[go: up one dir, main page]

CN109976712A - One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC - Google Patents

One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC Download PDF

Info

Publication number
CN109976712A
CN109976712A CN201910186342.XA CN201910186342A CN109976712A CN 109976712 A CN109976712 A CN 109976712A CN 201910186342 A CN201910186342 A CN 201910186342A CN 109976712 A CN109976712 A CN 109976712A
Authority
CN
China
Prior art keywords
model
prccsl
stas
physical system
network physical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910186342.XA
Other languages
Chinese (zh)
Inventor
姜恩英
梁天
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sun Yat Sen University
Original Assignee
Sun Yat Sen University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Yat Sen University filed Critical Sun Yat Sen University
Priority to CN201910186342.XA priority Critical patent/CN109976712A/en
Publication of CN109976712A publication Critical patent/CN109976712A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F30/00Computer-aided design [CAD]
    • G06F30/30Circuit design
    • G06F30/32Circuit design at the digital level
    • G06F30/33Design verification, e.g. functional simulation or model checking
    • G06F30/3323Design verification, e.g. functional simulation or model checking using formal methods, e.g. equivalence checking or property checking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/10Requirements analysis; Specification techniques

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Evolutionary Computation (AREA)
  • Geometry (AREA)
  • Devices For Executing Special Programs (AREA)

Abstract

本发明公开一种基于UPPAAL‑SMC对网络物理系统需求做形式化验证方法,包括采用概率性时钟约束规范语言形式表达EAST‑ADL架构模型中网络物理系统CPS的需求模型;将PrCCSL语句输入语法解析器,解析生成抽象语法树AST;遍历抽象语法树AST提取PrCCSL语句中每条关系或表达式语句的关键信息,根据关键信息的内容给每条关系或表达式语句匹配相应模板生成STA模型及其查询语句,生成STAs模型保存为STAs文件,将STAs文件输入整合器,集成网络物理系统的系统行为模型,输出可验证的Net‑STA模型,将可验证的Net‑STA模型调用UPPAAL‑SMC模型的形式化验证引擎Verifyta;Query生成器输出当前查询验证语句至Verifyta,启动Verifyta执行形式化验证。本发明基于PrCCSL和UPPAAL‑SMC对网络物理系统需求的概率性描述,对需求做形式化验证。

The invention discloses a method for formal verification of network physical system requirements based on UPPAAL-SMC, which includes expressing a demand model of a network physical system CPS in an EAST-ADL architecture model in the form of a probabilistic clock constraint specification language; It parses and generates an abstract syntax tree AST; traverses the abstract syntax tree AST to extract the key information of each relation or expression statement in the PrCCSL statement, and matches the corresponding template for each relation or expression statement according to the content of the key information to generate the STA model and its query, generate the STAs model and save it as a STAs file, input the STAs file into the integrator, integrate the system behavior model of the cyber-physical system, output the verifiable Net‑STA model, and call the verifiable Net‑STA model to the UPPAAL‑SMC model Formal verification engine Verifyta; Query generator outputs the current query verification statement to Verifyta, and starts Verifyta to perform formal verification. The present invention formally verifies the requirements based on the probabilistic description of the network physical system requirements by PrCCSL and UPPAAL-SMC.

Description

一种基于UPPAAL-SMC对网络物理系统需求做形式化验证方法A Formal Verification Method for Cyber-Physical System Requirements Based on UPPAAL-SMC

技术领域technical field

本发明涉及数据处理领域,特别涉及一种基于UPPAAL-SMC对网络物理系统需求做形式化验证方法。The invention relates to the field of data processing, in particular to a formal verification method for network physical system requirements based on UPPAAL-SMC.

背景技术Background technique

功能性及非功能性需求的建模和分析,例如时序约束、能耗约束等,对于网络物理系统(CPS,Cyber-Phsical System)至关重要。EAST-ADL(Electronic Architecture andSoftware Tools-Architecture Description Language,架构描述语言)是一种用于安全性至关重要的网络物理系统设计的领域专用架构语言。概率性时钟约束规范语言(PrCCSL,Probability extension CCSL)是时钟约束规范语言(CCSL,Clock ConstraintSpecification Language)的概率性扩展。EAST-ADL架构模型的时序约束用具有概率性语义的PrCCSL语言去描述,然后PrCCSL语句的语义转换为统计性模型检验工具UPPAAL-SMC的随机性时间自动机(STAs,Stochastic Timed Automata)模型去做模型检查。The modeling and analysis of functional and non-functional requirements, such as timing constraints, energy constraints, etc., are crucial for Cyber-Physical Systems (CPS, Cyber-Phsical System). EAST-ADL (Electronic Architecture and Software Tools-Architecture Description Language, Architecture Description Language) is a domain-specific architecture language for security-critical cyber-physical system design. The Probabilistic Clock Constraint Specification Language (PrCCSL, Probability extension CCSL) is a probabilistic extension of the Clock Constraint Specification Language (CCSL, Clock Constraint Specification Language). The timing constraints of the EAST-ADL architecture model are described by the PrCCSL language with probabilistic semantics, and then the semantics of the PrCCSL statements are converted into the Stochastic Timed Automata (STAs, Stochastic Timed Automata) model of the statistical model checking tool UPPAAL-SMC. Model checking.

在EAST-ADL的背景下,很多人研究了EAST-ADL与基于时序约束的形式化验证相整合,然而仅限于系统功能的执行方面而没有考虑如何处理系统的随机性行为。有人用PrCCSL定义了网络物理系统的控制器和环境的执行语义,然后将其语义映射到UPPAAL-SMC模型,用于概率性的模型检查。有人提出使用具有概率逻辑时序的CCSL,通过限制事件发生的可能性的解决方案,实现混合系统(Hybrid System)的随机性分析。目前来说,这些方法缺乏支持工具来实施其形式化验证和模拟的方法。有人提供了一个工具TimePF,用于建模和形式化验证CCSL中时序约束。有人使用TimePF将网络物理系统的时序属性用CCSL描述,并将CCSL语句用具有操作语义的线性时序逻辑(LTL,Lineartemporal logic)解释为用于调度分析的有限状态机。与当前的发明相比,这些方法缺乏精确的随机性描述,特别是关于执行期间不同时钟速率的连续动态系统的随机性行为。In the context of EAST-ADL, many people have studied the integration of EAST-ADL with formal verification based on timing constraints, but they are limited to the execution of system functions without considering how to deal with the random behavior of the system. The execution semantics of the controllers and environments of cyber-physical systems have been defined in PrCCSL and then mapped to the UPPAAL-SMC model for probabilistic model checking. It has been proposed to use CCSL with probabilistic logic timing to realize the stochastic analysis of hybrid systems by limiting the possibility of events. Currently, these methods lack supporting tools to implement their formal verification and simulation methods. Someone provides a tool TimePF for modeling and formal verification of timing constraints in CCSL. Some people use TimePF to describe the temporal properties of cyber-physical systems with CCSL, and interpret CCSL statements with linear temporal logic (LTL, Linear temporal logic) with operational semantics as a finite state machine for scheduling analysis. In contrast to current inventions, these methods lack an accurate description of randomness, especially regarding the randomness behavior of continuous dynamic systems at different clock rates during execution.

发明内容SUMMARY OF THE INVENTION

本发明的主要目的是提出一种基于UPPAAL-SMC对网络物理系统需求做形式化验证方法,旨在克服以上问题。The main purpose of the present invention is to propose a formal verification method for network physical system requirements based on UPPAAL-SMC, in order to overcome the above problems.

为实现上述目的,本发明提出的一种基于UPPAAL-SMC对网络物理系统需求做形式化验证方法,包括如下步骤:In order to achieve the above-mentioned purpose, a kind of formal verification method based on UPPAAL-SMC that the present invention proposes to network physical system requirements, comprises the following steps:

S10在编辑器中使用概率性时钟约束规范语言PrCCSL形式化表示EAST-ADL架构模型中网络物理系统CPS的需求模型,生成PrCCSL语句;S10 uses the probabilistic clock constraint specification language PrCCSL in the editor to formally represent the demand model of the cyber-physical system CPS in the EAST-ADL architecture model, and generate PrCCSL statements;

S20将PrCCSL语句输入语法解析器,解析生成抽象语法树AST;S20 inputs the PrCCSL statement into the parser, and parses it to generate an abstract syntax tree AST;

S30遍历抽象语法树AST提取PrCCSL语句中每条关系或表达式语句的关键信息,根据关键信息的内容给每条关系或表达式语句匹配相应模板生成STA模型及其查询语句,由数个STA模型生成STAs模型,将STAs模型以.xml格式保存为STAs文件,查询语句生成Query生成器;S30 traverses the abstract syntax tree AST to extract key information of each relation or expression statement in the PrCCSL statement, and matches the corresponding template for each relation or expression statement according to the content of the key information to generate an STA model and its query statement. Generate the STAs model, save the STAs model as a STAs file in .xml format, and generate a Query generator for the query statement;

S40将STAs文件输入整合器,集成网络物理系统的系统行为模型,输出可验证的Net-STA模型;S40 inputs the STAs file into the integrator, integrates the system behavior model of the cyber-physical system, and outputs a verifiable Net-STA model;

S50将可验证的Net-STA模型调用UPPAAL-SMC模型的形式化验证引擎Verifyta;Query生成器输出当前查询验证语句至Verifyta,启动Verifyta执行形式化验证。S50 calls the verifiable Net-STA model to the formal verification engine Verifyta of the UPPAAL-SMC model; the Query generator outputs the current query verification statement to Verifyta, and starts Verifyta to perform formal verification.

