Formal methods for analysis of discrete systems using a specification language

A realization of an algorithm that translates an MSC diagram (an MSC document) into an event equivalent Petri net is described, and the correctness of the algorithm is proved. The net obtained in this way can be used to analyze properties of the original MSC document. The mentioned algorithm is a part of a system designed for verification and analysis of MSC documents. Translated from Kibernetika i Sistemnyi Analiz, No. 4, pp. 31–56, July–August 2009.     

Analysis of the Datagram Congestion Control Protocol’s connection management procedures using the sweep-line method

State space explosion is a key problem in the analysis of finite state systems. The sweep-line method is a state exploration method which uses a notion of progress to allow states to be deleted from memory when they are no longer required. This reduces the peak number of states that need to be stored, while still exploring the full state space. The technique shows promise but has never achieved reductions greater than about a factor of 10 in the number of states stored in memory for industrially relevant examples. This paper discusses sweep-line analysis of the connection management procedures of a new Internet standard, the Datagram Congestion Control Protocol (DCCP). As the intuitive approaches to sweep-line analysis are not effective, we introduce new variables to track progress. This creates further state explosion. However, when used with the sweep-line, the peak number of states is reduced by over two orders of magnitude compared with the original. Importantly, this allows DCCP to be analysed for larger parameter values. Somsak Vanit-Anunchai was partially supported by an Australian Research Council Discovery Grant (DP0559927) and Suranaree University of Technology. Guy Edward Gallasch was supported by an Australian Research Council Discovery Grant (DP0559927).     

Exploiting transition locality in automatic verification of finite-state concurrent systems

In this paper we show that statistical properties of the transition graph of a system to be verified can be exploited to improve memory or time performances of verification algorithms.We show experimentally that protocols exhibit transition locality. That is, with respect to levels of a breadth-first state space exploration, state transitions tend to be between states belonging to close levels of the transition graph. We support our claim by measuring transition locality for the set of protocols included in the Mur verifier distribution .We present a cache-based verification algorithm that exploits transition locality to decrease memory usage and a disk-based verification algorithm that exploits transition locality to decrease disk read accesses, thus reducing the time overhead due to disk usage. Both algorithms have been implemented within the Mur verifier.Our experimental results show that our cache-based algorithm can typically save more than 40% of memory with an average time penalty of about 50% when using (Mur) bit compression and 100% when using bit compression and hash compaction, whereas our disk-based verification algorithm is typically more than ten times faster than a previously proposed disk-based verification algorithm and, even when using 10% of the memory needed to complete verification, it is only between 40 and 530% (300% on average) slower than (RAM) Mur with enough memory to complete the verification task at hand. Using just 300 MB of memory our disk-based Mur was able to complete verification of a protocol with about 10⁹ reachable states. This would require more than 5 GB of memory using standard Mur .     

基于Petri网的工作流结构正确性化简验证方法

工作流技术是近年来在计算机应用领域发展最为迅速的新技术之一,但基于覆盖图的工作流网的结构正确性检查的实现过于复杂.本文在Aalst提出的基于Petri网的工作流网的控制流的正确性理论的基础上,提出了工作流网的正确性检查的化简规则及相应的化简算法,实现了对于正确结构的工作流网直接验证;对于错误结构的工作流网,输出其包含问题节点在内的子网结构,可以进一步通过覆盖图的方法确认问题节点,从而降低了工作流网正确性检查的复杂性.     

The Case for Analog Circuit Verification

The traditional approach to validate analog circuits is to utilize extensive SPICE-level simulations. The main challenge of this approach is knowing when all important corner cases have been simulated. A new alternative is to utilize formal verification techniques. This paper utilizes a simple example to illustrate the potential flaws of a simulation-only based validation methodology and the potential benefits of formal verification of analog circuits.     

