TimedAutomata:Semantics,AlgorithmsandTools资源-CSDN文库

Timed

Automata,时间自动机

5星 · 超过95%的资源需积分: 10 105 浏览量 2010-09-29 18:34:34 上传评论收藏 371KB PDF 举报

资源推荐

资源详情

资源评论

Timed Automata: Semantics, Algorithms and Tools

Johan Bengtsson and Wang Yi

Uppsala University

Email: {johanb,yi}@it.uu.se

Abstract. This chapter is to provide a tutorial and pointers to results and related

work on timed automata with a focus on semantical and algorithmic aspects of

veriﬁcation tools. We present the concrete and abstract semantics of timed au-

tomata (based on transition rules, regions and zones), decision problems, and

algorithms for veriﬁcation. A detailed description on DBM (Difference Bound

Matrices) is included, which is the central data structure behind several veriﬁca-

tion tools for timed systems. As an example, we give a brief introduction to the

tool UPPAAL.

1 Introduction

Timed automata is a theory for modeling and veriﬁcation of real time systems. Exam-

ples of other formalisms with the same purpose, are timed Petri Nets, timed process

algebras, and real time logics [BD91,RR88,Yi91,NS94,AH94,Cha99]. Following the

work of Alur and Dill [AD90,AD94], several model checkers have been developed with

timed automata being the core of their input languages e.g. [Yov97,LPY97]. It is fair

to say that they have been the driving force for the application and development of the

theory. The goal of this chapter is to provide a tutorial on timed automata with a focus

on the semantics and algorithms based on which these tools are developed.

In the original theory of timed automata [AD90,AD94], a timed automaton is a ﬁnite-

state Büchi automaton extended with a set of real-valued variables modeling clocks.

Constraints on the clock variables are used to restrict the behavior of an automaton, and

Büchi accepting conditions are used to enforce progress properties. A simpliﬁed ver-

sion, namely Timed Safety Automata is introduced in [HNSY94] to specify progress

properties using local invariant conditions. Due to its simplicity, Timed Safety Au-

tomata has been adopted in several veriﬁcation tools for timed automata e.g. UPPAAL

[LPY97] and Kronos [Yov97]. In this presentation, we shall focus on Timed Safety Au-

tomata, and following the literature, refer them as Timed Automata or simply automata

when it is understood from the context.

The rest of the chapter is organized as follows: In the next section, we describe the syn-

tax and operational semantics of timed automata. The section also addresses decision

problems relevant to automatic veriﬁcation. In the literature, the decidability and unde-

cidability of such problems are often considered to be the fundamental properties of a

computation model. Section 3 presents the abstract version of the operational semantics

based on regions and zones. Section 4 describes the data structure DBM (Difference

idling. In the initial work by Alur and Dill [AD90], the problem is solved by introduc-

ing Büchi-acceptance conditions; a subset of the locations in the automaton are marked

as accepting, and only those executions passing through an accepting location inﬁnitely

often are considered valid behaviors of the automaton. As an example, consider again

the automaton in Fig. 1(a) and assume that end is marked as accepting. This implies

that all executions of the automaton must visit end inﬁnitely many times. This imposes

implicit conditions on start and loop. The location start must be left when the value



is at most 20, otherwise the automaton will get stuck in start and never be able to

enter end. Likewise, the automaton must leave loop when



is at most 50 to be able to

enter end.

Timed Safety Automata A more intuitive notion of progress is introduced in timed safety

automata [HNSY94]. Instead of accepting conditions, in timed safety automata, loca-

tions may be put local timing constraints called location invariants. An automaton may

remain in a location as long as the clocks values satisfy the invariant condition of the

location. For example, consider the timed safety automaton in Fig. 1(b), which corre-

sponds to the Büchi automaton in Fig. 1(a) with end marked as an accepting location.

The invariant speciﬁes a local condition that start and end must be left when



is at

most 20 and loop must be left when



is at most 50. This gives a local view of the

timing behavior of the automaton in each location.

In the rest of this chapter, we shall focus on timed safety automata and refer such au-

tomata as Timed Automata or simply automata without confusion.

2.1 Formal Syntax

Assume a ﬁnite set of real-valued variables



ranged over by







etc.standing for clocks

and a ﬁnite alphabet



ranged over by





etc.standing for actions.

Clock Constraints A clock constraint is a conjunctive formula of atomic constraints of

the form













for



















and



 

. Clock

constraints will be used as guards for timed automata. We use

!"#$

to denote the set of

clock constraints, ranged over by

and also by

later.

Deﬁnition 1 (Timed Automaton) A timed automaton

is a tuple

(*)

,+.-,/0132

where

–

)

is a ﬁnite set of locations (or nodes),

–

+4-

)

is the initial location,

–

/65

)879!:".;$<7=7?>A@B79)

is the set of edges and

–

10C

)

ED

!"#$

assigns invariants to locations

We shall write

+GFIH JIH KLMNDO+QP

when

(

+R





RST+QPU2



As in veriﬁcation tools e.g. UPPAAL [LPY97], we restrict location invariants to con-

straints that are downwards closed, in the form:











where



is a natural

number.

Concurrency and Communication To model concurrent systems, timed automata

can be extended with parallel composition. In process algebras, various parallel com-

position operators have been proposed to model different aspects of concurrency (see

e.g. CCS and CSP [Mil89,Hoa78]). These algebraic operators can be adopted in timed

automata. In the UPPAAL modeling language [LPY97], the CCS parallel composition

operator [Mil89] is used, which allows interleaving of actions as well as hand-shake

synchronization. The precise deﬁnition of this operator is given in Section 5.

