Unit-12: Modeling timing constraints B. Srivathsan Chennai - - PowerPoint PPT Presentation

unit 12 modeling timing constraints
SMART_READER_LITE
LIVE PREVIEW

Unit-12: Modeling timing constraints B. Srivathsan Chennai - - PowerPoint PPT Presentation

Dec 29, 2023 810 likes •1.38k views

Unit-12: Modeling timing constraints B. Srivathsan Chennai Mathematical Institute NPTEL-course July - November 2015 1 / 20 Traffic lights controller Flight control Automatic gear control Pacemaker ATM Controllers need to adhere to strict

slide-1
SLIDE 1

Unit-12: Modeling timing constraints

  • B. Srivathsan

Chennai Mathematical Institute

NPTEL-course July - November 2015

1/20

slide-2
SLIDE 2

ATM Traffic lights controller Automatic gear control Flight control Pacemaker Controllers need to adhere to strict timing constraints

2/20

slide-3
SLIDE 3

ATM Traffic lights controller Automatic gear control Flight control Pacemaker

  • eg. when request for gear change is made, response should be within 1s

Controllers need to adhere to strict timing constraints

2/20

slide-4
SLIDE 4

How do we model-check systems with timing constraints?

3/20

slide-5
SLIDE 5

Adding time to transition systems

4/20

slide-6
SLIDE 6

Example 1

5/20

slide-7
SLIDE 7

TRAIN GATE

6/20

slide-8
SLIDE 8

TRAIN GATE far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

Train Controller Gate

6/20

slide-9
SLIDE 9

far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

Train Controller Gate

far, 0, up near, 1, up near, 2, down in, 1, up in, 2, down far, 3, down approach lower enter enter exit lower raise Train || Controller || Gate

7/20

slide-10
SLIDE 10

far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

Train Controller Gate

far, 0, up near, 1, up near, 2, down in, 1, up in, 2, down far, 3, down approach lower enter enter exit lower raise Train || Controller || Gate

Unsafe state: Train is in when gate is still up

7/20

slide-11
SLIDE 11

far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

Train Controller Gate

far, 0, up near, 1, up near, 2, down in, 1, up in, 2, down far, 3, down approach lower enter enter exit lower raise Train || Controller || Gate

Unsafe state: Train is in when gate is still up - need to add timing information in the model

7/20

slide-12
SLIDE 12

TRAIN GATE far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

Train Controller Gate after > 2 minutes after = 1 minute <= 1 minute execution time

8/20

slide-13
SLIDE 13

Coming next: Timed transition systems

9/20

slide-14
SLIDE 14

far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

Train Controller Gate

10/20

slide-15
SLIDE 15

far near in 1 2 3 up down approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 Train Controller Gate

10/20

slide-16
SLIDE 16

far in near x ≤ 5 in x ≤ 5 1 2 3 up down approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 Train Controller Gate

10/20

slide-17
SLIDE 17

far in near x ≤ 5 in x ≤ 5 1 2 3 up down approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 Train Controller Gate

10/20

slide-18
SLIDE 18

far in near x ≤ 5 in x ≤ 5 1 2 3 up down approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 y := 0 y == 1 Train Controller Gate

10/20

slide-19
SLIDE 19

far in near x ≤ 5 in x ≤ 5 1 2 3 up

comingdown

down

comingup

approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 y := 0 y == 1 Train Controller Gate

10/20

slide-20
SLIDE 20

far in near x ≤ 5 in x ≤ 5 1 2 3 up

comingdown z ≤ 1

down

comingup z ≤ 1

approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 y := 0 y == 1 z := 0 z := 0 Train Controller Gate

10/20

slide-21
SLIDE 21

far in near x ≤ 5 in x ≤ 5 1 2 3 up

comingdown z ≤ 1

down

comingup z ≤ 1

approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 y := 0 y == 1 z := 0 z := 0 Train Controller Gate Reset Invariant Guard

10/20

slide-22
SLIDE 22

far in near x ≤ 5 in x ≤ 5 1 2 3 up

comingdown z ≤ 1

down

comingup z ≤ 1

approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 y := 0 y == 1 z := 0 z := 0 Train Controller Gate Reset Invariant Guard Train || Gate || Controller

10/20

slide-23
SLIDE 23

far in near x ≤ 5 in x ≤ 5 1 2 3 up

comingdown z ≤ 1

down

comingup z ≤ 1

approach enter exit approach lower exit raise lower raise

x := 0 x ≥ 2 y := 0 y == 1 y := 0 y == 1 z := 0 z := 0 Train Controller Gate Reset Invariant Guard Train || Gate || Controller Synchronous product gives timed transition system for the joint behaviour

10/20

slide-24
SLIDE 24

Timed transition system

Transition system + Clocks

◮ Resets: to start measuring time ◮ Guards: to impose time constraint on action ◮ Invariants: to limit time spent in a state

11/20

slide-25
SLIDE 25

UPPAAL - Model-checker for timed transition systems

Kim Larsen, Paul Pettersson, Wang Yi - Computer-Aided Verification Award in 2013 for UPPAAL

www.uppaal.com

12/20

slide-26
SLIDE 26

UPPAAL demo

13/20

slide-27
SLIDE 27

UPPAAL demo

◮ Adding states, transitions and clocks ◮ Simulation environment ◮ (Subset of) CTL property verification

13/20

slide-28
SLIDE 28

Example 2

14/20

slide-29
SLIDE 29

x y p1 p2 p3

15/20

slide-30
SLIDE 30

x y p1 p2 p3 [1, 3] [1, 3] [1, 2]

