Longlong Lu,Wenhua Yang,Minxue Pan,Tian Zhang

DOI: https://doi.org/10.1145/3457913.3457917

2021-01-01

Abstract:Timing analysis of scenario-based specifications (SBS) such as message sequence charts and UML interaction models plays an essential role in the design phase of real-time system development. However, it is time-consuming and labor-intensive to conduct analysis on the satisfiability of the timing constraints. In this article, we propose a novel SAT and linear programming (LP) collaborative timing analysis approach named TASSAT for SBS. Instead of using depth-first traversal algorithms, TASSAT encodes the structures of the SBS into propositional formulas and use the SAT solver to find candidate paths. The timing analysis of candidate paths is then reduced to LP problems, where irreducible infeasible set of the infeasible path can be used to prune unnecessary search space of the SAT solver. The experimental results show that TASSAT is effective and offers better performance than existing tools in terms of both time consumption and memory footprint.

Xuandong Li,Minxue Pan,Lei Bu,Linzhang Wang,Jianhua Zhao

DOI: https://doi.org/10.1002/stv.434

2012-01-01

Software Testing Verification and Reliability

Abstract:Scenario-based specifications (SBSs), such as UML interaction models, offer an intuitive and visual way of describing design requirements, and are playing an increasingly important role in the design of software systems. This paper presents an approach to timing analysis of SBSs expressed by UML interaction models. The approach considers more general and expressive timing constraints in UML sequence diagrams (SDs), and gives a solution to the reachability analysis, constraint conformance analysis and bounded delay analysis problems, which reduces these problems into linear programs. With the synchronous interpretation of the SD compositions, the timing analysis algorithms in the approach form a decision procedure for a class of SBSs where any loop in any path is time-independent of the other parts in the path. These algorithms are also a semi-decision procedure for general SBSs with both the synchronous and asynchronous composition semantics. The approach also supports bounded timing analysis of SBSs, which investigates all the paths in the bound limit one by one, and performs the timing analysis for each finite path by linear programming. A tool prototype has been developed to support this approach. Copyright © 2010 John Wiley & Sons, Ltd.(This paper presents a linear programming-based approach to timing analysis of scenario-based specifications (SBSs) expressed by UML interaction models. With more general and expressive timing constraints in UML sequence diagrams, the algorithms in the approach solve the problems of the reachability, constraint conformance and bounded delay analysis of SBSs. These algorithms form a decision procedure for the loop-unlimited SBSs where any loop in any path is time-independent of the other parts in the path, and a semi-decision procedure for general SBSs.)

Minxue Pan,Lei Bu,Xuandong Li

DOI: https://doi.org/10.1007/978-3-642-02658-4_56

2009-01-01

Abstract:In this paper, we present TASS which is a timing analyzer of scenario-based specifications. TASS accepts UML2.0 interaction models with general and expressive timing constraints and can be used for three kinds of timing analysis problems: the reachability analysis, the constraint conformance analysis, and the bounded delay analysis. The underlying technique of TASS is to reduce the timing analysis problems into linear programming problems.

Ting Wang,Jun Sun,Xinyu Wang,Yang Liu,Yuanjie Si,Jin Song Dong,Xiaohu Yang,Xiaohong Li

DOI: https://doi.org/10.1109/tse.2014.2359893

IF: 7.4

2014-01-01

IEEE Transactions on Software Engineering

Abstract:Zeno runs, where infinitely many actions occur within finite time, may arise in Timed Automata models. Zeno runs are not feasible in reality and must be pruned during system verification. Thus it is necessary to check whether a run is Zeno or not so as to avoid presenting Zeno runs as counterexamples during model checking. Existing approaches on non-Zenoness checking include either introducing an additional clock in the Timed Automata models or additional accepting states in the zone graphs. In addition, there are approaches proposed for alternative timed modeling languages, which could be generalized to Timed Automata. In this work, we investigate the problem of non-Zenoness checking in the context of model checking LTL properties, not only evaluating and comparing existing approaches but also proposing a new method. To have a systematic evaluation, we develop a software toolkit to support multiple non-Zenoness checking algorithms. The experimental results show the effectiveness of our newly proposed algorithm, and demonstrate the strengths and weaknesses of different approaches.

