基于可达标识列计时Petri网的时态特征及可控性研究

应用时态逻辑提出计量Ｐｅｔｒｉ网的形式化分析方法,基于可达标识列研究受控系统的时态特征及其可控性与控制不变性,给出控制逻辑存在的充要条件,提出了时态公式分解方法,并讨论了禁止状态避免问题。     

实时时序逻辑语言XYZ/RE到时间自动机的映射

时间自动机是一种重要的实时系统建模工具。本文建立了实时时序逻辑语言XYZ/RE到时间自动机的一种映射机制,将XYZ/RE所描述的系统进程直接转换为时间自动机,这样不但可以准确捕获实时系统功能和控制行为,还可以利用基于时间自动机的验证工具UPPAAL对XYZ/RE描述的系统正确性进行检测。最后本文通过一个实例的描述与检测,验证了映射机制的有效性。     

Timed CSP = Closed Timed Automata

We study the expressive power of an augmented version of Timed CSP and show that it is precisely equal to that of closed timed automatatimed automata with closed invariant and enabling clock constraints. We also show that this new version of Timed CSP is expressive enough to capture the most widely used specifications on timed systems as refinements between processes, and moreover that refinement checking is amenable to digitisation analysis. As a result, we are able to verify some of the most important timed specifications, including branching-time liveness properties such as timestop-freedom and constant availability, using the model checker FDR (a commercial product of Formal Systems (Europe) Ltd.).     

Patterns for Timed Property Specifications

Patterns for property specification enable non-experts to write formal specifications that can be used for automatic model checking. The existing patterns identified in [Dwyer, M.B., G.S. Avrunin and J.C. Corbett, Property specification patterns for finite-state verification, in: FMSP '98: Proceedings of the second workshop on Formal methods in software practice (1998), pp. 7–15] allow to reason about occurrence and order of events, but not about their timing. We extend this pattern system by patterns related to time. This allows the specification of real-time requirements.     

A Semantics for Timed MSC

Message Sequence Charts (MSC) is a graphical and textual specification language developed by ITU-T. It is widely used in telecommunication software engineering for specifying behavioral scenarios. Recently, the time concept has been introduced into MSC'2000. To support the specification and verification of real-time systems using timed MSC, we need to define its formal semantics. In this paper, we use timed lposet as a semantic model and give a formal semantics for timed MSC. We first define an event in a timed MSC as a timed lposet, then give a formal semantics for timed basic MSCs, timed MSCs with structures and high-level MSCs. In this paper, we also discuss some important issues related to timed MSC.     

Rule Formats for Timed Processes

Building on previous work (15,8), this paper describes two syntactic ways of defining ‘well-behaved’ operational semantics for timed processes. In both cases, the semantic rules are derived from abstract operational rules for behaviour comonads and thus ensure congruence results. The first of them, a light-weight attempt using schematic rules, is shown to be sound, i.e., to indeed induce abstract rules as introduced in [8]. Then a second format, based on a new and very general kind of abstract rules, comonadic SOS (CSOS), is presented which uses meta rules and is also complete, i.e., it characterises all possible CSOS rules for timed processes.     

时间符号迁移图及其互模拟判定

引入时间符号迁移图的概念,作为既涉及通讯又具有实时性的并发系统的模型,该文给出了这种迁移图时间互模拟的算法,并证明了该算法的正确性。     

A Process Algebra for Timed Systems

A standard process algebra is extended by a new action σ which is meant to denote idling until the next clock cycle. A semantic theory based on testing is developed for the new language. This is characterised in terms of barbs, a variety of ready traces and also characterised as the initial theory generated by a set of equations.     

Bounded Model Checking for Timed Automata

Given a timed automaton M, a linear temporal logic formula φ, and a bound k, bounded model checking for timed automata determines if there is a falsifying path of length k to the hypothesis that M satisfies the specification φ. This problem can be reduced to the satisfiability problem for Boolean constraint formulas over linear arithmetic constraints. We show that bounded model checking for timed automata is complete, and we give lower and upper bounds for the length k of counterexamples. Moreover, we define bounded model checking for networks of timed automata in a compositional way.     

一种基于时间自动机的时钟等价性优化方法

提出了一种优化模型检验时间自动机的时钟等价规则,通过优化的时钟等价规则,使时间自动机等价后的域自动机状态数尽可能少,并在此基础上定义了适合于优化时钟等价规则的域自动机.优化时钟等价规则,在一定程度上有效地解决了状态空间爆炸问题.     

An Operational Semantics for Timed CSP

An operational semantics is defined for the language of timed CSP, in terms of two relations: an evolution relation, which describes when a process becomes another simply by allowing time to pass; and a timed transition relation, which describes when a process may become another by performing an action at a particular time. It is shown how the timed behaviours used as the basis for the denotational models of the language may be extracted from the operational semantics. Finally, the failures model for timed CSP is shown to be equivalent to may-testing and, thus, to trace congruence.     

时间自动机的LTL性质模型检测研究

为了增强模型检测工具的检测能力,拓宽模型检测技术的应用范围,对基于时间自动机的LTL性质模型检测进行了研究,对自动机的状态空间的存储方式和状态空间的展开过程进行了分析,讨论了LTL性质模型检测工具的检测流程和检测算法的实现策略对工具检测性能的影响,针对制约模型工具的检测能力和检测效率的因素,采取了一些相应的优化改进策略.采用了BDD(二叉决策图)共享存储技术和位编码压缩存储,较有效地减小了空间消耗,缓解了模型检测中状态爆炸引起的内存空间不足问题.与DTSpin等著名的模型检测工具进行了实验比较,取得了较好的实验结果.     

