and Verification framework in ATLAS Trigger-DAQ 2006 Conference for

A rule-based Control and Verification framework in ATLAS Trigger-DAQ 2006 Conference for

A rule-based Control and Verification framework in ATLAS Trigger-DAQ 2006 Conference for Computing in High Energy and Nuclear Physics 13-17 Feb. 2006 Mumbai, India Presented by Andrei Kazarov CERN-ATD/PNPI Petersburg Presentation contents

892 views • 24 slides
Modelling and Verification Lecture 1 Lecturer: Luca Aceto luca@ru.is or luca.aceto@gmail.com

Modelling and Verification Lecture 1 Lecturer: Luca Aceto luca@ru.is or luca.aceto@gmail.com

Organization of the Course Introduction Formal Models for Reactive Systems Introduction to CCS Modelling and Verification Lecture 1 Lecturer: Luca Aceto luca@ru.is or luca.aceto@gmail.com Lecture 1 Modelling and Verification Organization

840 views • 36 slides
Run-time Verification Oleg Sokolsky CIS 673 Fall 2006 Outline Motivation and overview

Run-time Verification Oleg Sokolsky CIS 673 Fall 2006 Outline Motivation and overview

Run-time Verification Oleg Sokolsky CIS 673 Fall 2006 Outline Motivation and overview Why run-time verification Formal methods and run-time verification Property specification Incremental property checking MaC

952 views • 72 slides
Modelling, Specification and Verification of Reactive Systems Milners Calculus of

Modelling, Specification and Verification of Reactive Systems Milners Calculus of

Introduction to CCS Syntax of CCS Semantics of CCS Value Passing CCS Modelling, Specification and Verification of Reactive Systems Milners Calculus of Communicating Systems (CCS) Plan for this part of the course: Informal introduction to

763 views • 50 slides
Towards self-verification of HOL Light John Harrison Intel Corporation IJCAR 2006, Seattle

Towards self-verification of HOL Light John Harrison Intel Corporation IJCAR 2006, Seattle

Towards self-verification of HOL Light John Harrison Intel Corporation IJCAR 2006, Seattle August 18, 2006 0 Who checks the checker? Formalization in a proof checker is often used to ensure correctness of proofs. Pure mathematics

335 views • 21 slides
A unified approach to performance modelling and verification Stephen Gilmore and Le la Kloul

A unified approach to performance modelling and verification Stephen Gilmore and Le la Kloul

A unified approach to performance modelling and verification Stephen Gilmore and Le la Kloul Laboratory for Foundations of Computer Science The University of Edinburgh SAFECOMP, Sept 2003 Stephen Gilmore DEGAS project, LFCS, Edinburgh 1

761 views • 47 slides
Multiprocessor Memory Model Verification Paul Loewenstein, Shailender Chaudhry, Robert Cypher,

Multiprocessor Memory Model Verification Paul Loewenstein, Shailender Chaudhry, Robert Cypher,

Multiprocessor Memory Model Verification Paul Loewenstein, Shailender Chaudhry, Robert Cypher, Chaiyasit Manovit 21 August 2006 Federated Logic Conference 2006 Automated Formal Methods 1 21 August 2006 Summary Introduction. Related Work.

541 views • 20 slides
Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus

Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus

Introduction Specification of the Java Flight Manager Runtime Assertion Checking and Verification Conclusions Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus Wonnemann Formal Specification and

708 views • 54 slides
Modelling and Verification Lecture 4 Weak bisimilarity and weak bisimulation games Properties of

Modelling and Verification Lecture 4 Weak bisimilarity and weak bisimulation games Properties of

Strong Bisimilarity (Reprise) Weak Bisimilarity Case Study: Communication Protocol Congruence Problems Modelling and Verification Lecture 4 Weak bisimilarity and weak bisimulation games Properties of weak bisimilarity Example: a

587 views • 24 slides
Modelling, Specification and Verification of Reactive Systems Introduction to the Course