优选地,所述EAST-ADL架构中CPS网络物理系统模型包括系统架构模型和需求模型,其中系统架构模型中系统行为用功能原型表示,所述S10之前还包括:Preferably, the CPS cyber-physical system model in the EAST-ADL architecture includes a system architecture model and a requirement model, wherein the system behavior in the system architecture model is represented by a functional prototype, and the S10 further includes:

S01网络物理系统使用EAST-ADL架构模型建模,输出系统架构模型和需求模型,由UPPAAL-SMC模型对系统架构模型的每个功能原型的连续或离散的系统行为进行建模,每个功能原型对应一个时间自动机STA模型,由此网络物理系统的系统行为被表示为Net-STA模型,将其保以.xml格式保存为系统模型文件。S01 cyber-physical system is modeled using EAST-ADL architecture model, output system architecture model and requirement model, continuous or discrete system behavior of each functional prototype of the system architecture model is modeled by UPPAAL-SMC model, each functional prototype Corresponding to a time automata STA model, the system behavior of the cyber-physical system is represented as a Net-STA model, which is saved as a system model file in .xml format.

优选地,所述S10之后,所述S20之前还包括:Preferably, after the S10 and before the S20, the steps further include:

S02采用BNF语言描述PrCCSL的语法,调用解析器生成工具ANTLR,构造语法解析器。S02 uses BNF language to describe the grammar of PrCCSL, calls the parser generation tool ANTLR, and constructs the parser.

优选地,所述S20之后,所述S30之前还包括:Preferably, after the S20 and before the S30, the steps further include:

S03检查抽象语法树AST是否有语法错误,若没有,则进入S30,若有,则返回S10。S03 checks whether the abstract syntax tree AST has grammatical errors, if not, enter S30, if so, return to S10.

优选地,转化模式包括PrCCSL模式和PrCCSL+System模式,所述30中将STAs模型以.xml格式保存为STAs文件的步骤包括:Preferably, the conversion mode includes PrCCSL mode and PrCCSL+System mode, and the step of saving the STAs model as a STAs file in the .xml format in described 30 includes:

S301将STAs模型输入转化器,以获取用户形式化验证需求;S301 Input the STAs model into the converter to obtain the user's formal verification requirements;

S302若获取到用户验证需求,则选择PrCCSL+System模式,将STAs模型输入整合器以集成网络物理系统的系统行为模型,将整合器的输出结果采用.xml格式保存为可验证的STAs文件;若未获取到用户验证需求,则选择PrCCSL模式,将STAs模型以.xml格式保存为STAs文件。S302 If the user verification requirement is obtained, select the PrCCSL+System mode, input the STAs model into the integrator to integrate the system behavior model of the cyber-physical system, and save the output result of the integrator as a verifiable STAs file in .xml format; if If the user authentication requirements are not obtained, select the PrCCSL mode and save the STAs model as a STAs file in .xml format.

优选地,所述根据关键信息的内容给每条关系或表达式语句匹配的相应模板包括关系模板和表达式模板。Preferably, the corresponding templates matched to each relation or expression statement according to the content of the key information include relation templates and expression templates.

优选地,所述查询语句包括假设检验、概率估计、仿真、期望值和概率比较五种查询语句,所述Query生成器至少包括以上五种查询语句及其配置参数。Preferably, the query statement includes five query statements, namely hypothesis testing, probability estimation, simulation, expected value and probability comparison, and the Query generator includes at least the above five query statements and configuration parameters thereof.

优选地,所述网络物理系统CPS的需求模型包括功能需求模型和非功能性需求模型,所述S10的方法具体为:将网络物理系统CPS的功能需求使用PrCCSL语言的互斥、等同和子时钟三种关系或表达式语句表示;将网络物理系统CPS的非功能性需求使用PrCCSL语言的优先和因果两种关系或表达式语句所表示。Preferably, the demand model of the cyber-physical system CPS includes a functional demand model and a non-functional demand model, and the method of S10 is specifically: using the mutual exclusion, equivalence and sub-clock three of the PrCCSL language for the functional demand of the cyber-physical system CPS The non-functional requirements of the cyber-physical system CPS are expressed by the priority and causal relations or expression statements of the PrCCSL language.

优选地,还包括S60在Python中调用XML DOM以解析.xml文件从而生成STA模型,采用Python内置的图形开发界面的库Tkinter为每种PrCCSL语句实现映射模板。Preferably, it also includes S60 calling XML DOM in Python to parse the .xml file to generate the STA model, and using Tkinter, a library of built-in graphical development interface in Python, to implement a mapping template for each PrCCSL statement.

本发明还公开了一种基于UPPAAL-SMC对网络物理系统需求做形式化验证工具,包括:The invention also discloses a formal verification tool for network physical system requirements based on UPPAAL-SMC, including:

系统建模模块,用于网络物理系统使用EAST-ADL架构模型建模,输出系统架构模型和需求模型,由UPPAAL-SMC模型对系统架构模型的每个功能原型的连续或离散的系统行为进行建模,每个功能原型对应一个时间自动机STA模型,由此网络物理系统的系统行为被表示为Net-STA模型,将其以.xml格式保存为系统模型文件;System modeling module for cyber-physical system modeling using EAST-ADL architecture model, output system architecture model and requirement model, continuous or discrete system behavior of each functional prototype of the system architecture model is modeled by UPPAAL-SMC model. Each functional prototype corresponds to a time automaton STA model, so the system behavior of the cyber-physical system is represented as a Net-STA model, which is saved as a system model file in .xml format;

表示模块,用于在概率性时钟约束规范语言转化器ProTL的编辑器中使用概率性时钟约束规范语言PrCCSL形式化表示EAST-ADL架构模型中网络物理系统CPS的需求模型,生成PrCCSL语句;The presentation module is used to formally represent the requirement model of the cyber-physical system CPS in the EAST-ADL architecture model using the probabilistic clock constraint specification language PrCCSL in the editor of the probabilistic clock constraint specification language converter ProTL, and generate the PrCCSL statement;

构造模块,用于采用BNF语言描述PrCCSL的语法,调用解析器生成工具ANTLR,构造PrCCSL语言的语法解析器;The construction module is used to describe the grammar of PrCCSL using the BNF language, call the parser generation tool ANTLR, and construct the grammar parser of the PrCCSL language;

解析模块,用于将PrCCSL语句输入语法解析器,解析生成抽象语法树AST;The parsing module is used to input the PrCCSL statement into the parser, and parse to generate the abstract syntax tree AST;

语法检查模块,用于检查抽象语法树AST是否有语法错误,若没有,则进入生成模块,若有,则返回表示模块;The grammar check module is used to check whether the abstract syntax tree AST has any grammar errors. If not, it will enter the generation module. If there is, it will return to the representation module;

生成模块,用于遍历抽象语法树AST提取PrCCSL语句中每条关系或表达式语句的关键信息,根据关键信息的内容给每条关系或表达式语句匹配相应模板生成STA模型及其查询语句,由数个STA模型生成STAs模型,将STAs模型以.xml格式保存为STAs文件,查询语句生成Query生成器,所述生成模块中包括模式转化子模块,用于将STAs模型输入转化器,以获取用户形式化验证需求,若获取到用户验证需求,则选择PrCCSL+System模式,将STAs模型输入整合器以集成网络物理系统的系统行为模型和STAs模型,将整合器的输出结果采用.xml格式保存为可验证的STAs文件;若未获取到用户验证需求,则选择PrCCSL模式,将STAs模型以.xml格式保存为STAs文件;The generation module is used to traverse the abstract syntax tree AST to extract the key information of each relationship or expression statement in the PrCCSL statement, and match the corresponding template for each relationship or expression statement according to the content of the key information to generate the STA model and its query statement. Several STA models generate STAs models, the STAs models are saved as STAs files in .xml format, and the query statement generates a Query generator. The generation module includes a mode conversion sub-module for inputting the STAs model into the converter to obtain user Formal verification requirements, if the user verification requirements are obtained, select the PrCCSL+System mode, input the STAs model into the integrator to integrate the system behavior model and the STAs model of the cyber-physical system, and save the output of the integrator in .xml format as Verifiable STAs file; if user authentication requirements are not obtained, select PrCCSL mode and save the STAs model as a STAs file in .xml format;

整合模块,用于将STAs文件输入整合器,集成网络物理系统的系统行为模型,输出可验证的Net-STA模型;The integration module is used to input the STAs file into the integrator, integrate the system behavior model of the cyber-physical system, and output a verifiable Net-STA model;

验证执行模块,用于可验证的Net-STA模型导入验证器,调用UPPAAL-SMC模型的形式化验证引擎Verifyta,;Query生成器输出当前查询验证语句至Verifyta,启动Verifyta执行形式化验证。The verification execution module is used to import the verifiable Net-STA model into the verifier, and call the formal verification engine Verifyta of the UPPAAL-SMC model; the Query generator outputs the current query verification statement to Verifyta, and starts Verifyta to perform formal verification.

