Results 1  10
of
124
A Theory of Diagnosis from First Principles
 ARTIFICIAL INTELLIGENCE
, 1987
"... Suppose one is given a description of a system, together with an observation of the system's behaviour which conflicts with the way the system is meant to behave. The diagnostic problem is to determine those components of the system which, when assumed to be functioning abnormally, will explain the ..."
Abstract

Cited by 871 (5 self)
 Add to MetaCart
Suppose one is given a description of a system, together with an observation of the system's behaviour which conflicts with the way the system is meant to behave. The diagnostic problem is to determine those components of the system which, when assumed to be functioning abnormally, will explain the discrepancy between the observed and correct system behaviour. We propose a general theory for this problem. The theory requires only that the system be described in a suitable logic. Moreover, there are many such suitable logics, e.g. firstorder, temporal, dynamic, etc. As a result, the theory accommodates diagnostic reasoning in a wide variety of practical settings, including digital and analogue circuits, medicine, and database updates. The theory leads to an algorithm for computing all diagnoses, and to various results concerning principles of measurement for discriminating among competing diagnoses. Finally, the theory reveals close connections between diagnostic reasoning and nonmonotonic reasoning.
PLCAutomata: A New Class of Implementable RealTime Automata
 ARTS'97, volume 1231 of LNCS
, 1997
"... We introduce PLCAutomata as a new class of automata which are tailored to deal with realtime properties of Programmable Logic Controllers (PLCs). These devices are often used in industrial practice to solve controlling problems. Nevertheless, PLCAutomata are not restricted to PLCs, but can be see ..."
Abstract

Cited by 44 (11 self)
 Add to MetaCart
We introduce PLCAutomata as a new class of automata which are tailored to deal with realtime properties of Programmable Logic Controllers (PLCs). These devices are often used in industrial practice to solve controlling problems. Nevertheless, PLCAutomata are not restricted to PLCs, but can be seen as a model for all polling systems. A semantics in an appropriate realtime temporal logic (Duration Calculus) is given and an implementation schema that fits the semantics is presented in a programming language for PLCs. A case study is used to demonstrate the suitability of this approach. We define several parallel composition operators, and present an alternative semantics in terms of Timed Automata for which modelcheckers are available.
Formal Methods for the Specification and Design of RealTime Safety Critical Systems
, 1992
"... Safety critical computers increasingly a#ect nearly every aspect of our lives. Computers control the planes we #y on, monitor our health in hospitals and do our work in hazardous environments. Computers with software de#ciencies that fail to meet stringent timing constraints have resulted in cat ..."
Abstract

Cited by 31 (0 self)
 Add to MetaCart
Safety critical computers increasingly a#ect nearly every aspect of our lives. Computers control the planes we #y on, monitor our health in hospitals and do our work in hazardous environments. Computers with software de#ciencies that fail to meet stringent timing constraints have resulted in catastrophic failures. This paper surveys formal methods for specifying, designing and verifying realtime systems, so as to improve their safety and reliability. # To appear in Journal of Systems and Software,Vol. 18, Number 1, pages 33#60, April 1992. Jonathan Ostro# is with the Department of Computer Science, York University 4700 Keele Street, North York, Ontario, Canada, M3J 1P3. This work is supported by the Natural Sciences and Engineering Research Council of Canada. 1 CONTENTS 2 Contents 1 Introduction 3 2 De#ning the terms 6 2.1 Major issues that formal theories must address ::::::: 13 3 RealTime Programming Languages 14 4 Structured Methods and#or Graphical Languages 15 4.1 Str...
Complete Proof Systems for First Order Interval Temporal Logic
 In Tenth Annual IEEE Symp. on Logic in Computer Science
, 1995
"... Different interval modal logics have been proposed for reasoning about the temporal behaviour of digital systems. Some of them are purely propositional and only enable the specification of qualitative time requirements. Others, such as ITL and the duration calculus, are first order logics which supp ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
Different interval modal logics have been proposed for reasoning about the temporal behaviour of digital systems. Some of them are purely propositional and only enable the specification of qualitative time requirements. Others, such as ITL and the duration calculus, are first order logics which support the expression of quantitative, realtime requirements. These two logics have in common the presence of a binary modal operator `chop' interpreted as the action of splitting an interval into two parts. Proof systems for ITL or the duration calculus have been proposed but little is known about their power. This paper present completeness results for a variant of ITL where `chop' is the only modal operator. We consider several classes of models for ITL which make different assumptions about time and we construct a complete and sound proof system for each class. 1 Introduction Digital systems are increasingly used in applications where they interact with physical processes. In these appli...
Verifying concurrent systems with symbolic execution
 Journal of Logic and Computation (Special Issue
"... Abstract Current techniques for interactively proving temporal properties of concurrent systems translate transition systems into temporal formulas by introducing program counter variables. Proofs are not intuitive, because control flow is not explicitly considered. For sequential programs symbolic ..."
Abstract