15/20

slide-31
SLIDE 31

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

15/20

slide-32
SLIDE 32

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 15/20

slide-33
SLIDE 33

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 15/20

slide-34
SLIDE 34

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-35
SLIDE 35

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-36
SLIDE 36

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S U S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-37
SLIDE 37

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S U S S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-38
SLIDE 38

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S U S U S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-39
SLIDE 39

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S U S U S S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-40
SLIDE 40

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S U S U S U S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-41
SLIDE 41

x y p1 p2 p3 [1, 3] [1, 3] [1, 2] Inertial delay

[1,3] x p1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 S U S U S U S S: Stable (matches truth table) U: Unstable (does not match truth table) 15/20

slide-42
SLIDE 42

x p1 〈 x , p1 〉

16/20

slide-43
SLIDE 43

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

16/20

slide-44
SLIDE 44

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

16/20

slide-45
SLIDE 45

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

x : 1, z1 := 0

16/20

slide-46
SLIDE 46

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

x : 1, z1 := 0 p1 : 0, 1 ≤ z1 ≤ 3

16/20

slide-47
SLIDE 47

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

x : 1, z1 := 0 p1 : 0, 1 ≤ z1 ≤ 3 x : 0, z1 ≤ 3

16/20

slide-48
SLIDE 48

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

x : 1, z1 := 0 p1 : 0, 1 ≤ z1 ≤ 3 x : 0, z1 ≤ 3 x : 0, z1 := 0

16/20

slide-49
SLIDE 49

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

x : 1, z1 := 0 p1 : 0, 1 ≤ z1 ≤ 3 x : 0, z1 ≤ 3 x : 0, z1 := 0 p1 : 1, 1 ≤ z1 ≤ 3

16/20

slide-50
SLIDE 50

x p1 〈 x , p1 〉 〈0,1〉 〈1,0〉 〈1,1〉 〈0,0〉

x : 1, z1 := 0 p1 : 0, 1 ≤ z1 ≤ 3 x : 0, z1 ≤ 3 x : 0, z1 := 0 x : 1, z1 ≤ 3 p1 : 1, 1 ≤ z1 ≤ 3

16/20

slide-51
SLIDE 51

y p

x y p2 〈 x , y , p2 〉 〈000〉 〈010〉 〈100〉 〈111〉 〈110〉 〈011〉 〈101〉

y : 1 y : 0 x : 1 x : 0 x : 1, z2 := 0 x : 0, z2 ≤ 3 p2 : 1 1 ≤ z2 ≤ 3 y : 1, z2 := 0 y : 0, z2 ≤ 3 x : 0, z2 := 0 y : 0, z2 := 0 x : 1, z2 ≤ 3 y : 1, z2 ≤ 3 p2 : 0 1 ≤ z2 ≤ 3 p2 : 0 1 ≤ z2 ≤ 3

17/20

slide-52
SLIDE 52

[ ]

p1 p2 p3 〈 p1 , p2 , p3 〉 〈001〉 〈011〉 〈101〉 〈110〉 〈111〉 〈010〉 〈100〉

p2 : 1 p2 : 0 p1 : 1 p1 : 0 p1 : 1, z3 := 0 p1 : 0, z3 ≤ 2 p3 : 0 1 ≤ z3 ≤ 2 p2 : 1, z3 := 0 p2 : 0, z3 ≤ 2 p1 : 0, z3 := 0 p2 : 0, z3 := 0 p1 : 1, z3 ≤ 2 p2 : 1, z3 ≤ 2 p3 : 1 1 ≤ z3 ≤ 2 p3 : 1 1 ≤ z3 ≤ 2

18/20

slide-53
SLIDE 53

h0,1i h1,0i h1,1i h0,0i

x : 1, z1 := 0 p1 : 0, 1 ≤ z1 ≤ 3 x : 0, z1 ≤ 3 x : 0, z1 := 0 x : 1, z1 ≤ 3 p1 : 1, 1 ≤ z1 ≤ 3

h000i h010i h100i h111i h110i h011i h101i

y : 1 y : 0 x : 1 x : 0 x : 1, z2 := 0 x : 0, z2 ≤ 3 p2 : 1 1 ≤ z2 ≤ 3 y : 1, z2 := 0 y : 0, z2 ≤ 3 x : 0, z2 := 0 y : 0, z2 := 0 x : 1, z2 ≤ 3 y : 1, z2 ≤ 3 p2 : 0 1 ≤ z2 ≤ 3 p2 : 0 1 ≤ z2 ≤ 3

h001i h011i h101i h110i h111i h010i h100i

p2 : 1 p2 : 0 p1 : 1 p1 : 0 p1 : 1, z3 := 0 p1 : 0, z3 ≤ 2 p3 : 0 1 ≤ z3 ≤ 2 p2 : 1, z3 := 0 p2 : 0, z3 ≤ 2 p1 : 0, z3 := 0 p2 : 0, z3 := 0 p1 : 1, z3 ≤ 2 p2 : 1, z3 ≤ 2 p3 : 1 1 ≤ z3 ≤ 2 p3 : 1 1 ≤ z3 ≤ 2

Synchronous product of above will give timed transition system for circuit

19/20

slide-54
SLIDE 54

Summary

◮ Modeling timing constraints in systems ◮ Timed transition systems ◮ Model-checker UPPAAL

20/20

slide-55
SLIDE 55

Summary

◮ Modeling timing constraints in systems ◮ Timed transition systems ◮ Model-checker UPPAAL

A theory of timed automata, by Alur and Dill.

Theoretical Computer Science Journal, 1994

20/20