Jinghao Sun,Nan Guan,Rongxiao Shi,Guozhen Tan,Wang Yi

DOI: https://doi.org/10.1145/3477020

2021-01-01

ACM Transactions on Embedded Computing Systems

Abstract:Research on modeling and analysis of real-time computing systems has been done in two areas, model checking and real-time scheduling theory. In model checking, an expressive modeling formalism such as timed automata (TA) is used to model complex systems, but the analysis is typically very expensive due to state-space explosion. In real-time scheduling theory, the analysis techniques are highly efficient, but the models are often restrictive. In this paper, we aim to exploit the possibility of applying efficient analysis techniques rooted in real-time scheduling theory to analysis of real-time task systems modeled by timed automata with tasks (TAT). More specifically, we develop efficient techniques to analyze the feasibility of TAT-based task models (i.e., whether all tasks can meet their deadlines on single-processor) using demand bound functions (DBF), a widely used workload abstraction in real-time scheduling theory. Our proposed analysis method has a pseudo-polynomial time complexity if the number of clocks used to model each task is bounded by a constant, which is much lower than the exponential complexity of the traditional model-checking based analysis approach (also assuming the number of clocks is bounded by a constant). We apply dynamic programming techniques to implement the DBF-based analysis framework, and propose state space pruning techniques to accelerate the analysis process. Experimental results show that our DBF-based method can analyze a TAT system with 50 tasks within a few minutes, which significantly outperforms the state-of-the-art TAT-based schedulability analysis tool TIMES.

Dingbao Xie,Lei Bu,Jianhua Zhao,Xuandong Li

DOI: https://doi.org/10.1007/s10703-014-0210-3

2014-01-01

Formal Methods in System Design

Abstract:As discrete jumps and continuous flows tangle in the behavior of linear hybrid automata (LHA), the bounded model checking (BMC) for reachability of LHA is a challenging problem. Current works try to handle this problem by encoding all the discrete and continuous behaviors in the bound into a set of SMT formulas which can then be solved by SMT solvers. However, when the system size is large, the object SMT problem could be huge and difficult to solve. Instead of encoding everything into one constraint set, this paper proposes a SAT–LP–IIS joint-directed solution to conduct the BMC for reachability of LHA in a layered way. First, the bounded graph structure of LHA is encoded into a propositional formula set, and solved by SAT solvers to find potential paths which can reach the target location on the graph. Then, the feasibility of certain path is encoded into a set of linear constraints which can then be solved by linear programming (LP) efficiently. If the path is not feasible, irreducible infeasible set (IIS) technique is deployed to locate an infeasible path segment which will be fed to the SAT solver to accelerate the enumerating process. Experiments show that by this SAT–LP–IIS joint-directed solution, the memory usage of the BMC of LHA is well-controlled and the performance outperforms the state-of-the-art SMT-style competitors significantly.

Liangze Yin,Fei He,Ming Gu

DOI: https://doi.org/10.1109/TASE.2013.11

2013-01-01

Abstract:This paper considers bounded model checking for extended labeled transition systems. Bounded model checking relies on a SAT solver to prove (or disprove) the existence of a counterexample with a bounded length. During the translation of a BMC problem to a SAT problem, much useful information is lost. This paper proposes an algorithm to analyze the transition system model, and then utilize the structure information hidden in the model to refine the decision ordering of variables in SAT solving. The basic idea is to guide the search process of SAT solving by the structure of the transition system. Experiments with this heuristic on real industrial designs show 5-12 times speedup over standard bounded model checking.

