Automated Analysis of Parametric Timing-Based Mutual Exclusion Algorithms

Bruttomesso, Roberto; Carioni, Alessandro; Ghilardi, Silvio; Ranise, Silvio

doi:10.1007/978-3-642-28891-3_28

Cited by 14 publications

(16 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To the best of our knowledge, this is the first positive result on automatic parameterized verification of hybrid automata, beyond previous results for timed automata [4,3,25,14,21,13]. The modeling framework and process of inductive invariant checking are amenable to automation, so we implemented a prototype called Passel using the SMT solver Z3.…”

Section: Discussionmentioning

confidence: 97%

“…Related Work To the best of our knowledge, the automatic parameterized verification problem has not been addressed previously for RHA, but there are several works addressing parameterized verification for networks of the special subclass of timed automata [4,3,25,14,21,13]. Parameterized verification of RHA networks is useful to show, for instance, that for arbitrarily many aircraft participating in a given distributed air traffic control protocol like the Small Aircraft Transportation System (SATS), no two aircraft ever collide [34,38,31].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Small Model Theorem for Rectangular Hybrid Automata Networks

Johnson

Mitra

2012

Formal Techniques for Distributed Systems

View full text Add to dashboard Cite

Abstract. Rectangular hybrid automata (RHA) are finite state machines with additional skewed clocks that are useful for modeling realtime systems. This paper is concerned with the uniform verification of safety properties of networks with arbitrarily many interacting RHAs. Each automaton is equipped with a finite collection of pointers to other automata that enables it to read their state. This paper presents a small model result for such networks that reduces the verification problem for a system with arbitrarily many processes to a system with finitely many processes. The result is applied to verify and discover counterexamples of inductive invariant properties for distributed protocols like Fischer's mutual exclusion algorithm and the Small Aircraft Transportation System (SATS). We have implemented a prototype tool called Passel relying on the satisfiability modulo theories (SMT) solver Z3 to check inductive invariants automatically.

show abstract

Section: Discussionmentioning

confidence: 97%

Section: Introductionmentioning

confidence: 99%

A Small Model Theorem for Rectangular Hybrid Automata Networks

Johnson

Mitra

2012

Formal Techniques for Distributed Systems

View full text Add to dashboard Cite

show abstract

“…Thus, to prove a safety property automatically, it suffices to take the negation of the safety property, and ensure the set of backward reachable states have an empty intersection with the initial set of states. This is the method used by the verification tool we used, the Model Checker Modulo Theories (MCMT) [24], [16], [22], [25]. If the intersection of the backward reachable states and the initial states is empty and the backward reachability process terminates-that is, the backward reachability computation reaches a fixed point and no new states are added on a preimage computation-then the system is proven safe.…”

Section: Verification Of Satsmentioning

confidence: 99%

“…If the timed automata have urgent transitions, then checking safety properties is undecidable [21]. While checking general liveness properties is undecidable for these networks [21], some recent work develops methods for checking some liveness properties [25].…”

Section: A Properties Verifiedmentioning

confidence: 99%

See 1 more Smart Citation

Parametrized Verification of Distributed Cyber-Physical Systems: An Aircraft Landing Protocol Case Study

Johnson

Mitra

2012

2012 IEEE/ACM Third International Conference on Cyber-Physical Systems

View full text Add to dashboard Cite

Abstract-In this paper, we present the formal modeling and automatic parameterized verification of a distributed air traffic control protocol called the Small Aircraft Transportation System (SATS). Each aircraft is modeled as a timed automaton with (possibly unbounded) counters. SATS is then described as the composition of N such aircraft, where N is a parameter from the natural numbers. We verify several safety properties for arbitrary N , the most important of which is separation assurance, which ensures that no two aircraft may ever collide. The verification methodology relies on computing the set of backward reachable states from the set of unsafe states to a fixed point, and checking emptiness of the intersection of these reachable states and the initial set of states. We used the Model Checker Modulo Theories (MCMT) tool, which implements this technique.

show abstract