1 / 53

UPPAAL The Long Road from Theory to Industrial Impact

UPPAAL The Long Road from Theory to Industrial Impact. Frits Vaandrager fvaan@cs.ru.nl. Overview. What is Model Checking? History & Impact Early Days Engine Scheduling & Planning Current Projects Conclusions. Turing Award 2007 for Model Checking!!!. Ed Clarke. Allen Emerson.

normanwright
Télécharger la présentation

UPPAAL The Long Road from Theory to Industrial Impact

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UPPAALThe Long Road from Theory to Industrial Impact Frits Vaandrager fvaan@cs.ru.nl

  2. Overview • What is Model Checking? • History & Impact • Early Days • Engine • Scheduling & Planning • Current Projects • Conclusions

  3. Turing Award 2007 forModel Checking!!! Ed Clarke Allen Emerson Joseph Sifakis

  4. What is Model Checking? System Description Automata A Yes! Model Checker A sat F No! Diagnostic Information Requirement Specification F 93 94 95 97 98 99 89 90

  5. Example: Gossiping Girls Problem Six girls all have a gossip of their own. They call each other over the phone. Whenever two girls talk they exchange all gossips they know. How many calls are needed before every girl knows every gossip?

  6. Transition System

  7. Temporal Logic

  8. Solution Model Checker

  9. Hybrid & Real Time Systems Computer Science Control Theory sensors Task Task Task Task actuators Controller Program Discrete Plant Continuous Eg.: Pump Control Air Bags Robots Cruise Control ABS CD Players Production Lines Real Time System A system where correctness not only depends on the logical order of events but also on their timing!!

  10. History of UPPAAL TAU CCS & Modal Transition Systems Refinements Modal Mu-Calculus Explicit State Representation Prolog 1989 1993 1995 UPPPAAL Timed Automata TCTL Zones C & Java EPSILON TCCS Timed Refinements Timed Mu-Calculus Regions Prolog

  11. @UPPsala Wang Yi Paul Pettersson John Håkansson Anders Hessel Pavel Krcal Leonid Mokrushin Shi Xiaochun @AALborg Kim G Larsen Gerd Behrman Arne Skou Brian Nielsen Alexandre David Jacob I. Rasmussen Marius Mikucionis Thomas Chatain Contributors @Elsewhere • Emmanuel Fleury, Didier Lime, Johan Bengtsson, Fredrik Larsson, Kåre J Kristoffersen, Tobias Amnell, Thomas Hune, Oliver Möller, Elena Fersman, Carsten Weise, David Griffioen, Ansgar Fehnker, Frits Vaandrager, Theo Ruys, Pedro D’Argenio, J-P Katoen, Jan Tretmans, Judi Romijn, Ed Brinksma, Martijn Hendriks, Klaus Havelund, Franck Cassez, Magnus Lindahl, Francois Laroussinie, Patricia Bouyer, Augusto Burgueno, H. Bowman, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson...

  12. GUI • Unlimited undo and redo • Syntax and bracket highlighting • Rectangular selection • Customization of colors • Tooltip • Hiding of information • Improved help menu with search component • Language • User defined functions (C-like) • New types (records, type declarations, meta variables, scalars) • Partial instantiation of templates • Select clauses on edges • Forall and exist quantifiers UPPAAL 4.0

  13. UPPAAL 4.0 • Graphical Simulator • visualization and recording • inexpensive fault detection • inspection of error traces • Message Sequence Charts • (Gannt Charts)

  14. UPPAAL 4.0 • Verifier • Exhaustive & automatic checking of requirements • .. including validating, safety, liveness, bounded liveness and response properties • .. generation of debugging information for visualisation in simulator. • Optimal scheduling for cost models

  15. Impact Google: UPPAAL: 134.000 SPIN Verifier: 242.000 nuSMV: 57.700 > 1.500 Google Scholar Citations (Rhapsody/Esterel < 3.500)

  16. Impact Company Downloads Mecel Jet Symantec SRI Relogic Realwork NASA Verified Systems Microsoft ABB Airbus PSA Saab Siemens Volvo Lucent Technologies

  17. UPPAAL Branches TIGA Controller synthesis Optimal scheduling CORA Testing TRON Verification CLASSIC

  18. CLASSIC Verification& The Early Days A good beginning is useful …

  19. First official UPPAAL presentation Wang Yi, TACAS, Aarhus, April 1995 Johan Bengtsson Kim Larsen Fredrik Larsson Paul Pettersson Wang Yi

  20. Application The Philips Audio Protocolwith collision David Griffioen and some Scandinavian friends.

  21. Application Bounded Retransmission Protocol Pedro D’Argenio Joost-Pieter Katoen Theo Ruys Jan Tretmans

  22. Application Scheduling wafer production at ASML Martijn Hendriks in Cyprus

  23. Jan Friso Groote Leslie Lamport Some UPPAAL Groupies Frits Vaandrager

  24. The Engine

  25. -4 x1 x2 4 3 3 2 -2 -2 2 x0 x3 1 Elegant RUBY bindings for easy implementations 5 Alexandre David + Johan Bengtsson, Fredrik Larsson Datastructures for Zones • DBM package • Minimal Constraint Form [RTSS97] • Clock Difference Diagrams [CAV99] • PW List [SPIN03]

