Brian Nielsen Kim Guldstrand Larsen Arne Skou

Verification & TestVerification & TestActivitiesActivities

@@CISS – AalborgCISS – Aalborg

Brian Nielsen Kim Guldstrand Larsen

Arne Skou

2ARTIST2 NoE, Test & Verification Meeting 1

Overview

CISSVerification & Scheduling

S/E-machines, UML & visualSTATE Timed Automata & UPPAAL Priced Timed Automata & UPPAAL CORA Markov Decision Processes & RAPTURE

Testing Connectivety Testing On-line Testing & UPPAAL TRON GateHouse, Generic Test Adaptation visualSTATE Test Extensions


CISS Center for Embedded Software Systems, 2002 –

Institute forComputer Scienc

Institute forComputer Scienc

Institute for Elektronic Systemer

Institute for Elektronic Systemer

BRICS@AalborgModelling and Validation;Programming Languages;

Software Engineering

BRICS@AalborgModelling and Validation;Programming Languages;

Software Engineering

Embedded SystemsCommunication;

HW/SWPower Management

Embedded SystemsCommunication;

HW/SWPower Management

Distributed Real Time Systems

Control Theory;Real Time Systems;

Networking.

Distributed Real Time Systems

Control Theory;Real Time Systems;

Networking.

ICT CompaniesICT Companies

External collaboration:EE&CS BerkeleyTwente UUppsala UAMETISTARTISTNASA Ames

External collaboration:EE&CS BerkeleyTwente UUppsala UAMETISTARTISTNASA Ames

MVTU25.5 MDKK

MVTU25.5 MDKK

Regional & CityCouncils12 MDKK

Regional & CityCouncils12 MDKK

Aalb. Uni12.75 MDKK

Aalb. Uni12.75 MDKK

Companies12.75 MDKK

Companies12.75 MDKK

20 Staff / 12 PhD studens


Focus AreasApplikationer

Teknologi

Værktø

j

Modeller

MetoderProtokoller

Design- og Prog.sprog

Operativ system

HW

platform

GPSO

pen source

Home automationMobile robotter

Intelligente sensorerAd hoc netværk

MobiltlfAudio/Video

Konsum elektrKontrolsystemer

AutomobileX-by wire

Algo

ritm

ik

SW-u

dvik

ling

Effek

tforb

rug

Pålid

elig

hed

Test

& V

alid

erin

g

Hybrid

e sy

stem

er

Kom

mun

ikat

ions

teor

i

Model Based Development of Embedded Software

Intelligent Sensor Networks

Embedded & RT Platform LAB

Safety Critical Software Systems

Embedded System Testing & Verification

HW/SW Co-Design, Design Space Exploration

Resource Optimal Scheduling


visualSTATE UML compatible development

tool Automatic code-generation Check for generic properties.

Patented CBR technique developed in 1998 [TACAS98, TACAS99]

New project: Extension of visualSTATE w test-

case generation facilities Context dependent code-

generation [FASE05] Improvement of verification engine

(handling of signal-queue).


UPPAAL


Modus Operandi

IDEA e.g.

language extensiondatastructureabstractionalgorithm

…

Theoretical development & validation

Prototype implementation &

performance evaluation

In-house evaluataionIncorporation in official release


Issues

Datastructures for Passed and Waiting

Datastructures for zones

Do we really need to always store in Passed ?

Do we really need to add all successors ?

Which symbolic state to select from Waiting ?

9AMETIST Second Year Review

Forward Rechability

Passed

Waiting Final

Init

INITIAL Passed:= Ø;Waiting:= {(n0,Z0)}

REPEAT-pick (n,Z) in Waiting- iffor some Z’ Z(n,Z’) in Passedthen STOP

-else /explore/ add{ (m,U) : (n,Z) => (m,U) }to Waiting;Add (n,Z) to Passed

UNTIL Waiting= ØorFinal is in Waiting

n,Z’

m,U

n,Z

Init -> Final ?


