Modelling and Verification of Automated Transit Systems, Using Timed Automata, Invariants and Simulations
نویسنده
چکیده
Our second project [14] showed how levels of abstraction, one of the most impor tant tools of discrete system analysis, can be used to reason about a simple acceleration maneuver. In this case, the goal is for a vehicle to reach a specified velocity vy at a specified t ime t I in the future. We assumed that the vehicle s tar ts at t ime 0 with velocity 0. The vehicle reports its velocity to the controller every t ime d. The controller can send an accet(a) control signal to set acc := a immediately after each sample point. The actual acceleration ~) is anything in the range [acc c, acc ]. The controller we considered aims to reach the goal of v] at t ime t I . Tha t is, it proposes acceleration ~.-v where v is the current t l n O W ' velocity. Using invariants and simulations, we proved bounds on velocity at every point in time. The proofs use levels of abstraction in two ways: relating a derivative view of a system to an explicit function view, and relating a system in which corrections are made at discrete sampling points to a system in which corrections are made continuously. The uncertainty 9 in the acceleration is integrated throughout the levels. First, we ignored the discrete sampling and considered a controller that continuously sets acc to the ratio given above, with ~) E [acc, acc el. It was easy to see that the velocity at t ime t is at most g(t) = Lff. For the lower bound, by t ! " solving the differential equation: y ( t ) v f y ( t ) , , t] t we got a conjectured lower bound of: vy t t ~y t f ( t ) = -~y + e(tl t ) log( ) (patched with vj at ty). The function f is the result of aiming at (t] , vy) and consistently missing low by e. To prove that f is indeed a lower bound, we used two levels of abstraction. The high level is an HIOA V giving explicit bounds on v. Its state contains only v and now, and the only constraint is that in every reachable state, v E [ f (now) , g(now)]. The low level is another HIOA D giving bounds on the derivative of v. It keeps acc aiming at (t], v!) and ensures that ~3 E [acc, a c c e]. In a sense, D describes how the system is supposed to guarantee the bounds expressed by V.
منابع مشابه
Modelling and Veriication of Automated Transit Systems, Using Timed Automata, Invariants and Simulations
متن کامل
Automated Invariant Generation for the Verification of Real-Time Systems
We present an approach to automatically generating invariants for timed automata models. The CIPM algorithm that we propose first computes new invariants for timed automata control locations taking their originally defined invariants as well as the constrains on clock variables imposed by incoming state transitions into account. In doing so the CIPM algorithm also prunes idle transitions, which...
متن کاملUsing Interval Petri Nets and Timed Automata for Diagnosis of Discrete Event Systems (DES)
A discrete event system (DES) is a dynamic system that evolves in accordance with the abrupt occurrence, at possibly unknown irregular intervals, of physical events. Because of the special nature of these systems, different tools are currently used for their analysis, design and modeling. The main focus of this paper is the presentation of a new modeling approach of Discrete Event Systems. The ...
متن کاملTools for Real-Time UML: Formal Verification and Code Synthesis
We present a real-time extension of UML statecharts to enable modelling and verification of real-timed constraints. For clarity, we shall consider a reasonable subset of the rich UML statechart model and extend it with real-time constructs (clocks, timed guards, invariants and real-time tasks). We have developed a a rule-based formal semantics for the obtained formalism, called hierarchical tim...
متن کاملContents Session 1 : Verification 5 1 . 1 Cost Monadic Logic
This paper describes the automated translation of timed automata to tock-CSP. This translation has been implemented in a translator. The tock-CSP output of the translator can be input to FDR for the automated verification of properties of the input timed automata. It has been shown, by the use of the digitization technique, that there are relationships between Timed Automata and tock-CSP. Preli...
متن کاملChecking Linear Duration Invariants by Linear Programming
In this paper, the problem of verifying a timed automaton for a Duration Calculus formula in the form of linear duration invariants 2] is addressed. We show that by linear programming, a particular class of timed automata including the class of real-time automata as a proper subset, can be checked for linear duration invariants. The so-called real-time regular expressions is introduced to expre...
متن کامل