and Symb mbolic olic Ve Verif rification ication Kim Ki m G. - - PowerPoint PPT Presentation

Dec ecidab idability ility and Symb mbolic

• lic Ve

Verif rification ication

Ki Kim m G. . La Lars rsen Aa Aalb lborg

• rg Univ

iversity ersity, , DENMARK NMARK

Dec Decid idabi ability lity

Reachability chability ?

a b c

Reachable from initial state (L0,x=0,y=0) ?

OBSTACLE: Uncountably infinite state space

locations clock-valuations

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [3]

The he Regi gion

• n Abstr

traction action

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [4]

Time me Abstracte tracted Bisim simulation ulation

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [5]

THM [CY90] Time-optimal reachability is decidable (and PSPACE-complete) for timed automata

+

Regi gions

• ns – From Infinite to Finite

Successor Regions Successor Regions Successor regions Reset region

THM [AD90] Reachability is decidable (and PSPACE-complete) for timed automata

A region

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [6]

Regi gion

• n Graph

aph

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [7]

Region gion Au Automaton

• maton =

= Finite nite Bisimulation simulation Qu Quotiont

• tiont

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [8]

An n Example ample

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [9]

Regi gion

• n Aut

utoma

• maton

ton

LARGE ARGE: : exponential in the number of clocks and in the constants (if encoded in binary). The number of regions is

| |

(2 2) | !| 2 X

x x X

M X



  



Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [10 10]

Fun undamental mental Resul ults ts

• Reachability 
• Model-checking
• TCTL  ; MTL  ; MITL 
• Bisimulation, Simulation
• Timed 

; Untimed 

• Trace-inclusion
• Timed 

; Untimed 

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [11 11]

Sym Symbol bolic ic Ve Veri rific fication ation

The UPPAAL Verification Engine

+

Regi gions

• ns – From
• m In

Infinit finite e to to Fi Fini nite te

Regi gion

• n constru

ructi ction:

• n: [AD94]

94] In practice: ce: Zones

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [13 13]

Zo Zone nes – From

• m Fini

nite te to to Ef Effic ficienc iency

A zone Z: 1· x · 2 Æ 0· y · 2 Æ x - y ¸ 0

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [14 14]

Zo Zone nes - Op Operations ations

x y x y x y x y x y x y

(n, 2·x·4 Æ 1·y·3 Æ y-x·0 ) (n, 2·x Æ 1·y Æ -3· y-x·0 ) (n, 2·x Æ 1·y·3 Æ y-x·0 )

Delay Delay (stopwatch) Reset

(n, x=0 Æ 1·y·3 )

Extrapolation

2

Convex Hull

(n, 2·x·4Æ 1·y )

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [15 15]

Symbolic mbolic Transition ansitions

x>3 y:=0 delays to conjuncts to projects to x y

1<=x<=4 1<=y<=3

x y x y

3<x, 1<=y

• 2<=x-y<=3

3<x, y=0

x y

a

1<=x, 1<=y

• 2<=x-y<=3

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [16 16]

For

• rwa

ward rd Reachability chability

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [17 17]

For

• rwa

ward rd Reachability chability

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [18 18]

For

• rwa

ward rd Reachability chability

Passed Waiting Final? Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [19 19]

For

• rwa

ward rd Reachability chability

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [20 20]

For

• rwa

ward rd Reachability chability

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [21 21]

For

• rwa

ward rd Reachability chability

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [22 22]

For

• rwa

ward rd Reachability chability

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [23 23]

Symbolic mbolic Explora ploration tion

Reachable? x y

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [24 24]

Symbolic mbolic Explora ploration tion

Reachable? x y Delay

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [25 25]

Symbolic mbolic Explora ploration tion

Reachable? x y Left

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [26 26]

Symbolic mbolic Explora ploration tion

Reachable? x y Left

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [27 27]

Symbolic mbolic Explora ploration tion

Reachable? x y Delay

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [28 28]

Symbolic mbolic Explora ploration tion

Reachable? x y Left

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [29 29]

Symbolic mbolic Explora ploration tion

Reachable? x y Left

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [30 30]

Symbolic mbolic Explora ploration tion

Reachable? x y Delay

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [31 31]

Symbolic mbolic Explora ploration tion

Reachable? x y Down

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [32 32]

Data tastruc structure tures s fo for Zo Zone nes

• Difference Bounded

Matrices (DBMs)

• Minimal Constraint

Form [RTSS97]

• Clock Difference

Diagrams [CAV99]

x1 x2 x3 x0

• 4

4 2 2 5 3 3

• 2
• 2

1

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [33 33]

Bellman 1958, Dill 1989 x<=1 y-x<=2 z-y<=2 z<=9 x<=2 y-x<=3 y<=3 z-y<=3 z<=7

D1 D2 Inclusion

x y z 1 2 2 9 x y z 2 3 3 7 3

? ?