本发明开发了一个自动转换工具ProTL,从概率性时钟约束规范语言到可验证的随机性时间自动机模型,并可以生成假设检验(Hypothesis Testing),概率估计(Probability Estimation),仿真(Simulations),期望值(Expected Value),概率比较(Probability Comparison)等五种查询语句,用于对系统的需求做形式化验证和系统仿真。ProTL还提供可视化图像显示仿真结果及错误回溯和生成反例。本发明是基于PrCCSL和UPPAAL-SMC对网络物理系统需求的概率性描述,对需求做形式化验证第一个工具。The present invention develops an automatic conversion tool ProTL, from the probabilistic clock constraint specification language to the verifiable random time automata model, and can generate Hypothesis Testing, Probability Estimation, Simulations, Expected Value (Expected Value), Probability Comparison (Probability Comparison) and other five query statements are used for formal verification and system simulation of system requirements. ProTL also provides visual images showing simulation results and error backtracking and generating counter-examples. The present invention is the first tool for formal verification of requirements based on the probabilistic description of network physical system requirements by PrCCSL and UPPAAL-SMC.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图示出的结构获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention, and for those of ordinary skill in the art, other drawings can also be obtained according to the structures shown in these drawings without creative efforts.

图1为本发明一实施例的方法流程图;FIG. 1 is a flow chart of a method according to an embodiment of the present invention;

图2为PrCCSL的等同关系或表达式语句映射到STA模型的模板;Fig. 2 is the template that the equivalent relation or expression statement of PrCCSL is mapped to STA model;

图3为PrCCSL的互斥关系或表达式语句映射到STA模型的模板;Figure 3 is a template for mapping the mutually exclusive relationship or expression statement of PrCCSL to the STA model;

图4为PrCCSL的子时钟关系或表达式语句映射到STA模型的模板;Fig. 4 is the template that the sub-clock relation or expression statement of PrCCSL is mapped to STA model;

图5为PrCCSL的因果关系或表达式语句映射到STA模型的模板;Fig. 5 is the template that the causal relation or expression statement of PrCCSL is mapped to the STA model;

图6为PrCCSL的优先关系或表达式语句映射到STA模型的模板;Fig. 6 is the template that the priority relation or expression statement of PrCCSL is mapped to STA model;

图7为PrCCSL条件表达式语句映射到STA模型的模板;Fig. 7 is the template that PrCCSL conditional expression statement is mapped to STA model;

图8为PrCCSL延迟表达式语句映射到STA模型的模板;Fig. 8 is the template that PrCCSL delay expression statement is mapped to STA model;

图9为PrCCSL过滤表达式语句映射到STA模型的模板;Fig. 9 is the template that PrCCSL filter expression statement is mapped to STA model;

图10为PrCCSL下确界表达式语句映射到STA模型的模板;Figure 10 is a template for mapping the PrCCSL infimum expression statement to the STA model;

图11为PrCCSL上确界表达式语句映射到STA模型的模板;Fig. 11 is the template that the PrCCSL supremum expression statement is mapped to the STA model;

图12为PrCCSL周期表达式语句映射到STA模型的模板;Fig. 12 is the template that PrCCSL periodic expression statement is mapped to STA model;

图13为PrCCSL交集表达式语句映射到STA模型的模板;Fig. 13 is the template that PrCCSL intersection expression statement is mapped to STA model;

图14为PrCCSL并集表达式语句映射到STA模型的模板;Fig. 14 is the template that PrCCSL union expression statement is mapped to STA model;

图15为ProTL的可视化转化器;Figure 15 is the visualization converter of ProTL;

图16为ProTL的可视化验证器,Figure 16 is the visual validator of ProTL,

本发明目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。The realization, functional characteristics and advantages of the present invention will be further described with reference to the accompanying drawings in conjunction with the embodiments.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明的一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

需要说明,若本发明实施例中有涉及方向性指示(诸如上、下、左、右、前、后……),则该方向性指示仅用于解释在某一特定姿态(如附图所示)下各部件之间的相对位置关系、运动情况等,如果该特定姿态发生改变时,则该方向性指示也相应地随之改变。It should be noted that if there are directional indications (such as up, down, left, right, front, back, etc.) involved in the embodiments of the present invention, the directional indications are only used to explain a certain posture (as shown in the accompanying drawings). If the specific posture changes, the directional indication also changes accordingly.

另外,若本发明实施例中有涉及“第一”、“第二”等的描述,则该“第一”、“第二”等的描述仅用于描述目的,而不能理解为指示或暗示其相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括至少一个该特征。另外,各个实施例之间的技术方案可以相互结合,但是必须是以本领域普通技术人员能够实现为基础,当技术方案的结合出现相互矛盾或无法实现时应当认为这种技术方案的结合不存在,也不在本发明要求的保护范围之内。In addition, if there are descriptions involving "first", "second", etc. in the embodiments of the present invention, the descriptions of "first", "second", etc. are only used for the purpose of description, and should not be construed as indicating or implying Its relative importance or implicitly indicates the number of technical features indicated. Thus, a feature delimited with "first", "second" may expressly or implicitly include at least one of that feature. In addition, the technical solutions between the various embodiments can be combined with each other, but must be based on the realization by those of ordinary skill in the art. When the combination of technical solutions is contradictory or cannot be realized, it should be considered that the combination of such technical solutions does not exist. , is not within the scope of protection required by the present invention.

如图1-16所示,本发明提出的一种基于UPPAAL-SMC对网络物理系统需求做形式化验证方法,包括如下步骤:As shown in Figure 1-16, a method for formal verification of cyber-physical system requirements based on UPPAAL-SMC proposed by the present invention includes the following steps:

S10在编辑器中使用概率性时钟约束规范语言PrCCSL形式化表示网络物理系统CPS的EAST-ADL的需求模型,生成PrCCSL语句;S10 uses the probabilistic clock constraint specification language PrCCSL in the editor to formally represent the EAST-ADL requirement model of the cyber-physical system CPS, and generate PrCCSL statements;

S20将PrCCSL语句输入语法解析器,解析生成抽象语法树AST;S20 inputs the PrCCSL statement into the parser, and parses it to generate an abstract syntax tree AST;

S30遍历抽象语法树AST提取PrCCSL语句中每条关系或表达式语句的关键信息,根据关键信息的内容给每条关系或表达式语句匹配相应模板生成STA模型及其查询语句,由数个STA模型生成STAs模型,将STAs模型以.xml格式保存为STAs文件,查询语句生成Query生成器;S30 traverses the abstract syntax tree AST to extract key information of each relation or expression statement in the PrCCSL statement, and matches the corresponding template for each relation or expression statement according to the content of the key information to generate an STA model and its query statement. Generate the STAs model, save the STAs model as a STAs file in .xml format, and generate a Query generator for the query statement;

S40将STAs文件输入整合器,集成网络物理系统的系统行为模型,输出可验证的Net-STA模型;S40 inputs the STAs file into the integrator, integrates the system behavior model of the cyber-physical system, and outputs a verifiable Net-STA model;

S50可验证的Net-STA模型导入验证器,调用UPPAAL-SMC模型的形式化验证引擎Verifyta,;Query生成器输出当前查询验证语句至Verifyta,启动Verifyta执行形式化验证。The S50 verifiable Net-STA model is imported into the verifier, and the formal verification engine Verifyta of the UPPAAL-SMC model is called; the Query generator outputs the current query verification statement to Verifyta, and starts Verifyta to perform formal verification.