Essentially the parallel composition of a set of automata is the product of the automata.

Building the product automaton is an entirely syntactical but computationally expensive

operation. In UPPAAL, the product automaton is computed on-the-ﬂy during veriﬁca-

tion.

2.2 Operational Semantics

The semantics of a timed automaton is deﬁned as a transition system where a state or

conﬁguration consists of the current location and the current values of clocks. There are

two types of transitions between states. The automaton may either delay for some time

(a delay transition), or follow an enabled edge (an action transition).

To keep track of the changes of clock values, we use functions known as clock assign-

ments mapping



to the non-negative reals



. Let







denote such functions, and use



 %

to mean that the clock values denoted by



satisfy the guard

. For



?





, let



denote the clock assignment that maps all











, and for

S05



, let









denote the clock assignment that maps all clocks in

to 0 and agree with



for the other clocks in





Deﬁnition 2 (Operational Semantics) The semantics of a timed automaton is a tran-

sition system (also known as a timed transition system) where states are pairs

(

+N



and transitions are deﬁned by the rules:

–

(

+R





D

(

+N





=

and



$ 

for a non-negative real



0



–

(

+R



 D

(

+*PQ



P 2

FIH JIH K

,  DO+*PQ



9%















and





+*P

2.3 Veriﬁcation Problems

The operational semantics is the basis for veriﬁcation of timed automata. In the follow-

ing, we formalize decision problems in timed automata based on transition systems.

Language Inclusion A timed action is a pair





 $

, where

 

is an action taken by

an automaton

after









time units since

has been started. The absolute time



is called a time-stamp of the action



. A timed trace is a (possibly inﬁnite) sequence of

timed actions











$ "





















where











for all







Deﬁnition 3 A run of a timed automaton



(Q)

+#-,/0132

with initial state

(

+#- 



- 2

over a timed trace











$ "











$ "











is a sequence of transitions:

(









D



D

(













D



 D

(













D



 D

(











satisfying the condition











 



for all







The timed language



"*' $

is the set of all timed traces



for which there exists a run of

over



Undecidability The negative result on timed automata as a computation model is that

the language inclusion checking problem i.e. to check



"*' $



"Q! $

is undecidable

[AD94,ACH94]. Unlike ﬁnite state automata, timed automata is not determinizable in

general. Timed automata can not be complemented either, that is, the complement of

the timed language of a timed automaton may not be described as a timed automaton.

The inclusion checking problem will be decidable if

in checking



"*' $



"Q! $

restricted to the deterministic class of timed automata. Research effort has been made

to characterize interesting classes of determinizable timed systems e.g. event-clock au-

tomata [AFH99] and timed communicating sequential processes [YJ94]. Essentially,

the undecidability of language inclusion problem is due to the arbitrary clock reset. If

all the edges labeled with the same action symbol in a timed automaton, are also labeled

with the same set of clocks to reset, the automaton will be determinizable. This covers

the class of event-clock automata [AFH99].

We may abstract away from the time-stamps appearing in timed traces and deﬁne the

untimed language

! #"$&%



"Q' $

as the set of all traces in the form



'











for which

there exists a timed trace









(

$ "









I$ "













in the timed language of

The inclusion checking problem for untimed languages is decidable. This is one of the

classic results for timed automata [AD94].

Bisimulation Another classic result on timed systems is the decidability of timed

bisimulation [Cer92]. Timedbisimulation is introducedfor timed process algebras [Yi91].

However, it can be easily extended to timed automata.

Deﬁnition 4 A bisimulation

)

over the states of timed transition systems and the al-

phabet







, is a symmetrical binary relation satisfying the following condition:

for all







$0

, if

0/

 D



for some

 





and



, then

3/

 D



and







$<

for some



剩余41页未读，继续阅读

评论收藏

内容反馈

xingyang5909

2013-07-07

很不错的资源

seekingdreams

粉丝: 0
资源: 1

Timed Automata: Semantics, Algorithms and Tools

论文研究-Timed SEFM：面向嵌入式实时控制系统的编程模型.pdf

Advances in Verification of Time Petri Nets and Timed Automata

关于J-LINK升级最新固件后无法连上的一点分析

Timed automata semantics of spatial-temporal consistency language STeC

Forward Analysis of Updatable Timed Automata.pdf

java调用net开发的webservice实例

java.net.SocketTimeoutException: Receive timed out

Modeling and Evaluation of Wireless Sensor Network Protocols by Stochastic Timed Automata.

Poster Abstract: Numerical Analysis of WSN Protocol Using Probabilistic Timed Automata

timed-out:超时HTTPHTTPS请求

ftp文件传输数据包通讯过程

JLink固件修复

Alternating Timed Automata Solver-开源

Android Studio4.0解决Gradle下载超时问题

tensorflow-timeout.zip

mount.nfs: Connection timed out

WebService学习之路五

A Tutorial on Uppaal

添加代理镜像.rar

ILSpy 安装包和压缩包

DevExpress22.X完美Patch资源

基于C#与Sql Server的智慧星学生选课管理系统.rar

CefFlashBrowser - Flash浏览器

HslCommunication.dll 7.0.1 免费版本 全部源代码和测试工程

C#使用 MQTTnet 快速实现 MQTT 通信 Demo

vscode 1.77 安装包

StockMonitorInstaller-1.0.13

关于西门子PLC与上位机通讯的damo程序，以及更改后的S7.net+

EthernetKRL3.1.3、KUKA-router、KUKA软件包合集

最新资源

HslCommunication.dll 7.0.1 免费版本全部源代码和测试工程