Hehua Zhang,Stephan Merz,Ming Gu

DOI: https://doi.org/10.1109/tase.2009.43

2009-01-01

Abstract:In this paper, we developed a format for the specification of PLC systems using the specification language TLA+. Correctness properties for TLA+ specifications can be verified using the TLC model checker. The format we propose clearly distinguishes between user actions, system actions, and plant feedback. The different categories of actions are specified separately by TLA+ action formulas, which are then composed to form the overall specification. This separation makes us confident that we avoided overspecification, in particular of the environment. Working in a high-level language such as TLA+ allows a designer to focus on the essential features of a system specification. It also helps to avoid low-level encodings, which combined with parameterization leads to configurable and concise specifications. The resulting models can nevertheless be analyzed by the TLA+ model checker in a reasonable amount of time.

LY Zhang,LH Ma,JX Qian

DOI: https://doi.org/10.1109/tencon.2002.1182598

2002-01-01

Abstract:Hybrid systems are heterogenous dynamical systems characterized by interacting continuous and discrete dynamics. Interval Temporal Logic (ITL) is a temporal logic which includes a basic construct for the sequential composition of two formulas as well as an analog of Kleene star. In this paper, Interval Temporal Logic is applied to represent the hybrid systems. This method is demonstrated by an example in water industry systems.

Yifeng Chen,Zhiming Liu

DOI: https://doi.org/10.1007/978-3-540-30482-1_38

2004-01-01

Abstract:Different temporal logics tend to emphasise different aspects of a hybrid system. In this paper, we study the predicative interpretation of Duration Calculus (DC) and Temporal Logic of Actions (TLA) and the link between them. A notation called generic composition is used to simplify the manipulation of predicates. The modalities of possibility and necessity become generic composition and its inverse of converse respectively. The transformation between different temporal logics is also characterised as such modalities. The formalism provides a framework in which human experience about hybrid system development can be formalised as refinement laws. A high-level durational specification can be decomposed to two durational specifications driven by an automaton. In such a stepwise design process, durational features are reduced while automaton features increase gradually. The application of the technique is demonstrated in the case study of the gas burner problem.

Chris Chilton,Marta Kwiatkowska,Xu Wang

DOI: https://doi.org/10.48550/arXiv.1304.7590

2013-04-29

Abstract:In this paper we present an assume-guarantee specification theory (aka interface theory from [14]) for modular synthesis and verification of real-time systems with critical timing constraints. It is a further step of our earlier work [10] which achieved an elegant algebraic specification theory for real-time systems endowed with the capability to freeze time. In this paper we relinquish such (unrealisable) capability and target more realistic systems without the ability to stop time. Our theory, in a combined process-algebraic and reactive-synthesis style, provides the operations of parallel composition for system integration, logical conjunction/disjunction for viewpoint fusion and independent development, and quotient for incremental synthesis. We show that a substitutive refinement preorder, which is a coarsening of the pre-congruence in [10], constitutes the weakest pre-congruence preserving freedom of incompatibility errors. The coarsening requires a shift in the focus of our theory to a more game-theoretical treatment, where the coarsening constitutes a reactive synthesis game named normalisation and is efficiently implementable by a novel local bot-backpropagation algorithm. Previously, timed concurrent games have been studied in [1,14,13], where one of the key concern is the removal of time-blocking strategies by applying blame assignment [13]. Our timed games also have the issue of time-blocking strategies, which may arise through the composition of specifications. However, due to our distinctively different formulation of timed games, we have discovered another elegant solution to the problem without blame assignment. Our solution utilises a second reactive synthesis game called realisation, which is dual to normalisation and implementable by the dual local top-backpropagation algorithm.

Logic in Computer Science,Software Engineering

Martijn A. Goorden,Kim G. Larsen,Axel Legay,Florian Lorber,Ulrik Nyman,Andrzej Wasowski

2023-07-13

Abstract:A specification theory combines notions of specifications and implementations with a satisfaction relation, a refinement relation and a set of operators supporting stepwise design. We develop a complete specification framework for real-time systems using Timed I/O Automata as the specification formalism, with the semantics expressed in terms of Timed I/O Transition Systems. We provide constructs for refinement, consistency checking, logical and structural composition, and quotient of specifications -- all indispensable ingredients of a compositional design methodology. The theory is backed by rigorous proofs and is being implemented in the open-source tool ECDAR.

