Browse Source
Currently debugging the computation of transient probabilities in CTMCs.
Currently debugging the computation of transient probabilities in CTMCs.
Former-commit-id: 6671e0205d
tempestpy_adaptions
dehnert
10 years ago
19 changed files with 571 additions and 46 deletions
-
116examples/ctmc/cluster/cluster.sm
-
151examples/ctmc/embedded/embedded.sm
-
33examples/ctmc/embedded/embedded_debug.sm
-
51examples/ctmc/polling/polling2.sm
-
66examples/ctmc/polling/polling5.sm
-
4examples/ctmc/tiny/tiny.sm
-
4src/logic/BinaryPathFormula.cpp
-
1src/logic/BinaryPathFormula.h
-
4src/logic/BinaryStateFormula.cpp
-
1src/logic/BinaryStateFormula.h
-
4src/logic/ProbabilityOperatorFormula.cpp
-
1src/logic/ProbabilityOperatorFormula.h
-
103src/modelchecker/csl/SparseCtmcCslModelChecker.cpp
-
29src/parser/FormulaParser.cpp
-
9src/parser/FormulaParser.h
-
2src/settings/modules/GeneralSettings.cpp
-
8src/storage/SparseMatrix.cpp
-
3src/storage/SparseMatrix.h
-
27src/utility/numerical.h
@ -0,0 +1,116 @@ |
|||||
|
// Workstation cluster [HHK00] |
||||
|
// dxp/gxn 11/01/00 |
||||
|
|
||||
|
ctmc |
||||
|
|
||||
|
const int N; // Number of workstations in each cluster |
||||
|
const int left_mx = N; // Number of work stations in left cluster |
||||
|
const int right_mx = N; // Number of work stations in right cluster |
||||
|
|
||||
|
// Failure rates |
||||
|
const double ws_fail = 1/500; // Single workstation: average time to fail = 500 hrs |
||||
|
const double switch_fail = 1/4000; // Switch: average time to fail = 4000 hrs |
||||
|
const double line_fail = 1/5000; // Backbone: average time to fail = 5000 hrs |
||||
|
|
||||
|
// Left cluster |
||||
|
module Left |
||||
|
|
||||
|
left_n : [0..left_mx] init left_mx; // Number of workstations operational |
||||
|
left : bool; // Being repaired? |
||||
|
|
||||
|
[startLeft] !left & (left_n<left_mx) -> 1 : (left'=true); |
||||
|
[repairLeft] left & (left_n<left_mx) -> 1 : (left'=false) & (left_n'=left_n+1); |
||||
|
[] (left_n>0) -> ws_fail*left_n : (left_n'=left_n-1); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// Right cluster |
||||
|
module Right = Left[left_n=right_n, |
||||
|
left=right, |
||||
|
left_mx=right_mx, |
||||
|
startLeft=startRight, |
||||
|
repairLeft=repairRight ] |
||||
|
endmodule |
||||
|
|
||||
|
// Repair unit |
||||
|
module Repairman |
||||
|
|
||||
|
r : bool; // Repairing? |
||||
|
|
||||
|
[startLeft] !r -> 10 : (r'=true); // Inspect Left |
||||
|
[startRight] !r -> 10 : (r'=true); // Inspect Right |
||||
|
[startToLeft] !r -> 10 : (r'=true); // Inspect ToLeft |
||||
|
[startToRight] !r -> 10 : (r'=true); // Inspect ToRight |
||||
|
[startLine] !r -> 10 : (r'=true); // Inspect Line |
||||
|
|
||||
|
[repairLeft] r -> 2 : (r'=false); // Repair Left |
||||
|
[repairRight] r -> 2 : (r'=false); // Repair Right |
||||
|
[repairToLeft] r -> 0.25 : (r'=false); // Repair ToLeft |
||||
|
[repairToRight] r -> 0.25 : (r'=false); // Repair ToRight |
||||
|
[repairLine] r -> 0.125 : (r'=false); // Repair Line |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// Line/backbone |
||||
|
module Line |
||||
|
|
||||
|
line : bool; // Being repaired? |
||||
|
line_n : bool init true; // Working? |
||||
|
|
||||
|
[startLine] !line & !line_n -> 1 : (line'=true); |
||||
|
[repairLine] line & !line_n -> 1 : (line'=false) & (line_n'=true); |
