Weighted modal transition systems

Specification theories as a tool in model-driven development processes of component-based software systems have recently attracted a considerable attention. Current specification theories are however qualitative in nature, and therefore fragile in the sense that the inevitable approximation of systems by models, combined with the fundamental unpredictability of hardware platforms, makes it difficult to transfer conclusions about the behavior, based on models, to the actual system. Hence this approach is arguably unsuited for modern software systems. We propose here the first specification theory which allows to capture quantitative aspects during the refinement and implementation process, thus leveraging the problems of the qualitative setting. Our proposed quantitative specification framework uses weighted modal transition systems as a formal model of specifications. These are labeled transition systems with the additional feature that they can model optional behavior which may or may not be implemented by the system. Satisfaction and refinement is lifted from the well-known qualitative to our quantitative setting, by introducing a notion of distances between weighted modal transition systems. We show that quantitative versions of parallel composition as well as quotient (the dual to parallel composition) inherit the properties from the Boolean setting.     

Exploring inconsistencies between modal transition systems

It is commonplace to have multiple behaviour models that describe the same system but have been produced by different stakeholders or synthesized from different sources. Although in practice, such models frequently exhibit inconsistencies, there is a lack of tool support for analyzing them. There are two key difficulties in explaining why two behavioural models are inconsistent: (1) explanations often require branching structures rather than linear traces, or scenarios; and (2) there can be multiple sources of inconsistency and many different ways of explaining each one. In this paper, we present an approach that supports exploration of inconsistencies between modal transition systems, an extension to labelled transition systems. We show how to produce sound graphical explanations for inconsistencies, how to compactly represent all possible explanations in a composition of the models being compared, and how modelers can use this composition to explore the explanations encoded therein.     

On determinism in modal transition systems

Modal transition system (MTS) is a formalism which extends the classical notion of labelled transition systems by introducing transitions of two types: must transitions that have to be present in any implementation of the MTS and may transitions that are allowed but not required.The MTS framework has proved to be useful as a specification formalism of component-based systems as it supports compositional verification and stepwise refinement. Nevertheless, there are some limitations of the theory, namely that the naturally defined notions of modal refinement and modal composition are incomplete with respect to the semantic view based on the sets of the implementations of a given MTS specification. Recent work indicates that some of these limitations might be overcome by considering deterministic systems, which seem to be more manageable but still interesting for several application areas.In the present article, we provide a comprehensive account of the MTS framework in the deterministic setting. We study a number of problems previously considered on MTS and point out to what extend we can expect better results under the restriction of determinism.     

Comparing disjunctive modal transition systems with an one-selecting variant

An expressive class of abstractions for labeled transition systems is that of disjunctive modal transition systems (DMTS), featuring may- and must transitions as well as disjunctive hypertransitions (OR). In order to describe exclusive choice adequately, we develop a variant of DMTSs called 1-selecting modal transition systems (OMTS) that, roughly speaking, interprets hypertransitions exclusively (XOR). These abstract models, DMTSs and OMTSs, are compared with respect to their expressive power. By giving transformations or showing their non-existence, we show that the two setting can express the same sets of labeled transition systems, but 1-selecting modal transition systems have a richer refinement preorder.     

A modal specification theory for components with data

Modal specification is a well-known formalism used as an abstraction theory for transition systems. Modal specifications are transition systems equipped with two types of transitions: must-transitions that are mandatory to any implementation, and may-transitions that are optional. The duality of transitions allows for developing a unique approach for both logical and structural compositions, and eases the step-wise refinement process for building implementations. We propose Modal Specifications with Data (MSDs), the first modal specification theory with explicit representation of data. Our new theory includes the most commonly seen ingredients of a specification theory; that is parallel composition, conjunction and quotient. As MSDs are by nature potentially infinite-state systems, we propose symbolic representations based on effective predicates. Our theory serves as a new abstraction-based formalism for transition systems with data.     

On the specification of modal systems: A comparison of three frameworks

This paper studies the relationships between three notions of behavioural preorder that have been proposed in the literature: refinement over modal transition systems, and the covariant–contravariant simulation and the partial bisimulation preorders over labelled transition systems. It is shown that there are mutual translations between modal transition systems and labelled transition systems that preserve, and reflect, refinement and the covariant–contravariant simulation preorder. The translations are also shown to preserve the modal properties that can be expressed in the logics that characterize those preorders. A translation from labelled transition systems modulo the partial bisimulation preorder into the same model modulo the covariant–contravariant simulation preorder is also offered, together with some evidence that the former model is less expressive than the latter. In order to gain more insight into the relationships between modal transition systems modulo refinement and labelled transition systems modulo the covariant–contravariant simulation preorder, their connections are also phrased and studied in the context of institutions.     

工业控制计算机系统通用规范研究（下）

根据IEC61069标准对工业控制计算机系统的系统综合性能及其评定的有关问题进行了讨论。     

Integrating predicate transition nets with first order temporal logic in the specification and verification of concurrent systems

This paper presents some results of integrating predicate transition nets with first order temporal logic in the specification and verification of concurrent systems. The intention of this research is to use predicate transition nets as a specification method and to use first order temporal logic as a verification method so that their strengths — the easy comprehension of predicate transition nets and the reasoning power of first order temporal logic can be combined. In this paper, a theoretical relationship between the computation models of these two formalisms is presented; an algorithm for systematically translating a predicate transition net into a corresponding temporal logic system is outlined; and a special temporal refutation proof technique is proposed and illustrated in verifying various concurrent properties of the predicate transition net specification of the five dining philosophers problem.     

