TY - JOUR
T1 - Automated repair for timed systems
AU - Kölbl, Martin
AU - Leue, Stefan
AU - Wies, Thomas
N1 - Funding Information:
We wish to thank Nikolaj Bjorner and Zvonimir Pavlinovic for advice on the use of Z3. We are grateful to Sarah Stoll for helping us with the statistical evaluation of the experimental results. This work was in part supported by the National Science Foundation (NSF) under grant CCF-1350574.
Publisher Copyright:
© 2022, The Author(s).
PY - 2021/12
Y1 - 2021/12
N2 - We present algorithms and techniques for the repair of timed system models, given as networks of timed automata (NTA). The repair is based on an analysis of timed diagnostic traces (TDTs) that are computed by real-time model checking tools, such as UPPAAL, when they detect the violation of a timed safety property. We present an encoding of TDTs in linear real arithmetic and use the MaxSMT capabilities of the SMT solver Z3 to suggest a minimal number of possible syntactic repairs of the analyzed model. The suggested repairs include modified values for clock bounds in location invariants and transition guards, adding or removing clock resets, etc. We then present an admissibility criterion, called functional equivalence, which ensures that the proposed repair preserves the functional behavior of the considered NTA. We discuss a proof-of-concept tool called TarTar that we have developed, implementing the repair and admissibility analysis, and give insights into its design and architecture. We evaluate the proposed repair technique on faulty mutations generated from a diverse suite of case studies taken from the literature. We show that TarTar can admissibly repair for 69–88 % of the seeded errors in the considered system models.
AB - We present algorithms and techniques for the repair of timed system models, given as networks of timed automata (NTA). The repair is based on an analysis of timed diagnostic traces (TDTs) that are computed by real-time model checking tools, such as UPPAAL, when they detect the violation of a timed safety property. We present an encoding of TDTs in linear real arithmetic and use the MaxSMT capabilities of the SMT solver Z3 to suggest a minimal number of possible syntactic repairs of the analyzed model. The suggested repairs include modified values for clock bounds in location invariants and transition guards, adding or removing clock resets, etc. We then present an admissibility criterion, called functional equivalence, which ensures that the proposed repair preserves the functional behavior of the considered NTA. We discuss a proof-of-concept tool called TarTar that we have developed, implementing the repair and admissibility analysis, and give insights into its design and architecture. We evaluate the proposed repair technique on faulty mutations generated from a diverse suite of case studies taken from the literature. We show that TarTar can admissibly repair for 69–88 % of the seeded errors in the considered system models.
KW - Admissibility of repair
KW - Automated repair
KW - TarTar tool
KW - Timed automata
UR - http://www.scopus.com/inward/record.url?scp=85139420016&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85139420016&partnerID=8YFLogxK
U2 - 10.1007/s10703-022-00397-5
DO - 10.1007/s10703-022-00397-5
M3 - Article
AN - SCOPUS:85139420016
VL - 59
SP - 136
EP - 169
JO - Formal Methods in System Design
JF - Formal Methods in System Design
SN - 0925-9856
IS - 1-3
ER -