基于CPN的程序测试用例生成方法的研究

采用成熟的建模仿真工具CPN tools不仅仅对程序设计语言的三种基本结构进行了建模,而且对并行程序中的并行结构也进行了建模和仿真。在不针对某些具体语言比如C语言的情况下,提出了生成测试用例的新方法,该方法对具备三种基本结构特性的所有程序都具有普遍适用性。对具有并行结构的程序通过化简寻找测试路径。最后在生成测试用例之后,又利用CPN tools对所获得的测试用例进行选择和评价,最终确定合适的测试用例,不仅能够保证获取的测试路径是完整的而且是最优的。     

基于CPN的求解关键路径的新方法

在证明转换规则正确性的基础上,首先利用转换规则对 AOE 网进行转换,然后从两个方面对转换后的CPN(Colored Petri Nets)模型不合理的地方进行合理性的修改。再利用编写的函数求出从源点到汇点的所有的可达路径,在获得所有可达路径的同时也获取了所有可达路径所花费的时间,那么时间最大的就是关键路径。该方法不仅简便直观,而且能够在保证正确性合理性的前提下提高执行效率,减小时间复杂度。     

一种改进的Petri网S不变量计算方法

用于计算Petri网S不变量的M-S算法将所有正负行两两做线性组合变换,增加了算法的复杂度,得到的最终结果也并不一定是最小S不变量支撑。针对该问题,提出一种改进算法。通过增加对Petri网关联矩阵的预处理步骤,减少线性组合运算的次数,并得到最小S不变量支撑。理论与实验结果证明,M-S算法的复杂度为s×t,而改进算法的复杂度为s＋t,该算法能有效减少计算复杂度。     

Integrating predicate transition nets with first order temporal logic in the specification and verification of concurrent systems

This paper presents some results of integrating predicate transition nets with first order temporal logic in the specification and verification of concurrent systems. The intention of this research is to use predicate transition nets as a specification method and to use first order temporal logic as a verification method so that their strengths — the easy comprehension of predicate transition nets and the reasoning power of first order temporal logic can be combined. In this paper, a theoretical relationship between the computation models of these two formalisms is presented; an algorithm for systematically translating a predicate transition net into a corresponding temporal logic system is outlined; and a special temporal refutation proof technique is proposed and illustrated in verifying various concurrent properties of the predicate transition net specification of the five dining philosophers problem.     

Modeling and formal verification of embedded systems based on a Petri net representation

In this paper we concentrate on aspects related to modeling and formal verification of embedded systems. First, we define a formal model of computation for embedded systems based on Petri nets that can capture important features of such systems and allows their representation at different levels of granularity. Our modeling formalism has a well-defined semantics so that it supports a precise representation of the system, the use of formal methods to verify its correctness, and the automation of different tasks along the design process. Second, we propose an approach to the problem of formal verification of embedded systems represented in our modeling formalism. We make use of model checking to prove whether certain properties, expressed as temporal logic formulas, hold with respect to the system model. We introduce a systematic procedure to translate our model into timed automata so that it is possible to use available model checking tools. We propose two strategies for improving the verification efficiency, the first by applying correctness-preserving transformations and the second by exploring the degree of parallelism characteristic to the system. Some examples, including a realistic industrial case, demonstrate the efficiency of our approach on practical applications.     

Automated test‐data generation for exception conditions

This paper presents a technique for automatically generating test‐data to test exceptions. The approach is based on the application of a dynamic global optimization based search for the required test‐data. The authors' work has focused on test‐data generation for safety‐critical systems. Such systems must be free from anomalous and uncontrolled behaviour. Typically, it is easier to prove the absence of any exceptions than proving that the exception handling is safe. A process for integrating automated testing with exception freeness proofs is presented as a way forward for tackling the special needs of safety critical systems. The results of a number of simple case‐studies are presented and show the technique to be effective. The major result shows the application of the technique to a commercial aircraft engine controller system as part of a proof of exception freeness. This illustrates how automated testing can be effectively integrated into a formal safety‐critical process to reduce costs and add value. Copyright © 2000 John Wiley & Sons, Ltd.     

SAT-Solving the Coverability Problem for Petri Nets

Net unfoldings have attracted great attention as a powerful technique for combating state space explosion in model checking, and have been applied to verification of finite state systems including 1-safe (finite) Petri nets and synchronous products of finite transition systems. Given that net unfoldings represent the state space in a distributed, implicit manner the verification algorithm is necessarily a two step process: generation of the unfolding and reasoning about it. In his seminal work McMillan (K.L. McMillan, Symbolic Model Checking. Kluwer Academic Publishers, 1993) showed that deadlock detection on unfoldings of 1-safe Petri nets is NP-complete. Since the deadlock problem on Petri nets is PSPACE-hard it is generally accepted that the two step process will yield savings (in time and space) provided the unfoldings are small.In this paper we show how unfoldings can be extended to the context of infinite-state systems. More precisely, we show how unfoldings can be constructed to represent sets of backward reachable states of unbounded Petri nets in a symbolic fashion. Furthermore, based on unfoldings, we show how to solve the coverability problem for unbounded Petri nets using a SAT-solver. Our experiments show that the use of unfoldings, in spite of the two-step process for solving coverability, has better time and space characteristics compared to a traditional reachability based implementation that considers all interleavings for solving the coverability problem.     

