GoBack
A MT : a Property-based Tool for Monitoring Analog Systems Dejan Niˇ ckovi´ c Oded Maler Verimag Verimag A MT : a Property-based Tool for Monitoring Analog Systems 1 / 22
Overview Introduction ● S TL /P SL Specification Language ● ✦ Analog Layer ✦ Temporal Layer Distance-based Operators ✦ Checking S TL /P SL Properties ● ✦ Offline Marking ✦ Incremental Marking A MT Tool ● F LASH Memory Case Study ● A MT : a Property-based Tool for Monitoring Analog Systems 2 / 22
Introduction Verification of discrete systems Lightweight verification ● ● ✦ Model checking TL specs ✦ Systems may be too complex to ✦ Central role in algorithmic verifica- verify exhaustivly tion Software ■ ✦ Efficient algorithms for L TL , C TL , Very large digital systems ■ P SL etc. Many real-time systems etc. ■ Verification of real-time systems ● ✦ Property monitors Emptiness checking of timed au- ✦ Generated automatically from ■ tomata the specification K RONOS , U PPAAL , I F etc. Observe individual simulation ■ ■ traces and check whether the Many variants of real-time logics ✦ property is violated M TL , M ITL , T CTL etc. Incomplete but more reliable ■ ■ method than manual visual in- ✦ Only T CTL used in a real-time veri- spection of simulation traces fication tool A MT : a Property-based Tool for Monitoring Analog Systems 3 / 22
Introduction Verification of discrete systems Lightweight verification ● ● ✦ Model checking TL specs ✦ Systems may be too complex to ✦ Central role in algorithmic verifica- verify exhaustivly tion Software ■ ✦ Efficient algorithms for L TL , C TL , Very large digital systems ■ P SL etc. Many real-time systems etc. ■ Verification of real-time systems ● ✦ Property monitors Emptiness checking of timed au- ✦ Generated automatically from ■ tomata the specification K RONOS , U PPAAL , I F etc. Observe individual simulation ■ ■ traces and check whether the Many variants of real-time logics ✦ property is violated M TL , M ITL , T CTL etc. Incomplete but more reliable ■ ■ method than manual visual in- ✦ Only T CTL used in a real-time veri- spection of simulation traces fication tool A MT : a Property-based Tool for Monitoring Analog Systems 3 / 22
Introduction Verification of discrete systems Lightweight verification ● ● ✦ Model checking TL specs ✦ Systems may be too complex to ✦ Central role in algorithmic verifica- verify exhaustivly tion Software ■ ✦ Efficient algorithms for L TL , C TL , Very large digital systems ■ P SL etc. Many real-time systems etc. ■ Verification of real-time systems ● ✦ Property monitors Emptiness checking of timed au- ✦ Generated automatically from ■ tomata the specification K RONOS , U PPAAL , I F etc. Observe individual simulation ■ ■ traces and check whether the Many variants of real-time logics ✦ property is violated M TL , M ITL , T CTL etc. Incomplete but more reliable ■ ■ method than manual visual in- ✦ Only T CTL used in a real-time veri- spection of simulation traces fication tool A MT : a Property-based Tool for Monitoring Analog Systems 3 / 22
Introduction Verification of continuous systems ● ✦ Manual inspection of simulation scalability traces Simulation Dominant technique ■ Requires experienced special- ■ ists Error prone ■ ✦ Exhaustive analog verificaiton Powerful formalisms such as ■ hybrid automata Limited scalability ■ formality Our approach: Property-based ● lightweigh verification of continuous signals A MT : a Property-based Tool for Monitoring Analog Systems 4 / 22
Introduction Verification of continuous systems ● ✦ Manual inspection of simulation scalability traces Simulation Dominant technique ■ Requires experienced special- ■ ists Error prone ■ Exhaustive ✦ Exhaustive analog verificaiton Verification Powerful formalisms such as ■ hybrid automata Limited scalability ■ formality Our approach: Property-based ● lightweigh verification of continuous signals A MT : a Property-based Tool for Monitoring Analog Systems 4 / 22
Introduction Verification of continuous systems ● ✦ Manual inspection of simulation scalability traces Simulation Dominant technique ? ■ Requires experienced special- ■ ists Error prone ■ Exhaustive ✦ Exhaustive analog verificaiton Verification Powerful formalisms such as ■ hybrid automata Limited scalability ■ formality Our approach: Property-based ● lightweigh verification of continuous signals A MT : a Property-based Tool for Monitoring Analog Systems 4 / 22