在本发明实施例中,本发明开发了一个可以自动转换的工具ProTL(Probabilistic-CCSL TransLator,概率性时钟约束规范语言转化器),用于提供从PrCCSL语句到UPPAAL-SMC模型的自动化转换。从概率性时钟约束规范语言到可验证的随机性时间自动机模型,导入ProTL的验证器,它调用UPPAAL-SMC模型的形式化验证引擎Verifyta,对PrCCSL所描述的概率性时序和因果关系的约束/需求做验证。ProTL给PrCCSL语句提供了文本编辑器,在Query生成器生成不同的概率性查询语句。In the embodiment of the present invention, the present invention develops a tool ProTL (Probabilistic-CCSL TransLator, Probabilistic Clock Constraint Specification Language Translator) that can be automatically converted to provide automatic conversion from PrCCSL sentences to UPPAAL-SMC models. From the probabilistic clock constraint specification language to the verifiable random time automata model, import the ProTL verifier, which calls the formal verification engine Verifyta of the UPPAAL-SMC model, to the constraints of the probabilistic timing and causality described by PrCCSL /Requires verification. ProTL provides a text editor for PrCCSL statements, and generates different probabilistic query statements in the Query generator.

用.xml格式保存STAs模型以被UPPAAL-SMC识别。Save the STAs model in .xml format to be recognized by UPPAAL-SMC.

例如:一条关系或表达式语句a subclock(p=0.96)b;关键信息为a是一个clock.b是一个clock,subclock是子时钟关系(Relation)语句.假设输入的当前查询语句,比如Pr[<=1000]([]not cauObs43.fail)>=0.96.其中其中1000是bound,cauObs43就是subclock这个子时钟关系或表达式语句生成的STA在xml文件中的名字,0.96是概率。For example: a relation or expression statement a subclock(p=0.96)b; the key information is that a is a clock. b is a clock, and subclock is a subclock relation (Relation) statement. Suppose the current query statement entered, such as Pr[ <=1000]([]not cauObs43.fail)>=0.96. Among them, 1000 is bound, cauObs43 is the subclock relationship or the name of the STA generated by the expression statement in the xml file, and 0.96 is the probability.

此外,为了便于分析PrCCSL所描述的约束及需求,ProTL调用UPPAAL-SMC的形式化验证引擎“verifyta”作为其验证后端,为转化的模型提供了验证和仿真的能力;ProTL还提供可视化图像显示仿真结果及错误回溯和生成反例。In addition, in order to facilitate the analysis of the constraints and requirements described by PrCCSL, ProTL calls the formal verification engine "verifyta" of UPPAAL-SMC as its verification backend, which provides verification and simulation capabilities for the transformed model; ProTL also provides visual image display Simulation results and error backtracking and generation of counterexamples.

ProTL的实现方法:The implementation method of ProTL:

使用ProTL形式化分析EAST-ADL中网络物理系统(CPS,Cyber-Physical System)功能性需求及非功能性(时序、能耗)需求,Use ProTL to formally analyze the functional requirements and non-functional (timing, energy consumption) requirements of the Cyber-Physical System (CPS, Cyber-Physical System) in EAST-ADL,

该方法由以下步骤组成:The method consists of the following steps:

(1)用EAST-ADL对CPS的系统行为及需求进行建模:我们的方法的切入点是首先使用EAST-ADL对系统架构进行建模,其中系统行为用功能原型(FunctionPrototype)表示,在此基础上利用UPPAAL-SMC详细描述每个FunctionPrototype的动态或连续行为。系统的(非)功能性需求使用ESAT-ADL的时间模型(Timing Model)建模。如图1所示,EAST-ADL中每个FunctionPrototype的行为被UPPAAL-SMC建模为相应的STA,整个系统的行为最终表示为Net-STA模型构成的并行系统。(1) Modeling the system behavior and requirements of CPS with EAST-ADL: The entry point of our method is to first use EAST-ADL to model the system architecture, in which the system behavior is represented by a function prototype (FunctionPrototype), here Based on UPPAAL-SMC, the dynamic or continuous behavior of each FunctionPrototype is described in detail. The (non-)functional requirements of the system are modeled using ESAT-ADL's Timing Model. As shown in Figure 1, the behavior of each FunctionPrototype in EAST-ADL is modeled as the corresponding STA by UPPAAL-SMC, and the behavior of the entire system is finally represented as a parallel system composed of the Net-STA model.

(2)在ProTL中用PrCCSL描述系统的(非)功能性需求:EAST-ADL中的需求(包括功能性要求、和非功能性需求,如时序约束和能量约束).通常,功能性需求被指定为逻辑关系,即互斥(exclusion),等同(coincidence)和子时钟(subclock)三种关系(PrCCSLRelation)。功能性及非功能性需求被指定为时序关系,即优先(precedence)和因果(causality)两种关系(PrCCSL Relation)。为了分析系统的能耗约束,能耗由密集时钟所扩展的密集时钟类型(DenseClockType)表示。(2) Use PrCCSL to describe the (non) functional requirements of the system in ProTL: requirements in EAST-ADL (including functional requirements, and non-functional requirements, such as timing constraints and energy constraints). Usually, functional requirements are It is specified as a logical relationship, that is, mutual exclusion, coincidence and subclock three relationships (PrCCSLRelation). Functional and non-functional requirements are specified as temporal relationships, namely precedence and causality (PrCCSL Relation). In order to analyze the energy consumption constraints of the system, the energy consumption is represented by the dense clock type (DenseClockType) extended by the dense clock.

(3)用ProTL将PrCCSL语句转化为可验证的UPPAAL-SMC模型:ProTL将PrCCSL语句(用“.txt”文件储存)转换为STA模型。用UPPAAL-SMC表示的系统行为模型(用“.xml”文件储存)可以导入到ProTL中,ProTL将导入的模型和生成STA模型整合成一个可验证的UPPAAL-SMC模型。(3) Using ProTL to convert PrCCSL statements into verifiable UPPAAL-SMC models: ProTL converts PrCCSL statements (stored in ".txt" files) into STA models. The system behavior model represented by UPPAAL-SMC (stored in ".xml" file) can be imported into ProTL, which integrates the imported model and the generated STA model into a verifiable UPPAAL-SMC model.

用ProTL对生成的模型做形式化验证和仿真:ProTL可以生成不同类型的查询(Query)语句以进行验证和仿真。还提供可视化的分析图像以显示分析结果。Formal verification and simulation of the generated model with ProTL: ProTL can generate different types of query (Query) statements for verification and simulation. Visual analysis images are also provided to display analysis results.

ProTL架构可以分为两个主要组件,即转化器(Translator)和验证器(Verifier)The ProTL architecture can be divided into two main components, namely the Translator and the Verifier

转化器提供了一个编辑器,用于编辑PrCCSL语句的文本编码,并将编码存储在“.txt”文件中。实现从PrCCSL语句到STA的转化是通过使用解析器生成解析器生成工具ANTLRThe converter provides an editor for editing the text encoding of PrCCSL statements and stores the encoding in a ".txt" file. The conversion from PrCCSL sentences to STA is achieved by using the parser generation tool ANTLR

完成的.ANTLR是一种解析器生成器,通过分析一门编程语言的巴科斯范式(BNF,Backus-Naur From)语法自动构造出词法解析器。我们用BNF描述PrCCSL的语法,然后调用ANTLR生成可以分析PrCCSL语句的词法解析器。解析器读取PrCCSL语句生成抽象语法树(AST,Abstract Syntax Tree),它是具有“树”数据结构的中间形式。通过遍历AST,我们提取PrCCSL语句的信息(即,运算符和参数),并基于提取的信息匹配转化模式以生成相应的UPPAAL-SMC模型。转化提供两种转化模式。在不同模式下生成不同的输出结果:Completed. ANTLR is a parser generator that automatically constructs a lexical parser by analyzing the Backus-Naur From (BNF) grammar of a programming language. We describe the grammar of PrCCSL in BNF and then call ANTLR to generate a lexer that can parse PrCCSL sentences. The parser reads the PrCCSL statement to generate an abstract syntax tree (AST, Abstract Syntax Tree), which is an intermediate form with a "tree" data structure. By traversing the AST, we extract the information (i.e., operators and parameters) of the PrCCSL statement and match the transformation patterns to generate the corresponding UPPAAL-SMC model based on the extracted information. Conversion offers two conversion modes. Generate different output results in different modes:

(1)PrCCSL模式:转化器将PrCCSL语句转换为STA和查询语句并保存为一个.xml文件;(1) PrCCSL mode: The converter converts PrCCSL statements into STA and query statements and saves them as a .xml file;

(2)PrCCSL+System模式:转化器将PrCCSL语句转换为STA和查询语句,并使用整合器(Integrator)将导入的系统模型(“.xml”文件)和PrCCSL语句的所对应的STA集成为一个可验证的.xml文件中。(2) PrCCSL+System mode: The converter converts the PrCCSL statement into STA and query statement, and uses the Integrator to integrate the imported system model (".xml" file) and the corresponding STA of the PrCCSL statement into one in the verifiable .xml file.

