Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius Mikucionis g y, Wang Zheng Jonas van Vliet, Danny Poulsen CAV 2011, PDMC CAV 2011, PDMC 2011, 2011, FORMAT FORMATS 2011 2011
UPPAAL UPPAAL Safety A[] forall (i : id_t) forall (j : id_t) Train(i).Cross && Train(j).Cross imply i == j Reachability E<> Train(0).Cross and Train(1).Stop ( ) ( ) p Liveness Train(0) Appr --> Train(0) Cross Train(0).Appr > Train(0).Cross A<> .. E[] .. inf: Limited quantitative analysis sup: sup: .. inf: .. Pr[ <> Time ≤ 500 and Train(0).Cross] ≥ 0.7 Performance properties Pr[Train(0).Appr --> Time ≤ 100 Train(0).Cross] ≥ 0.4 State-space explosion 2 ARTIST Design PhD School, Beijing, 2011
UPPAAL UPPAAL SMC SMC Performance properties P [ Pr[ <= 200](<> Train(5).Cross) 200]( T i (5) C ) Pr[ <= 100](<> Train(0).Cross) >= 0.8 Pr[ <= 100](<> Train(5).Cross) >= Pr[ <= 100](<> Train(1).Cross) State-space explosion Generate runs Generate runs Performance properties State-space explosion ARTIST Design PhD School, Beijing, 2011 3
Overview Overview Statistical Model Checking in UPPAAL Estimation Testing Distributed SMC for Parameterized Models Parameter Sweeps P S Optimization Nash Equilibria q Distributing Statistical Model Checking Estimation Testing Testing Parameter Analysis of DSMC Conclusion Conclusion ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Lars Kim Larsen [4] en [4]
Overview Overview Statistical Model Checking in UPPAAL Statistical Model Checking in UPPAAL Estimation Testing Distributed SMC for Parameterized Models Parameter Sweeps P S Optimization Nash Equilibria q Distributing Statistical Model Checking Estimation Testing Testing Parameter Analysis of DSMC Conclusion Conclusion ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Lars Kim Larsen [5] en [5]
The Hammer Game The Hammer Game Alex Alex Axel ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Lars Kim Larsen [6] en [6]
Stochastic Semantics of TA Stochastic Semantics of TA Exponential Distribution Uniform Distribution Compositio Composition = n = Input enabled Input enabled Repeated races between components Repeated races between components ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Lars Kim Larsen [7] en [7]
Stochastic Semantics of Stochastic Semantics of Timed Automata Timed Automata g1 g2 2 s Delay Density Function D l D it F ti μ s : R → R • μ s uniform on [ d min , d max ] Output Probability Function p y • γ s uniform over enabled outputs γ s : Σ o → [0,1] ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Lars Kim Larsen [8] en [8]
Stochastic Semantics of Stochastic Semantics of Timed Automata Timed Automata Pr[time<=2](<> T T3) ? Pr[time<=2](<> T.T3) ? Pr[C<=6](<> T.T3) ? Composition = Race between components p p for outputting ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Lars Kim Larsen [9] en [9]
Stochastic Semantics of Stochastic Semantics of Timed Automata Timed Automata Assumptions: Component TAs are: • Input enabled • Deterministic D t i i ti • Disjoint set of output actions π ( s , a 1 a 2 …. a n ) : π ( s a ) : a a the set of maximal runs from s with a prefix t 1 a 1 t 2 a 2 … t n a k for some t 1 ,…, t n ∈ R . ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [10] Kim Larsen [10]
Logical Properties Logical Properties ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [11] Kim Larsen [11]
SMC Algorithms in UPPAAL SMC Algorithms in UPPAAL r Quantitative (Estimation) Qualitative (Hypothesis Testing) Quantitative (Estimation) Qualitative (Hypothesis Testing) Accept H Accept H 1 0 0 0 0 1 1 0 0 = ? 0 runs # α : prob of acc H 0 when H 1 β : prob of acc H 1 when H 0 Algorithm I: Probability Estimation Algorithm II: Sequential Probability Ratio Testing (Wald) Algorithm II: Sequential Probability Ratio Testing (Wald) Accept H 0 Chernoff ‐ Hoeffding Bound Alternatives, e.g. Clopper ‐ Pearson 10 10 11 11 ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [12] Kim Larsen [12]
