| | |
Summary: Modularity for Timed and Hybrid Systems ?;??
Rajeev Alur Thomas A. Henzinger
EECS Department, University of California, Berkeley, CA 947201770, U.S.A.
Email: falur,tahg@eecs.berkeley.edu
Abstract. In a tracebased world, the modular specification, verification, and control of live
systems require each module to be receptive; that is, each module must be able to meet its
liveness assumptions no matter how the other modules behave. In a realtime world, liveness
is automatically present in the form of diverging time. The receptiveness condition, then,
translates to the requirement that a module must be able to let time diverge no matter how the
environmentbehaves.We study the receptivenesscondition for realtime systemsby extending
the model of reactive modules to timed and hybrid modules. We define the receptiveness of
such a module as the existence of a winning strategy in a game of the module against
its environment. By solving the game on region graphs, we present an (optimal) EXPTIME
algorithm for checking the receptiveness of propositional timed modules. By giving a fixpoint
characterization of the game, we present a symbolic procedure for checking the receptiveness
of linear hybrid modules. Finally, we present an assumeguarantee principle for reasoning
about timed and hybrid modules, and a method for synthesizing receptive controllers of timed
and hybrid modules.
1 Introduction
Over the past decade, much research has focused on the modeling and verification of timed
|
