Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
References

Timed I/O automata

Profile image of Ulrik NymanUlrik Nyman

Abstract

A specification theory combines notions of specifications and implementations with a satisfaction relation, a refinement relation and a set of operators supporting stepwise design. We develop a complete specification framework for real-time systems using Timed I/O Automata as the specification formalism, with the semantics expressed in terms of Timed I/O Transition Systems. We provide constructs for refinement, consistency checking, logical and structural composition, and quotient of specifications -all indispensable ingredients of a compositional design methodology.

Related papers

Specifying and proving properties of timed I/O automata using Tempo
Myla Archer

Design Automation for Embedded Systems, 2008

Timed I/O automata (TIOA) is a mathematical framework for modeling and verification of distributed systems that involve discrete and continuous dynamics. TIOA can be used for example, to model a real-time software component controlling a physical process. The TIOA model is sufficiently general to subsume other models in use for timed systems. The Tempo Toolset, currently under development, is aimed at supporting system development based on TIOA specifications. The Tempo Toolset is an extension of the IOA toolkit, which provides a specification simulator, a code generator, and both model checking and theorem proving support for analyzing specifications. This paper focuses on the modeling of timed systems and their properties with TIOA and on the use of TAME4TIOA, the TAME 1 (Timed Automata Modeling Environment) based theorem proving support provided in Tempo, for proving system properties, including timing properties. Several examples are provided by way of illustration.

View PDFchevron_right
Real-Time concepts for a formal specification language for software/hardware systems
Jpm Voeten

Increasingly complex systems are being designed that consist of concurrently operating and communicating processes, often combining both hardware and software. A methodology for high level specification and design of software/ hardware systems (SHE [1]) has been designed to cope with this increasing complexity. SHE incorporates a formal specification language named POOSL. Many systems today can be characterised as real-time. The timing properties of such a realtime system determine the correctness of an implementation. This paper describes the extension of the language POOSL with a notion of time and with real-time primitives, which enable it to specify and model timing properties. Concepts and aspects related to timing and concurrency are discussed and options for introducing time and adding temporal meaning to existing elements of the language are investigated. The language POOSL and its formal semantics have been extended with a notion of time and a new primitive has been added. It is shown that this extension enables the expression of typical forms of temporal behaviour such as execution time, time-out behaviour, etcetera. POOSL can thus be used as a formal basis for specifying and designing real-time systems within the SHE methodology.

View PDFchevron_right
The Theory of Timed I/O Automata
Dilsun Kaynar

Synthesis Lectures on Computer Science, 2006

This monograph presents the Timed Input/Output Automaton (TIOA) modeling framework, a basic mathematical framework to support description and analysis of timed systems. An important feature of this model is its support for decomposing timed system descriptions. In particular, the framework includes a notion of external behavior for a timed I/O automaton, which captures its discrete interactions with its environment. The framework also defines what it means for one TIOA to implement another, based on an inclusion relationship between their external behavior sets, and defines notions of simulations, which provide sufficient conditions for demonstrating implementation relationships. The framework includes a composition operation for TIOAs, which respects external behavior, and a notion of receptiveness, which implies that a TIOA does not block the passage of time.

View PDFchevron_right
TAME: A Specialized Specification and Verification System for Timed Automata
Constance Heitmeyer

1996

Assuring the correctness of speci cations of realtime systems can involve signi cant human e ort. The use of a mechanical theorem prover to encode such speci cations and to verify their properties could signicantly reduce this e ort. A barrier to routinely encoding and mechanically verifying speci cations has been the need rst to master the speci cation language and logic of a general theorem proving system. Our approach to overcoming this barrier is to provide mechanical support for producing speci cations and verifying proofs, specialized for particular mathematical models and proof techniques. We are currently developing a mechanical veri cation system called T AME Timed Automata Modeling Environment that provides this specialized support using SRI's Prototype V eri cation System PVS. Our system is intended t o p ermit steps in reasoning similar to those in hand proofs that use model-speci c techniques. TAME has recently been used to detect errors in a realistic example.

