Algorithms and data structures for parametric analysis of real time systems Dissertation zur Erlangung des Doktorgrades der Mathematisch-Naturwissenschaftlichen Fakultäten der Georg-August-Universität zu Göttingen vorgelegt von Patryk Chamuczyński aus Brzeg Dolny Göttingen 2009 D7 Referent: Prof. Dr. Hogrefe Korreferent: Prof. Dr. Castanet Tag der mändlichen Prüfung: Algorithms and data structures for modeling and analysis of real-time systems Abstract: This document is intended to contribute to the area of validation and verification of com- municating real time systems, with emphasis put on parametric reachability analysis of systems modeled using timed automata. Reachability analysis is a crucial aspect of validation and verification of software and hardware systems. The reachability analysis for real time systems is area that is studied by many researchers in academic and industrial communities. However, not much work has been done for systems, where temporal constraints are expressed using parameters. This is serious disproportion with real world, where specifications of most of the communication protocols or embedded software and hardware systems are indeed parameterized. This thesis presents a complete framework for forward and backward parametric reachabil- ity analysis. The solution presented here can be used as a base of algorithms for validation and verification of software and hardware real-time systems, modeled as timed automata with parameters. The results of the thesis can be easily applied to model checking or test generation tools and algorithms. The core idea of the thesis is a concept of Extended Difference Bound Matrix (EDBM). This is a data structure that stores relations between all system’s clocks and parameters. In contrast to Parametric DBM, that is the state-of-the-art data structure for parametric analysis, EDBM does not require storing constraints on clocks and constraints on parame- ters separately. This leads to significant benefits regarding memory consumption and time necessary to perform basic operations for symbolic analysis. The maturity of the solution was proven by implementation of a proof-of-concept tool and by experiments performed with modern communication protocol. The results show that even complex systems can be efficiently handled by the framework. Keywords: timed automata, Difference Bound Matrix, embedded systems, real time sys- tems, parameterized verification, model checking, test generation Acknowledgements It is not possible to mention here all the people that I want to thank, so please do not be angry if you can not find your name below. In the first place I would like to thank my supervisors - prof. Richard Castanet from University of Bordeaux and prof. Dieter Hogrefe from University of Göttingen for giving me an ultimate freedom in the direction of my research while always being ready with help and advice. Big part of the research reported in this thesis was done at the University of Bordeaux and the LaBRI institute. There is a lot of people, that need to be mentioned for their help and support during those 18 months, that I spent in France. In the first place I want to thank Jean Louis Lassartesses for his tremendous help with all the required administration work. With your guidance even the legendary French bureaucracy was not scary to me. I want to thank Antoine Rollet for taking care of me during my first days at LaBRI, although they were his first days there as well. Special thanks must be said to Gosia Napierała (I guess that your name is Vincent now) for teaching me French. You really taught me more than I expected and deserved. And last but not least – Ismaïl Berrada. It was your initial idea to investigate the subject, that turned out to be worth of writing 170 pages long thesis. To all of you: merci beaucoup. The list of people from Institute for Informatics in Göttingen that I want to thank is for sure not shorter from the French one. Carmen Scherbaum de Huamán for making German bureaucracy (definitely not less legendary then French) easier. Also for keeping me motivated to learn and practice my German. Udo Burghard for doing magical things with my computer when it refused to obey me. Some words must be said about Nikunj Modi for his permanent distracting me from work and entertaining me with Indian stories. And mostly for Omar Alfandi for his permanent ability to listen, help and support in all aspects of my stay in Germany. To all of you: danke sehr. It must be said here, that a single page of this work could not be written without the support of my wife. I thank you the most. Dziękuję. Mojej żonie To my wife Pour ma femme Für meine Frau Contents 1 Introduction 1 1.1 Formalmethods................................. 1 1.2 Realtimesystems................................ 