Timed substitutions for regular signal-event languages

In the classical framework of formal languages, a refinement operation is modeled by a substitution and an abstraction by an inverse substitution. These mechanisms have been widely studied, because they describe a change in the specification level, from an abstract view to a more concrete one, or conversely. For timed systems, there is up to now no uniform notion of substitution. In this paper, we study timed substitutions in the general framework of signal-event languages, where both signals and events are taken into account. We prove that regular signal-event languages are closed under substitution and inverse substitution. To obtain these results, we use in a crucial way a “well known” result: regular signal-event languages are closed under intersection. In fact, while this result is indeed easy for languages defined by Alur and Dill’s timed automata, it turns out that the construction is much more tricky when considering the most involved model of signal-event automata. We give here a construction working on finite and infinite signal-event words and taking into account signal stuttering, unobservability of zero-duration τ-signals and Zeno runs. Note that if several constructions have been proposed in particular cases, it is the first time that a general construction is provided.     

New Methodologies for Parallel Architecture

Moore's law continues to grant computer architects ever more transistors in the foreseeable future, and parallelism is the key to continued performance scaling in modern microprocessors. In this paper, the achievements in our research project, which is supported by the National Basic Research 973 Program of China, on parallel architecture, are systematically presented. The innovative approaches and techniques to solve the significant problems in parallel architecture design are summarized, including architecture level optimization, compiler and language-supported technologies, reliability, power-performance efficient design, test and verification challenges, and platform building. Two prototype chips, a multi-heavy-core Godson-3 and a many-light-core Godson-T, are described to demonstrate the highly scalable and reconfigurable parallel architecture designs. We also present some of our achievements appearing in ISCA, MICRO, ISSCC, HPCA, PLDI, PACT, IJCAI, Hot Chips, DATE, IEEE Trans. VLSI, IEEE Micro, IEEE Trans. Computers, etc.     

Methodologies for designing video servers

This paper proposes an approach for integrating CPU/disk/network scheduling and memory management for supporting a variety of VCR operations and dynamic service changes efficiently. Under this approach we can optimize individual resources, and support a maximal number of clients on a given system. We present a framework of service modeling to characterize the requested video services and identify the scheduling parameters for supporting these services. A number of techniques and methodologies are developed for analyzing the behaviors of disk accesses, network operations, and CPU activities under the loads of both single and multiple clients. We also describe an admission control strategy that utilizes information about all the system resources to determine if a set of video services is acceptable     

Weak bisimulation for Probabilistic Timed Automata

We are interested in describing timed systems that exhibit probabilistic behaviour. To this purpose, we consider a model of Probabilistic Timed Automata and introduce a concept of weak bisimulation for these automata, together with an algorithm to decide it. The weak bisimulation relation is shown to be preserved when either time, or probability is abstracted away. As an application, we use weak bisimulation for Probabilistic Timed Automata to model and analyze a timing attack on the dining cryptographers protocol.     

Timed Modal Logics for Real-Time Systems

In this paper, a timed modal logic L _c is presented for the specification and verification of real-time systems. Several important results for L _c are discussed. First we address the model checking problem and we show that it is an EXPTIME-complete problem. Secondly we consider expressiveness and we explain how to express strong timed bisimilarity and how to build characteristic formulas for timed automata. We also propose a compositional algorithm for L _c model checking. Finally we consider several control problems for which L _c can be used to check controllability.     

Timed high-level nets

Petri nets have been widely used for modeling and analyzing concurrent systems. Several reasons contribute to their success: the simplicity of the model, the immediate graphical representation, the easy modeling of asynchronous aspects, the possibility of reasoning about important properties such as reachability, liveness, boundedness. However, the original model fails in representing two important features: complex functional aspects, such as conditions which rule the flow of control, and time. Due to that, two different classes of extensions of Petri nets have been proposed: high-level nets and timed Petri nets. High-level nets allow the representation of functional aspects in full details, but do not provide a means for representing time; on the other hand, timed Petri nets have been thought for time representation, but they do not provide a means for representing detailed functinal aspects. Thus, these two important aspects cannot be mastered together. In particular, it is difficult to express relationships between time and functional aspects.This paper investigates the relationships between high-level nets and timed Petri nets, thus extending a first set of results published in a previous paper, where a unifying Petri net based model for time representation has been proposed. It first recalls how time can be represented in a Petri net extension called ER nets, and assesses its generality. It then investigates the relationships of ER nets with the best known high-level nets. In particular it shows the overall equivalence of ER nets, Colored Petri nets and Predicate/Transition nets, and extends the mechanism for time representation introduced in ER nets to both Colored Petri nets and Predicate/Transition nets. It also shows that these models cannot be simplified without significantly constraining the timing aspects that can be modeled.     

Non-Interference Control Synthesis for Security Timed Automata

In this paper, the problem of synthesizing controllers that ensures non interference for multilevel security dense timed discrete event systems modeled by an extension of Timed Automata, is addressed for the first time. We first discuss a notion of non interference for dense real-time systems that refines notions existing in the literature and investigate decidability issues raised by the verification problem for dense time properties. We then prove the decidability of the problem of synthesis of the timed controller for some of these timed non interference properties, providing so a symbolic method to synthesize a controller that ensures them.