View PDFchevron_right
Communicating TILCO: a model for real-time system specification
Paolo Nesi

Formal techniques for the specification of real-time systems must be capable of describing a set of relationships expressing the temporal constraints among events and actions: properties of invariance, precedence, periodicity, liveness and safety conditions, etc. This paper describes CTILCO, an extension of TILCO (Temporal Interval Logic with Compositional Operators). CTILCO introduces the Communication among components specified in TILCO and allows the adoption of decomposition/composition mechanisms. TILCO has been expressly designed for the specification of realtime systems. CTILCO is based on time intervals and can concisely express temporal constraints with time bounds, such as those needed to specify real-time systems. It can be used to verify the completeness and consistency of specifications, as well as to validate system behavior against its requirements and general properties. CTILCO has been formalized by using the theorem prover Isabelle/HOL. CTILCO specifications satisfying certain properties are executable. CTILCO is defined in terms of theorems and allows the system specification and the formal proof of properties including composition/decomposition with communications. An example of system specification and validation has been also included.

View PDFchevron_right
A practical approach to formal design of real-time systems
Miguel Felder, Mauro Pezzè

1996 IEEE International Conference on Systems, Man and Cybernetics. Information Intelligence and Systems (Cat. No.96CH35929), 1996

Formal methods are being increasingly used in engineering industrial software. They are mostly used for specifying and verifying software requirements, but seldom in later development phases. This paper tries to bridge the gap between formal requirements specification and final code by introducing a formally defined design notation. The proposed design notation extends structured analysis specification notations with constructs derived from POSIX real-time extensions. The design notation proposed in this paper is formally defined by means of high-level timed Petri nets, and can be formally analyzed using tools and techniques available for Petri nets. Automatic tools for editing and verifying design specifications given in terms of the notation proposed in this paper have been implemented and the notation has been successfully validated on industrial case-studies.

View PDFchevron_right
Embedding time granularity in a logical specification language for synchronous real-time systems
Angelo Montanari

Science of Computer Programming, 1993

Embedding time granularity in a logical specification language for synchronous real-time systems, Science of Computer Programming 20 (1993) 141-171. Formal methods have proved to be highly beneficial in the requirements specification phase of software production and are particularly valuable in the development of real-time applications (the most critical software systems). Unfortunately, most common specification languages are inadequate for real-time applications because they lack a quantitative representation of time. In this paper, we define a logical language to specify the temporal constraints of the wide-ranging class of real-time systems whose components have dynamic behaviours regulated by very different time constants. We motivate the need for allowing the consistent treatment of different time scales in formal specifications of these systems with the purpose of enhancing the naturalness and practical usability of the notation. The logical specification language is based on a revised version of the specification language TRIO. We first present the features of the basic logical language; then, we semantically and axiomatically define its granularity extension in a topological logic framework. Finally, we show some examples of its application.

View PDFchevron_right
Specification and verification of real-time embedded systems using time-constrained reactive automata
Azer Bestavros

1991

Abstract The authors briefly review the time-constrained reactive automata (TRA) model and its use in the specification and verification of real-time embedded systems. Among its salient features is a fundamental notion of space and time that restricts the expensiveness of the model in a way that allows the specification of only reactive, spontaneous, and causal computation. Using the TRA formalism, there is no conceptual distinction between a system and a property; both are specified as formal objects.

View PDFchevron_right
Temporal logics for real-time system specification
Paolo Nesi

ACM Computing Surveys, 2000

The specification of reactive and real-time systems must be supported by formal, mathematically-founded methods in order to be satisfactory and reliable. Temporal logics have been used to this end for several years. Temporal logics allow the specification of system behavior in terms of logical formulas, including temporal constraints, events, and the relationships between the two. In the last ten years, temporal logics have reached a high degree of expressiveness. Most of the temporal logics proposed in the last few years can be used for specifying reactive systems, although not all are suitable for specifying real-time systems. In this paper we present a series of criteria for assessing the capabilities of temporal logics for the specification, validation, and verification of real-time systems. Among the criteria are the logic's expressiveness, the logic's order, presence of a metric for time, the type of temporal operators, the fundamental time entity, and the structure of time. We examine a selection of temporal logics proposed in the literature. To make the comparison clearer, a set of typical specifications is identified and used with most of the temporal logics considered, thus presenting the reader with a number of real examples.