验证器提供了一个用于生成UPPAAL-SMC查询语句的Query生成器和显示验证结果的界面。如图1所示.验证器通过调用UPPAAL-SMC的形式化验证引擎verifyta作为其验证后端,为转化的模型提供了验证和仿真的能力.验证器对组合的.xml文件(即整合器的输出文件)和生成的查询执行形式化验证和模拟。此外,组合模型的分析结果可以追溯到原始PrCCSL编码,即可以反映输入语句的正确性(或不正确性)。在验证过程中,如果PrCCSL语句不满足系统的需求与约束,ProTL会生成一个仿真图像,它提供诊断信息去追溯错误的根源,错误可能出现在:The validator provides a Query generator for generating UPPAAL-SMC query statements and an interface for displaying the validation results. As shown in Figure 1. The verifier provides verification and simulation capabilities for the transformed model by calling the formal verification engine verifyta of UPPAAL-SMC as its verification backend. output file) and the generated queries perform formal verification and simulation. In addition, the analysis results of the combined model can be traced back to the original PrCCSL encoding, i.e., it can reflect the correctness (or incorrectness) of the input sentence. During the verification process, if the PrCCSL statement does not meet the requirements and constraints of the system, ProTL generates a simulation image that provides diagnostic information to trace the source of the error. The error may appear in:

(1)在编辑器中,用PrCCSL所描述的需求;(1) In the editor, use the requirements described by PrCCSL;

(2)用UPPAAL-SMC对系统的行为建模生成的Net-STA模型;(2) The Net-STA model generated by modeling the behavior of the system with UPPAAL-SMC;

(3)用EAST-ADL所描述CPS系统的需求模型;(3) The demand model of the CPS system described by EAST-ADL;

(4)用EAST-ADL所描述CPS系统的架构模型。(4) The architecture model of the CPS system described by EAST-ADL.

优选地,所述EAST-ADL架构中CPS网络物理系统模型包括系统架构模型和需求模型,其中系统架构模型中系统行为用功能原型表示,所述S10之前还包括:Preferably, the CPS cyber-physical system model in the EAST-ADL architecture includes a system architecture model and a requirement model, wherein the system behavior in the system architecture model is represented by a functional prototype, and the S10 further includes:

S01网络物理系统使用EAST-ADL架构模型建模,输出系统架构模型和需求模型,由UPPAAL-SMC模型对系统架构模型的每个功能原型的连续或离散的系统行为进行建模,每个功能原型对应一个时间自动机STA模型,由此网络物理系统的系统行为被表示为Net-STA模型,将其以.xml格式保存系统模型文件。S01 cyber-physical system is modeled using EAST-ADL architecture model, output system architecture model and requirement model, continuous or discrete system behavior of each functional prototype of the system architecture model is modeled by UPPAAL-SMC model, each functional prototype Corresponding to a temporal automata STA model, the system behavior of the cyber-physical system is represented as a Net-STA model, and the system model file is saved in .xml format.

优选地,所述S10之后,所述S20之前还包括:Preferably, after the S10 and before the S20, the steps further include:

S02采用BNF语言描述PrCCSL的语法,调用解析器生成工具ANTLR,构造语法解析器。S02 uses BNF language to describe the grammar of PrCCSL, calls the parser generation tool ANTLR, and constructs the parser.

在本发明实施例中,解析器的功能是将PrCCSL语句解析为抽象语法树(AST)。然后,我们使用观察者模式遍历AST,以便我们可以重建语义并决定应该匹配哪个映射模板。构建解析器的第一步是我们需要定义ProTL输入语言的BNF语法。In the embodiment of the present invention, the function of the parser is to parse the PrCCSL statement into an abstract syntax tree (AST). We then traverse the AST using the observer pattern so that we can reconstruct the semantics and decide which mapping template should be matched. The first step in building the parser is that we need to define the BNF grammar for the ProTL input language.

根据有人提出的extend-BNF语法,我们构建PrCCSL的extend-BNF语法以解析语句。ANTLR是一个多领域解析器生成器,它结合了手动编码解析的灵活性和解析器生成器的便利性。为每个PrCCSL语句生成AST,以便遍历AST和匹配映射模模板,因此我们用Python实现观察者模式作为侦听器来遍历AST以重建PrCCSL语句的语义并匹配映射模板。观察者模式是一种软件设计模式,其中一个称为主体的对象维护其依赖者列表,称为观察者,并通常通过调用其中一种方法自动通知它们任何状态变化。监听器能够响应特定的规则进入和退出事件(即识别某些短语),其分别在开始和完成对节点的访问时由AST遍历触发。例:对如下PrCCSL进行解析,{supctrl clockDef periodicOn c1period 50;}语句的AST。Based on the proposed extend-BNF grammar, we construct the extend-BNF grammar of PrCCSL to parse sentences. ANTLR is a multi-domain parser generator that combines the flexibility of hand-coded parsing with the convenience of a parser generator. An AST is generated for each PrCCSL statement in order to traverse the AST and match the map template, so we implement the observer pattern in Python as a listener to traverse the AST to reconstruct the semantics of the PrCCSL statement and match the map template. The Observer pattern is a software design pattern in which an object called a principal maintains a list of its dependencies, called observers, and automatically notifies them of any state changes, usually by calling one of its methods. Listeners are capable of responding to specific rule entry and exit events (ie, recognizing certain phrases), which are triggered by AST traversal when starting and completing a visit to a node, respectively. Example: parse the following PrCCSL, the AST of the {supctrl clockDef periodicOn c1period 50;} statement.

当ProTL将该语句解析为AST时,监听器调用exitPara()函数来匹配para规则并记录<Int>=50,exitCe()函数匹配第一个ce规则并记录<Clock>=c1,和exitEr()函数匹配第四个cr规则并记录<Clock>=supctrl。因此该语句可以匹配periodicOn映射模板,其中参数是一个新的Clock suptrcl,base Clock c1和period是50以生成相关的随机自动机模型。When ProTL parses the statement into AST, the listener calls the exitPara() function to match the para rule and records <Int>=50, the exitCe() function matches the first ce rule and records <Clock>=c1, and exitEr( ) function matches the fourth cr rule and records <Clock>=supctrl. So this statement can match the periodicOn mapping template, where the arguments are a new Clock suptrcl, base Clock c1 and period is 50 to generate the associated random automaton model.

优选地,所述S20之后,所述S30之前还包括:Preferably, after the S20 and before the S30, the steps further include:

S03检查抽象语法树AST是否有语法错误,若没有,则进入S30,若有,则返回S10。S03 checks whether the abstract syntax tree AST has grammatical errors, if not, enter S30, if so, return to S10.

优选地,转化模式包括PrCCSL模式和PrCCSL+System模式,所述30中将STAs模型以.xml格式保存为STAs文件的步骤包括:Preferably, the conversion mode includes PrCCSL mode and PrCCSL+System mode, and the step of saving the STAs model as a STAs file in the .xml format in described 30 includes:

S301将STAs模型输入转化器,以获取用户形式化验证需求;S301 Input the STAs model into the converter to obtain the user's formal verification requirements;

S302若获取到用户验证需求,则选择PrCCSL+System模式,将STAs模型输入整合器以集成网络物理系统的系统行为模型,将整合器的输出结果采用.xml格式保存为可验证的STAs文件;若未获取到用户验证需求,则选择PrCCSL模式,将STAs模型以.xml格式保存为STAs文件。S302 If the user verification requirement is obtained, select the PrCCSL+System mode, input the STAs model into the integrator to integrate the system behavior model of the cyber-physical system, and save the output result of the integrator as a verifiable STAs file in .xml format; if If the user authentication requirements are not obtained, select the PrCCSL mode and save the STAs model as a STAs file in .xml format.

在本发明实施例中,ProTL提供两种转换模式,在不同模式下生成不同的输出结果。PrCCSL模式::ProTL将输入的PrCCSL语句转换为STAs和查询语句,生成的模型保存为可被UPPAAL-SMC识别的.xml文件,其包含所有生成的STAs和查询语句。In the embodiment of the present invention, ProTL provides two conversion modes, and different output results are generated in different modes. PrCCSL mode: ProTL converts the input PrCCSL statements into STAs and query statements, and the generated model is saved as an .xml file that can be recognized by UPPAAL-SMC, which contains all the generated STAs and query statements.