Signals Finite length signal ξ defined over an abstract domain D ● ✦ Partial function ξ : T → D ✦ Length of ξ is r ( | ξ | = r ) ✦ ξ [ t ] = ⊥ when t ≥ | ξ | Boolean signals: ( ξ b ) D = B ✦ Continuous signals: ( ξ a ) D = R ✦ Restriction of a signal ξ to length d ● ξ [ t ] if t < d ξ ′ = � ξ � d iff ξ ′ [ t ] = ⊥ otherwise Concatenation ξ = ξ 1 · ξ 2 ● ξ 1 [ t ] if t < r 1 ξ [ t ] = ξ 2 [ t − r 1 ] otherwise d -suffix of a signal ξ , ξ ′ = d \ ξ ● for every t ∈ [0 , | ξ | − d ) ξ ′ [ t ] = ξ [ t + d ] A MT : a Property-based Tool for Monitoring Analog Systems 5 / 22
Signals Minkowski sum and difference of two sets P 1 and P 2 are defined as ● P 1 ⊕ P 2 = { x 1 + x 2 : x 1 ∈ P 1 , x 2 ∈ P 2 } P 1 ⊖ P 2 = { x 1 − x 2 : x 1 ∈ P 1 , x 2 ∈ P 2 } . Projection of the signal ξ on the dimension with domain B which corresponds to the ● proposition p , ξ p = π p ( ξ ) Likewise ξ s = π s ( ξ ) is the projection of the signal ξ on the dimension with domain ✦ R which corresponds to the continuous variable s Signal representation ● ✦ Boolean signals: Non-Zeno finite length signals admit finite representation ■ Sequence of adjacent intervals with value constant in each interval ■ ✦ Continuous signals: Do not admit an exact finite representation ■ But, numerical simulators produce a finite collection of sampling points ■ The signal value at missing points in time is interpolated ■ A MT : a Property-based Tool for Monitoring Analog Systems 6 / 22
S TL /P SL Specification Language Extension of real-time temporal logic M ITL with analog constructs ● P SL -like layered approach ● ✦ Analog layer: allows reasoning about continuous signals Temporal layer: relates the temporal behavior of input traces ✦ “Communication” between two layers via static abstractions ● Partitioning of the continuous state space according to the satisfaction of some ✦ inequality constraints on the continuous variables Targeted to be used in lightweight verification ● P SL -like finitary interpratation of temporal operators ✦ A MT : a Property-based Tool for Monitoring Analog Systems 7 / 22
S TL /P SL Specification Language Extension of real-time temporal logic M ITL with analog constructs ● P SL -like layered approach ● ✦ Analog layer: allows reasoning about continuous signals Temporal layer: relates the temporal behavior of input traces ✦ “Communication” between two layers via static abstractions ● Partitioning of the continuous state space according to the satisfaction of some ✦ inequality constraints on the continuous variables Targeted to be used in lightweight verification ● P SL -like finitary interpratation of temporal operators ✦ A MT : a Property-based Tool for Monitoring Analog Systems 7 / 22
S TL /P SL Specification Language Extension of real-time temporal logic M ITL with analog constructs ● P SL -like layered approach ● ✦ Analog layer: allows reasoning about continuous signals Temporal layer: relates the temporal behavior of input traces ✦ “Communication” between two layers via static abstractions ● Partitioning of the continuous state space according to the satisfaction of some ✦ inequality constraints on the continuous variables Targeted to be used in lightweight verification ● P SL -like finitary interpratation of temporal operators ✦ A MT : a Property-based Tool for Monitoring Analog Systems 7 / 22
S TL /P SL Specification Language Extension of real-time temporal logic M ITL with analog constructs ● P SL -like layered approach ● ✦ Analog layer: allows reasoning about continuous signals Temporal layer: relates the temporal behavior of input traces ✦ “Communication” between two layers via static abstractions ● Partitioning of the continuous state space according to the satisfaction of some ✦ inequality constraints on the continuous variables Targeted to be used in lightweight verification ● P SL -like finitary interpratation of temporal operators ✦ A MT : a Property-based Tool for Monitoring Analog Systems 7 / 22
S TL /P SL : Analog Layer Syntax: ● φ :== s | shift ( φ, k ) | φ 1 ⋆ φ 2 | φ ⋆ c | abs ( φ ) where s belongs to a set S = { s 1 , s 2 , . . . , s n } of continuous variables, ⋆ ∈ { +,-,* } , c ∈ Q and k ∈ Q + . Semantics: ● s [ t ] = π s ( ξ )[ t ] shift ( φ, k )[ t ] φ [ t + k ] = ( φ 1 ⋆ φ 2 )[ t ] = φ 1 [ t ] ⋆ φ 2 [ t ] ( φ ⋆ c )[ t ] φ [ t ] ⋆ c = φ [ t ] if φ [ t ] ≥ 0 abs ( ϕ )[ t ] = otherwise − φ [ t ] Pragmatic choice of analog operators ● Based on the feedback of analog designers ✦ ✦ Can be naturally extended A MT : a Property-based Tool for Monitoring Analog Systems 8 / 22
Recommend
More recommend