Modelling, Specification and Verification of Reactive Systems Introduction to the Course

Organization of the Course Introduction Formal Models for Reactive Systems Modelling, Specification and Verification of Reactive Systems Introduction to the Course Lecturer: Luca Aceto Email: luca@ru.is or luca.aceto@gmail.com Course web

449 views • 25 slides
Math 3230 Abstract Algebra I Sec 3.7: Conjugacy classes Slides created by M. Macauley, Clemson

Math 3230 Abstract Algebra I Sec 3.7: Conjugacy classes Slides created by M. Macauley, Clemson

Math 3230 Abstract Algebra I Sec 3.7: Conjugacy classes Slides created by M. Macauley, Clemson (Modified by E. Gunawan, UConn) http://egunawan.github.io/algebra Abstract Algebra I Sec 3.7 Conjugacy classes Abstract Algebra I 1 / 13

242 views • 13 slides
Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value testing have? ECT2 Boundary value problems 2 Generates test cases with Serious gaps Massive redundancy ECT3 Motivation for

752 views • 44 slides
Homework Homework #1 returned Equivalence and DFA Homework #2 Due today Minimization

Homework Homework #1 returned Equivalence and DFA Homework #2 Due today Minimization

Homework Homework #1 returned Equivalence and DFA Homework #2 Due today Minimization Homework #3 Exercise 4.1.1b,d,f pg 129 Exercise 4.2.15 pg 148 Exercise 4.3.2 pg 153 Exercise 4.3.4 pg 154 Exercise 4.4.2

271 views • 6 slides
Discrete Structures Relations Chapter 6, Sections 6.1 - 6.5 Dieter Fox D. Fox, CSE-321 Chapter

Discrete Structures Relations Chapter 6, Sections 6.1 - 6.5 Dieter Fox D. Fox, CSE-321 Chapter

Discrete Structures Relations Chapter 6, Sections 6.1 - 6.5 Dieter Fox D. Fox, CSE-321 Chapter 6, Sections 6.1 - 6.5 0-0 Relations Let A and B be sets. A binary relation from A to B is a subset of A B . If ( a, b ) R , we write aRb

243 views • 10 slides
Union-Find [10] In the last class Hashing Collision Handling for Hashing Closed

Union-Find [10] In the last class Hashing Collision Handling for Hashing Closed

Algorithm : Design & Analysis Union-Find [10] In the last class Hashing Collision Handling for Hashing Closed Address Hashing Open Address Hashing Hash Functions Array Doubling and Amortized Analysis Union-Find

618 views • 33 slides
Patterns and Statistics Bruce Sagan Department of Mathematics Michigan State University East

Patterns and Statistics Bruce Sagan Department of Mathematics Michigan State University East

Patterns and Statistics Bruce Sagan Department of Mathematics Michigan State University East Lansing, MI 48824-1027 sagan@math.msu.edu www.math.msu.edu/ sagan July 7, 2014 Generalities Permutation patterns and the major index maj-Wilf

1.27k views • 90 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (10/3/07) I E S R C E O V U

UMBC A B M A L T F O U M B C I M Y O R T 1 (10/3/07) I E S R C E O V U

VLSI Design Verification and Test Faults I CMPE 646 Defects, Errors and Faults Models bridge the gap between physical reality and a mathematical abstraction and allow for development of analytical tools. Definitions: Defect : An untended

249 views • 21 slides
Probabilistic and Logistic Circuits: A New Synthesis of Logic and Machine Learning Guy Van den

Probabilistic and Logistic Circuits: A New Synthesis of Logic and Machine Learning Guy Van den

Probabilistic and Logistic Circuits: A New Synthesis of Logic and Machine Learning Guy Van den Broeck RelationalAI ArrowCon Feb 5, 2019 Which method to choose? Classical AI Methods: Neural Networks: Hungry $25? ? Restaura Sleep? nt?

819 views • 56 slides

More recommend