PrCCSL+System模式:ProTL将系统模型(由用户提供)与输入的PrCCSL语句所生成的STAs和查询语句自动集成为一个.xml文件,然后用户点击Verify按钮,ProTL会形式化验证系统模型是否满足其功能性及非功能性需求,并输出反馈信息。PrCCSL+System mode: ProTL automatically integrates the system model (provided by the user) with the STAs and query statements generated by the input PrCCSL statement into a .xml file, and then the user clicks the Verify button, and ProTL formally verifies whether the system model satisfies its requirements. Functional and non-functional requirements, and output feedback information.

优选地,所述根据关键信息的内容给每条关系或表达式语句匹配的相应模板包括关系模板和表达模板,关系模板包括等同、互斥、子时钟、因果、优先关系模板,表达模板包括条件、延迟、过滤、下确界、上确界、周期、交集、并集表达模板。Preferably, the corresponding templates matched to each relation or expression statement according to the content of the key information include relation templates and expression templates, the relation templates include equality, mutual exclusion, sub-clock, causality, and priority relation templates, and the expression templates include conditional , delay, filter, infimum, supremum, period, intersection, union expression templates.

优选地,所述查询语句包括假设检验、概率估计、仿真、期望值和概率比较五种查询语句,所述Query生成器至少包括以上五种查询语句及其配置参数。Preferably, the query statement includes five query statements, namely hypothesis testing, probability estimation, simulation, expected value and probability comparison, and the Query generator includes at least the above five query statements and configuration parameters thereof.

在本发明实施例中,本明至少生成假设检验(Hypothesis Testing)、概率估计(Probability Estimation)、仿真(Simulations)、期望值(Expected Value)、概率比较(Probability Comparison)五种查询语句,用于对系统的需求做形式化验证和系统仿真。In this embodiment of the present invention, the present invention generates at least five query statements: Hypothesis Testing, Probability Estimation, Simulations, Expected Value, and Probability Comparison System requirements for formal verification and system simulation.

优选地,所述网络物理系统CPS的需求模型包括功能需求模型和非功能性需求模型,所述S10的方法具体为:将网络物理系统CPS的功能需求使用PrCCSL语言的互斥、等同和子时钟三种关系或表达式语句表示;将网络物理系统CPS的非功能性需求使用PrCCSL语言的优先和因果两种关系或表达式语句所表示。Preferably, the demand model of the cyber-physical system CPS includes a functional demand model and a non-functional demand model, and the method of S10 is specifically: using the mutual exclusion, equivalence and sub-clock three of the PrCCSL language for the functional demand of the cyber-physical system CPS The non-functional requirements of the cyber-physical system CPS are expressed by the priority and causal relations or expression statements of the PrCCSL language.

优选地,还包括S60在Python中调用XML DOM以解析.xml文件从而生成STA模型,采用Python内置的图形开发界面的库Tkinter为每种PrCCSL语句实现映射模板。Preferably, it also includes S60 calling XML DOM in Python to parse the .xml file to generate the STA model, and using Tkinter, a library of built-in graphical development interface in Python, to implement a mapping template for each PrCCSL statement.

在本发明实施例中,实操实例:In the embodiment of the present invention, the practical example:

1、表示Template1. Represents Template

UPPAAL-SMC模型中的模板Template代表一个STA,它有两个属性:Name和Parameter。将其属性的.xml文件的源代码映射为其属性的Python源代码。我们首先创建Template节点并将其插入到.xml文件的根目录中。然后我们创建一个Name节点并赋值为ITE以表示STA中的Template Name。创建带有一个Text节点的para节点,表示STA中的Parameter。Location是STA的基本元素,它有三个基本属性:x,y和id。Template Template in the UPPAAL-SMC model represents an STA, which has two properties: Name and Parameter. Maps the source code of the .xml file of its properties to the Python source code of its properties. We start by creating the Template node and inserting it into the root of the .xml file. Then we create a Name node and assign it to ITE to represent the Template Name in STA. Create a para node with a Text node representing the Parameter in STA. Location is the basic element of STA, it has three basic properties: x, y and id.

2、表示Location2. Indicates Location

Location是STA的基本元素。它有三个基本属性:x,y和id。属性Name是可选的,我们创建一个Location节点,并对属性x,y,id赋值。如果Location是committed,我们需要创建一个名为committed的节点并将其插入Location节点之下。然后创建init节点来表示初始Location。Location is the basic element of STA. It has three basic properties: x, y and id. The attribute Name is optional, we create a Location node and assign values to the attributes x, y, and id. If the Location is committed, we need to create a node named committed and insert it below the Location node. Then create an init node to represent the initial Location.

3、表示Transition3. Represents Transition

Transition有Source Location,target location和label。label有三种类型:synchronization,assignment,guard,对于每个Transition,我们首先创建一个Transition节点,然后设置其source Location和target Location的ID。对于不同类型的Label,创建一个Label节点并设置x,y,kind属性。Transtion也可能包含nail属性,我们构建一个带有位置信息的nail节点来表示它。Transition has Source Location, target location and label. There are three types of label: synchronization, assignment, guard. For each Transition, we first create a Transition node, and then set the ID of its source Location and target Location. For different types of Labels, create a Label node and set the x,y,kind properties. Transtion may also contain a nail attribute, we construct a nail node with position information to represent it.

以类似的方式,我们可以实现所有的映射模板。In a similar way, we can implement all mapping templates.

在本发明实施例中,本发明的Query生成器通过Python内置的图形开发界面的库Tkinter开发,提供了一组用户友好功能,包括可自定义配置参数的查询语句、分析结果的可视化数据图像,及通过验证失败生成反例来提供诊断信息,以帮助用户找到问题所在。Tkinter是Python的一个标准GUI(图形用户界面)包,我们使用Tkinter设计ProTL的GUI界面。In the embodiment of the present invention, the Query generator of the present invention is developed by Tkinter, a library of built-in graphical development interface in Python, and provides a set of user-friendly functions, including a query statement with customizable configuration parameters, and a visual data image of the analysis result, And generate counter-examples through validation failures to provide diagnostic information to help users find the problem. Tkinter is a standard GUI (Graphical User Interface) package for Python, we use Tkinter to design the GUI interface of ProTL.

本发明还公开了一种基于UPPAAL-SMC对网络物理系统需求做形式化验证工具,用于实现上述方法,其包括:The invention also discloses a formal verification tool for network physical system requirements based on UPPAAL-SMC, which is used to realize the above method, which includes:

系统建模模块,用于网络物理系统使用EAST-ADL架构模型建模,输出系统架构模型和需求模型,由UPPAAL-SMC模型对系统架构模型的每个功能原型的连续或离散的系统行为进行建模,每个功能原型对应一个时间自动机STA模型,由此网络物理系统的系统行为被表示为Net-STA模型,将其以.xml格式保存系统模型文件;System modeling module for cyber-physical system modeling using EAST-ADL architecture model, output system architecture model and requirement model, continuous or discrete system behavior of each functional prototype of the system architecture model is modeled by UPPAAL-SMC model. Each functional prototype corresponds to a time automaton STA model, so the system behavior of the cyber-physical system is represented as a Net-STA model, which is saved in the .xml format as a system model file;

表示模块,用于在概率性时钟约束规范语言转化器ProTL的编辑器中使用概率性时钟约束规范语言PrCCSL形式化表示EAST-ADL架构模型中网络物理系统CPS的需求模型,生成PrCCSL语句;The presentation module is used to formally represent the requirement model of the cyber-physical system CPS in the EAST-ADL architecture model using the probabilistic clock constraint specification language PrCCSL in the editor of the probabilistic clock constraint specification language converter ProTL, and generate the PrCCSL statement;

构造模块,用于采用BNF语言描述PrCCSL的语法,调用解析器生成工具ANTLR,构造PrCCSL语言的语法解析器;The construction module is used to describe the grammar of PrCCSL using the BNF language, call the parser generation tool ANTLR, and construct the grammar parser of the PrCCSL language;

解析模块,用于将PrCCSL语句输入语法解析器,解析生成抽象语法树AST;The parsing module is used to input the PrCCSL statement into the parser, and parse to generate the abstract syntax tree AST;

语法检查模块,用于检查抽象语法树AST是否有语法错误,若没有,则进入生成模块,若有,则返回表示模块;The grammar check module is used to check whether the abstract syntax tree AST has any grammar errors. If not, it will enter the generation module. If there is, it will return to the representation module;