||||
|
[] line_n -> line_fail : (line_n'=false); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// Left switch |
||||
|
module ToLeft = Line[line=toleft, |
||||
|
line_n=toleft_n, |
||||
|
line_fail=switch_fail, |
||||
|
startLine=startToLeft, |
||||
|
repairLine=repairToLeft ] |
||||
|
endmodule |
||||
|
|
||||
|
// Right switch |
||||
|
module ToRight = Line[line=toright, |
||||
|
line_n=toright_n, |
||||
|
line_fail=switch_fail, |
||||
|
startLine=startToRight, |
||||
|
repairLine=repairToRight ] |
||||
|
endmodule |
||||
|
|
||||
|
// Formulas + labels |
||||
|
|
||||
|
// Minimum QoS requires 3/4 connected workstations operational |
||||
|
const int k = floor(0.75*N); |
||||
|
// left_operational_i : left_n>=i & toleft_n |
||||
|
// right_operational_i : right_n>=i & toright_n |
||||
|
// operational_i : (left_n+right_n)>=i & toleft_n & line_n & toright_n |
||||
|
// minimum_k : left_operational_k | right_operational_k | operational_k |
||||
|
formula minimum = (left_n>=k & toleft_n) | |
||||
|
(right_n>=k & toright_n) | |
||||
|
((left_n+right_n)>=k & toleft_n & line_n & toright_n); |
||||
|
label "minimum" = (left_n>=k & toleft_n) | (right_n>=k & toright_n) | ((left_n+right_n)>=k & toleft_n & line_n & toright_n); |
||||
|
// premium = minimum_N |
||||
|
label "premium" = (left_n>=left_mx & toleft_n) | (right_n>=right_mx & toright_n) | ((left_n+right_n)>=left_mx & toleft_n & line_n & toright_n); |
||||
|
|
||||
|
// Reward structures |
||||
|
|
||||
|
// Percentage of operational workstations stations |
||||
|
rewards "percent_op" |
||||
|
true : 100*(left_n+right_n)/(2*N); |
||||
|
endrewards |
||||
|
|
||||
|
// Time that the system is not delivering at least minimum QoS |
||||
|
rewards "time_not_min" |
||||
|
!minimum : 1; |
||||
|
endrewards |
||||
|
|
||||
|
// Number of repairs |
||||
|
rewards "num_repairs" |
||||
|
[repairLeft] true : 1; |
||||
|
[repairRight] true : 1; |
||||
|
[repairToLeft] true : 1; |
||||
|
[repairToRight] true : 1; |
||||
|
[repairLine] true : 1; |
||||
|
endrewards |
||||
@ -0,0 +1,151 @@ |
|||||
|
ctmc |
||||
|
|
||||
|
// constants |
||||
|
const int MAX_COUNT; |
||||
|
const int MIN_SENSORS = 2; |
||||
|
const int MIN_ACTUATORS = 1; |
||||
|
|
||||
|
// rates |
||||
|
const double lambda_p = 1/(365*24*60*60); // 1 year |
||||
|
const double lambda_s = 1/(30*24*60*60); // 1 month |
||||
|
const double lambda_a = 1/(2*30*24*60*60); // 2 months |
||||
|
const double tau = 1/60; // 1 min |
||||
|
const double delta_f = 1/(24*60*60); // 1 day |
||||
|
const double delta_r = 1/30; // 30 secs |
||||
|
|
||||
|
// sensors |
||||
|
module sensors |
||||
|
|
||||
|
s : [0..3] init 3; // number of sensors working |
||||
|
|
||||
|
[] s>1 -> s*lambda_s : (s'=s-1); // failure of a single sensor |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// input processor |
||||
|
// (takes data from sensors and passes onto main processor) |
||||
|
module proci |
||||
|
|
||||
|
i : [0..2] init 2; // 2=ok, 1=transient fault, 0=failed |
||||
|
|
||||
|
[] i>0 & s>=MIN_SENSORS -> lambda_p : (i'=0); // failure of processor |
||||
|
[] i=2 & s>=MIN_SENSORS -> delta_f : (i'=1); // transient fault |
||||
|
[input_reboot] i=1 & s>=MIN_SENSORS -> delta_r : (i'=2); // reboot after transient fault |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// actuators |
||||
|