View PDFchevron_right
Specification of Realtime Systems
Richard Kemmerer

1997

ASTRAL is a formal specification language for realtime systems. It is intended to support formal software development and, therefore, has been formally defined. The structuring mechanisms in ASTRAL allow one to build modularized specifications of complex systems with layering. A realtime system is modeled by a collection of state machine specifications and a single global specification. This paper discusses the rationale of ASTRAL's design. ASTRAL's specification style is illustrated by discussing a telephony example. Composability of one or more ASTRAL system specifications is also discussed by the introduction of a composition section, which provides the needed information to combine two or more ASTRAL system specifications.

View PDFchevron_right

References (34)

  1. REFERENCES
  2. R. Alur and D. L. Dill. A theory of timed automata. Theor. Comput. Sci., 126(2):183-235, 1994.
  3. R. Alur, T. A. Henzinger, O. Kupferman, and M. Y. Vardi. Alternating refinement relations. In CONCUR'98, volume 1466 of LNCS. Springer, 1998.
  4. G. Behrmann, A. Cougnard, A. David, E. Fleury, K. G. Larsen, and D. Lime. Uppaal-tiga: Time for playing games! In CAV, volume 4590 of LNCS. Springer, 2007.
  5. N. Bertrand, A. Legay, S. Pinchinat, and J.-B. Raclet. A compositional approach on modal specifications for timed systems. In ICFEM, LNCS. Springer, 2009.
  6. N. Bertrand, S. Pinchinat, and J.-B. Raclet. Refinement and consistency of timed modal specifications. In LATA, volume 5457 of LNCS, Tarragona, Spain, 2009. Springer.
  7. P. Bulychev, T. Chatain, A. David, and K. G. Larsen. Efficient on-the-fly algorithm for checking alternating timed simulation. In FORMATS, volume 5813 of LNCS, pages 73-87. Springer, 2009.
  8. B. Caillaud, B. Delahaye, K. G. Larsen, A. Legay, M. Peddersen, and A. Wasowski. Compositional design methodology with constraint markov chains. Technical report, Hal-INRIA, 2009.
  9. F. Cassez, A. David, E. Fleury, K. G. Larsen, and D. Lime. Efficient on-the-fly algorithms for the analysis of timed games. In CONCUR, 2005.
  10. K. Čerāns, J. C. Godskesen, and K. G. Larsen. Timed modal specification -theory and tools. In Proceedings of the 5th International Conference on Computer Aided Verification (CAV'93), volume 697 of LNCS, pages 253-267. Springer, 1993.
  11. A. Chakabarti, L. de Alfaro, T. A. Henzinger, and M. I. A. Stoelinga. Resource interfaces. In R. Alur and I. Lee, editors, EMSOFT 03: 3rd Intl. Workshop on Embedded Software, LNCS. Springer, 2003.
  12. L. de Alfaro and M. Faella. An accelerated algorithm for 3-color parity games with an application to timed games. In CAV, volume 4590 of LNCS. Springer, 2007.
  13. L. de Alfaro and T. A. Henzinger. Interface automata. In FSE, pages 109-120, Vienna, Austria, Sept. 2001. ACM Press.
  14. L. de Alfaro and T. A. Henzinger. Interface-based design. In In Engineering Theories of Software Intensive Systems, Marktoberdorf Summer School. Kluwer Academic Publishers, 2004.
  15. L. de Alfaro, T. A. Henzinger, and R. Majumdar. Symbolic algorithms for infinite-state games. In K. G. Larsen and M. Nielsen, editors, CONCUR, volume 2154 of LNCS, pages 536-550. Springer, 2001.
  16. L. de Alfaro, T. A. Henzinger, and M. I. A. Stoelinga. Timed interfaces. In A. L. Sangiovanni-Vincentelli and J. Sifakis, editors, EMSOFT, volume 2491 of LNCS, pages 108-122. Springer, 2002.
  17. Z. Deng and J. W. s. Liu. Scheduling real-time applications in an open environment. In in Proceedings of the 18th IEEE Real-Time Systems Symposium, IEEE Computer, pages 308-319. Society Press, 1997.