Passed/Waiting

Hashtable

States

Hashtable

[SPIN03]

PASSED

WAITING


Passed/Waiting

Hashtable

States

PASSED

Hashtable

WAITING

Hashtable

StatesUNIFIED

Waiting queue

[SPIN03]


Passed/Waiting

Hashtable

States

PASSED

Hashtable

Hashtable

StatesUNIFIED

Waiting queue

[SPIN03]


To-store-or-not 117 statestotal

!81 statesentrypoint

!9 states

[CAV03]


Datastructures for Zones

DBMs

Minimal Constraint Form

CDDs

x1 x2

x3x0

-4

4

22

5

3 3 -2 -2

1

UPPAAL library to be made availableAlexandre David


Zone Abstractions

Abstraction taking maximum constant into account necessary for termination

Utilization of distinction between lower and upper bounds

Utilization of location-dependency

[TACAS03,TACAS04]


LU Abstraction

THEOREMFor any state in the LU- abstraction there is a state

in the original set simulating it

LU abstraction is exact wrt reachability

[TACAS04]


Zone abstractions

Classical Loc. dep. Max Loc. dep. LU Convex Hull


Symmetry Reduction

Exploitation of full symmetry may give factorial reduction

Many timed systems are inherently symmetric

Computation of canonical state representative using swaps.

[Formats 2003]


Symmetry Reduction[Formats 2003]


Analysis Methods Identified

Techniques identified and implemented:

Zone abstractions (max constant, loc.dep., lower/upper bounds) Storage techniques Symmetry reduction Cost-guiding search and pruning Distributed exploration Cycle acceleration Sweep line reduction

Conclusion: “ Progress by far exceeding expectations ”

Future: “ Consolitation & combination ”


UPPAAL CORA


UPPAAL CORA Branch of UPPAAL with support for cost-

optimal reachability. Based on priced zones Substantial performance improvement

by translation to min-cost-flow problems

Competitive with MILP Possibility of guiding (improving) search

by heur and remaining meta-variable.

Fully compatible w UPPAAL (GUI). Application to AXXOM case-study. Application to vehicle routing problems

w time-windows (Carmen Consulting). Applied to Dynamic Voltage Scheduling,

WCET analysis.

Visualization of generated optimal schedules using Gantt charts (to be finished during beginning of 2005).

New optimization problems to be added: Optimal Infinite schedules [HSCC’04] Conditional Optimal Schedules

[FOSSACS’05]

x · 2

x ¸ 4

x ¸ 3

x ¸ 4

x ¸ 5

y:=0y=0

x:=0

x:=0

c’=5 c’=1

c´=10

c+=1

c+=7A B

C

C

G

Priced Timed Automata

[HSCC’01, CAV’01, EMSOFT’03, TACAS’04]

= (A x=y=0) !0 (B x=y=0) !0 (C x=y=0) !5,5 (C x=y=5) !1 G


cost

tE LT

E earliest landing timeT target timeL latest timee cost rate for being earlyl cost rate for being lated fixed cost for being late

e*(T-t)

d+l*(t-T)

Planes have to keep separation distance to avoid

turbulences caused by preceding planes

Runway

Aircraft Landing


UPPAAL CORAPTA versus MILP on Aircraft Landing Benchmark

DEC300/700 (225MHz) vs Pentium MMX (200 MHz)

Source: Baesley et al’2000


RAPTUREProbabilistic Reachability for Markov Decision ProcessesPedro D’Argenio, Henrik Jensen, Bertrand Jeannet , Kim Larsen

x8

x=8100

1

100

99

x5

x4

send

successwait

x:=0

x:=x+1

x:=x+1

process A{var x : uint(4); t : uint(10);

init #send and x=0 and t=0;

loc send: when x>=4 goto { success 0.01 ; wait 0.99 }; when x<5 and t<200 goto send assign {x:=x+1; t:=t+1};

loc wait: when x=8 goto send assign {x:=0}; when x<8 and t<200 goto wait assign {x:=x+1; t:=t+1};

loc success: when true goto success;}

system A;initial #A.send and A.x=0 and A.t=0;final #A.success and A.t<200;

PAPM’01, PAPM’02


Partition/Refinement

0.5

0.5 1

0.4

0.6

1 1 0.5

0.5

0.5

0.5

1

0.5

0.5

1

T


Partition/Refinement

0.5

0.5 1

0.4

0.6

1 1 0.5

0.5

0.5

0.5

1

0.5

0.5

1

11

1

1

0.50.5

0.5

0.5

0.5

0.5

Theorem

T T

Brian Nielsen Kim Guldstrand Larsen Arne Skou

Documents

Transcript of Brian Nielsen Kim Guldstrand Larsen Arne Skou