Zhou Conghua,Chen Zhenyu,Ju Shiguang

2008-01-01

Journal of Computer Research and Development

Abstract:For concurrent software systems, linear temporal logic SE-LTL is a specification language with high expressive power and the ability to reason about both states and events. Until now, the SE-LTL model checking algorithm is still explicit, and the state explosion is the primary verification difficulty. A bounded model checking procedure is introduced for SE-LTL which reduces model checking to propositional satisfiability. This new technique avoids the space blow up of BDDs, and sometimes speeds up the verification. For SE-LTL-X the procedure and stuttering equivalent technique is further integrated. The experiment result shows that the integration can reduce the verification time very much.

Xiaoying Bai,Ming Wang,Hao Lu,Weitek Tsai

2012-01-01

Abstract:A systematic approach for modeling and verifying timing constraints was developed to ensure timing constraints in the real-time systems. The approach defines the basic time concepts and gives a timing constraint model based on the simple temporal problem-improved (STP-I) method. A verification algorithm is given for consistence checking of the constraint graph model using a constraint resolver. A transformation mechanism is also given to transform complex timing constraints to basic expressions. A case study of a real-time data process unit (DPU) system illustrates the approach. This approach gives a more systematic analysis of typical fault models for real-time systems than existing designs, hence it can model the constraints more accurately using the concepts of time points and time intervals that facilitate effective time defect detection.

Lei Bu,You Li,Linzhang Wang,Xin Chen,Xuandong Li

DOI: https://doi.org/10.1109/date.2010.5457051

2010-01-01

Abstract:Existing reachability analysis techniques are easy to fail when applied to large compositional linear hybrid systems, since their memory usages rise up quickly with the increase of systems' size. To address this problem, we propose a tool BACH 2 that adopts a path-oriented method for bounded reachability analysis of compositional linear hybrid systems. For each component, a path is selected and all selected paths compose a path set for reachability analysis. Each path is independently encoded to a set of constraints while synchronization controls are encoded as a set of constraints too. By merging all the constraints into one set, the path-oriented reachability problem of a path set can be transformed to the feasibility problem of this resulting linear constraint set, which can be solved by linear programming efficiently. Based on this path-oriented method, BACH 2 adopts a shared label sequence guided depth first search (SLS-DFS) method to perform bounded reachability analysis of compositional linear hybrid system, where all potential path sets within the bound limit are identified and verified one by one. By this means, since only the structure of a system and the recently visited one path in each component need to be stored in memory, memory consumption of BACH 2 is very small at runtime. As a result, BACH 2 enables the verification of extremely large systems, as is demonstrated in our experiments.

Jun Hu,Xiaofeng Yu,Yan Zhang,Tian Zhang,Xuandong Li,Guoliang Zheng

DOI: https://doi.org/10.1007/11596356_41

2005-01-01

Abstract:In this paper, for real-time embedded software we consider the problem of checking component-based designs for scenario-based timing specifications. By adding time intervals on the actions, we extend the interface automata for modelling real-time systems. The component-based designs are modelled by real-time interface automaton networks, which includes a set of real-time interface automata synchronized by shared actions, and the scenario-based timing specifications are specified by UML sequence diagrams with a set of boolean expressions. Based on analyzing the compatible integer state space of a real-time interface automaton network and its compatible reachability graph, we develop an algorithm to check the consistency between real-time component-based designs and the scenario-based timing specifications.

Lei Bu,Xuandong Li

DOI: https://doi.org/10.1007/s10009-010-0163-9

2010-01-01

International Journal on Software Tools for Technology Transfer

Abstract:The existing techniques for reachability analysis of linear hybrid systems do not scale well to the problem size of practical interest. The performance of existing techniques is even worse for reachability analysis of a composition of several linear hybrid automata. In this paper, we present an efficient path-oriented approach to bounded reachability analysis of composed systems modeled by linear hybrid automata with synchronization events. It is suitable for analyzing systems with many components by selecting critical paths, while this task was quite insurmountable before because of the state explosion problem. This group of paths will be transformed to a group of linear constraints, which can be solved by a linear programming solver efficiently. This approach of symbolic execution of paths allows design engineers to check important paths, and accordingly increase the faith in the correctness of the system. This approach is implemented into a prototype tool Bounded reAchability CHecker (BACH). The experimental data show that both the path length and the number of participant automata in a system checked using BACH can scale up greatly to satisfy practical requirements.