Graph Graph



In Inclusion usion Che hecki king ng (DBMs) Ms)

Shortest Path Closure Shortest Path Closure x y z 1 2 2

5

x y z 2 3 3

6 3

3

4 6

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [34 34]

Fut utur ure e (DBMs) Ms)

1<= x <=4 1<= y <=3

D

x y x y

Future D

y x 4

• 1

3

• 1

Shortest Path Closure Remove upper bounds

• n clocks

1<=x, 1<=y

• 2<=x-y<=3

y x

• 1
• 1

3 2 y x

• 1
• 1

3 2 4 3

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [35 35]

Reset t (DBMs) Ms)

x y

D

1<=x, 1<=y

• 2<=x-y<=3

y x

• 1
• 1

3 2 Remove all bounds involving y and set y to 0

x y

{y}D

y=0, 1<=x

y x

• 1

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [36 36]

x1-x2<=4 x2-x1<=10 x3-x1<=2 x2-x3<=2 x0-x1<=3 x3-x0<=5

x1 x2 x3 x0

• 4

10 2 2 5 3

x1 x2 x3 x0

• 4

4 2 2 5 3 3

• 2
• 2

1 Shortest Path Closure O(n^3)

Canonical Datastructures for Zones

Diffe ffere rence nce Bou

• und

nded ed Ma Matr trices ices

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [37 37]

x1-x2<=4 x2-x1<=10 x3-x1<=2 x2-x3<=2 x0-x1<=3 x3-x0<=5

x1 x2 x3 x0

• 4

10 2 2 5 3

x1 x2 x3 x0

• 4

4 2 2 5 3

x1 x2 x3 x0

• 4

2 2 3 3

• 2
• 2

1 Shortest Path Closure O(n^3) Shortest Path Reduction O(n^3) 3 Space worst O(n^2) practice O(n)

RTSS 1997

Canonical Datastructures for Zones

Mi Mini nimal mal Con

• nstraint

straint For

• rm

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [38 38]

Earlier rlier Terminatio mination

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Z’ Z’’

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [39 39]

Earlier rlier Terminatio mination

Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT pick (n,Z) in Waiting if (n,Z) = Final return true for all (n,Z)(n’,Z’): if for some (n’,Z’’) Z’ Z’’ continue else add (n’,Z’) to Waiting move (n,Z) to Passed UNTIL Waiting = Ø return false

Init -> Final ?

PW

Z’ Z’’

Z’ [ Zi

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [40 40]

Clock

• ck Diffe

ffere rence nce Diagra iagrams ms

• Nodes labeled with

differences

• Maximal sharing of

substructures (also across different CDDs)

• Maximal intervals
• Linear-time algorithms for

set-theoretic operations.

• NDD’s Maler et. al
• DDD’s Møller, Lichtenberg

CDD-representations

CAV99

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. Sept

ptembe ber 2013. Kim Larse sen [41 41]

Ve Veri rificati fication

• n Op

Optio tions ns

Ve Verifica ification tion Op Opti tions

• ns

Search Order Depth First Breadth First State Space Reduction None Conservative Aggressive State Space Representation DBM Compact Form Under Approximation Over Approximation Diagnostic Trace Some Shortest Fastest Extrapolation Hash Table size Reuse

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [43 43]

Cycles: Only symbolic states involving loop-entry points need to be saved on Passed list

Sta tate te Spac pace Reductio uction

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [44 44]

To

• Sto

tore re or

• r Not
• t To
• Sto

tore re

Audio Protocol 117 statestotal ! 81 statesentrypoint ! 9 states Behrmann, Larsen, Pelanek 2003 Time OH less than 10%

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [45 45]

Ov Over/U /Under nder Approximation roximation

Declared State Space

R

G

Question:

G 2 R ? O

I

U How to use: G 2 O ? G 2 U ? G2 U ) G2 R :(G2 O) ) :(G2 R)

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [46 46]

Ov Over-approximation approximation Co Conv nvex ex Hu Hull

x y Convex Hull

1 3 5 1 3 5

TACAS04: An EXACT method performing as well as Convex Hull has been developed based on abstractions taking max constants into account distinguishing between clocks, locations and · & ¸

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [47 47]

Under er-approximation approximation Bits tstat tate Ha Hashin ing

Passed Waiting

Final Init n,Z’ m,U n,Z

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [48 48]

Passed Waiting

Final Init n,Z’ m,U n,Z

Passed= Bitarray 1 1 1 UPPAAL 4 - 512 Mbits Hashfunction F

Und nder-approximation approximation Bitsta tstate te Ha Hashi hing ng

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [49 49]

Extr trapolation apolation

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [50 50]

For

• rwa

ward rd Symbolic mbolic Exploratio ploration

TERMINATION not garanteed Need for Finite Abstractions

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [51 51]

Abstracti tractions

• ns

We want )a to be:

• sound & complete wrt reachability
• finite
• easy to compute
• as coarse as possible

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [52 52]

Abstracti traction

• n by Extr

trapolatio apolation

Let k be the largest constant appearing in the TA

x1 x2 x3 x0

*

>k <-k

* * * * * * *

x1 x2 x3 x0

*

1

• k

* * * * * * *

Sound & Complete Ensures Termination

[Daws,Tripakis 98]

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [53 53]

