Results 1  10
of
80
The algorithmic analysis of hybrid systems
 THEORETICAL COMPUTER SCIENCE
, 1995
"... We present a general framework for the formal specification and algorithmic analysis of hybrid systems. A hybrid system consists of a discrete program with an analog environment. We model hybrid systems as nite automata equipped with variables that evolve continuously with time according to dynamica ..."
Abstract

Cited by 753 (75 self)
 Add to MetaCart
We present a general framework for the formal specification and algorithmic analysis of hybrid systems. A hybrid system consists of a discrete program with an analog environment. We model hybrid systems as nite automata equipped with variables that evolve continuously with time according to dynamical laws. For verification purposes, we restrict ourselves to linear hybrid systems, where all variables follow piecewiselinear trajectories. We provide decidability and undecidability results for classes of linear hybrid systems, and we show that standard programanalysis techniques can be adapted to linear hybrid systems. In particular, we consider symbolic modelchecking and minimization procedures that are based on the reachability analysis of an infinite state space. The procedures iteratively compute state sets that are definable as unions of convex polyhedra in multidimensional real space. We also present approximation techniques for dealing with systems for which the iterative procedures do not converge.
Kronos: A modelchecking tool for realtime systems
 In Computer Aided Verification
, 1998
"... ..."
An Approach to the Description and Analysis of Hybrid Systems
"... Introduction The paper presents a model for hybrid systems, that is, systems that combine discrete and continuous components. Such systems are usually reactive realtime systems used to control an environment evolving over time. A main assumption is that a run of a hybrid system is a sequence of two ..."
Abstract

Cited by 87 (3 self)
 Add to MetaCart
Introduction The paper presents a model for hybrid systems, that is, systems that combine discrete and continuous components. Such systems are usually reactive realtime systems used to control an environment evolving over time. A main assumption is that a run of a hybrid system is a sequence of twophase steps. The first phase of a step corresponds to a continuous state transformation usually described in terms of some parameter representing the time elapsed during this phase. In the second phase the state is submitted to a discrete change taking zero time. To illustrate this assumption, consider a temperature regulator commanding a heater so as to maintain the temperature ` of a room between two given bounds ` min and ` max . A run of such a system is a sequence of steps determined by the alternating state changes of the heater from ON to OFF<F26.
Testing Timed Automata
 IN B. JONSSON AND J. PARROW (EDS.), PROC. FTRTFT'96, LNCS 1135
, 1996
"... We present a generalization of the classical theory of testing for Mealy machines to a setting of dense realtime systems. A model of timed I/O automata is introduced, inspired by the timed automaton model of Alur and Dill, together with a notion of test sequence for this model. Our main contributio ..."
Abstract

Cited by 78 (3 self)
 Add to MetaCart
(Show Context)
We present a generalization of the classical theory of testing for Mealy machines to a setting of dense realtime systems. A model of timed I/O automata is introduced, inspired by the timed automaton model of Alur and Dill, together with a notion of test sequence for this model. Our main contribution is a test generation algorithm for blackbox conformance testing of timed I/O automata. Although it is highly exponential and cannot be claimed to be of practical value, it is the first algorithm that yields a finite and complete set of tests for dense realtime systems.
Verifying ETLOTOS programs with KRONOS
 In Proc. FORTE'94
, 1994
"... This paper shows that realtime systems described in a reasonable subset of ETLOTOS can be verified with Kronos by compiling them into timed automata. We illustrate the practical interest of our approach with a case study: the TickTock protocol ..."
Abstract

Cited by 52 (10 self)
 Add to MetaCart
(Show Context)
This paper shows that realtime systems described in a reasonable subset of ETLOTOS can be verified with Kronos by compiling them into timed automata. We illustrate the practical interest of our approach with a case study: the TickTock protocol
An algorithm for exact bounds on the time separation of events in concurrent systems
 IEEE Transactions on Computers
, 1995
"... ..."
Timing Analysis of Ada Tasking Programs
 IEEE transactions on Software Engineering
, 1996
"... Concurrent realtime software is increasingly used in safetycritical embedded systems. Assuring the quality of such software requires the rigor of formal methods. In order to analyze a program formally, we must first construct a mathematical model of its behavior. In this paper, we consider the pro ..."
Abstract

Cited by 37 (4 self)
 Add to MetaCart
(Show Context)
Concurrent realtime software is increasingly used in safetycritical embedded systems. Assuring the quality of such software requires the rigor of formal methods. In order to analyze a program formally, we must first construct a mathematical model of its behavior. In this paper, we consider the problem of constructing such models for concurrent realtime software. In particular, we provide a method for building mathematical models of realtime Ada tasking programs that are accurate enough to verify interesting timing properties, and yet abstract enough to yield a tractable analysis on nontrivial programs. Our approach differs from schedulability analysis in that we do not assume that the software has a highly restricted structure (e.g., a set of periodic tasks). Also, unlike most abstract models of realtime systems, we account for essential properties of real implementations, such as resource constraints and runtime overhead. Keywords timing analysis, realtime systems, program ...
Timed Modal Specification  Theory and Tools
 IN PROC. OF THE 5TH INT. CONF. ON COMPUTER AIDED VERIFICATION, VOLUME 697 OF LECTURE NOTES IN COMPUTER SCIENCE (LNCS
, 1997
"... ..."
Efficient Data Structure for Fully Symbolic Verification of RealTime Software Systems
 Proceedings of the 6th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2000), LNCS 1785
"... A new datastructure called DDD (DataDecision Diagram) for the fully symbolic modelchecking of realtime software systems is proposed. DDD is a BDDlike datastructure for the encoding of regions [2]. Unlike DBM which records differences between pairs of clock readings, DDD only uses one auxiliar ..."
Abstract

Cited by 23 (7 self)
 Add to MetaCart
(Show Context)
A new datastructure called DDD (DataDecision Diagram) for the fully symbolic modelchecking of realtime software systems is proposed. DDD is a BDDlike datastructure for the encoding of regions [2]. Unlike DBM which records differences between pairs of clock readings, DDD only uses one auxiliary binary variable for each clock. Thus the number of variables used in DDD is always linear to the number of clocks declared in the input system description. Experiment has been carried out to compare DDD with previous technologies. 1 Introduction Fully symbolic verification of realtime systems is desirable with the promise of efficient datasharing. We propose Data Decision Diagram (DDD) as the new datastructure for such a purpose. DDD is a BDDlike datastructure [5, 8] for the encoding of regions [2]. The ordering among fractional parts of clock readings is explicitly encoded in the variable ordering of DDD. To record sets of clock readings with the same fractional parts, we add one...
An efficient state space generation for the analysis of realtime systems
 ACM Softw. Eng. Notes
, 1996
"... This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania’s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this mate ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
(Show Context)
This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania’s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to