生成模块,用于遍历抽象语法树AST提取PrCCSL语句中每条关系或表达式语句的关键信息,根据关键信息的内容给每条关系或表达式语句匹配相应模板生成STA模型及其查询语句,由数个STA模型生成STAs模型,将STAs模型以.xml格式保存为STAs文件,查询语句生成Query生成器,所述生成模块中包括模式转化子模块,用于将STAs模型输入转化器,以获取用户形式化验证需求,若获取到用户验证需求,则选择PrCCSL+System模式,将STAs模型输入整合器以集成网络物理系统的系统行为模型和STAs模型,将整合器的输出结果采用.xml格式保存为可验证的STAs文件;若未获取到用户验证需求,则选择PrCCSL模式,将STAs模型以.xml格式保存为STAs文件;The generation module is used to traverse the abstract syntax tree AST to extract the key information of each relationship or expression statement in the PrCCSL statement, and match the corresponding template for each relationship or expression statement according to the content of the key information to generate the STA model and its query statement. Several STA models generate STAs models, save the STAs models as STAs files in .xml format, and generate Query generators for query statements. The generation module includes a mode conversion sub-module for inputting the STAs models into the converter to obtain user Formal verification requirements, if the user verification requirements are obtained, select the PrCCSL+System mode, input the STAs model into the integrator to integrate the system behavior model and the STAs model of the cyber-physical system, and save the output of the integrator in .xml format as Verifiable STAs file; if user authentication requirements are not obtained, select PrCCSL mode and save the STAs model as a STAs file in .xml format;

整合模块,用于将STAs文件输入整合器,集成网络物理系统的系统行为模型,输出可验证的Net-STA模型;The integration module is used to input the STAs file into the integrator, integrate the system behavior model of the cyber-physical system, and output a verifiable Net-STA model;

验证执行模块,用于可验证的Net-STA模型导入验证器,调用UPPAAL-SMC模型的形式化验证引擎Verifyta,;Query生成器输出当前查询验证语句至Verifyta,启动Verifyta执行形式化验证。The verification execution module is used to import the verifiable Net-STA model into the verifier, and call the formal verification engine Verifyta of the UPPAAL-SMC model; the Query generator outputs the current query verification statement to Verifyta, and starts Verifyta to perform formal verification.

以上所述仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是在本发明的发明构思下,利用本发明说明书及附图内容所作的等效结构变换,或直接/间接运用在其他相关的技术领域均包括在本发明的专利保护范围内。The above descriptions are only the preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Under the inventive concept of the present invention, the equivalent structural transformations made by the contents of the description and drawings of the present invention, or the direct/indirect application Other related technical fields are included in the scope of patent protection of the present invention.

Claims (10)

1. doing formalization verification method to network physical system requirements based on UPPAAL-SMC, which is characterized in that including walking as follows It is rapid:
S10 uses probability time constraints specification normative language PrCCSL formalization representation network physical system CPS's in editing machine The demand model of EAST-ADL generates PrCCSL sentence;
PrCCSL input by sentence grammar parser, parsing are generated abstract syntax tree AST by S20;
S30 ergodic abstract syntax tree AST extracts the key message of every relationship or expression statement in PrCCSL sentence, according to pass The content of key information generates STA model and its query statement to every relationship or expression statement matching corresponding template, by several STA model generates STAs model, STAs model is saved as STAs file with .xml format, query statement generates Query and generates Device;
STAs file is inputted integrator by S40, and the system action model of integrated network physical system exports the Net- that can verify that STA model;
The Net-STA model that S50 can verify that imports validator, calls the Formal Verification engine of UPPAAL-SMC model Verifyta,;Query generator exports current queries and verifies sentence to Verifyta, starts Verifyta and executes form chemical examination Card.
2. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is that CPS network physical system model includes system architecture model and demand model in the EAST-ADL framework, wherein being System action is indicated with Function Prototypes in system framework model, before the S10 further include:
S01 network physical system is modeled using EAST-ADL framework model, output system framework model and demand model, by UPPAAL-SMC model models the continuous or discrete system action of each Function Prototypes of system architecture model, each Function Prototypes correspond to a Timed Automata STA model, and thus the system action of network physical system is represented as Net-STA mould Type is protected and saves as system model file with .xml format.
3. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is, after the S10, before the S20 further include:
S02 uses the grammer of BNF language description PrCCSL, calls resolver Core Generator ANTLR, constructs grammar parser.
4. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is, after the S20, before the S30 further include:
S03 checks whether abstract syntax tree AST has syntax error, if not having, enters S30, if so, then returning to S10.
5. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is, transformation mode includes PrCCSL mode and PrCCSL+System mode, by STAs model with .xml format in described 30 The step of saving as STAs file include:
S301 is by STAs mode input converter, to obtain user's Formal Verification demand;
If S302 gets user's checking demand, PrCCSL+System mode is selected, by STAs mode input integrator to collect At the system action model of network physical system, the output result of integrator is saved as into the STAs that can verify that using .xml format File;If user's checking demand has not been obtained, PrCCSL mode is selected, STAs model is saved as into STAs text with .xml format Part.
6. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is that the content according to key message includes relationship templates to every relationship or the matched corresponding template of expression statement And expression templates.
7. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is that the query statement comprises provide that inspection, probability Estimation, emulation, desired value and probability compare five kinds of query statements, institute Query generator is stated including at least above five kinds of query statements and its configuration parameter.
8. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is, the demand model of the network physical system CPS includes functional requirement model and non-functional requirement model, described The method of S10 specifically: mutual exclusion, equivalent and sub-clock by the functional requirement of network physical system CPS using PrCCSL language Three kinds of relationships or expression statement indicate;The non-functional requirement of network physical system CPS is used into the preferential of PrCCSL language With represented by two kinds of relationships of cause and effect or expression statement.
9. formalization verification method is done to network physical system requirements based on UPPAAL-SMC as described in claim 1, it is special Sign is, further include S60 in Python call XML DOM to parse .xml file to generate STA model, using Python The library Tkinter at built-in graphical development interface is that every kind of PrCCSL sentence realizes mapping template.
10. one kind makees Formal Verification tool to network physical system requirements based on UPPAAL-SMC characterized by comprising
System modeling module is modeled for network physical system using EAST-ADL framework model, output system framework model and Demand model, by UPPAAL-SMC model to the continuous or discrete system actions of each Function Prototypes of system architecture model into Row modeling, the corresponding Timed Automata STA model of each Function Prototypes, thus the system action of network physical system is expressed For Net-STA model, it is saved as into system model file with .xml format;
Representation module, for using probability time constraints specification normative language PrCCSL formalization representation EAST-ADL in editing machine The demand model of network physical system CPS in framework model generates PrCCSL sentence;
Constructing module calls resolver Core Generator ANTLR, construction for the grammer using BNF language description PrCCSL The grammar parser of PrCCSL language;
Parsing module, for by PrCCSL input by sentence grammar parser, parsing to generate abstract syntax tree AST;
Syntax check module, if not having, enters generation module for checking whether abstract syntax tree AST has syntax error, if Have, then returns to representation module;
Generation module extracts every relationship or the key of expression statement in PrCCSL sentence for ergodic abstract syntax tree AST Information generates STA model and its inquiry to every relationship or expression statement matching corresponding template according to the content of key message Sentence generates STAs model by several STA models, STAs model is saved as STAs file with .xml format, query statement is raw Include that mode converts submodule at Query generator, in the generation module, is used for by STAs mode input converter, to obtain Family Formal Verification demand is taken, if getting user's checking demand, selects PrCCSL+System mode, by STAs model Integrator is inputted with the system action model and STAs model of integrated network physical system, the output result of integrator is used .xml format saves as the STAs file that can verify that;If user's checking demand has not been obtained, PrCCSL mode is selected, by STAs Model saves as STAs file with .xml format;
Module is integrated, for STAs file to be inputted integrator, the system action model of integrated network physical system, output can be tested The Net-STA model of card;
Execution module is verified, the Net-STA model for can verify that imports validator, calls the formalization of UPPAAL-SMC model Validation engine Verifyta,;Query generator exports current queries and verifies sentence to Verifyta, starts Verifyta and executes Formal Verification.
CN201910186342.XA 2019-03-12 2019-03-12 One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC Pending CN109976712A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910186342.XA CN109976712A (en) 2019-03-12 2019-03-12 One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910186342.XA CN109976712A (en) 2019-03-12 2019-03-12 One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC

Publications (1)

Publication Number Publication Date
CN109976712A true CN109976712A (en) 2019-07-05

Family

ID=67078657

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910186342.XA Pending CN109976712A (en) 2019-03-12 2019-03-12 One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC

Country Status (1)

