Verifying MITL formulae on Timed Automata considering a Continuous Time Semantics

TL;DR

This paper introduces a flexible and customizable model checking technique for full MITL properties on Timed Automata, using an intermediate logic that supports new semantics and solver independence.

Contribution

It presents a novel translation-based approach that enables verification of MITL on TA with support for new constructs and semantics, overcoming limitations of existing tools.

Findings

Supports full MITL verification on Timed Automata.

Allows easy addition of new TA constructs and semantics.

Enables use of different solvers for verification.

Abstract

Timed Automata (TA) is de facto a standard modelling formalism to represent systems when the interest is the analysis of their behaviour as time progresses. This modelling formalism is mostly used for checking whether the behaviours of a system satisfy a set of properties of interest. Even if efficient model-checkers for Timed Automata exist, these tools are not easily configurable. First, they are not designed to easily allow adding new Timed Automata constructs, such as new synchronization mechanisms or communication procedures, but they assume a fixed set of Timed Automata constructs. Second, they usually do not support the full Metric Interval Temporal Logic (MITL) and rely on a precise semantics for the logic in which the property of interest is specified which cannot be easily modified and customized. Finally, they do not easily allow using different solvers that may speed up verification in different contexts. This paper presents a novel technique to perform model checking of full Metric Interval Temporal Logic (MITL) properties on TA. The technique relies on the translation of both the TA and the MITL formula into an intermediate Constraint LTL over clocks (CLTLoc) formula which is verified through an available decision procedure. The technique is flexible since the intermediate logic allows the encoding of new semantics as well as new TA constructs, by just adding new CLTLoc formulae. Furthermore, our technique is not bound to a specific solver as the intermediate CLTLoc formula can be verified using different procedures.