Loc

• cation

tion Depende ndency ncy

kx = 5 ky = 106 Will generate all symbolic states of the form

(l2, x2 [0,14] , y2 [5,14n] , y-x2 [5,14n-14])

for n ·106/14 !! But y¸106 is not RELEVANT in l2

[Behrmann, Bouyer, Fleury, Larsen 03]

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [54 54]

Loc

• cation

tion Depende ndent nt Con

• nstants

stants

kx = 5 ky = 106 kx

i

= 14 for i2{1,2,3,4} ky

i

= 5 for i2{1,2,3} ky

4

= 106 kj

i may be found as solution to

simple linear constraints! Active Clock Reduction: kj

i = -1

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [55 55]

Expe perimen riments ts

Active ve by defaul ult

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [56 56]

Low

• wer and

nd Uppe per r Bou

• unds

nds

[Behrmann, Bouyer, Larsen, Pelanek 04]

kx

l = 106

Given that x·106 is an upper bound implies that (l,vx,vy) simulates (l,v’x,vy) whenever v’x¸ vx¸ 10. For reachability downward closure wrt simulation suffices!

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [57 57]

Adva vance nced d Extr trapolatio apolation

Classical

• Loc. dep. Max
• Loc. dep. LU

Convex Hull Fischer CSMA/CD

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [58 58]

Additional “secrets”

• Sharing among symbolic states
• location vector / discrete values / zones
• Symmetry Reduction
• Sweep Line Method
• Guiding wrt Heuristic Value (CORA)
• User-supplied / Auto-generated
• “Manual” tricks:
• active variable reduction
• Value passing using arrays of channels

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [59 59]

Op Open n Problem

• blems
• Fully symbolic exploration of TA (both

discrete and continuous part) ?

• Canonical form for CDD’s ?
• Partial Order Reduction ?
• Compositional Backwards Reachability ?
• Bounded Model Checking for TA ?
• Exploitation of multi-core processors ?
• …

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [60 60]

App Appli lication: cation: Sch Schedulabil dulability ity Ana Analysis lysis

Task sk Sched heduling uling

T2 is running { T4 , T1 , T3 } ready

• rdered according to some

given priority: (e.g. Fixed Priority, Earliest Deadline,..)

T1 T2 Tn

Scheduler

2

1 4 3 ready done stop run P(i), [E(i), L(i)], .. : period or earliest/latest arrival or .. for Ti C(i): execution time for Ti D(i): deadline for Ti

utilization of CPU

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [62 62]

Classi lassical cal Sched heduling uling The heor

• ry

Utilisation-Based Analysis

• A simple sufficient but not necessary

schedulability test exists

) 1 2 (

/ 1 1

   

 N N i i i

N T C U

   N U as 69 .

Response Time Equation

C T R C R         

Where hp(i) is the set of tasks with priority higher than task i Solve by forming a recurrence relationship:

j i hp j j n i i n i

C T w C w         

  ) ( 1

The set of values is monotonically non decreasing When the solution to the equation has been found, must not be greater that (e.g. 0 or )



w w ,.. ,..., , ,

w w w w

w

R

C

Quasimodo

Classical cal WCRT Analysis

• “Classical” scheduling analysis technique
• For all tasks i: WCRTi Deadlinei
• Ci Worst-Case Execution Time
• Bi Blocking time by lower-pri tasks (shared resources)
• hp(i) tasks with higher priority than i

 Simple to perform – Overly conservative – Limited settings – Single-processor  Do it in UPP PPAAL AL!

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [63 63]

Mo Modeling eling Task sk

T1 T2 Tn

Scheduler

2

1 4 3

ready done stop run

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [64 64]

Mo Modeling eling Sched heduler uler

T1 T2 Tn

Scheduler

2

1 4 3

ready done stop run

Implementat mentation ion of enqueu ueue/dequeu equeue  scheduli heduling ng policy

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [65 65]

Mo Modeling eling Qu Queue ue

T1 T2 Tn

Scheduler

2

1 4 3

ready done stop run

In UPPAAL 4.0 User Defined Function …… Sort by priority

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [66 66]

Sched hedulability ulability = S = Safety fety Prope

• perty

rty

A฀ :(Task0.Error or Task1.Error or …)

:(Task0.Error or Task1.Error or …)

May be extended with preemption

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [67 67]

Preemption mption – Sto topwatc pwatches! hes!

Task Scheduler Defeating undecidability 

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [69 69]

Sto top-Watc Watche hes

• Make reachability undecidable.
• Over-approximation used in UPPAAL
•  Safe for positive schedulability results!
• What to do if you violate deadlines?
• Try to validate the trace using other techniques,

e.g., polyhedra.

• Use SMC!

Verifi ifica catio ion n Theory, y, Systems s and Appli plica catio ions s Summer r School.

• l. September

mber 2013. Kim Larse sen [70 70]

LA LAB-Exercises Exercises (cont cont)

www.cs.aau.dk/~kgl/Shanghai2013/exercises Exercise 1 (Brick Sorter) Exercise 2 (Coffee Machine) Excercise 19 (Train Crossing) Exercise 28 (Jobshop Scheduling) Exercise 14 (Gossiping Girls)