  26. To Store or Not To Store Behrmann, Larsen, Pelanek 2003 117 statestotal ! 81 statesentrypoint ! 9 states Time OH less than 10% Audio Protocol

  27. Symmetry Reduction • Exploitation of full symmetry may give factorial reduction • Computation of canonical state representative [Formats 2003] Martijn Hendriks

  28. D-UPPAALGerd Behrmann, Thomas Hune, Frits Vaandrager • Distributed implementation of UPPAAL on PC-cluster [CAV'00, PDMC'02, STTT'03]. • Applications • Synthesis of Dynamic Voltage Scaling strategies (CISS). • Ad-hoc mobile real-time protocol (Leslie Lamport) - 25GB in 3 min! • Running on NorduGrid.Local cluster: 50 CPUs and 50GB of RAM • To be used as inspiration for verification GRID platform within ARTIST2 NoE.

  29. UPPAAL 1995 - 2001 Every 9 month 10 times better performance! Dec’96 Sep’98 3.x

  30. CORA Optimal Scheduling

  31. SIDMAR Steel Production Plant Crane A Machine 2 Machine 3 Machine 1 • A. Fehnker [RTCSA99], T. Hune, K. G. Larsen, P. Pettersson [DSV00] • Case study of Esprit-LTRproject 26270 VHS • Physical plant of SIDMARlocated in Gent, Belgium • Part between blast furnace and hot rolling mill Objective:model the plant, obtain schedule and control program for plant Lane 1 Machine 4 Machine 5 Lane 2 Buffer Crane B Storage Place Continuos Casting Machine

  32. Ametist 2002-2005

  33. Priced Timed Automata Behrmann, Brinksma, Fehnker, Hune, Larsen, Pettersson, Romijn, Vaandrager … Rasmussen .. Bouyer, Cassez, Nicolas …

  34. cost d+l*(t-T) E earliest landing time T target time L latest time e cost rate for being early l cost rate for being late d fixed cost for being late e*(T-t) t E T L Example: Aircraft Landing Planes have to keep separation distance to avoid turbulences caused by preceding planes

  35. Example: Aircraft Landing x <= 5 x >= 4 4 earliest landing time 5 target time 9 latest time 3cost rate for being early 1 cost rate for being late 2fixed cost for being late x=5 land! cost+=2 x <= 5 x <= 9 cost’=3 cost’=1 x=5 land! Planes have to keep separation distance to avoid turbulences caused by preceding planes

  36. Using Heuristics Try to schedule planes in the order of their preferred landing times

  37. Aircraft Landing Problem runways Benchmark by Beasley et al 2000

  38. AXXOM Case study Laquer Production Scheduling • 3 types of recipes • for uni/metallic/bronce • use of resources, processing times, timing • 29 (73, 219) orders: • start time, due date, recipe • extensions: • delay cost,storage cost,setup cost • weekend, nights Behrmann, Brinksma, Hendriks, Mader 16th IFAC World Congress

  39. Resources Axxom • 2 mixing vessels for uni lacquers • 3 mixing vessels for metallic/bronce • 2 dose spinners • 1 dose spinner bronce • 1 disperging line • 1 predisperser • 1 bronce mixer • 2 filling lines • lab (unlimitted)

  40. Recipes UPPAAL template for metal Axxom

  41. Instantiated Model Axxom State Space Explosion Heuristics !! Guiding & Pruning

  42. Results Extended Case Axxom storage, delay and setup costs, working hours Order of magnitude faster than MILP, GAMS/CPLEX Competitive with Orion-pi results

  43. Current Projects Towards industrial use …

  44. Compositional Abstraction Jasper Berendsen, Biniam Gebremichael, Miaomiao Zhang, FV

  45. Compositional Abstraction • weakening guards & invariants • chaos abstraction x≤3 Host 1 Host 2 Host 3 Host n

  46. Compositional Abstraction • weakening guards & invariants • chaos abstraction x≤3 Chaos Host 1 Host 2 Host 3 Host n

  47. Use of Uppaal in the Classroom Roelof Hamberg, FV c+10.l upperbound on waiting time for entering critical section in Peterson's mutual exclusion algorithm with 2 processes strengthening of c+O(l) bound of Lynch

  48. Use of Uppaal in the Classroom Roelof Hamberg, FV c+10.l upperbound on waiting time for entering critical section in Peterson's mutual exclusion algorithm with 2 processes strengthening of c+O(l) bound of Lynch

  49. ESI Octopus Project with Oce Georgeta Igna, FV Design of adaptive data Path in Copiers/Printers Challenges: problem size, hybrid phenomena, timed games,..

  50. FP7 Quasimodo Project Analysis of Wireless Sensor Networks of Chess David Jansen, Faranek Heydarian, Julien Schmaltz, FV Challenges: probabilities, hundreds of nodes, dynamic network,..

More Related