## Adding Symmetry Reduction to UPPAAL (2004)

### Cached

### Download Links

- [www.niii.kun.nl]
- [www.ita.cs.ru.nl]
- [www.cs.ru.nl]
- [www.cs.kun.nl]
- [pms.cs.ru.nl]
- DBLP

### Other Repositories/Bibliography

Citations: | 20 - 4 self |

### BibTeX

@MISC{Hendriks04addingsymmetry,

author = {Martijn Hendriks and Gerd Behrmann and Kim Larsen and Peter Niebert and Frits Vaandrager},

title = {Adding Symmetry Reduction to UPPAAL},

year = {2004}

}

### Years of Citing Articles

### OpenURL

### Abstract

We describe a prototype extension of the Uppaal real-time model checking tool with symmetry reduction. The symmetric data type scalarset, which is also used in the Mur' model checker, was added to Uppaal's system description language to support the easy static detection of symmetries. Our prototype tool uses state swaps, described and proven sound earlier by Hendriks, to reduce the space and memory consumption of Uppaal. Moreover, under certain assumptions the reduction strategy is canonical, which means that the symmetries are optimally used. For all examples that we experimented with (both academic toy examples and industrial cases), we obtained a drastic reduction of both computation time and memory usage, exponential in the size of the scalar sets used.

### Citations

2856 |
Dynamic Programming
- Bellman
- 1957
(Show Context)
Citation Context ...here l is the location vector, v is the integer variable valuation, and Z is a zone, which is a convex set of clock valuations that can efficiently be represented by a difference bounded matrix (DBM) =-=[5, 9]-=-. 4.1 Extraction of Automorphisms This subsection is a very brief summary of [14], to which we refer for further details. The new syntax described in the previous section enables us to derive the foll... |

2638 | Model Checking
- Clarke, Grumberg, et al.
- 1999
(Show Context)
Citation Context ...utation time and memory usage, exponential in the size of the scalar sets used. 1 Introduction Model checking is a semi-automated technique for the validation and verification of all kinds of systems =-=[8]-=-. The approach requires the construction of a model of the system and the definition of a specification for the system. A model checking tool then computes whether the model satisfies its specificatio... |

2143 | A theory of timed automata
- Alur, Dill
- 1994
(Show Context)
Citation Context ... [~l]i and the local clock of this process is given by xi; also note that the zone Z only contains one clock valuation): ~l : (idle, wait, cs) v : id = 2, set = 1, active[0] = 0, active[1] = 2, active=-=[2]-=- = 3 Z : x0 = 4, x1 = 3, x2 = 2.5 4The soundness theorem has also been proven correct for the more general definition of the state swap function that appears in [16]. Thus, a definition of state swaps... |

1366 |
Symbolic Model Checking
- McMillan
- 1993
(Show Context)
Citation Context ...cification for the system. A model checking tool then computes whether the model satisfies its specification. Nowadays, model checkers are available for many application areas, e.g., hardware systems =-=[10, 22]-=-, finite-state distributed systems [17], and timed and hybrid systems [21, 27, 25, 16]. Despite the fact that model checkers are relatively easy to use compared to manual verification techniques or th... |

1136 |
Computer Networks
- Tanenbaum
- 1989
(Show Context)
Citation Context ...ly profitable, since its gain can approach a factorial magnitude. There are many timed systems which clearly exhibit full symmetry, e.g., Fischer’s mutual exclusion protocol [1], the CSMA/CD protocol =-=[24, 27]-=-, industrial audio/video protocols [13], and distributed algorithms, for instance [4]. Motivated by these examples, the work presented in [14] describes how Uppaal, a model checker for networks of tim... |

545 | UPPAAL in a nutshell
- KG, Pettersson, et al.
(Show Context)
Citation Context ...el satisfies its specification. Nowadays, model checkers are available for many application areas, e.g., hardware systems [10, 22], finite-state distributed systems [17], and timed and hybrid systems =-=[21, 27, 25, 16]-=-. Despite the fact that model checkers are relatively easy to use compared to manual verification techniques or theorem provers, they are not being applied on a large scale. An important reason for th... |

435 |
Automata for modeling real–time systems
- Alur, Dill
- 1990
(Show Context)
Citation Context ... audio/video protocols [13], and distributed algorithms, for instance [4]. Motivated by these examples, the work presented in [14] describes how Uppaal, a model checker for networks of timed automata =-=[21, 3, 2]-=-, can be enhanced with symmetry reduction. The present paper puts this work to practice: a prototype of Uppaal with symmetry reduction has been implemented. The symmetric data type scalarset, which wa... |

403 |
The model checker
- Holzmann
- 1997
(Show Context)
Citation Context ... tool then computes whether the model satisfies its specification. Nowadays, model checkers are available for many application areas, e.g., hardware systems [10, 22], finite-state distributed systems =-=[17]-=-, and timed and hybrid systems [21, 27, 25, 16]. Despite the fact that model checkers are relatively easy to use compared to manual verification techniques or theorem provers, they are not being appli... |