Country Link
CN (1) CN109976712A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111176614A (en) * 2019-12-26 2020-05-19 南京航空航天大学 Method for generating and analyzing VRM formalized demand model
CN111722539A (en) * 2020-06-03 2020-09-29 西安交通大学 A Temporal Automata-Based Modeling Method for Digital Twin Manufacturing Cell Behavior
CN112068805A (en) * 2020-09-02 2020-12-11 中国航空无线电电子研究所 Demand development method
CN112163343A (en) * 2020-10-10 2021-01-01 首都师范大学 Ptollemy discrete event model formal verification method based on model translation
CN112416336A (en) * 2020-11-11 2021-02-26 北京京航计算通讯研究所 Software architecture design method for aerospace embedded system
CN112416337A (en) * 2020-11-11 2021-02-26 北京京航计算通讯研究所 Software architecture development system for aerospace embedded system
CN114356283A (en) * 2021-12-23 2022-04-15 华东师范大学 Method and system for detecting and positioning real-time inconsistency of CPS (control Performance Standard) requirements
CN119397969A (en) * 2024-12-31 2025-02-07 北京开源芯片研究院 Bus verification method, device, electronic equipment and readable storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009251762A (en) * 2008-04-02 2009-10-29 Hitachi Ltd Debugger device, debugging method, and program
CN102567163A (en) * 2011-12-16 2012-07-11 华东师范大学 Method for identifying cooperative behaviors of components of real-time embedded system based on UPPAAL tool
CN103065000A (en) * 2012-12-11 2013-04-24 南京大学 MDE (model driven engineering)-based method for analyzing and verifying SysML state machine diagram
CN103140838A (en) * 2010-10-27 2013-06-05 株式会社日立制作所 Method of converting source code and source code conversion program
CN103257911A (en) * 2012-02-15 2013-08-21 上海大学 SOA (service-oriented architecture) based model testing tool integrating method
CN103678834A (en) * 2014-01-07 2014-03-26 苏州大学 Modeling method and modeling device for cyber-physical system (CPS)
CN103714208A (en) * 2013-12-25 2014-04-09 西北工业大学 Method for conducting modeling through coordination of structural models and behavior models of scenario-driven CPS system
US8831926B2 (en) * 2012-05-11 2014-09-09 Dassault Systemes Simulia Corp. Verification of cyber-physical systems using optimization algorithms
US20160124827A1 (en) * 2014-10-30 2016-05-05 The Mathworks, Inc. System and method for performing model verification
CN106096126A (en) * 2016-06-08 2016-11-09 华东师范大学 A kind of modeling method of information physical emerging system based on SysML/MARTE

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009251762A (en) * 2008-04-02 2009-10-29 Hitachi Ltd Debugger device, debugging method, and program
CN103140838A (en) * 2010-10-27 2013-06-05 株式会社日立制作所 Method of converting source code and source code conversion program
CN102567163A (en) * 2011-12-16 2012-07-11 华东师范大学 Method for identifying cooperative behaviors of components of real-time embedded system based on UPPAAL tool
CN103257911A (en) * 2012-02-15 2013-08-21 上海大学 SOA (service-oriented architecture) based model testing tool integrating method
US8831926B2 (en) * 2012-05-11 2014-09-09 Dassault Systemes Simulia Corp. Verification of cyber-physical systems using optimization algorithms
CN103065000A (en) * 2012-12-11 2013-04-24 南京大学 MDE (model driven engineering)-based method for analyzing and verifying SysML state machine diagram
CN103714208A (en) * 2013-12-25 2014-04-09 西北工业大学 Method for conducting modeling through coordination of structural models and behavior models of scenario-driven CPS system
CN103678834A (en) * 2014-01-07 2014-03-26 苏州大学 Modeling method and modeling device for cyber-physical system (CPS)
US20160124827A1 (en) * 2014-10-30 2016-05-05 The Mathworks, Inc. System and method for performing model verification
CN106096126A (en) * 2016-06-08 2016-11-09 华东师范大学 A kind of modeling method of information physical emerging system based on SysML/MARTE

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
A. DAVID: "UPPAAL-SMC tutorial", 《INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER》 *
EUN-YOUNG KANG: "Probabilistic Verification of Timing Constraints in Automotive Systems Using UPPAAL-SMC", 《INTERNATIONAL CONFERENCE ON INTEGRATED FORMAL METHODS》 *
EUN-YOUNG KANG: "Statistical analysis of energy-aware real-time automotive systems in EAST-ADL/Stateflow", 《2016 IEEE 11TH CONFERENCE ON INDUSTRIAL ELECTRONICS AND APPLICATIONS (ICIEA)》 *
JAGADISH SURYADEVARA: "Validating EAST-ADL Timing Constraints Using UPPAAL", 《2013 39TH EUROMICRO CONFERENCE ON SOFTWARE ENGINEERING AND ADVANCED APPLICATIONS》 *
程贝: "基于抽象和学习的统计模型检测研究", 《中国优秀硕士学位论文全文数据库 基础科学辑》 *
黄平: "基于SysML/MARTE/pCCSL的信息物理融合系统建模方法研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111176614A (en) * 2019-12-26 2020-05-19 南京航空航天大学 Method for generating and analyzing VRM formalized demand model
CN111722539A (en) * 2020-06-03 2020-09-29 西安交通大学 A Temporal Automata-Based Modeling Method for Digital Twin Manufacturing Cell Behavior
CN111722539B (en) * 2020-06-03 2021-05-28 西安交通大学 A Temporal Automata-Based Modeling Method for Digital Twin Manufacturing Cell Behavior
CN112068805A (en) * 2020-09-02 2020-12-11 中国航空无线电电子研究所 Demand development method
CN112068805B (en) * 2020-09-02 2024-05-03 中国航空无线电电子研究所 Demand development method
CN112163343A (en) * 2020-10-10 2021-01-01 首都师范大学 Ptollemy discrete event model formal verification method based on model translation
CN112416336A (en) * 2020-11-11 2021-02-26 北京京航计算通讯研究所 Software architecture design method for aerospace embedded system
CN112416337A (en) * 2020-11-11 2021-02-26 北京京航计算通讯研究所 Software architecture development system for aerospace embedded system
CN112416336B (en) * 2020-11-11 2023-04-28 北京京航计算通讯研究所 Software architecture design method for aerospace embedded system
CN112416337B (en) * 2020-11-11 2023-05-02 北京京航计算通讯研究所 Software architecture development system for aerospace embedded system
CN114356283A (en) * 2021-12-23 2022-04-15 华东师范大学 Method and system for detecting and positioning real-time inconsistency of CPS (control Performance Standard) requirements
CN119397969A (en) * 2024-12-31 2025-02-07 北京开源芯片研究院 Bus verification method, device, electronic equipment and readable storage medium

Similar Documents

Publication Publication Date Title
CN109976712A (en) One kind doing formalization verification method to network physical system requirements based on UPPAAL-SMC
Uchitel et al. Synthesis of behavioral models from scenarios
Uchitel et al. A workbench for synthesising behaviour models from scenarios
Harel et al. Meaningful modeling: what's the semantics of" semantics"?
CN104391934B (en) Data verification method and device
CA2713247C (en) Integration environment generator
KR101770292B1 (en) Computer-executable model reverse engineering method and apparatus performing the same
US7721252B2 (en) Apparatus and method for product-line architecture description and verification
CN104965956A (en) RUCM based demand verification method
Zhao et al. Towards formal verification of UML diagrams based on graph transformation
CN107273143A (en) A Software Engineering Design Method Based on Xtext-Specific Domain Language
CN118605848A (en) A method and device for constructing a simulation system based on a neutral simulation language
Schmidt et al. Automatic generation of thread communication graphs from SystemC source code
CN118573738A (en) Industrial control protocol configuration method, device, computer equipment and storage medium
Gheyi et al. Automatically Checking Feature Model Refactorings.
dos Santos et al. Verifying object-based graph grammars
Balsamo et al. Software performance: state of the art and perspectives
CN114428788B (en) Natural language processing method, device, equipment and storage medium
Zhu et al. A novel approach to generate the property for web service verification from threat-driven model
McInnes et al. Formalizing functional flow block diagrams using process algebra and metamodels
Zhang An Approach for Extracting UML Diagram from Object-Oriented Program Based on J2X
Dauphin et al. Specification-driven performance monitoring of SDL/MSC-specified protocols
CN112667202A (en) Software design method and device combining MDA (model-driven architecture) and BPMN (Business Process management)
Bezdeka et al. Sequence chart studio
Jnanamurthy et al. Formal specification at model-level of model-driven engineering using modelling techniques

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned
AD01 Patent right deemed abandoned

Effective date of abandoning: 20220909