Verifying Automata Specifications of Probabilistic Real-time Systems

Va85] M. Vardi, \Automatic veriication of probabilistic concurrent nite-state programs ," In Proceedings of the 26th IEEE Symposium on Foundations of Computer Science, pages 327-338, 1985. cations. We do not yet know how to check properties speciied using nondeterministic timed automata or using linear real-time logics. The algorithm outlined here is expensive. To make it more practical, some heuris-tic techniques need to be devised. Observe that the veriication problems are typically PSPACE, even in the absence of real-time and probabilities. We feel hopeful that the techniques emerging from the ongoing research on how to cope with the state-explosion problem BCMDH90], GW90] will be useful in implementing the algorithm presented here. Acknowledgements: We thank Gerald Shedler for pointing us to the existing literature on modeling systems as generalized semi-Markov processes. We also thank Joseph Halpern and Moshe Vardi for useful discussions. events which are scheduled innnitely often; denote this set of events by E c. Observe that we can nd a sequence t < t 1 < t 2. .. such that the trajectory is in state hs;q;i at each time t i , and all the ancestors of the events in E c are scheduled at least once between each t i and t i+1. By repeating the steps in the previous proofs, it follows that at the end of the each interval the probability that the events in E c are 0-separated is bounded below by a constant, hence with probability one, hs;q;i will appear innnitely often being 0 0-separated. Since for each trajectory which repeats hs;q;i innnitely often such a 0 0 > 0 exists, by repeating the arguments we used in the previous cases the proof follows. Case 4: Same as in Case 3, with the additional events with exponential distributions. The proof is an easy extension of the proof of Case 3 as follows. Consider the state of the system projected on the bounded events. Then with probability one if hs;q;i appears innnitely often, it will also appear innnitely often with its bounded events and relevant clocks being 0 0-separated for some positive 0 0. One can easily see that each time hs;q;i appears and is 0 0-separated, then all events are at least 0 0 away from 0. By the memoryless property of the exponential distributions, the probability that each exponential event lies in the interval (? 0 0 ; 0) is bounded from below. …