Results 1 
8 of
8
Fischer's Protocol in Timed Process Algebra
, 1994
"... Timed algebraic process theories can be developed with quite different purposes in mind. One can aim for theoretical results about the theory itself (completeness, expressiveness, decidability), or one can aim for practical applicability to nontrivial protocols. Unfortunately, these aims do not go ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
Timed algebraic process theories can be developed with quite different purposes in mind. One can aim for theoretical results about the theory itself (completeness, expressiveness, decidability), or one can aim for practical applicability to nontrivial protocols. Unfortunately, these aims do not go well together. In this paper we take two theories, which are probably of the first kind, and try to find out how well suited they are for practical verifications. We verify Fischer's protocol for mutual exclusion in the settings of discretetime process algebra (ACP dt ) and realtime process algebra (ACP ur ). We do this by transforming the recursive specification into an equivalent linear specification, and then dividing out the maximal bisimulation relation. The required mutual exclusion result can then be found by reasoning about the obtained process graph. Finally, we consider the ease of the verification, and ways to adapt the theory to make it more practical. It will turn out that the...
On Specifying RealTime Systems in a CausalityBased Setting
, 1996
"... . Event structures are a prominent noninterleaving model for concurrency. Realtime event structures associate a set of time instants to events, modelling absolute time constraints, and to causal dependencies, modelling relative delays between causally dependent events. We introduce this novel tempo ..."
Abstract

Cited by 7 (4 self)
 Add to MetaCart
. Event structures are a prominent noninterleaving model for concurrency. Realtime event structures associate a set of time instants to events, modelling absolute time constraints, and to causal dependencies, modelling relative delays between causally dependent events. We introduce this novel temporal model and show how it can be used to provide a denotational semantics to a realtime variant of a process algebra akin to LOTOS. This formalism includes a timedaction prefix which constrains the occurrence time of actions, a timeout and watchdog (i.e., timed interrupt) operator. An eventbased operational semantics for this formalism is presented that is shown to be consistent with the denotational semantics. As an example we use an infinite buffer with time constraints on the message latency and the rates of accepting and producing data. 1 Introduction Timed extensions of interleaving models for concurrency have been investigated thoroughly in the last decade. Although there are many...
Metric Semantics for True Concurrent Real Time
, 1999
"... This paper investigates the use of a complete metric space framework for providing denotational semantics to a realtime process algebra. The study is carried out in a noninterleaving setting and is based on a timed extension of Langerak's bundle event structures, a variant of Winskel's event struc ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
This paper investigates the use of a complete metric space framework for providing denotational semantics to a realtime process algebra. The study is carried out in a noninterleaving setting and is based on a timed extension of Langerak's bundle event structures, a variant of Winskel's event structures. The distance function of the metric is based on the amount of time to which event structures do `agree'. We show that this intuitive notion of distance is a pseudo metric (but not a metric) on the set of timed event structures. A generalisation to equivalence classes of timed event structures in which we abstract from event identities and nonexecutable events (events that can never occur) is shown to be a complete ultrametric space. We present an operational semantics for the considered language and show that the metric semantics is an abstraction of it. The operational semantics is characterised by the absence of synchronisation on the advance of time as opposed to the operational ...
Partial Order Models for Quantitative Extensions of LOTOS
, 1997
"... Event structures are a prominent model for noninterleaving concurrency. The use of event structures for providing a compositional noninterleaving semantics to LOTOS without data is studied. In particular, several quantitative extensions of event structures are proposed that incorporate notions lik ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Event structures are a prominent model for noninterleaving concurrency. The use of event structures for providing a compositional noninterleaving semantics to LOTOS without data is studied. In particular, several quantitative extensions of event structures are proposed that incorporate notions like timeboth of deterministic and stochastic natureand probability. The suitability of these models for giving a noninterleaving semantics to a timed, stochastic and probabilistic extension of LOTOS is investigated. Consistency between the event structure semantics and an (eventbased) operational semantics is addressed for the different quantitative variants of LOTOS and is worked out for the timed case in more detail. These consistency results facilitate the coherent use of an interleaving and a noninterleaving semantic view in a single design trajectory and provide a justification for the event structure semantics. As a running example an infinite buffer is used in which gradually t...
Layered Composition for Timed Automata
"... We investigate layered composition for realtime systems modelled as (networks of) timed automata (TA). We first formulate the principles of layering and transition independence for TA, and demonstrate the validity of the communication closed layer (CCL) laws in such a setting, by means of an opera ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
We investigate layered composition for realtime systems modelled as (networks of) timed automata (TA). We first formulate the principles of layering and transition independence for TA, and demonstrate the validity of the communication closed layer (CCL) laws in such a setting, by means of an operator for layered composition that is intermediate between parallel and sequential composition. Next, we introduce the principles of input/output (i/o) and partialorder (po) equivalences, and show that such equivalences are preserved when the layered composition operator is replaced by sequential composition within the expressions appearing in the CCL laws. Finally, we proceed to show that such layering (together with equivalences obtained through the CCL laws) can be useful in the design and verification of dense realtime systems that consist of a network of interacting components, by bringing about a reduction of the statespace through the exploitation of transition independence. This is illustrated by considering a collision avoidance protocol developed for an audio/video system of Bang and Olufsen.
Third AMAST Workshop on RealTime Systems Proceedings
"... this paper, we describe the application of this methodology to generate an algebraic implementation of a CTL model checking algorithm. CTL is a propositional, branchingtime temporal logic often used as a specification language for realtime program verification. Model checking is a formal technique ..."
Abstract
 Add to MetaCart
this paper, we describe the application of this methodology to generate an algebraic implementation of a CTL model checking algorithm. CTL is a propositional, branchingtime temporal logic often used as a specification language for realtime program verification. Model checking is a formal technique [8] used to verify that a given program satisfies a given property and consists of two ingredients: a labeled finite state transition system called the model used to represent the program, and a computational tree logic, CTL, used to specify program properties as CTL formulas. Formally, the model M is a tuple M = hS; E; P : T ! 2
Structural Transformations for DataEnriched RealTime Systems ⋆
"... Abstract. We investigate structural transformations for easier verification of realtime systems with shared data variables, modelled as networks of extended timed automata (ETA). Our contributions to this end are: (1) An operator for layered composition of ETA that yields communication closed equiv ..."
Abstract
 Add to MetaCart
Abstract. We investigate structural transformations for easier verification of realtime systems with shared data variables, modelled as networks of extended timed automata (ETA). Our contributions to this end are: (1) An operator for layered composition of ETA that yields communication closed equivalences under certain independence and / or precedence conditions. (2) Two reachability preserving transformations of separation and flattening for reducing (under certain cycle conditions) the number cycles of the ETA. (3) The interplay of the three structural transformations (separation, flattening, and layering), illustrated on an enhanced version of Fischer’s realtime mutual exclusion protocol. 1
ST – p.5/39Sequential and Step Composition A1: a
, 2013
"... Simplify systems for verification and analysis by structural transformations. Example. If parallel composition can be replaced by sequential composition, verification gets simplified: a) conceptually, e.g. no interference, b) automatically by smaller state spaces. ST – p.2/39Disjoint Parallel Progra ..."
Abstract
 Add to MetaCart
Simplify systems for verification and analysis by structural transformations. Example. If parallel composition can be replaced by sequential composition, verification gets simplified: a) conceptually, e.g. no interference, b) automatically by smaller state spaces. ST – p.2/39Disjoint Parallel Programs Hoare (1975) Let S1,...,Sn be pairwise disjoint while programs. Then parallel and sequential compostion are input/output equivalent: [S1‖...‖Sn] ≡i/o