One of the major problems in applying automatic verification tools to industrial-size systems is the excessive amount of memory required during the state-space exploration of a model. In the setting of real-time, this problem of state-explosion requires extra attention as information must be kept not only on the discrete control structure but also on the values of continuous clock variables.

In this paper, an internal design model called FunState (functions driven by state machines) is presented that enables the representation of different types of system components and scheduling mechanisms using a mixture of functional programming and state machines. It is shown how properties relevant for scheduling and verification of specification models such as Boolean dataflow, cyclostatic dataflow, synchronous dataflow, marked graphs, and communicating state machines as well as Petri nets can be represented in the FunState model of computation. Examples of methods suited for FunState are described, such as scheduling and verification. They are based on the representation of the model's state transitions in form of a periodic graph. The feasibility of the novel approach is shown with an ATM switch example.

The ever increasing complexity of embedded systems consisting of hardware and software components poses a challenge in verifying their correctness. New verification methods that overcome the limitations of traditional techniques and, at the same time, are suitable for hardware/ software systems are needed. In this work we formally define the semantics of PRES+, a Petri net based computational model aimed to represent embedded systems. We introduce an approach to formal verification of such systems: we make use of model checking to prove the correctness of embedded systems by determining the truth of CTL and TCTL formulas that specify required properties with respect to a PRES+ model. An ATM server illustrates the feasibility of our approach on practical applications. 1. Introduction Modern electronic systems are typically constituted of application-specific hardware components and software running on programmable platforms. The inherent heterogeneity of this kind of systems makes the...

In this paper, a scheduling method for heterogeneous embedded systems is developed. At first, an internal representation model called FunState is presented which enables the explicit representation of nondeterminism and scheduling using a combination of functions and state machines. The new scheduling method is able to deal with mixed data/control flow specifications and takes into account different mechanisms of non-determinism as occurring in the design of embedded systems. Constraints imposed by other already implemented components are respected. The scheduling approach avoids the explicit enumeration of execution paths by using symbolic techniques and guarantees to find a deadlock-free and bounded schedule if one exists. The generated schedule consists of statically scheduled basic blocks which are dynamically called at run time. 1

Symbolic model checking tries to reduce the state explosion problem by implicit construction of the state space. The major limiting factor is the size of the symbolic representation mostly stored in huge binary decision diagrams. A new approach to symbolic model checking of Petri nets and related models of computation is presented, outperforming the conventional one and avoiding some of its drawbacks. Our approach is based on a novel, efficient form of representation for multi-valued functions called interval decision diagram (IDD) and the corresponding image computation technique using interval mapping diagrams (IMDs). IDDs and IMDs are introduced, their properties are described, and the feasibility of the new approach is shown with some experimental results.

In this paper, a representation of multi-valued functions called interval decision diagrams (IDDs) is introduced. It is related to similar representations such as binary decision diagrams. Compared to other functional representations with regard to symbolic formal verification approaches, IDDs show some important properties that enable us to verify process networks and related models of computation more adequately than with conventional approaches. Therefore, a new form of transition relation representation called interval mapping diagram (IMD) is introduced. A novel approach to symbolic model checking of process networks is presented. Several drawbacks of traditional strategies are avoided using IDDs and IMDs. The resulting transition relation IMD is very compact, enabling fast image computations. Furthermore, no artificial limitations concerning bu#er capacities or equivalent have to be introduced. Additionally, applications concerning scheduling of process networks are feasible. ID...

Recently there has been a growing interest in models and methods targeted towards the (co)design of stream processing applications; e.g. those for audio/video processing. Streams processed by such applications tend to be highly bursty and exhibit a high data-dependent variability in their processing requirements. As a result, classical event and service models such as periodic, sporadic, etc. can be overly pessimistic when dealing with such applications. In this paper, we present a new model called Event Count Automata (ECA) for capturing the timing properties of such streams. Our model can be used to cleanly formulate properties relevant to stream processing on heterogeneous multiprocessor architectures, such as buffer overflow/underflow constraints. It can also provide the basis for developing analysis methods to compute delay/timing properties of the processed streams under different scheduling policies. Our ECAs, though similar in flavor to timed and hybrid automata, have a different semantics, are more light-weight, and are specifically suited for modeling stream processing applications and architectures. We present the basic aspects of this model and illustrate its modeling potential. We then apply it in a specific stream processing setting and develop an analysis technique based on the formalism of Colored Petri Nets (CPNs). Finally, we validate our modeling and analysis techniques with the help of preliminary experimental results generated using the CPN simulation tool.

In this report, we suggest interval diagram techniques for formal verification of timed automata. Interval diagram techniques are based on interval decision diagrams (IDDs)---representing sets of system configurations of, e.g., timed automata---and interval mapping diagrams (IMDs)---modeling their transition behavior. IDDs are canonical representations of Boolean functions and allow for their efficient manipulation. We present the methods necessary for our approach and compare its results to another, similar verification technique. Contents 1 Introduction 1 2 Timed Automata 3 2.1 The Timed Automaton . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2 Time Forward Projection . . . . . . . . . . . . . . . . . . . . . . . . . 4 3 Interval Diagram Techniques 6 3.1 Interval Decision Diagrams . . . . . . . . . . . . . . . . . . . . . . . . 6 3.2 Interval Mapping Diagrams . . . . . . . . . . . . . . . . . . . . . . . 6 4 Formal Verification of Timed Automata 9 4.1 Using Differ...

In this paper, we introduce a model called regular state machines (RSMs) that characterizes a class of state transition systems with regular transition behavior. It turns out that many process graph models such as synchronous dataflow graphs and Petri nets have a state transition system that may be described and analyzed in the RSM model. In particular, the proposed approach unifies methods known for the above-mentioned subclasses and yields new results concerning boundedness, deadlocks, scheduling, and formal verification. Keywords: state transition system, model of computation, infinite state, scheduling, formal verification, Petri net 1 Introduction In this paper, a model of computation is introduced called regular state machine (RSM) that fills an existing gap for describing systems with regular, repetitive, and infinite state transition behavior e#ciently. In this introduction, we shortly review existing models of computation and give a motivation for the need of a n...

In this paper, we suggest interval diagram techniques for formal verification of real-time systems modeled by means of timed automata. Interval diagram techniques are based on interval decision diagrams (IDDs)---representing sets of system configurations of, e.g., timed automata---and interval mapping diagrams (IMDs)--- modeling their transition behavior. IDDs are canonical representations of Boolean functions and allow for their efficient manipulation. Our approach is used for performing both timed reachability analysis and real-time symbolic model checking. We present the methods necessary for our approach and compare its results to another, similar verification technique---achieving a speedup of 7 and more. 1 Introduction Especially for safety-critical real-time applications such as those in traffic control, medical engineering, or avionics, simulation often is not sufficient to guarantee the correctness of a technical system's model. In addition to simulation, formal methods are e...