  18. S. J. Garland and N. A. Lynch. The IOA language and toolset: Support for designing, analyzing, and building distributed systems. Technical report, Massachusetts Institute of Technology, Cambridge, MA, 1998.
  19. T. A. Henzinger, Z. Manna, and A. Pnueli. Timed transition systems. In REX Workshop, volume 600 of LNCS, pages 226-251. Springer, 1991.
  20. T. A. Henzinger and S. Matic. An interface algebra for real-time components. In IEEE Real Time Technology and Applications Symposium, pages 253-266. IEEE Computer Society, 2006.
  21. T. A. Henzinger and J. Sifakis. The embedded systems design challenge. In FM, volume 4085 of LNCS, pages 1-15. Springer, 2006.
  22. D. K. Kaynar, N. A. Lynch, R. Segala, and F. W. Vaandrager. Timed i/o automata: A mathematical framework for modeling and analyzing real-time systems. In RTSS, pages 166-177. IEEE Computer Society, 2003.
  23. K. G. Larsen. Modal specifications. In J. Sifakis, editor, Automatic Verification Methods for Finite State Systems, volume 407 of LNCS, pages 232-246. Springer, 1989.
  24. K. G. Larsen, U. Nyman, and A. Wasowski. Modal I/O automata for interface and product line theories. In R. D. Nicola, editor, ESOP, volume 4421 of LNCS, pages 64-79. Springer, 2007.
  25. I. Lee, J. Y.-T. Leung, and S. H. Son. Handbook of Real-Time and Embedded Systems. Chapman, 2007.
  26. N. Lynch. I/O automata: A model for discrete event systems. In Annual Conference on Information Sciences and Systems, pages 29-38, Princeton University, Princeton, N.J., 1988.
  27. N. A. Lynch and M. R. Tuttle. An introduction to input/output automata. Technical Report MIT/LCS/TM-373, The MIT Press, Nov. 1988.
  28. O. Maler, A. Pnueli, and J. Sifakis. On the synthesis of discrete controllers for timed systems (an extended abstract). In STACS, pages 229-242, 1995.
  29. R. Milner. Communication and Concurrency. Prentice Hall, 1988.
  30. R. D. Nicola and R. Segala. A process algebraic view of input/output automata. Theoretical Computer Science, 138, 1995.
  31. E. W. Stark, R. Cleavland, and S. A. Smolka. A process-algebraic language for probabilistic I/O automata. In CONCUR, LNCS, pages 189-2003. Springer, 2003.
  32. A. Tarski. A lattice-theoretical fixpoint theorem and its applications. Pacific Journal of Mathematics, 5:285-309, 1955.
  33. L. Thiele, E. Wandeler, and N. Stoimenov. Real-time interfaces for composing real-time systems. In EMSOFT, pages 34-43. ACM, 2006.
  34. F. W. Vaandrager. On the relationship between process algebra and input/output automata. In LICS, pages 387-398, 1991.

Related papers

Methodologies for Specification of Real-Time Systems Using Timed I/O Automata
Ulrik Nyman

Lecture Notes in Computer Science, 2010

We present a real-time specification framework based on Timed I/O Automata and a comprehensive tool support for it. The framework supports various design methodologies including: top-down refinement-for decomposition of abstract specifications towards increasingly detailed models; bottom-up abstraction-for synthesis of complex systems from more concrete models; and step-wise modularisation of requirements-to factor out behaviours given by existing available components from a complex global requirements specification to be implemented. These methodologies are realized by consecutive applications of operators from the following set: refinement, consistency checking, logical and structural composition and quotienting. Additionally, our tool allows combining the component-oriented design process with verification of temporal logic properties increasing the flexibility of the process.