Automated synthesis of hybrid Petri net models for robotic cells in the aircraft industry

The use of robots in the aircraft structural assembly is a challenge. The presence of human operators, auxiliary systems and industrial robots makes hybrid the dynamic behavior of a robotic cell in this context. Here, the focus is on the automated synthesis of a model for the sequencing of the activities of a robotic cell in the aircraft industry. The cell model is obtained from a simple specification of resources and tasks, considered the main cell components, running the algorithm presented in this paper. The effectiveness of the model is shown using a case study defined by the ongoing European project LOCOMACHS (LOw COst Manufacturing and Assembly of Composite and Hybrid Structures, http://www.locomachs.eu/).     

区间速率连续Petri网可达稳态必要性分析

文章就区间速率连续Petri网可达稳态的必要性问题进行研究,在介绍区间速率连续Petri网及其使能、引发语义的基础上首先给出区间速率连续Petri网在指定标识下具有稳态的条件;其次通过提出区间速率连续Petri网一种标识向量等价类划分方法从而给出分析区间速率连续Petri网可达稳态必要性的有效方法;最后给出一个应用例子,考察区间速率连续Petri网的可达稳态问题。     

A three-level knowledge-based system for the generation of live and safe Petri nets for manufacturing systems

New generation manufacturing systems are involved in a transformation process which aims for more reliable production processes and with a lower response time to the demand of the market. This work presents an application of artificial intelligence planning techniques for the automatic generation of the control program for a manufacturing system expressed as a safe and live Petri net. The advantage of the system presented here is straightforward: it allows for a fast generation of sound results free of human errors, reducing the cost and duration of the development phase of control programs.     

基于CPN状态空间分析的复杂系统脆性度量

为进一步解决复杂系统脆性理论既有研究工具存在的系统状态定量描述困难、系统边界条件约束较多等问题,将有色Petri网及其仿真工具CPN Tools引入到复杂系统脆性度量研究中。有色Petri网及CPN Tools内置的查询工具、既有的高级状态空间计算方法都降低了复杂系统脆性度量中的问题复杂度。论文提出基于状态空间分析的复杂系统脆性度量指标并给出编程实现流程。仿真算例表明状态空间内状态节点的脆性传递过程及其影响范围能够间接反映系统脆性行为     

A Reduced Reachability Tree for a Class of Unbounded Petri Nets

As a powerful analysis tool of Petri nets, reachability trees are fundamental for systematically investigating many characteristics such as boundedness, liveness and reversibility. This work proposes a method to generate a reachability tree, called ωRT for short, for a class of unbounded generalized nets called ω-independent nets based on new modified reachability trees (NMRTs). ωRT can effectively decrease the number of nodes by removing duplicate and ω-duplicate nodes in the tree, and verify properties such as reachability, liveness and deadlocks. Two examples are provided to show its superiority over NMRTs in terms of tree size.      

Automatic Real-Time Analysis of Reactive Systems with the PARTS Toolset

Real-time systems are becoming increasingly widespread, often in safety-critical applications. It is therefore crucial that these systems be correct; however, there are few automated tools for analyzing concurrency and timing properties of these systems. The PARTS toolset uses a Petri-net-based reachability analysis to analyze program specifications written in an Ada-83 subset. Our simple time Petri nets are specifically aimed at facilitating real-time analysis. In order to control the state-explosion problem, PARTS employs several optimization techniques aimed at state-space reduction. In this paper we discuss our approach and we report on extensive experiments with several examples of real-time specifications based on Ada 83. When possible, we also compare our experimental results with results obtained by other approaches to real-time analysis.     

着色Petri网应用研究

着色Petri网是在经典Petri网理论基础上增加了token类型和网的模块这两个功能,它现在已成为一种较完善的语言,可以用来对各种系统规范和协议等进行设计、规范描写、仿真和验证等。文章对着色Petri网的基本理论进行了简单介绍,并对一个简单的通信协议进行建模和分析,提出了今后着色Petri网发展的一个主要方向。