Xuandong Li,Lei Bu,Jun Hu,Jianhua Zhao,Tao Zhang,Guoliang Zheng

DOI: https://doi.org/10.1007/11888116_28

2006-01-01

Abstract:In this paper, we solve the consistency checking problems of concurrent and real-time system designs modelled by time Petri nets for the scenario-based specifications expressed by message sequence charts (MSCs). The algorithm we present can be used to check if a time Petri net satisfies a specification expressed by a given MSC which requires that if a scenario described by the MSC occurs during the run of the time Petri net, the timing constraints enforced to the MSC must be satisfied.

Dingbao XIE,Yuexiang ZHOU,Lei BU,Linzhang WANG,Xuandong LI

DOI: https://doi.org/10.1360/N112016-00042

2017-01-01

Abstract:Hybrid systems include both discrete and continuous behavior and are widely used to model control systems.The reachability analysis of its unsafe state is an important method for guaranteeing the safety of a system.However,the current techniques do not scale well to the problems of practical interest.Due to the synchronization of components and the combinatorial explosion of state space,the reachability analysis of compositional linear hybrid system is extremely complex.In order to reduce the complexity,a path-oriented approach was proposed in a previous work,which conducted bounded reachability analysis of a compositional linear hybrid system.By enumerating and verifying each potential path one by one,the size of the problem that can be solved will be increased substantially.This path-oriented approach will become quite inefficient due to a sharp increase in the number of candidate paths when analyzing complex systems.The path explosion problem in model checking is also famous.To solve this problem,we propose a state-space reduction technique,which accelerates the verification process.We propose a method to locate the cause of infeasibility,when a composed infeasible path segment after a path set is proved to be infeasible.As we can simply falsify a path set that contains a composed infeasible path segment,the number of candidate paths can be reduced significantly.Furthermore,to avoid such composed path segments efficiently,we propose an approach based on satisfiability modulo theories (SMT),to traverse the bounded graph structure of the composed linear hybrid system.The results of the experiment show that the performance of the path-oriented bounded reachability analysis can be optimized significantly and that the overall performance of the proposed approach is better than that of the state-of-the-art competitor.

Guilan Dai,Xiaoying Bai,Chongchong Zhao

DOI: https://doi.org/10.1109/GCC.2007.9

2007-01-01

Abstract:The paper presents a timing constraint modeling and analyzing method for Web processes based on annotated OWL-S. The method allows us to find whether Web processes are schedulable and which processes in Web processes are not schedulable without actual execution based on its specification. This also suggests replacement of corresponding components or relaxing timing constraints. The contributions of the paper mainly include two aspects: 1) The paper presents a method for extending OWL-S model based on annotation layers. By using annotation layers, the OWL-S model is extended with auxiliary information such as time constraints. This method can be extended to verify other properties of the Web processes by using different annotation layers. 2) The paper describes how to model Web services based systems and determine whether the specification satisfies time consistency. First, we model a Web process in extended OWL-S with timing constraints. Then, we transform the system specification along with its imposed timing constraints into a TPPN (Time Predicate Petri Net) model. Final, TPPN analyzer can automatically simulate and analyze to verify whether the system specification is schedulable under the imposed timing constraints.

Xuandong Li,Jianhua Zhao,Gong Jiayu,Shi Yaoxin,Guoliang Zheng

DOI: https://doi.org/10.1109/ISORC.2004.1300367

2004-01-01

Abstract:In this paper we use net-works of UML statechart diagrams to model compositional designs for real-time systems, and present an algorithm for checking networks of statechart diagrams for the scenario-based specifications expressed by UML sequence diagrams with timing constraints. The algorithm is based on investigating the reach-ability graph of the integer state space of a network of statechart diagrams.