Queries in UPPAAL Queries in UPPAAL SMC SMC Pr[ <= 200](<> Train(5).Cross) ++precision 13 ARTIST Design PhD School, Beijing, 2011
Queries in UPPAAL Queries in UPPAAL SMC SMC P [ Pr[ <= 100](<> Train(0).Cross) >= 0.8 100]( T i (0) C ) 0 8 Pr[ <= 100](<> Train(0).Cross) >= 0.5 14 ARTIST Design PhD School, Beijing, 2011
Queries in UPPAAL Queries in UPPAAL SMC SMC P [ Pr[ <= 100](<> Train(5).Cross) >= 100]( T i (5) C ) Pr[ <= 100](<> Train(1).Cross) � T<=100 Pr[<=T](<> Train(5) Cross) >= Pr[<=T](<> Train(5).Cross) >= Pr[<=T](<> Train(1).Cross) ARTIST Design PhD School, Beijing, 2011 15
Analysis Tool: Plot Composer Analysis Tool: Plot Composer ARTIST Design PhD School, Beijing, 2011 16
SMC in UPPAAL SMC in UPPAAL Constant Slope Timed Automata Clocks may have different (integer) slope in different y ( g ) p locations. Branching edges with discrete probabilities (weights). Beyond Priced TA Energy TA Equal LHA in (non- Beyond Priced TA, Energy TA. Equal LHA in (non stochastic) expressive power. Beyond DTMC, beyond CTMC (with multiple rewards) All features of UPPAAL supported All features of UPPAAL supported User defined functions and types Expressions in guards, invariants, clock-rates, delay- rates (rationals), and weights. New GUI for plot-composing and exporting. 17 17 ARTIST Design PhD School, Beijing, 2011
Case Studies Case Studies FIREWIRE BLUETOOTH DPA LMAC 18 18 ARTIST Design PhD School, Beijing, 2011
Benchmarking Benchmarking Duration Probabilistic Automata Duration Probabilistic Automata 19 19 ARTIST Design PhD School, Beijing, 2011
Overview Overview Statistical Model Checking in UPPAAL Estimation Testing Distributed SMC for Distributed SMC for Parameterized Models arameterized Models Parameter Sweeps P S Optimization Nash Equilibria q Distributing Statistical Model Checking Estimation Testing Testing Parameter Analysis of DSMC Conclusion Conclusion ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [20] Kim Larsen [20]
UPPAAL UPPAAL & PDMC PDMC’05 ’05 PDMC’05 Architecture Gerd Behrman, Kim G Larsen GRID H t Cl Het. Cl Hom. Cl 1-CPU Properties Modeling g Formalism 10th 10t h International Workshop rnational Workshop on on Parallel and rallel and Kim Larsen [21] Kim Larsen [21] Distr Distributed ted Methods Methods in in verifi verifiCati tion
UPPAAL UPPAAL & PDMC PDMC’11 ’11 Architecture GRID Jonas van Axel Legay de Vliet H m Cl Hom. Cl. Alexandre David Alexandre David Marius Micusionis Marius Micusionis 1-CPU Wang Zheng Peter Bulychev Danny Poulsen Kim G Larsen Properties Modeling g Formalism 10th 10t h International Workshop rnational Workshop on on Parallel and rallel and Kim Larsen [22] Kim Larsen [22] Distr Distributed ted Methods Methods in in verifi verifiCati tion
Parameterized Models in Parameterized Models in UPPAAL UPPAAL Exte Extend nded ed Sy Syntax ntax constants declared with a range are treated as parameter ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [23] Kim Larsen [23]
Parameterized Analysis of Trains Parameterized Analysis of Trains Pr[time<=100]( <>Train(0).Cross ) “ Embarrassingly Parallelizable” ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [24] Kim Larsen [24]
Lightweight ightweight Media edia Access ccess Control ontrol Problem domain: Initialization Initialization (listen until a neighbor is heard) communication communication Waiti Waiti Waiting (delay a random Waiting (delay a random scheduling amount of time frames) Discovery Discovery (wait for entire Targeted for: frame and note used slots) Active Active self-configuring choose free slot, networks, use it to transmit, including collision avoidance, collision avoidance, info about detected collisions listen on other slots low power fallback to Discovery if consumption collision is detected Only neighbors can detect y g Application domain: A li i d i collision and tell the user- node that its slot is used by wireless sensor others networks ARTIST Design PhD School, Beijing, 2011 ARTIST Design PhD School, Beijing, 2011 Kim Larsen [25] Kim Larsen [25]
Recommend
More recommend