Formal Languages and Automata Theory,Software Engineering

Leslie Lamport

DOI: https://doi.org/10.1145/177492.177726

IF: 1.714

1994-05-01

ACM Transactions on Programming Languages and Systems

Abstract:The temporal logic of actions (TLA) is a logic for specifying and reasoning about concurrent systems. Systems and their properties are represented in the same logic, so the assertion that a system meets its specification and the assertion that one system implements another are both expressed by logical implication. TLA is very simple; its syntax and complete formal semantics are summarized in about a page. Yet, TLA is not just a logician's toy; it is extremely powerful, both in principle and in practice. This report introduces TLA and describes how it is used to specify and verify concurrent algorithms. The use of TLA to specify and reason about open systems will be described elsewhere.

computer science, software engineering

Takuma Kinugawa,Kazumune Hashimoto,Toshimitsu Ushio

DOI: https://doi.org/10.48550/arXiv.1912.02513

2019-12-05

Abstract:This paper presents a novel method of synthesizing a fragment of a timed discrete event system(TDES),introducing a novel linear temporal logic(LTL), called ticked LTL$_f$. The ticked LTL$_f$ is given as an extension to LTL$_f$, where the semantics is defined over a finite execution fragment. Differently from the standard LTL$_f$, the formula is defined as a variant of metric temporal logic formula, where the temporal properties are described by counting the number of tick in the fragment of the TDES. Moreover, we provide a scheme that encodes the problem into a suitable one that can be solved by an integer linear programming (ILP). The effectiveness of the proposed approach is illustrated through a numerical example of a path planning.

Systems and Control

Chunyan Fu,Kougen Zheng

DOI: https://doi.org/10.1109/IMCEC.2018.8469225

2018-01-01

Abstract:R177-time systems rely on components that have time constraints to be met. Specification and verification of time constraints is a critical issue of developing such systems. Event-B is a formalism for system modeling and analysis with advantages of mechanized proof and refinement scheme. But it does not directly support the modeling of timing properties. There have been some researches that introduce time concepts to the Event-B language or construct patterns facilitating the specification of timing properties. However, these are mainly concerned with the logical relations between events without the consideration of task-level time constraints. In this paper we identify some task-level time constraints, i.e., coincidence, exclusion and precedence, in real-time systems. For each constraint, we build its pattern from abstract to concrete. Such patterns can be integrated with existing Event-B models smoothly without the adjustment of the Event-B language. Our patterns can potentially be applicable to a wide range of modeling safety critical real-time systems. Furthermore, our work provides a reference for the formal specification of some other task-level time constraints.

Li Li,Jun Sun,Yang Liu,Meng Sun,Jin Song Dong

DOI: https://doi.org/10.1109/TSE.2017.2712621

IF: 7.4

2018-01-01

IEEE Transactions on Software Engineering

Abstract:Nowadays, protocols often use time to provide better security. For instance, critical credentials are often associated with expiry dates in system designs. However, using time correctly in protocol design is challenging, due to the lack of time related formal specification and verification techniques. Thus, we propose a comprehensive analysis framework to formally specify as well as automatically ...

Minxue Pan,Lei Bu,Xuandong Li

DOI: https://doi.org/10.1007/978-3-642-02658-4_56

2009-01-01

Abstract:In this paper, we present TASS which is a timing analyzer of scenario-based specifications. TASS accepts UML2.0 interaction models with general and expressive timing constraints and can be used for three kinds of timing analysis problems: the reachability analysis, the constraint conformance analysis, and the bounded delay analysis. The underlying technique of TASS is to reduce the timing analysis problems into linear programming problems.

Maria Spichkova

DOI: https://doi.org/10.48550/arXiv.1403.1006

2014-03-05

Abstract:This short paper introduces a model for the specification and verification of real-time system design: timed state transition diagrams.

