Results 1 
8 of
8
The Theory of Hybrid Automata
, 1996
"... A hybrid automaton is a formal model for a mixed discretecontinuous system. We classify hybrid automata acoording to what questions about their behavior can be answered algorithmically. The classification reveals structure on mixed discretecontinuous state spaces that was previously studied on pur ..."
Abstract

Cited by 483 (9 self)
 Add to MetaCart
A hybrid automaton is a formal model for a mixed discretecontinuous system. We classify hybrid automata acoording to what questions about their behavior can be answered algorithmically. The classification reveals structure on mixed discretecontinuous state spaces that was previously studied on purely discrete state spaces only. In particular, various classes of hybrid automata induce finitary trace equivalence (or similarity, or bisimilarity) relations on an uncountable state space, thus permitting the application of various modelchecking techniques that were originally developed for finitestate systems.
Logics and Models of Real Time: A Survey
"... We survey logicbased and automatabased languages and techniques for the specification and verification of realtime systems. In particular, we discuss three syntactic extensions of temporal logic: timebounded operators, freeze quantification, and time variables. We also discuss the extension of ..."
Abstract

Cited by 184 (16 self)
 Add to MetaCart
We survey logicbased and automatabased languages and techniques for the specification and verification of realtime systems. In particular, we discuss three syntactic extensions of temporal logic: timebounded operators, freeze quantification, and time variables. We also discuss the extension of finitestate machines with clocks and the extension of transition systems with time bounds on the transitions. All of the resulting notations can be interpreted over a variety of different models of time and computation, including linear and branching time, interleaving and true concurrency, discrete and continuous time. For each choice of syntax and semantics, we summarize the results that are known about expressive power, algorithmic finitestate verification, and deductive verification.
Parametric realtime reasoning
 IN PROCEEDINGS OF THE 25TH ANNUAL SYMPOSIUM ON THEORY OF COMPUTING
, 1993
"... Traditional approaches to the algorithmic verification of realtime systems are limited to checking program correctness with respect to concrete timing properties (e.g., "message delivery within 10 milliseconds"). We address the more realistic and more ambitious problem of deriving symbolic constrai ..."
Abstract

Cited by 97 (6 self)
 Add to MetaCart
Traditional approaches to the algorithmic verification of realtime systems are limited to checking program correctness with respect to concrete timing properties (e.g., "message delivery within 10 milliseconds"). We address the more realistic and more ambitious problem of deriving symbolic constraints on the timing properties required of realtime systems (e.g., "message delivery within the time it takes to execute two assignment statements"). To model this problem, we introduce parametric timed automata  finitestate machines whose transitions are constrained with parametric timing requirements. The emptiness question for parametric timed automata is central to the verification problem. On the negative side, we show that in general this question is undecidable. On the positive side, we provide algorithms for checking the emptiness of restricted classes of parametric timed automata. The practical relevance of these classes is illustrated with several verification examples. There remains a gap between the automata classes for which we know that emptiness is decidable and undecidable, respectively, and this gap is related to various hard and open problems of logic and automata theory.
EventClock Automata: A Determinizable Class of Timed Automata
 Theoretical Computer Science
, 1999
"... We introduce eventrecording automata. An eventrecording automaton is a timed automaton that contains, for every event a, a clock that records the time of the last occurrence of a. The class of eventrecording automata is, on one hand, expressive enough to model (finite) timed transition systems an ..."
Abstract

Cited by 91 (3 self)
 Add to MetaCart
We introduce eventrecording automata. An eventrecording automaton is a timed automaton that contains, for every event a, a clock that records the time of the last occurrence of a. The class of eventrecording automata is, on one hand, expressive enough to model (finite) timed transition systems and, on the other hand, determinizable and closed under all boolean operations. As a result, the language inclusion problem is decidable for eventrecording automata. We present a translation from timed transition systems to eventrecording automata, which leads to an algorithm for checking if two timed transition systems have the same set of timed behaviors. We also consider eventpredicting automata, which contain clocks that predict the time of the next occurrence of an event. The class of eventclock automata, which contain both eventrecording and eventpredicting clocks, is a suitable specification language for realtime properties. We provide an algorithm for checking if a timed automa...
Computing Accumulated Delays in Realtime Systems
, 1993
"... . We present a verification algorithm for duration properties of realtime systems. While simple realtime properties constrain the total elapsed time between events, duration properties constrain the accumulated satisfaction time of state predicates. We formalize the concept of durations by introdu ..."
Abstract

