Formal verification of a TDMA protocol start-up mechanism

This paper presents a formal verification of the start-up algorithm of the DACAPO protocol. The protocol uses TDMA (Time Division Multiple Access) bus arbitration. It was verified that an ensemble of four communicating stations becomes synchronized and operational within a bounded time from an arbitrary initial state. The system model included a clock drift corresponding to /spl plusmn/10/sup -3/. The protocol was modeled using a network of timed automata, and verification was performed using the symbolic model checker UPPAAL.

[1]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[2]  Günter Grünsteidl,et al.  TTP - A Protocol for Fault-Tolerant Real-Time Systems , 1994, Computer.

[3]  J. Torin,et al.  DACAPO: a distributed computer architecture for safety-critical control applications , 1995, Proceedings of the Intelligent Vehicles '95. Symposium.

[4]  H. Lonn,et al.  Synchronisation in safety-critical distributed control systems , 1995, Proceedings 1st International Conference on Algorithms and Architectures for Parallel Processing.

[5]  Hermann Kopetz,et al.  Should Responsive Systems be Event-Triggered or Time-Triggered ? , 1993 .

[6]  Wang Yi,et al.  Verification of an Audio Protocol with Bus Collision Using UPPAAL , 1996, CAV.

[7]  Ozalp Babaoglu,et al.  Almost) No Cost Clock Synchronization , 1986 .