384 | H.: HYTECH: A model checker for hybrid systems
- Henzinger, Ho, et al.
- 1997
(Show Context)
Citation Context ...el satisfies its specification. Nowadays, model checkers are available for many application areas, e.g., hardware systems [10, 22], finite-state distributed systems [17], and timed and hybrid systems =-=[21, 27, 25, 16]-=-. Despite the fact that model checkers are relatively easy to use compared to manual verification techniques or theorem provers, they are not being applied on a large scale. An important reason for th... |

239 | Protocol Verification as a Hardware Design Aid
- Dill, Drexler, et al.
- 1992
(Show Context)
Citation Context ...cification for the system. A model checking tool then computes whether the model satisfies its specification. Nowadays, model checkers are available for many application areas, e.g., hardware systems =-=[10, 22]-=-, finite-state distributed systems [17], and timed and hybrid systems [21, 27, 25, 16]. Despite the fact that model checkers are relatively easy to use compared to manual verification techniques or th... |

232 |
Timing assumptions and verification of finite-state concurrent systems
- Dill
(Show Context)
Citation Context ...here l is the location vector, v is the integer variable valuation, and Z is a zone, which is a convex set of clock valuations that can efficiently be represented by a difference bounded matrix (DBM) =-=[5, 9]-=-. 4.1 Extraction of Automorphisms This subsection is a very brief summary of [14], to which we refer for further details. The new syntax described in the previous section enables us to derive the foll... |

221 |
Kronos: a verification tool for real-time systems
- Yovine
- 1997
(Show Context)
Citation Context ...el satisfies its specification. Nowadays, model checkers are available for many application areas, e.g., hardware systems [10, 22], finite-state distributed systems [17], and timed and hybrid systems =-=[21, 27, 25, 16]-=-. Despite the fact that model checkers are relatively easy to use compared to manual verification techniques or theorem provers, they are not being applied on a large scale. An important reason for th... |

213 | An old-fashioned recipe for real time
- Abadi, Lamport
- 1994
(Show Context)
Citation Context ...mmetries can be particularly profitable, since its gain can approach a factorial magnitude. There are many timed systems which clearly exhibit full symmetry, e.g., Fischer’s mutual exclusion protocol =-=[1]-=-, the CSMA/CD protocol [24, 27], industrial audio/video protocols [13], and distributed algorithms, for instance [4]. Motivated by these examples, the work presented in [14] describes how Uppaal, a mo... |

192 | Better verification through symmetry
- Ip, Dill
- 1993
(Show Context)
Citation Context ...time or memory available. As a consequence, much research has been directed at finding techniques to fight the state space explosion. One such a technique is the exploitation of behavioral symmetries =-=[18, 23, 20, 19, 12, 7]-=-. The exploitation of full symmetries can be particularly profitable, since its gain can approach a factorial magnitude. There are many timed systems which clearly exhibit full symmetry, e.g., Fischer... |

178 | Symmetry and model checking
- Emerson, Sistla
- 1996
(Show Context)
Citation Context ...time or memory available. As a consequence, much research has been directed at finding techniques to fight the state space explosion. One such a technique is the exploitation of behavioral symmetries =-=[18, 23, 20, 19, 12, 7]-=-. The exploitation of full symmetries can be particularly profitable, since its gain can approach a factorial magnitude. There are many timed systems which clearly exhibit full symmetry, e.g., Fischer... |

154 |
Exploiting symmetry in temporal logic model checking.” Formal Methods in System Design
- Clarke, Jha, et al.
- 1996
(Show Context)
Citation Context ...time or memory available. As a consequence, much research has been directed at finding techniques to fight the state space explosion. One such a technique is the exploitation of behavioral symmetries =-=[18, 23, 20, 19, 12, 7]-=-. The exploitation of full symmetries can be particularly profitable, since its gain can approach a factorial magnitude. There are many timed systems which clearly exhibit full symmetry, e.g., Fischer... |

87 |
Model checking in dense real time
- Alur, Courcoubetis, et al.
- 1993
(Show Context)
Citation Context ... audio/video protocols [13], and distributed algorithms, for instance [4]. Motivated by these examples, the work presented in [14] describes how Uppaal, a model checker for networks of timed automata =-=[21, 3, 2]-=-, can be enhanced with symmetry reduction. The present paper puts this work to practice: a prototype of Uppaal with symmetry reduction has been implemented. The symmetric data type scalarset, which wa... |

61 | Formal modelling and analysis of an audio/video protocol: An industrial case study using uppaal
- Havelund, Skou, et al.
- 1997
(Show Context)
Citation Context ...a factorial magnitude. There are many timed systems which clearly exhibit full symmetry, e.g., Fischer’s mutual exclusion protocol [1], the CSMA/CD protocol [24, 27], industrial audio/video protocols =-=[13]-=-, and distributed algorithms, for instance [4]. Motivated by these examples, the work presented in [14] describes how Uppaal, a model checker for networks of timed automata [21, 3, 2], can be enhanced... |

