Results 1  10
of
19
Interaction and Intelligent Behavior
, 1994
"... This thesis addresses situated, embodied agents interacting in complex domains. It focuses on two problems: 1) synthesis and analysis of intelligent group behavior, and 2) learning in complex group environments. Basic behaviors, control laws that cluster constraints to achieve particular goals and h ..."
Abstract

Cited by 147 (20 self)
 Add to MetaCart
This thesis addresses situated, embodied agents interacting in complex domains. It focuses on two problems: 1) synthesis and analysis of intelligent group behavior, and 2) learning in complex group environments. Basic behaviors, control laws that cluster constraints to achieve particular goals and have the appropriate compositional properties, are proposed as effective primitives for control and learning. The thesis describes the process of selecting such basic behaviors, formally specifying them, algorithmically implementing them, and empirically evaluating them. All of the proposed ideas are validated with a group of up to 20 mobile robots using a basic behavior set consisting of: safewandering, following, aggregation, dispersion, and homing. The set of basic behaviors acts as a substrate for achieving more complex highlevel goals and tasks. Two behavior combination operators are introduced, and verified by combining subsets of the above basic behavior set to implement collective flocking, foraging, and docking. A methodology is introduced for automatically constructing higherlevel behaviors
The Generalized Railroad Crossing: A Case Study in Formal Verification of RealTime Systems
 IN PROC., REALTIME SYSTEMS SYMP
, 1994
"... A new solution to the Generalized Railroad Crossing problem, based on timed automata, invariants and simulation mappings, is presented and evaluated. The solution shows formally the correspondence between four system descriptions: an axiomatic specification, an operational specification, a discrete ..."
Abstract

Cited by 94 (19 self)
 Add to MetaCart
A new solution to the Generalized Railroad Crossing problem, based on timed automata, invariants and simulation mappings, is presented and evaluated. The solution shows formally the correspondence between four system descriptions: an axiomatic specification, an operational specification, a discrete system implementation, and a system implementation that works with a continuous gate model.
Liveness in Timed and Untimed Systems
, 1994
"... When proving the correctness of algorithms in distributed systems, one generally considers safety conditions and liveness conditions. The Input/Output (I/O) automaton model and its timed version have been used successfully, but have focused on safety conditions and on a restricted form of liveness c ..."
Abstract

Cited by 82 (16 self)
 Add to MetaCart
When proving the correctness of algorithms in distributed systems, one generally considers safety conditions and liveness conditions. The Input/Output (I/O) automaton model and its timed version have been used successfully, but have focused on safety conditions and on a restricted form of liveness called fairness. In this paper we develop a new I/O automaton model, and a new timed I/O automaton model, that permit the verification of general liveness properties on the basis of existing verification techniques. Our models include a notion of environmentfreedom which generalizes the idea of receptiveness of other existing formalisms, and enables the use of compositional verification techniques.
Forward and Backward Simulations  Part II: TimingBased Systems
 Information and Computation
, 1995
"... A general automaton model for timingbased systems is presented and is used as the context for developing a variety of simulation proof techniques for such systems. These techniques include (1) refinements, (2) forward and backward simulations, (3) hybrid forwardbackward and backwardforward sim ..."
Abstract

Cited by 79 (26 self)
 Add to MetaCart
A general automaton model for timingbased systems is presented and is used as the context for developing a variety of simulation proof techniques for such systems. These techniques include (1) refinements, (2) forward and backward simulations, (3) hybrid forwardbackward and backwardforward simulations, and (4) history and prophecy relations. Relationships between the different types of simulations, as well as soundness and completeness results, are stated and proved. These results are (with one exception) analogous to the results for untimed systems in Part I of this paper. In fact, many of the results for the timed case are obtained as consequences of the analogous results for the untimed case.
Mechanical Verification of Timed Automata: A Case Study
 In Proc. 1996 IEEE RealTime Technology and Applications Symp. (RTAS'96). IEEE Computer
, 1996
"... This paper reports the results of a case study on the feasibility of developing and applying mechanical methods, based on the proof system PVS, to prove propositions about realtime systems specified in the LynchVaandrager timed automata model. In using automated provers to prove propositions about ..."
Abstract

Cited by 30 (9 self)
 Add to MetaCart
This paper reports the results of a case study on the feasibility of developing and applying mechanical methods, based on the proof system PVS, to prove propositions about realtime systems specified in the LynchVaandrager timed automata model. In using automated provers to prove propositions about systems described by a specific mathematical model, both the proofs and the proof process can be simplified by exploiting the special properties of the mathematical model. Because both specifications and methods of reasoning about them tend to be repetitive, the use of a standard template for specifications, accompanied by standard shared theories and standard proof strategies or tactics, is often feasible. Presented are the PVS specification of three theories that underlie the timed automata model, a template for specifying timed automata models in PVS, and an example of its instantiation. Both hand proofs and the corresponding PVS proofs of two propositions are provided to illustrate h...
Verifying SCR Requirements Specifications Using State Exploration
 In Proceedings of First ACM SIGPLAN Workshop on Automatic Analysis of Software
, 1997
"... Researchers at the Naval Research Laboratory (NRL) have been developing a formal method, known as the SCR (Software Cost Reduction) method, to specify the requirements of software systems using tables. NRL has developed a formal state machine model defining the SCR semantics and support tools for an ..."
Abstract