module actuators |
||||
|
|
||||
|
a : [0..2] init 2; // number of actuators working |
||||
|
|
||||
|
[] a>0 -> a*lambda_a : (a'=a-1); // failure of a single actuator |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// output processor |
||||
|
// (receives instructions from main processor and passes onto actuators) |
||||
|
module proco = proci [ i=o, s=a, input_reboot=output_reboot, MIN_SENSORS=MIN_ACTUATORS ] endmodule |
||||
|
|
||||
|
// main processor |
||||
|
// (takes data from proci, processes it, and passes instructions to proco) |
||||
|
module procm |
||||
|
|
||||
|
m : [0..1] init 1; // 1=ok, 0=failed |
||||
|
count : [0..MAX_COUNT+1] init 0; // number of consecutive skipped cycles |
||||
|
|
||||
|
// failure of processor |
||||
|
[] m=1 -> lambda_p : (m'=0); |
||||
|
// processing completed before timer expires - reset skipped cycle counter |
||||
|
[timeout] comp -> tau : (count'=0); |
||||
|
// processing not completed before timer expires - increment skipped cycle counter |
||||
|
[timeout] !comp -> tau : (count'=min(count+1, MAX_COUNT+1)); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// connecting bus |
||||
|
module bus |
||||
|
|
||||
|
// flags |
||||
|
// main processor has processed data from input processor |
||||
|
// and sent corresponding instructions to output processor (since last timeout) |
||||
|
comp : bool init true; |
||||
|
// input processor has data ready to send |
||||
|
reqi : bool init true; |
||||
|
// output processor has instructions ready to be processed |
||||
|
reqo : bool init false; |
||||
|
|
||||
|
// input processor reboots |
||||
|
[input_reboot] true -> 1 : |
||||
|
// performs a computation if has already done so or |
||||
|
// it is up and ouput clear (i.e. nothing waiting) |
||||
|
(comp'=(comp | (m=1 & !reqo))) |
||||
|
// up therefore something to process |
||||
|
& (reqi'=true) |
||||
|
// something to process if not functioning and either |
||||
|
// there is something already pending |
||||
|
// or the main processor sends a request |
||||
|
& (reqo'=!(o=2 & a>=1) & (reqo | m=1)); |
||||
|
|
||||
|
// output processor reboots |
||||
|
[output_reboot] true -> 1 : |
||||
|
// performs a computation if it has already or |
||||
|
// something waiting and is up |
||||
|
// (can be processes as the output has come up and cleared pending requests) |
||||
|
(comp'=(comp | (reqi & m=1))) |
||||
|
// something to process it they are up or |
||||
|
// there was already something and the main processor acts |
||||
|
// (output now up must be due to main processor being down) |
||||
|
& (reqi'=(i=2 & s>=2) | (reqi & m=0)) |
||||
|
// output and actuators up therefore nothing can be pending |
||||
|
& (reqo'=false); |
||||
|
|
||||
|
// main processor times out |
||||
|
[timeout] true -> 1 : |
||||
|
// performs a computation if it is up something was pending |
||||
|
// and nothing is waiting for the output |
||||
|
(comp'=(reqi & !reqo & m=1)) |
||||
|
// something to process if up or |
||||
|
// already something and main process cannot act |
||||
|
// (down or outputs pending) |
||||
|
& (reqi'=(i=2 & s>=2) | (reqi & (reqo | m=0))) |
||||
|
// something to process if they are not functioning and |
||||
|
// either something is already pending |
||||
|
// or the main processor acts |
||||
|