Cited by 40 (6 self)
 Add to MetaCart
. We present a verification algorithm for duration properties of realtime systems. While simple realtime properties constrain the total elapsed time between events, duration properties constrain the accumulated satisfaction time of state predicates. We formalize the concept of durations by introducing duration measures for timed automata. A duration measure assigns to each finite run of a timed automaton a real number the duration of the run which may be the accumulated satisfaction time of a state predicate along the run. Given a timed automaton with a duration measure, an initial and a final state, and an arithmetic constraint, the durationbounded reachability problem asks if there is a run of the automaton from the initial state to the final state such that the duration of the run satisfies the constraint. Our main result is an (optimal) Pspace decision procedure for the durationbounded reachability problem. 1 Introduction Over the past decade, model checking [CE81, QS81]...
Relaxed Clock Difference Diagrams for Timed Automata Model Checking
"... Clock Difference Diagrams (CDDs), a BDDlike data structure for model checking of timed automata, were presented in 1999. After the original article the work on them seems to have stopped, although there are still important open questions. The proposed algorithm relied on the traditionally used da ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Clock Difference Diagrams (CDDs), a BDDlike data structure for model checking of timed automata, were presented in 1999. After the original article the work on them seems to have stopped, although there are still important open questions. The proposed algorithm relied on the traditionally used data structure (DBMs) for most operations. CDDs definition required that repeated subtrees were aliased, but no clear algorithm was presented for producing such compact representation, which seems costly to achieve. Also, since then, case studies have increased in size. In this article we revisit CDDs by introducing RCDDs, a variation that does not require maximum aliasing. We present the complete set of operations required to perform forward reachability analysis with no need for DBMs. By employing a fully RCDDbased algorithm our experiments show a consistent reduction of time requirements in case studies from the current literature, sometimes up to more than 40%.
Hypervolume Approximation in Timed Automata Model Checking
"... Abstract. Di erence Bound Matrices (DBMs) are the most commonly used data structure for model checking timed automata. Since long they are being used in successful tools like Kronos or UPPAAL. As DBMs represent convex polyhedra in an ndimensional space, this paper explores the idea of using its hyp ..."
Abstract
 Add to MetaCart
Abstract. Di erence Bound Matrices (DBMs) are the most commonly used data structure for model checking timed automata. Since long they are being used in successful tools like Kronos or UPPAAL. As DBMs represent convex polyhedra in an ndimensional space, this paper explores the idea of using its hypervolume as the basis for two optimization techniques. One of them is very simple to implement. The other, an improvement over the rst, requires more involved programming. Each of them saves veri cation time (up to 19 % in our case studies), with a modest increase of memory requirements. Their impact di ers among the di erent case studies but, as they can be combined, there is no need to choose a priori. 1
13 pages Model Checking SemiContinuous Time Models Using BDDs
"... The veri cation of timed systems is extremely important, but also extremely dicult. Several methods have been proposed to assist in this task, including extensions to symbolic model checking. One possible use of model checking to analyze timed systems is by modeling passage of time as the number of ..."
Abstract
 Add to MetaCart
The veri cation of timed systems is extremely important, but also extremely dicult. Several methods have been proposed to assist in this task, including extensions to symbolic model checking. One possible use of model checking to analyze timed systems is by modeling passage of time as the number of taken transitions and applying quantitative algorithms to determine the timing parameters of the system. The advantage of this method is its simplicity and e ciency. In this paper we extend this technique in two ways. First, we present new quantitative algorithms that are more e cient than their predecessors. The new algorithms determine the number of occurrences of events in all paths between a set of starting states and a set of nal states. We then use these algorithms to introduce a new model of time, in which the passage of time is dissociated from the occurrence of events. With this new model it is possible to verify systems that were previously thought to require dense time models. We use the new method to verify two suchexamples previously analyzed by the HyTech tool: a steam boiler example and a fuel injection controller. 1