Cited by 26 (16 self)
 Add to MetaCart
Abstract Current techniques for interactively proving temporal properties of concurrent systems translate transition systems into temporal formulas by introducing program counter variables. Proofs are not intuitive, because control flow is not explicitly considered. For sequential programs symbolic execution is a very intuitive, interactive proof strategy. In this paper we will adopt this technique for parallel programs. Properties are formulated in interval temporal logic. An inplementation in the interactive theorem prover KIV has shown that this technique offers a high degree of automation and allows simple, local invariants. 1 Introduction As an example of a concurrent system, consider the parallel program Binom which is shown in Fig. 1 and has been taken from [15]. Two parallel processes calculate the binomial coefficient \Gamma n
On First Order Interval Temporal Logic
 Department of Computer Science, Royal Holloway, University of London
, 1995
"... this document, we examine completeness problems for first order ITL in a variant similar to the one introduced in [14] which contains no other modal operator than chop ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
this document, we examine completeness problems for first order ITL in a variant similar to the one introduced in [14] which contains no other modal operator than chop
Formal Fault Tree Semantics
, 2002
"... In train control systems, more and more (electro)mechanical devices are substituted by software based devices. To sustain the high level safety standards for these embedded systems, we propose the integration of fault tree analysis and formal methods. This combines two important safety analysis met ..."
Abstract

Cited by 20 (12 self)
 Add to MetaCart
In train control systems, more and more (electro)mechanical devices are substituted by software based devices. To sustain the high level safety standards for these embedded systems, we propose the integration of fault tree analysis and formal methods. This combines two important safety analysis methods from the involved domains of engineering and software development. Our approach proposes to build a formal model of the system together with fault trees, which investigate the safety critical aspects by breaking them down to software and hardware requirements. The events of fault trees are formalized with respect to the model. Formal completeness and correctness conditions are given, using Interval Temporal Logic with continuous semantics. They define a formal semantics of fault trees, which allows causeconsequence relations between events in addition to boolean decomposition. The semantics is therefore suitable for dynamic systems. We will prove, that the conditions guarantee, that the fault tree is a correct and complete analysis of the causes of the considered fault.
Synthesizing Controllers from RealTime Specifications
 In Tenth International Symposium on System Synthesis
, 1999
"... We present an algorithm for synthesising realtime controllers specified in a subset of the interval temporal logic Duration Calculus. The synthesised controllers are given in terms of PLCAutomata, which are an abstract description of programs of polling machines. PLCAutomata can be implemented di ..."
Abstract

Cited by 19 (8 self)
 Add to MetaCart
We present an algorithm for synthesising realtime controllers specified in a subset of the interval temporal logic Duration Calculus. The synthesised controllers are given in terms of PLCAutomata, which are an abstract description of programs of polling machines. PLCAutomata can be implemented directly on Programmable Logic Controllers (PLCs), a special kind of polling realtime controllers which are often used in industry to control production cells and batch processes. We prove the correctness of the algorithm by the Duration Calculus semantics for PLCAutomata. Furthermore, the set of specifications on which the algorithm terminates with a wellformed PLCAutomaton coincides with the set of specifications which are implementable in principle. Hence, the algorithm also decides whether a specification given in this subset of Duration Calculus is implementable. We demonstrate the behaviour of the algorithm by an example and apply the algorithm to the well known ``gasburner''casestudy.
Combining Specification Techniques for Processes, Data and Time
 Nordic Journal of Computing
, 2002
"... We present a new combination CSPOZDC of three well researched formal techniques for the specification of processes, data and time: CSP [17], ObjectZ [36], and Duration Calculus [40]. The emphasis is on a smooth integration of the underlying semantic models and its use for verifying properties ..."
Abstract

Cited by 19 (3 self)
 Add to MetaCart
We present a new combination CSPOZDC of three well researched formal techniques for the specification of processes, data and time: CSP [17], ObjectZ [36], and Duration Calculus [40]. The emphasis is on a smooth integration of the underlying semantic models and its use for verifying properties of CSPOZDC specifications by a combined application of the modelcheckers FDR [29] for CSP and UPPAAL [1] for Timed Automata. This approach is applied to part of a case study on radio controlled railway crossings.
Operational and Logical Semantics for Polling RealTime Systems
, 1998
"... PLCAutomata are a class of realtime automata suitable to describe the behaviour of polling realtime systems. PLCAutomata can be compiled to source code for PLCs, a hardware widely used in industry to control processes. Also, PLCAutomata have been equipped with a logical and operational sema ..."
Abstract

Cited by 19 (12 self)
 Add to MetaCart
PLCAutomata are a class of realtime automata suitable to describe the behaviour of polling realtime systems. PLCAutomata can be compiled to source code for PLCs, a hardware widely used in industry to control processes. Also, PLCAutomata have been equipped with a logical and operational semantics, using Duration Calculus (DC) and Timed Automata (TA), respectively. The three main results of this paper are: (1) A simplified operational semantics. (2) A minor extension of the logical semantics, and a proof that this semantics is complete relative to our operational semantics. This means that if an observable satisfies all formulas of the DC semantics, then it can also be generated by the TA semantics. (3) A proof that the logical semantics is sound relative to our operational semantics. This means that each observable that is accepted by the TA semantics constitutes a model for all formulas of the DC semantics.