Abstract:Modern defense systems are complex distributed software systems implemented over heterogeneous and constantly evolving hardware and software platforms. Distributed agreement protocols are often developed exploiting the fact that their systems are quasi-synchronous, where even though the clocks of the different nodes are not synchronized, they all run at the same rate, or multiples of the same rate, modulo their drift and jitter.This paper describes an effort to provide systems designers and engineers with an i… Show more
“…Bhattacharyya et al [8] and Miller et al [30] present a translator from a subset of SysML, which is a common system architecture modeling language, into the Architectural Analysis and Description Language (AADL). They also provide translators from AADL models into the input language of the UPPAAL [5] and Kind [27] model checkers.…”
A cyber-physical system often consists of distributed multi-rate periodic processes that communicate using message passing; each process owns a local clock not synchronized with others. We call such systems quasi-periodic distributed systems. Traditionally, one would model them using timed automata, thereby having to deal with high-complexity verification problems. Recently, several researchers proposed discrete-time abstractions based on the calendar model to make the verification more tractable. However, even the calendar model contains a notion of time in the form of a global clock. We propose a novel, timeless computation model for quasiperiodic distributed systems to facilitate their verification. The main idea behind our model is to judiciously replace synchronization using a global clock and calendar with synchronization over lengths of message buffers. We introduce a simple domain-specific language for programming of such systems and use it to formalize the semantics of both the calendar and timeless model. Then, we prove that our timeless model is an overapproximation of the calendar model. Finally, we evaluate our timeless model using several benchmarks. CCS CONCEPTS • Theory of computation → Models of computation; Distributed computing models; • Computer systems organization → Robotics; Embedded systems; Real-time systems.
“…Bhattacharyya et al [8] and Miller et al [30] present a translator from a subset of SysML, which is a common system architecture modeling language, into the Architectural Analysis and Description Language (AADL). They also provide translators from AADL models into the input language of the UPPAAL [5] and Kind [27] model checkers.…”
A cyber-physical system often consists of distributed multi-rate periodic processes that communicate using message passing; each process owns a local clock not synchronized with others. We call such systems quasi-periodic distributed systems. Traditionally, one would model them using timed automata, thereby having to deal with high-complexity verification problems. Recently, several researchers proposed discrete-time abstractions based on the calendar model to make the verification more tractable. However, even the calendar model contains a notion of time in the form of a global clock. We propose a novel, timeless computation model for quasiperiodic distributed systems to facilitate their verification. The main idea behind our model is to judiciously replace synchronization using a global clock and calendar with synchronization over lengths of message buffers. We introduce a simple domain-specific language for programming of such systems and use it to formalize the semantics of both the calendar and timeless model. Then, we prove that our timeless model is an overapproximation of the calendar model. Finally, we evaluate our timeless model using several benchmarks. CCS CONCEPTS • Theory of computation → Models of computation; Distributed computing models; • Computer systems organization → Robotics; Embedded systems; Real-time systems.
“…These mechanisms do not resolve the problem posed in this paper, since the modeling of transmissions as unit delays and the activations of processes on boolean streams require the total ordering given by a global scalar clock: a synchronous modeling of an asynchronous system. c) Quasi-synchrony: Most existing work on the quasisynchronous abstraction either assumes instantaneous communication [5], [28]-which may be valid in a shared memory model but not a message-passing one-or takes the discrete model as given and applies it directly to model and analyze systems [19], [20], [32]. We seek to clarify the original definitions [6] and to precisely define the relation between the real-time and discrete-time models.…”
Section: Related Work A) Distributed Systemsmentioning
confidence: 99%
“…A finite state scheduler that produces valid sequences is readily constructed from the given regular expression (using, for instance, the reglo tool [29]). The processes and unit delays can be modeled directly in Lustre [17], for instance, and verified by modelchecking [5], [19], [20], [28].…”
Abstract-Many critical real-time embedded systems are implemented as a set of processes that execute periodically with bounded jitter and communicate with bounded transmission delay. The quasi-synchronous abstraction was introduced by P. Caspi for model-checking the safety properties of applications running on such systems. The simplicity of the abstraction is appealing: the only events are process activations; logical steps account for transmission delays; and no process may be activated more than twice between two successive activations of any other.We formalize the relation between the real-time model and the quasi-synchronous abstraction by introducing the notion of a unitary discretization. Even though the abstraction has been applied several times in the literature, we show, surprisingly, that it is not sound for general systems of more than two processes. Our central result is to propose necessary and sufficient conditions on both communication topologies and timing parameters to recover soundness.
“…They have been used in many different areas, such as symbolic execution [43], hardware and software verification [11,16], test data generation [70] and so on. In general, these problems can be encoded as constraint satisfiability problems and query SMT solvers for their satisfiability, and transform back the answers to the original problems.…”
Section: Comparison Between Cvc4 (X-mentioning
confidence: 99%
“…The satisfiability relation between I and ϕ is defined inductively as follows: [22], CVC4 [6], Yices2 [25], Boolector [49], and MathSAT [15]. Due to the impressive growth in the performance and scope, SMT solvers have been applied in a wide range of applications including model checking [11,17], test data generation [53], security analysis [29], symbolic execution [52] and so on.…”
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.