Results 1  10
of
34
HYTECH: The next generation
 In Proceedings of the 16th IEEE RealTime Systems Symposium
, 1995
"... Abstract. We describe a new implementation of HyTech 1,asymbolic model checker for hybrid systems. Given a parametric description of an embedded system as a collection of communicating automata, HyTech automatically computes the conditions on the parameters under which the system satis es its safety ..."
Abstract

Cited by 102 (7 self)
 Add to MetaCart
Abstract. We describe a new implementation of HyTech 1,asymbolic model checker for hybrid systems. Given a parametric description of an embedded system as a collection of communicating automata, HyTech automatically computes the conditions on the parameters under which the system satis es its safety and timing requirements. While the original HyTech prototype was based on the symbolic algebra tool Mathematica, the new implementation is written in C ++ and builds on geometric algorithms instead of formula manipulation. The new HyTech o ers a cleaner and more expressive input language, greater portability, superior performance (typically two to three orders of magnitude), and new features such as diagnostic errortrace generation. We illustrate the e ectiveness of the new implementation by applying HyTech to the automatic parametric analysis of the generic railroad crossing benchmark problem [HJL93] and to an active structure control algorithm [ECB94]. 1
The Generalized Railroad Crossing: A Case Study in Formal Verification of RealTime Systems
 IN PROC., REALTIME SYSTEMS SYMP
, 1994
"... A new solution to the Generalized Railroad Crossing problem, based on timed automata, invariants and simulation mappings, is presented and evaluated. The solution shows formally the correspondence between four system descriptions: an axiomatic specification, an operational specification, a discrete ..."
Abstract

Cited by 94 (19 self)
 Add to MetaCart
A new solution to the Generalized Railroad Crossing problem, based on timed automata, invariants and simulation mappings, is presented and evaluated. The solution shows formally the correspondence between four system descriptions: an axiomatic specification, an operational specification, a discrete system implementation, and a system implementation that works with a continuous gate model.
Model checking timed UML state machines and collaborations
 7th Intl. Symp. Formal Techniques in RealTime and Fault Tolerant Systems (FTRTFT 2002
, 2002
"... Abstract. We describe a prototype tool, hugo/RT, that is designed to automatically verify whether the timed state machines in a UML model interact according to scenarios specified by timeannotated UML collaborations. Timed state machines are compiled into timed automata that exchange signals and op ..."
Abstract

Cited by 47 (2 self)
 Add to MetaCart
Abstract. We describe a prototype tool, hugo/RT, that is designed to automatically verify whether the timed state machines in a UML model interact according to scenarios specified by timeannotated UML collaborations. Timed state machines are compiled into timed automata that exchange signals and operations via a network automaton. A collaboration with time constraints is translated into an observer timed automaton. The model checker uppaal is called upon to verify the timed automata representing the model against the observer timed automaton. 1
VERSA: A Tool for the Specification and Analysis of ResourceBound RealTime Systems
 Journal of Computer and Software Engineering
, 1995
"... VERSA is a tool that assists in the algebraic analysis of realtime systems. It is based on ACSR, a timed process algebra designed to express resourcebound realtime distributed systems. VERSA is designed to be both a usable and useful tool for the analysis of ACSR specifications. Usability is a ..."
Abstract

Cited by 34 (25 self)
 Add to MetaCart
VERSA is a tool that assists in the algebraic analysis of realtime systems. It is based on ACSR, a timed process algebra designed to express resourcebound realtime distributed systems. VERSA is designed to be both a usable and useful tool for the analysis of ACSR specifications. Usability is assured by a flexible user interface that uses ACSR's traditional notation augmented with conventions from programming languages and mathematics that allow concise specification of realistic systems. Usefulness is the result of the breadth of analysis techniques planned and currently implemented, including algebraic term rewriting and statespace exploration based techniques. 1 Introduction Reliability in realtime systems can be improved through the use of formal methods for the specification and analysis of realtime systems. Formal methods treat system components as mathematical objects and provide mathematical models to describe and predict the observable properties and behaviors of...
Benchmarks for Hybrid Systems Verification
 In Hybrid Systems: Computation and Control (HSCC 2004) (2004
, 2004
"... There are numerous application examples for hybrid systems verification in recent literature. Most of them were introduced to illustrate a new approach to hybrid systems verification, and are therefore of a limited size. Others are case studies that serve to prove that an approach can be applied to ..."
Abstract

