We propose a model-driven engineering approach that facilitates the production of tool chains that use the popular model checker Uppaal as a back-end analysis tool. In this approach, we introduce a metamodel for Uppaal's input model, containing both timed-automata concepts and syntax-related elements for C-like expressions. We also introduce a metamodel for Uppaal's query language to specify temporal properties; as well as a metamodel for traces to interpret Uppaal's counterexamples and witnesses. The approach provides a systematic way to build software bridging tools (i.e., tools that translate from a domainspecific language to Uppaal's input language) such that these tools become easier to debug, extend, reuse and maintain. We demonstrate our approach on five different domains: cyber-physical systems, hardwaresoftware co-design, cyber-security, reliability engineering and software timing analysis.
IntroductionUppaal [3] is a leading model checker for real-time systems, allowing one to verify automatically whether a system meets its timing requirements. Uppaal and its extensions have been applied to a large number of domains, ranging from communication protocols [28], over planning [4] to systems biology [31]. As such, Uppaal is a popular back-end for various other real-time analysis tools, such as ANIMO [31], sdf2ta [13] and STATE [19]. Typically such tools take their inputs in a domain-specific language (DSL) and translate these inputs into timed automata, which are then fed into Uppaal to perform the analysis. In this way, domain experts can write their models in a DSL that they are familiar with, while still using Uppaal's powerful analysis algorithms behind the scenes.A disadvantage of this approach is, however, that the tools that translate from a DSL to Uppaal's input language, i.e., software bridging tools, are often implemented ad hoc, and hence difficult to debug, reuse, extend and maintain.