Cited by 28 (7 self)
 Add to MetaCart
Researchers at the Naval Research Laboratory (NRL) have been developing a formal method, known as the SCR (Software Cost Reduction) method, to specify the requirements of software systems using tables. NRL has developed a formal state machine model defining the SCR semantics and support tools for analysis and validation. Recently, a verification capability was added to the SCR toolset. Users can now invoke the Spin model checker within the toolset to establish properties of a specification. This paper describes the results of our initial experiments to verify properties of SCR requirements specifications using Spin. After reviewing the SCR requirements method and introducing our formal requirements model, we describe how SCR specifications can be translated into an imperative programming notation. We also describe how we limit state explosion by verifying abstractions of the original requirements specification. These abstractions are derived using the formula to be verified and special...
Exercises in Coalgebraic Specification
, 1999
"... An introduction to coalgebraic specification is presented via examples. A coalgebraic specification describes a collection of coalgebras satisfying certain assertions. It is thus an axiomatic description of a particular class of mathematical structures. Such specifications are especially suitable fo ..."
Abstract

Cited by 16 (2 self)
 Add to MetaCart
An introduction to coalgebraic specification is presented via examples. A coalgebraic specification describes a collection of coalgebras satisfying certain assertions. It is thus an axiomatic description of a particular class of mathematical structures. Such specifications are especially suitable for statebased dynamical systems in general, and for classes in objectoriented programming languages in particular. This paper will gradually introduce the notions of bisimilarity, invariance, component classes, temporal logic and refinement in a coalgebraic setting. Besides the running example of the coalgebraic specification of (possibly infinite) binary trees, a specification of Peterson's mutual exclusion algorithm is elaborated in detail.
Verifying Timing Properties of Concurrent Algorithms
, 1994
"... This paper presents a method for computeraided verification of timing properties of realtime systems. A timed automaton model, along with invariant assertion and simulation techniques for proving properties of realtime systems, is formalized within the Larch Shared Language. This framework is th ..."
Abstract

Cited by 15 (6 self)
 Add to MetaCart
This paper presents a method for computeraided verification of timing properties of realtime systems. A timed automaton model, along with invariant assertion and simulation techniques for proving properties of realtime systems, is formalized within the Larch Shared Language. This framework is then used to prove time bounds for two sample algorithms  a simple counter and Fischer's mutual exclusion protocol. The proofs are checked using the Larch Prover.
Proving Safety Properties of the Steam Boiler  Formal Methods for Industrial Applications: A Case Study
 Formal Methods for Industrial Applications: Specifying and Programming the Steam Boiler Control
, 1996
"... In this paper we model a hybrid system consisting of a continuous steam boiler and a discrete controller. Our model uses the LynchVaandrager Timed Automata model to show formally that certain safety requirements can be guaranteed under the described assumptions and failure model. We prove increm ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
In this paper we model a hybrid system consisting of a continuous steam boiler and a discrete controller. Our model uses the LynchVaandrager Timed Automata model to show formally that certain safety requirements can be guaranteed under the described assumptions and failure model. We prove incrementally that a simple controller model and a controller model tolerating sensor faults preserve the required safety conditions. The specification of the steam boiler and the failure model follow the specification problem for participants of the Dagstuhl Meeting "Methods for Semantics and Specification." 1
A Taxonomy for RealTime Systems
, 1997
"... This paper describes a taxonomy for large grain, distributed realtime systems. The taxonomyis based on a set of novel attributes, whichwehave identi#ed by studying a reallife, large grain realtime control system. Large grain realtime control systems have coarse grains for specifying timing req ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
This paper describes a taxonomy for large grain, distributed realtime systems. The taxonomyis based on a set of novel attributes, whichwehave identi#ed by studying a reallife, large grain realtime control system. Large grain realtime control systems have coarse grains for specifying timing requirements. The grain of specifying timing constraints typically consist of collections of programs that cooperate in a nontrivial fashion. Further, these systems are highly dynamic in behavior. The load on the system in loose terms, is a function of events in the external environment of the system. Thus, computations that maybe triggered dynamically are truly unpredictable both in terms of the time of activation, and the duration of execution. Furthermore, these systems are often required to function in hostile environments, providing continuous service in a failoperation manner. We present the characteristics of such a system, which leads to a taxonomy of existing models and algori...