View PDFchevron_right
Timed I/O automata: a mathematical framework for modeling and analyzing real-time systems
Dilsun Kaynar

Proceedings. 2003 International Symposium on System-on-Chip (IEEE Cat. No.03EX748)

We describe the Timed Input/Output Automata (TIOA) framework, a general mathematical framework for modeling and analyzing real-time systems. It is based on timed I/O automata, which engage in both discrete transitions and continuous trajectories. The framework includes a notion of external behavior, and notions of composition and abstraction. We define safety and liveness properties for timed I/O automata, and a notion of receptiveness, and prove basic results about all of these notions. The TIOA framework is defined as a special case of the new Hybrid I/O Automata (HIOA) modeling framework for hybrid systems. Specifically, a TIOA is an HIOA with no external variables; thus, TIOAs communicate via shared discrete actions only, and do not interact continuously. This restriction is consistent with previous real-time system models, and gives rise to some simplifications in the theory (compared to HIOA). The resulting model is expressive enough to describe complex timing behavior, and to express the important ideas of previous timed automata frameworks.

View PDFchevron_right
A constraint-based approach for specification and verification of real-time systems
Gopal Gupta

1997

We develop a general constraint logic programming (CLP) based framework for specification and verification of real-time systems. Our framework is based on the notion of timed automata that have traditionally been used for specihing real-time systems. In our framework, a user models the ordering of real-time events as the grammar of a language accepted by a timed automata, the real-time constraints on these events are then captured as denotations of the grammar productions specijied by the usel: The grammar can be speciJied as a Definite Clause Grammar (DCG), while the denotations can be speccped in constraint logic. The resulting specijication can hence be regarded as a constraint logic program (CLP), and is executable. Many interesting properties of the real-time system can be verc3ed by posing appropriate queries to this CLP program. A major advantage of our approach is that it is constructive in nature, i.e., it can be used for computing the conditions under which a property will holdfor a given real-time system. Our framework also suggests new types of formalisms that we call Constraint Automata and Timed Push-down Automata.

View PDFchevron_right
Timed Automata Model for Component-Based Real-Time Systems
Vladimir-Ioan CRETU

2010 17th IEEE International Conference and Workshops on Engineering of Computer Based Systems, 2010

One of the key challenges in modern real-time embedded systems is safe composition of different software components. Formal verification techniques provide the means for design-time analysis of these systems. This paper introduces an approach based on timed automata for analysis of such component-based real-time embedded systems. The goal of our research is to provide a method for treating the schedulability problem of such systems on multi-core platforms. Since the components are developed, analyzed and tested independent of each other, the impact of one component on the others does not depend on its internal structure. Therefore, we reduce the problem of proving the schedulability of the composed system to proving the schedulability of each component on the resource partition allocated to it based on the interface of the component. The proposed verification method is demonstrated on a H.264 decoder case study.

View PDFchevron_right
Compiling real-time specifications into extended automata
Xavier Nicollin

IEEE Transactions on Software Engineering, 1992

We propose a method for the implementation and analysis of real-time systems, based on the compilation of specications into extended automata. Such a method has been already adopted for the so called \synchronous" real-time programming languages. The method is illustrated for a simple specication language that can be viewed as the extension of a language for the description of systems of communicating processes, by adding timeout and watchdog constructs. An operational semantics is dened for arbitrary time domains. The main result is that such a language can be compiled into timed automata, extended automata with timers. Timers are special state variables that can be set to zero by transitions, and whose values measure the time elapsed since their last reset. Compared to extended automata generated by compilers of synchronous languages, timed automata do not make any assumption about the nature of time and adopt an event-driven execution mode, rather than a step-by-step one. Furthermore, their complexity does not depend on the values of the parameters of timeouts and watchdogs used in specications. These features allow the application on timed automata of ecient code generation and analysis techniques. In particular, we show how symbolic model-checking of real-time properties can be directly applied to this model.

View PDFchevron_right
580 California St., Suite 400
San Francisco, CA, 94104
© 2025 Academia. All rights reserved