& (reqo'=!(o=2 & a>=1) & (reqo | (reqi & m=1))); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
|
||||
|
// the system is down |
||||
|
formula down = (i=2&s<MIN_SENSORS)|(count=MAX_COUNT+1)|(o=2&a<MIN_ACTUATORS)|(m=0); |
||||
|
// transient failure has occured but the system is not down |
||||
|
formula danger = !down & (i=1 | o=1); |
||||
|
// the system is operational |
||||
|
formula up = !down & !danger; |
||||
|
|
||||
|
|
||||
|
// reward structures |
||||
|
|
||||
|
rewards "up" |
||||
|
up : 1/3600; |
||||
|
endrewards |
||||
|
|
||||
|
rewards "danger" |
||||
|
danger : 1/3600; |
||||
|
endrewards |
||||
|
rewards "down" |
||||
|
down : 1/3600; |
||||
|
endrewards |
||||
|
|
||||
|
//labels |
||||
|
// causes of failues |
||||
|
label "fail_sensors" = i=2&s<MIN_SENSORS; // sensors have failed |
||||
|
label "fail_actuators" = o=2&a<MIN_ACTUATORS; // actuators have failed |
||||
|
label "fail_io" = count=MAX_COUNT+1; // IO has failed |
||||
|
label "fail_main" = m=0; // ,main processor has failed |
||||
|
|
||||
|
// system status |
||||
|
label "down" = (i=2&s<MIN_SENSORS)|(count=MAX_COUNT+1)|(o=2&a<MIN_ACTUATORS)|(m=0); // system has shutdown |
||||
|
label "danger" = !down & (i=1 | o=1); // transient fault has occured |
||||
|
label "up" = !down & !danger; |
||||
@ -0,0 +1,33 @@ |
|||||
|
ctmc |
||||
|
|
||||
|
// constants |
||||
|
const int MAX_COUNT; |
||||
|
const int MIN_SENSORS = 2; |
||||
|
const int MIN_ACTUATORS = 1; |
||||
|
|
||||
|
// rates |
||||
|
const double lambda_p = 1/(365*24*60*60); // 1 year |
||||
|
const double lambda_s = 1/(30*24*60*60); // 1 month |
||||
|
const double lambda_a = 1/(2*30*24*60*60); // 2 months |
||||
|
const double tau = 1/60; // 1 min |
||||
|
const double delta_f = 1/(24*60*60); // 1 day |
||||
|
const double delta_r = 1/30; // 30 secs |
||||
|
|
||||
|
// sensors |
||||
|
module sensors |
||||
|
|
||||
|
s : [0..3] init 3; // number of sensors working |
||||
|
|
||||
|
[] s>1 -> s*lambda_s : (s'=s-1); // failure of a single sensor |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// input processor |
||||
|
// (takes data from sensors and passes onto main processor) |
||||
|
module proci |
||||
|
|
||||
|
i : [0..2] init 2; // 2=ok, 1=transient fault, 0=failed |
||||
|
|
||||
|
[] i>0 & s>=MIN_SENSORS -> lambda_p : (i'=0); // failure of processor |
||||
|
|
||||
|
endmodule |
||||
@ -0,0 +1,51 @@ |
|||||
|
// polling example [IT90] |
||||
|
// gxn/dxp 26/01/00 |
||||
|
|
||||
|
ctmc |
||||
|
|
||||
|
const int N = 2; |
||||
|
|
||||
|
const double mu = 1; |
||||
|
const double gamma = 200; |
||||
|
const double lambda = mu/N; |
||||
|
|
||||
|
module server |
||||
|
|
||||
|
s : [1..2]; // station |
||||
|
a : [0..1]; // action: 0=polling, 1=serving |
||||
|
|
||||
|
[loop1a] (s=1)&(a=0) -> gamma : (s'=s+1); |
||||
|
[loop1b] (s=1)&(a=0) -> gamma : (a'=1); |
||||
|
[serve1] (s=1)&(a=1) -> mu : (s'=s+1)&(a'=0); |
||||
|
|
||||
|
[loop2a] (s=2)&(a=0) -> gamma : (s'=1); |
||||
|
[loop2b] (s=2)&(a=0) -> gamma : (a'=1); |
||||
|
[serve2] (s=2)&(a=1) -> mu : (s'=1)&(a'=0); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
module station1 |
||||
|
|
||||
|
s1 : [0..1]; // state of station: 0=empty, 1=full |
||||
|
|
||||
|
[loop1a] (s1=0) -> 1 : (s1'=0); |
||||
|
[] (s1=0) -> lambda : (s1'=1); |
||||
|
[loop1b] (s1=1) -> 1 : (s1'=1); |
||||
|