Formal Languages and Automata Theory,Logic in Computer Science

Igor Konnov,Markus Kuppe,Stephan Merz

DOI: https://doi.org/10.48550/arXiv.2211.07216

2022-11-14

Logic in Computer Science

Abstract:Using an algorithm due to Safra for distributed termination detection as a running example, we present the main tools for verifying specifications written in TLA+. Examining their complementary strengths and weaknesses, we suggest a workflow that supports different types of analysis and that can be adapted to the desired degree of confidence.

Z Wang,YQ Song,EM Poggi,YX Sun

2002-01-01

Abstract:Normally, tasks are classified into real time and non real time according to temporal constraints for the processing and transmitting of these tasks, consequently the worst-case response time and average performance should be focused on them. However, in practical engineering context, partly violated temporal constraints can be tolerated if the violation meets certain distribution: Nevertheless, the loss-rate (within real time region, an instance of a task is regarded as loss if it violates its temporal constraint) under stable state or statistical real time can solve the problem in some extent, it can't include the permitted distribution of violation. For completely solving the problem, weakly-hard real time schedule theory or window-constraint real time schedule theory, which is used to investigate the problem related to allowing violation of instances over a finite range, consecutive instances or a time window, is proposed. In order to effectively utilize the fact that a practical application can tolerate some violations of temporal constraint under certain distribution, the fundamental research must be done from the aspects of specification of temporal constraint, schedule and schedulibility, and implementation, which are explained in detail in this paper.

CHEN Ji-Ming,SONG Ye-Qiong,SUN You-Xian

DOI: https://doi.org/10.1360/jos172601

2006-01-01

Journal of Software

Abstract:This paper presents the definition of a weakly hard real-time system, and summarizes the existent constraint specifications of this system and their relationships. A constraint specification ) , ( p m is put forward.

Hao Wang,Wendy MacCaull

DOI: https://doi.org/10.4204/EPTCS.13.6

2009-12-10

Abstract:Timed model checking has been extensively researched in recent years. Many new formalisms with time extensions and tools based on them have been presented. On the other hand, Explicit-Time Description Methods aim to verify real-time systems with general untimed model checkers. Lamport presented an explicit-time description method using a clock-ticking process (Tick) to simulate the passage of time together with a group of global variables for time requirements. This paper proposes a new explicit-time description method with no reliance on global variables. Instead, it uses rendezvous synchronization steps between the Tick process and each system process to simulate time. This new method achieves better modularity and facilitates usage of more complex timing constraints. The two explicit-time description methods are implemented in DIVINE, a well-known distributed-memory model checker. Preliminary experiment results show that our new method, with better modularity, is comparable to Lamport's method with respect to time and memory efficiency.

Logic in Computer Science,Software Engineering

Bo Wan,Haizhao Luo,Kaiqi Zhou,Xi Li,Chao Wang,Xianglan Chen,Xuehai Zhou

DOI: https://doi.org/10.1109/hpcc-smartcity-dss.2017.75

2017-01-01

Abstract:Real-time systems need reliable guarantees for the satisfaction of their timing constraints. However, novel speed-up hardware architectures and software mechanism, which target improving average-case performances, ignore and sometimes worsen the ability to obtain guarantees. An alternative approach is the Logical Execution Time (LET) model, but there are some deficiencies in existing LET-based development tools. In this paper, we propose a novel LET-based time-aware programming framework called TipFrame. The framework introduces Servants to improve the responsiveness of LET-based periodic tasks further. The runtime makes behaviors in the system level consistent with the semantics of LET model for predictability. TipFrame implements in C language providing time-aware programming interfaces called TipFrame-C. The programming paradigm of TipFrame-C is described using an autopilot avionic control system. Evaluation results demonstrate that our approach is effective and efficient to construct LET-based real-time systems.

Yongwang Zhao,Zhuqing Li,Hualei Shen,Dianfu Ma

DOI: https://doi.org/10.1007/s00607-013-0295-3

2013-01-01

Computing

Abstract:As software systems are becoming increasingly complex, they need to dynamically and continually adapt their behavior to changing conditions in the long-term running. There will be large numbers of adaptations in these systems when evolving and the adaptations may be unknowable until system operation. To specify these adaptations, this paper proposes the mode-supported Linear Temporal Logic (mLTL) that is an effective way to describe global specifications of adaptive software. The global specifications are defined for adaptive software as requirements from the perspective of global adapting process. The model checking problem of mLTL is also resolved using Linear Temporal Logic (LTL) and Labelled Transition System Analyser (LTSA). Finally, we provide a prototype implementation for modelling and analyzing adaptive programs, and experimental evaluation shows feasibility and scalability of our approach.