54 |
Reachability trees for high-level Petri nets
- Huber, Jensen, et al.
- 1986
(Show Context)
Citation Context |

46 | Bounds on the time to reach agreement in the presence of timing uncertainty
- Attiya, Dwork, et al.
- 1994
(Show Context)
Citation Context ...tems which clearly exhibit full symmetry, e.g., Fischer’s mutual exclusion protocol [1], the CSMA/CD protocol [24, 27], industrial audio/video protocols [13], and distributed algorithms, for instance =-=[4]-=-. Motivated by these examples, the work presented in [14] describes how Uppaal, a model checker for networks of timed automata [21, 3, 2], can be enhanced with symmetry reduction. The present paper pu... |

41 |
Reachability analysis of Petri nets using symmetries
- Starke
- 1991
(Show Context)
Citation Context |

27 |
Condensed state spaces for symmetrical Coloured Petri Nets
- Jensen
- 1996
(Show Context)
Citation Context ...alarsets. An obvious next step is to do experiments concerning profiling where computation time is spent, and in particular how much time is spent on computing representatives. In the tool Design/CPN =-=[18, 20, 11]-=- (where symmetry reduction is a main reduction mechanism) there have been interesting prototype experiments with an implementation in which the (expensive) computations of representatives were launche... |

22 | Efficient data structure for fully symbolic verification of real-time software systems
- Wang
- 2000
(Show Context)
Citation Context |

22 | Better Veri Through Symmetry - Ip, Dill - 1993 |

16 | Static guard analysis in timed automata verification
- Behrmann, Bouyer, et al.
- 2003
(Show Context)
Citation Context ...t matter for locations in which none of the components is in its waiting location. Dead variable reduction is closely related to the static guard analysis technique for timed automata as described in =-=[6]-=-. It would interesting to implement dead variable reduction in Uppaal and to investigate the resulting speedup on some benchmark examples. The scalarset approach that we follow in this paper only allo... |

16 | Protocol veri as a hardware design aid - Dill, Drexler, et al. - 1992 |

16 | Kronos: A veri tool for real-time systems - Yovine - 1997 |

15 | A heuristic for symmetry reductions with scalarsets
- Bosnacki, Dams, et al.
- 2001
(Show Context)
Citation Context ...ction is a well-known technique to reduce the resource requirements for model checking algorithms, and it has been successfully implemented in model checkers such as Murϕ [10, 19], SMV [22], and Spin =-=[17, 6]-=-. As far as we know, the only model checker for timed systems that exploits symmetry is Red [25, 26]. The symmetry reduction technique used in Red, however, gives an over approximation of the reachabl... |

14 |
Exploiting Syntactic Structure for Automatic Verification
- Yorav
- 2000
(Show Context)
Citation Context ...tem descriptions. A complementary static analysis technique for deriving bisimulations and representative functions is the dead variable reduction technique described in the PhD thesis of Karen Yorav =-=[29]-=-. In Yorav’s terminology, a variable v is used in a transition l g,a,up −→ l′ if v appears in g or in the right hand side of an assignment in up. Variable v is defined in the transition if it is in th... |

13 | Timing assumptions and veri of concurrent systems - Dill - 1989 |

4 |
Symmetric symbolic safety-analysis of concurrent software with pointer data structures
- Wang, Schmidt
- 2002
(Show Context)
Citation Context ...and it has been successfully implemented in model checkers such as Murϕ [10, 19], SMV [22], and Spin [17, 6]. As far as we know, the only model checker for timed systems that exploits symmetry is Red =-=[25, 26]-=-. The symmetry reduction technique used in Red, however, gives an over approximation of the reachable state space (this is called the anomaly of image false reachability by the authors). Therefore, Re... |

3 | Enhancing uppaal by exploiting symmetry
- Hendriks
- 2002
(Show Context)
Citation Context ...s mutual exclusion protocol [1], the CSMA/CD protocol [24, 27], industrial audio/video protocols [13], and distributed algorithms, for instance [4]. Motivated by these examples, the work presented in =-=[14]-=- describes how Uppaal, a model checker for networks of timed automata [21, 3, 2], can be enhanced with symmetry reduction. The present paper puts this work to practice: a prototype of Uppaal with symm... |

2 | The Symmetry Method for Coloured Petri Nets - Theory, Tools, and Practical Use
- Elgaard
- 2002
(Show Context)
Citation Context ...alarsets. An obvious next step is to do experiments concerning profiling where computation time is spent, and in particular how much time is spent on computing representatives. In the tool Design/CPN =-=[18, 20, 11]-=- (where symmetry reduction is a main reduction mechanism) there have been interesting prototype experiments with an implementation in which the (expensive) computations of representatives were launche... |

1 | Ecient data structure for fully symbolic veri of real-time software systems - Wang - 2000 |