Raimundo Barreto,Lucas Cordeiro,Bernd Fischer

DOI: https://doi.org/10.48550/arXiv.1106.2320

2011-06-12

Abstract:Embedded systems are everywhere, from home appliances to critical systems such as medical devices. They usually have associated timing constraints that need to be verified for the implementation. Here, we use an untimed bounded model checker to verify timing properties of embedded C programs. We propose an approach to specify discrete time timing constraints using code annotations. The annotated code is then automatically translated to code that manipulates auxiliary timer variables and is thus suitable as input to conventional, untimed software model checker such as ESBMC. Thus, we can check timing constraints in the same way and at the same time as untimed system requirements, and even allow for interaction between them. We applied the proposed method in a case study, and verified timing constraints of a pulse oximeter, a noninvasive medical device that measures the oxygen saturation of arterial blood.

Logic in Computer Science

Zhou Conghua,Tao Zhihong,Ding Decheng,Wang Lifu

IF: 1.019

2006-01-01

Chinese Journal of Electronics

Abstract:Bounded model checking (BMC) has been recently introduced as an efficient verification method for reactive systems. Propositional satisfiability (SAT)-based bounded model checking methods consists in searching for a counter- example of a particular length and generating a propositional formula that is satisfiable iff such a counterexample exists. Until now, SAT-based bounded model checking only concerns with universal properties. In this paper we focus on bounded model checking for Computation tree logic (CTL). We present how quantified Boolean decision procedures like Davis & Putnam Procedure can replaces Binary decision diagrams (BDDs). Our basic idea is to decide the validation of a CTL formula phi in finite executions of a system and reduce the validation to a Quantified Boolean formula (QBF) psi which is satisfiable if and only if phi is valid in finite executions of the system. QBF solvers based on Davis & Putnam Procedure do not blow up in space. Therefore, our new technique avoids the space blow up of BDDs, and sometimes speeds up the verification.

HU Jun,YU Xiao-Feng,ZHANG Yan,LI Xuan-Dong,ZHENG Guo-Liang

DOI: https://doi.org/10.1360/jos170048

2006-01-01

Journal of Software

Abstract:For real-time software systems, this paper considers the problem of checking component-based designs for timing scenario-based specifications, which is one of the challenges in real-time computing domain. Firstly the timing scenario-based specifications are specified by UML sequence diagrams with a set of boolean expressions, then the interface automata for modeling real time systems through adding time intervals on the actions is extened. The component-based designs are modeled by a real-time interface automaton network which contains a set of real-time interface automata synchronized by shared actions. Based on analyzing the compatible integer state space of a real-time interface automata network, a corresponding reachability graph is constructed and finally an algorithm for checking the consistency between the real-time component-based designs and the timing scenario-based specifications is developed.

Guilan Dai,Rujuan Liu,Chongchong Zhao,Changjun Hu

DOI: https://doi.org/10.1109/APSCC.2008.59

2008-01-01

Abstract:Web service composition is an emerging paradigm for enabling application integration within and across organizational boundaries. Since most business processes exist in temporal context in real world, and the candidate partners in Web service compositions have complex interactions, timing constraints satisfiability verification for Web service compositions becomes increasingly important to build efficient and effective business processes based on Web services. In this paper, we present an approach to specify and verify timing constraints satisfiability for the compositions of Web services workflow based onBPEL4WS(Business Process Execution Language for Web Services). By using timing constraints annotation layers, a BPEL4WS model can be extended with timing constraint information. The pair of an underlying BPEL4WS model and a timing constraint annotation layer can be transformed to corresponding TPPN (Timed Predicate Petri-net) model to verify automatically timing constraint satisfiability for a business process. The method allows us to add conveniently timing constraints information to a business process model,and find whether a process is schedulable and which activities in the process are not schedulable under the consideration of timing constraints without actual execution based on its specification. The paper describes how to specify timing constraints for compositions of Web services workflow, and how to determine whether the specification satisfies its timing constraints.