Huihui Zhang,Tao Yue,Shaukat Ali,Ji Wu,Chao Liu

DOI: https://doi.org/10.1109/mise.2017.9

2017-01-01

Abstract:Time-related properties are a critical type of extra-functional requirements for designing real-time systems. Modeling and validating time-related properties at the requirements specification and analysis phases is important for the successful development of real-time systems in terms of cost, quality and productivity. In the literature and practice, timing analyses (e.g., Worst Case Execution Time) are often performed to ensure that the design of a real-time system fully conforms to its time-related constraints. However, such analyses are mostly performed at the design and implementation stages, but not at the requirements level. This paper presents a restricted, natural language based, use case modeling methodology (named as RUCM4RT) to specify functional requirements of real-time systems as use case models, along with associated time-related constraints. RUCM4RT was proposed based on the UML profile for Modeling and Analysis of Real-Time and Embedded Systems (MARTE). In addition, in this paper, we also propose a metamodel-based formalization mechanism named as UCMeta4RT to automatically formalize use case models. We have conducted two real-world case studies to evaluate our solution and 40 use cases were modeled, among which 27 real-time use cases, 118 time-related constraints and 47 other extra-functional (also commonly called non-functional) constraints were specified. Results show that RUCM4RT was able to handle all the real-time related elements (e.g., time-related constraints) of the use case models.

Zengjie Zhang,Sofie Haesaert

2023-09-15

Abstract:The control synthesis of a dynamic system subject to a signal temporal logic (STL) specification is commonly formulated as a mixed-integer linear/convex programming (MILP/MICP) problem. Solving such a problem is computationally expensive when the specification is long and complex. In this paper, we propose a framework to transform a long and complex specification into separate forms in time, to be more specific, the logical combination of a series of short and simple subformulas with non-overlapping timing intervals. In this way, one can easily modularize the synthesis of a long specification by solving its short subformulas, which improves the efficiency of the control problem. We first propose a syntactic timing separation form for a type of complex specifications based on a group of separation principles. Then, we further propose a complete specification split form with subformulas completely separated in time. Based on this, we develop a modularized synthesis algorithm that ensures the soundness of the solution to the original synthesis problem. The efficacy of the methods is validated with a robot monitoring case study in simulation. Our work is promising to promote the efficiency of control synthesis for systems with complicated specifications.

Systems and Control

Longlong Lu,Minxue Pan,Tian Zhang,Xuandong Li

DOI: https://doi.org/10.1007/s10270-022-00980-8

2022-01-01

Abstract:Open environmental software systems are often time-sensitive, as they need to respond to other entities within the systems and/or in the environments promptly. The timing requirements are therefore an essential part of the system correctness. Scenario-based specifications (SBS) such as message sequence charts and UML interaction models play an important role in specifying open environmental software systems since they intuitively model interactions between different entities. While modelling these systems, the timing requirements can be specified as timing constraints. In this paper, we study the problem of checking the timing consistency of SBS with timing constraints. Although this problem can be transformed into a reachability analysis problem, checking its reachability can still be time-consuming. Therefore, we propose a novel SAT and linear programming (LP) collaborative timing analysis approach named Tassat for the bounded timing analysis of SBS. Instead of using depth-first traversal algorithms, Tassat encodes the structures of the SBS into propositional formulas and adopts SAT solvers to find candidate paths. The timing analysis of candidate paths is then transformed to LP problems, where the irreducible infeasible set of the infeasible paths can be utilized to filter out candidate paths for checking. In addition, we propose an enhanced version of the approach that extends the bounded analysis results to the entire models if the infeasible path segments do not contain intermediate loops. The enhanced algorithm can prove that the given SBS satisfy the required properties on any bound condition. The experimental results show that Tassat is effective and has better performance than existing tools in terms of both time consumption and memory footprint.