3 1.2.1 Modelsofrealtimesystems . 4 1.2.2 Parametricreal-timereasoning. ... 4 1.3 Motivationofthethesis . .. .. 5 1.4 Structureofthethesis ............................ 6 1.5 Acknowledgements ............................... 7 2 Formalities 9 2.1 Notation..................................... 10 2.1.1 Numbers................................. 10 2.1.2 Predicatelogic ............................. 10 2.1.3 Algorithmnotation ........................... 10 2.2 Sets, multisets and sequences . ... 11 2.2.1 Sets ................................... 11 2.2.2 Multisets................................. 12 2.2.3 Sequence................................. 13 2.3 Graphs...................................... 13 2.3.1 Fundamentaldefinitions . 13 2.3.2 Path................................... 14 2.3.3 Minimalandpositivegraphs . 14 2.3.4 Graphtransformations . 16 2.3.5 Minimizationalgorithm . 16 2.4 Densespaces .................................. 18 1 2.4.1 Valuations................................ 18 2.4.2 Polyhedra ................................ 18 2.4.3 Numericalbounds............................ 20 2.4.4 Constraintgraph ............................ 21 2.4.5 Canonicalformofapolyhedron . 22 2.4.6 Minimalconstraintsystem . 24 2.4.7 Operationsonpolyhedra . 26 3 Modeling Real Time Systems 29 3.1 Background ................................... 30 3.1.1 Clocks .................................. 30 3.1.2 Alphabets and timed sequence . 30 3.2 TimedAutomata ................................ 31 3.2.1 SyntaxandsemanticsofTA . 31 3.2.2 Computation .............................. 32 3.2.3 Invariants ................................ 33 3.2.4 Urgentlocations ............................ 34 3.2.5 TimeInputOutputAutomata. 35 3.2.6 ExtendedTIOA............................. 35 3.3 Modelingparallelsystems . .. 36 3.3.1 Networks of TIOA ........................... 37 3.3.2 CommunicatingSystem . 38 3.3.3 Summary ................................ 41 4 Symbolic Analysis of Timed Automata 43 4.1 Modelchecking ................................. 43 4.2 SymbolicPath.................................. 45 4.2.1 Path................................... 45 4.2.2 Zones .................................. 45 4.2.3 Symbolicoperationsonzones . 46 4.2.4 Symbolicpathanalysis . 48 4.3 DifferenceBoundsMatrix . 51 4.3.1 MinimalDBMs ............................. 52 4.3.2 OperationsonDBM .......................... 53 5 Parameterized systems 61 5.1 Parametricreasoning . .. .. 61 5.2 ParametricTimedAutomata. 62 5.2.1 Preliminaries .............................. 62 5.2.2 DefinitionofPTA............................ 65 5.3 ParametricDBM ................................ 66 5.3.1 DefinitionofPDBM .......................... 66 5.3.2 OperationsonconstrainedPDBMs . 67 5.4 Summary .................................... 73 6 Extended Difference Bound Matrix 75 6.1 DefinitionofExtendedDBM. 76 6.1.1 Equivalent elements and equivalence classes . ...... 77 6.2 CanonicalizationofEDBM. 81 6.2.1 LinearDBM............................... 82 6.2.2 ClosureofEDBM............................ 84 6.2.3 MinimizationofLDBM. 92 6.3 OperationsonEDBM.............................. 97 6.3.1 Propertychecking............................ 97 6.3.2 Transformations............................. 99 6.4 Symbolic analysis using EDBM . 110 6.5 Summary .................................... 115 7 Implementation and experiments 119 7.1 ImplementationofEDBMandLDBM . 120 7.1.1 Implementationofbound. 120 7.1.2 EDBM class implementation . 120 7.2 TheSMARTtool ................................ 127 7.2.1 GlobalDefinitions............................ 129 7.2.2 Parser .................................. 134 7.2.3 SystemDefinition............................ 135 7.2.4 SimulationEngine ........................... 137 7.2.5 SymbolicStateHandler . 139 7.3 SMARTinputfiles ............................... 140 7.3.1 Automatadescription. 140 7.3.2 Systemdescription . .. .. .. 145 7.4 Generating test cases with SMART . 150 7.4.1 Test selection using coloring coverage criterion . ......... 150 7.4.2 Testgenerationalgorithms . 151 7.5 Experiments................................... 152 8 Conclusions and future work 155 8.1 Conclusions ................................... 155 8.2 Futureperspectives .............................. 156 1 Introduction 1.1 Formal methods The recent technological revolution resulted in rapid expansion of Internet, communication systems and embedded applications in different fields of human life. Not more than 20 years ago, using computer was a privilege of small amount of specialist. Nowadays, our interac- tion with some kind of computational-based device is unavoidable. Consumer electronics, vehicles, telecommunication systems, medical equipment – these are only few examples of domains where the impact of the revolution in electronics