[serve1] (s1=1) -> 1 : (s1'=0); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// construct further stations through renaming |
||||
|
|
||||
|
module station2 = station1 [ s1=s2, loop1a=loop2a, loop1b=loop2b, serve1=serve2 ] endmodule |
||||
|
// (cumulative) rewards |
||||
|
|
||||
|
// expected time station 1 is waiting to be served |
||||
|
rewards "waiting" |
||||
|
s1=1 & !(s=1 & a=1) : 1; |
||||
|
endrewards |
||||
|
|
||||
|
// expected number of times station 1 is served |
||||
|
rewards "served" |
||||
|
[serve1] true : 1; |
||||
|
endrewards |
||||
@ -0,0 +1,66 @@ |
|||||
|
// polling example [IT90] |
||||
|
// gxn/dxp 26/01/00 |
||||
|
|
||||
|
ctmc |
||||
|
|
||||
|
const int N = 5; |
||||
|
|
||||
|
const double mu = 1; |
||||
|
const double gamma = 200; |
||||
|
const double lambda = mu/N; |
||||
|
|
||||
|
module server |
||||
|
|
||||
|
s : [1..5]; // station |
||||
|
a : [0..1]; // action: 0=polling, 1=serving |
||||
|
|
||||
|
[loop1a] (s=1)&(a=0) -> gamma : (s'=s+1); |
||||
|
[loop1b] (s=1)&(a=0) -> gamma : (a'=1); |
||||
|
[serve1] (s=1)&(a=1) -> mu : (s'=s+1)&(a'=0); |
||||
|
|
||||
|
[loop2a] (s=2)&(a=0) -> gamma : (s'=s+1); |
||||
|
[loop2b] (s=2)&(a=0) -> gamma : (a'=1); |
||||
|
[serve2] (s=2)&(a=1) -> mu : (s'=s+1)&(a'=0); |
||||
|
|
||||
|
[loop3a] (s=3)&(a=0) -> gamma : (s'=s+1); |
||||
|
[loop3b] (s=3)&(a=0) -> gamma : (a'=1); |
||||
|
[serve3] (s=3)&(a=1) -> mu : (s'=s+1)&(a'=0); |
||||
|
|
||||
|
[loop4a] (s=4)&(a=0) -> gamma : (s'=s+1); |
||||
|
[loop4b] (s=4)&(a=0) -> gamma : (a'=1); |
||||
|
[serve4] (s=4)&(a=1) -> mu : (s'=s+1)&(a'=0); |
||||
|
|
||||
|
[loop5a] (s=5)&(a=0) -> gamma : (s'=1); |
||||
|
[loop5b] (s=5)&(a=0) -> gamma : (a'=1); |
||||
|
[serve5] (s=5)&(a=1) -> mu : (s'=1)&(a'=0); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
module station1 |
||||
|
|
||||
|
s1 : [0..1]; // state of station: 0=empty, 1=full |
||||
|
|
||||
|
[loop1a] (s1=0) -> 1 : (s1'=0); |
||||
|
[] (s1=0) -> lambda : (s1'=1); |
||||
|
[loop1b] (s1=1) -> 1 : (s1'=1); |
||||
|
[serve1] (s1=1) -> 1 : (s1'=0); |
||||
|
|
||||
|
endmodule |
||||
|
|
||||
|
// construct further stations through renaming |
||||
|
|
||||
|
module station2 = station1 [ s1=s2, loop1a=loop2a, loop1b=loop2b, serve1=serve2 ] endmodule |
||||
|
module station3 = station1 [ s1=s3, loop1a=loop3a, loop1b=loop3b, serve1=serve3 ] endmodule |
||||
|
module station4 = station1 [ s1=s4, loop1a=loop4a, loop1b=loop4b, serve1=serve4 ] endmodule |
||||
|
module station5 = station1 [ s1=s5, loop1a=loop5a, loop1b=loop5b, serve1=serve5 ] endmodule |
||||
|
// (cumulative) rewards |
||||
|
|
||||
|
// expected time station 1 is waiting to be served |
||||
|
rewards "waiting" |
||||
|
s1=1 & !(s=1 & a=1) : 1; |
||||
|
endrewards |
||||
|
|
||||
|
// expected number of times station 1 is served |
||||
|
rewards "served" |
||||
|
[serve1] true : 1; |
||||
|
endrewards |
||||
@ -1,11 +1,11 @@ |
|||||
ctmc |
ctmc |
||||
|
|
||||
module one |
module one |
||||
s : [0 .. 3] init 1; |
|
||||
|
s : [0 .. 3] init 0; |
||||
|
|
||||
[] s<3 -> 3/2 : (s'=s+1); |
[] s<3 -> 3/2 : (s'=s+1); |
||||
[] s>0 -> 3 : (s'=s-1); |
[] s>0 -> 3 : (s'=s-1); |
||||
endmodule |
endmodule |
||||
|
|
||||
label "empty" = s=0; |
label "empty" = s=0; |
||||
label "full" = s=3; |
|
||||
|
label "full" = s=3; |
||||
Write
Preview
Loading…
Cancel
Save
Reference in new issue