QoS-oriented design of embedded systems with specification PEARL

Only recently have methodical tools adequate to design real-time systems been formally introduced in design methodologies. Naturally, they were present from the beginning, but due to the large diversity of embedded systems’ areas of deployment, specially dedicated formalisms have been developed and used. High-level language programming and integration of modeling formalisms into design methods eased the development of more complex real-time applications. With the emerging object-oriented programming languages and design methods, their integration into larger information systems has become more transparent. It was the UML methodology, however, which eventually merged also the design methods and concepts of real-time systems into a consistent whole. It took a large consortium and a long process to persuade industry of the benefits the new integral methodology can offer. On the other hand, there are some trade-offs, and there are some features not completely covered, yet. Here, a different, more straightforward approach to program and design (embedded) real-time systems is presented. Since it emerged from the real-time community, it includes most features relevant there. Independent of the UML profile for schedulability, performance and time specification, a profile was devised for use in PEARL-oriented UML design. The strengths of the mentioned language and design methods for QoS-oriented design of (embedded) real-time systems are emphasised throughout this article.     

Formal specification of concurrent systems

This paper presents a formal methodology for developing concurrent systems. We extend the Larch family of specification languages and tools with the CCS process algebra to support the specification and verification of concurrent systems. We present and follow a refinement strategy that relates an implementation in a programming language to a formal specification of such a system. We illustrate our methodology on an example that uses the preconditioned conjugate gradient method for solving a linear system of equations.     

Requirements specification for process-control systems

The paper describes an approach to writing requirements specifications for process-control systems, a specification language that supports this approach, and an example application of the approach and the language on an industrial aircraft collision avoidance system (TCAS II). The example specification demonstrates: the practicality of writing a formal requirements specification for a complex, process-control system; and the feasibility of building a formal model of a system using a specification language that is readable and reviewable by application experts who are not computer scientists or mathematicians. Some lessons learned in the process of this work, which are applicable both to forward and reverse engineering, are also presented     

Polynomial modal control for sampled data systems with delay

The problem of modal sampled-data control for continuous-time linear time-invariant plant with delay is considered. The characteristic matrix of the system is constructed. An algorithm is given for generating the set of causal discrete-time controllers that place eigenvalues of the characteristic matrix at specified points of the complex plane.     

Supervisory control of modular systems with global specification languages

The paper presents sufficient conditions for modular (supervisory) control synthesis to equal global control synthesis. In modular control synthesis a supervisory control is synthesized for each module separately and the supervisory control consists of the parallel composition of the modular supervisory controls. The general case of the specification that is indecomposable and not necessarily contained in the plant language, which is often the case in practice, is considered. The usual assumption that all shared events are controllable is relaxed by introducing two new structural conditions relying on the global mutual controllability condition. The novel concept used as a sufficient structural condition is strong global mutual controllability. The main result uses a weaker condition called global mutual controllability together with local consistency of the specification. An example illustrates the approach.     

Judgmental subtyping systems with intersection types and modal types

We study how to extend modal type systems based on intuitionistic modal logic S4 or S5 with a subtyping system based on intersection types. In the presence of four type constructors ${\!}\!\rightarrow \!{\!},\,{\!}\wedge {\!},\,\square {}$ , and $\Diamond {}$ , the traditional approach using a binary subtyping relation does not work well because of lack of orthogonality in subtyping rules and presence of a transitivity rule. We adopt the idea from the judgmental formulation of modal logic (Pfenning and Davies in Math Struct Comput Sci 11(4):511–540, 2001) and use subtyping judgments whose definitions express those notions internalized into type constructors directly at the level of judgments. The resultant judgmental subtyping systems admit cut rules similarly to a sequent calculus for intuitionistic logic and play a key role in designing and verifying the relational subtyping systems based on the binary subtyping relation. We use the proof assistant Coq to prove the admissibility of the cut rules and the equivalence between the two kinds of subtyping systems. The lesson from our study is that by using subtyping judgments instead of the binary subtyping relation, we can overcome the limitation usually associated with the syntactic approach to formulating subtyping systems.     

Modeling data-intensive reactive systems with relational transition systems

In this paper, the formalism of Relational Transition Systems (RTSes) is used to model data-intensive reactive systems, and four RTS models of reactive systems based on temporal logic programming, production systems, recurrence equations, and Petri nets are presented. The paper also describes different methods of comparison of the expressive powers of various RTSes in terms of the trajectories they can generate and carries out this comparison for the four RTS formalisms. It is shown that these formalisms have the same expressive power in the deterministic case. The paper also compares expressive powers of non-deterministic production systems and non-deterministic temporal logic programming systems. It is shown that, although the two formalisms are incomparable in the general case, their restricted versions are isomorphic to each other. Received December 7, 1993 / January 26, 1995     

Constructing modal control systems for plants with meromorphic transfer function

A problem of constructing an infinite-dimensional controller that ensures the given desired distribution of poles and a part of zeros of the transfer function of the closed-loop system is solved for the plant with distributed parameters. Transfer functions of the plant, controller and closed-loop system are considered in the class of meromorphic functions. The modal controller is synthesized directly based on the desired transfer function of the closed-loop system. The method of synthesizing the controller is reduced to searching an interpolation series. An example is given.