Cited by 33 (1 self)
 Add to MetaCart
There are numerous application examples for hybrid systems verification in recent literature. Most of them were introduced to illustrate a new approach to hybrid systems verification, and are therefore of a limited size. Others are case studies that serve to prove that an approach can be applied to real world problems. Verification of these typically requires a lot of domain experience to obtain a tractable, verifiable model. Verification of a case study yields a singular result that is hard to compare and timeconsuming to reproduce.
Mechanical Verification of Timed Automata: A Case Study
 In Proc. 1996 IEEE RealTime Technology and Applications Symp. (RTAS'96). IEEE Computer
, 1996
"... This paper reports the results of a case study on the feasibility of developing and applying mechanical methods, based on the proof system PVS, to prove propositions about realtime systems specified in the LynchVaandrager timed automata model. In using automated provers to prove propositions about ..."
Abstract

Cited by 30 (9 self)
 Add to MetaCart
This paper reports the results of a case study on the feasibility of developing and applying mechanical methods, based on the proof system PVS, to prove propositions about realtime systems specified in the LynchVaandrager timed automata model. In using automated provers to prove propositions about systems described by a specific mathematical model, both the proofs and the proof process can be simplified by exploiting the special properties of the mathematical model. Because both specifications and methods of reasoning about them tend to be repetitive, the use of a standard template for specifications, accompanied by standard shared theories and standard proof strategies or tactics, is often feasible. Presented are the PVS specification of three theories that underlie the timed automata model, a template for specifying timed automata models in PVS, and an example of its instantiation. Both hand proofs and the corresponding PVS proofs of two propositions are provided to illustrate h...
Deductive verification of realtime systems using STeP
 COMPUTER SCIENCE DEPARTMENT, STANFORD UNIVERSITY
, 1998
"... We present a modular framework for proving temporal properties of realtime systems, based on clocked transition systems and lineartime temporal logic. We show how deductive verification rules, verification diagrams, and automatic invariant generation can be used to establish properties of realtim ..."
Abstract

Cited by 30 (8 self)
 Add to MetaCart
We present a modular framework for proving temporal properties of realtime systems, based on clocked transition systems and lineartime temporal logic. We show how deductive verification rules, verification diagrams, and automatic invariant generation can be used to establish properties of realtime systems in this framework. We also discuss global and modular proofs of the branchingtime property of nonZenoness. As an example, we present the mechanical verification of the generalized railroad crossing case study using the Stanford Temporal Prover, STeP.
Verification of RealTime Systems Using PVS
, 1993
"... We present an approach to the verification of the realtime behavior of concurrent programs and describe its mechanization using the PVS proof checker. Our approach to realtime behavior extends previous verification techniques for concurrent programs by proposing a simple model for realtime comput ..."
Abstract

Cited by 29 (2 self)
 Add to MetaCart
We present an approach to the verification of the realtime behavior of concurrent programs and describe its mechanization using the PVS proof checker. Our approach to realtime behavior extends previous verification techniques for concurrent programs by proposing a simple model for realtime computation and introducing a new operator for reasoning about absolute time. This model is formalized and mechanized within the higherorder logic of PVS. The interactive proof checker of PVS is used to develop the proofs of two illustrative examples: Fischer's realtime mutual exclusion protocol and a railroad crossing controller. This work was supported by National Aeronautics and Space Administration Langley Research Center and the US Naval Research Laboratory under contract NAS118969 and by the US Naval Research Laboratory contract N0001592C2177. Connie Heitmeyer (NRL) suggested the railroad crossing example. Sam Owre (SRI) assisted with the use of PVS. The helpful comments of John Rush...
Safety Property Verification of ESTEREL Programs and Applications to Telecommunications Software
 In Proceedings of the 7th International Conference on Computer Aided Verification, Volume 939 of the Lecture Notes in Computer Science
, 1996
"... . We present a technique for automatically verifying lineartime temporal logic safety properties of programs written in ESTEREL, a formallydefined language for programming reactive systems. In our approach, lineartime temporal logic safety properties are first translated into ESTEREL programs ..."
Abstract

Cited by 25 (4 self)
 Add to MetaCart
. We present a technique for automatically verifying lineartime temporal logic safety properties of programs written in ESTEREL, a formallydefined language for programming reactive systems. In our approach, lineartime temporal logic safety properties are first translated into ESTEREL programs that model these properties. Using the ESTEREL compiler, the translations are compiled in parallel with the ESTEREL program to be verified. A trivial reachability analysis of the output of the compiler then indicates whether or not the safety property is satisfied by the program. We describe two realworld software problems  ESTEREL versions of two features of the AT&T 5ESS R fl switching system  and one wellknown benchmark problem  the generalized railroad crossing problem  that we have verified using our technique and associated tool set. 1 Introduction The ESTEREL programming language [5] is a formallydefined, highlevel language designed specifically for progra...
An efficient state space generation for the analysis of realtime systems
 ACM Softw. Eng. Notes
, 1996
"... This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania’s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this mate ..."
Abstract

Cited by 20 (2 self)
 Add to MetaCart
This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania’s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to