Mechanical verification of timed automata: a case study

The paper reports the results of a case study on the feasibility of developing and applying mechanical methods, based on the proof system PVS, to prove propositions about real time systems specified in the Lynch-Vaandrager timed automata model. In using automated provers to prove propositions about systems described by a specific mathematical model, both the proofs and the proof process can be simplified by exploiting the spectral properties of the mathematical model. The paper presents the PVS specification of three theories that underlie the timed automata model, a template for specifying timed automata models in PVS and an example of its instantiation, and both hand proofs and the corresponding PVS proofs of two propositions. It concludes with a discussion of our experience in applying PVS to specify and reason about real time systems modeled as timed automata.

[1]  Myla Archer,et al.  Human-Style Theorem Proving Using PVS , 1997, TPHOLs.

[2]  Constance L. Heitmeyer,et al.  Automated consistency checking of requirements specifications , 1996, TSEM.

[3]  N. S. Barnett,et al.  Private communication , 1969 .

[4]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[5]  Nancy A. Lynch,et al.  Forward and Backward Simulations, II: Timing-Based Systems , 1996, Inf. Comput..

[6]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[7]  Victor Luchangco,et al.  Using simulation techniques to prove timing properties , 1995 .

[8]  Nancy A. Lynch,et al.  The generalized railroad crossing: a case study in formal verification of real-time systems , 1994, 1994 Proceedings Real-Time Systems Symposium.

[9]  Steve Sims,et al.  TAME: A PVS Interface to Simplify Proofs for Automata Models , 1998 .

[10]  Nancy A. Lynch,et al.  Verifying timing properties of concurrent algorithms , 1994, FORTE.

[11]  Myla Archer,et al.  TAME: A Specialized Specification and Verification System for Timed Automata , 1996 .

[12]  Grzegorz Rozenberg,et al.  Real-Time: Theory in Practice: Rex Workshop, Mook, the Netherlands, June 3-7, 1991: Proceedings , 1992 .

[13]  L HeitmeyerConstance,et al.  Automated consistency checking of requirements specifications , 1996 .

[14]  Nancy A. Lynch,et al.  Correctness of vehicle control systems-a case study , 1996, 17th IEEE Real-Time Systems Symposium.

[15]  Natarajan Shankar,et al.  Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS , 1995, IEEE Trans. Software Eng..

[16]  Nancy A. Lynch,et al.  Forward and backward simulations, part II: timing-based systems , 1993 .

[17]  Natarajan Shankar,et al.  Towards a Duration Calculus Proof Assistant in PVS , 1994, FTRTFT.

[18]  Robert S. Boyer,et al.  Computational Logic , 1990, ESPRIT Basic Research Series.

[19]  Nancy A. Lynch,et al.  Forward and Backward Simulations, II: Timing-Based Systems , 1991, Inf. Comput..

[20]  Constance L. Heitmeyer,et al.  Tools for formal specification, verification, and validation of requirements , 1997, Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance.

[21]  Michael Merritt,et al.  Time-Constrained Automata (Extended Abstract) , 1991, CONCUR.

[22]  Thomas A. Henzinger,et al.  HYTECH: The Cornell HYbrid TECHnology Tool , 1994, Hybrid Systems.

[23]  Dino Mandrioli,et al.  Formal Methods for Real-Time Computing , 1996 .

[24]  Myla Archer,et al.  Verifying Hybrid Systems Modeled as Timed Automata: A Case Study , 1997, HART.

[25]  Constance L. Heitmeyer,et al.  A Benchmark for Comparing Different Approaches for Specifying and Verifying Real-Time Systems , 1993 .

[26]  C. Heitmeyer A Benchmark for Comparing Di erent Approaches for Specifying and Verifying Real-Time Systems , 1993 .

[27]  Nancy A. Lynch,et al.  An introduction to input/output automata , 1989 .

[28]  Nancy A. Lynch,et al.  Proving Safety Properties of the Steam Boiler Controller , 1995, Formal Methods for Industrial Applications.

[29]  Nancy A. Lynch,et al.  Simulation Techniques for Proving Properties of Real-Time Systems , 1993, REX School/Symposium.

[30]  W. P. Roever,et al.  A Benchmark for Comparing Diierent Approaches for Specifying and Verifying Real-time Systems. In , 1993 .