Browse Source
Currently debugging the computation of transient probabilities in CTMCs.
Currently debugging the computation of transient probabilities in CTMCs.
Former-commit-id: 6671e0205d
tempestpy_adaptions
dehnert
10 years ago
19 changed files with 571 additions and 46 deletions
-
116examples/ctmc/cluster/cluster.sm
-
151examples/ctmc/embedded/embedded.sm
-
33examples/ctmc/embedded/embedded_debug.sm
-
51examples/ctmc/polling/polling2.sm
-
66examples/ctmc/polling/polling5.sm
-
2examples/ctmc/tiny/tiny.sm
-
4src/logic/BinaryPathFormula.cpp
-
1src/logic/BinaryPathFormula.h
-
4src/logic/BinaryStateFormula.cpp
-
1src/logic/BinaryStateFormula.h
-
4src/logic/ProbabilityOperatorFormula.cpp
-
1src/logic/ProbabilityOperatorFormula.h
-
99src/modelchecker/csl/SparseCtmcCslModelChecker.cpp
-
29src/parser/FormulaParser.cpp
-
9src/parser/FormulaParser.h
-
2src/settings/modules/GeneralSettings.cpp
-
8src/storage/SparseMatrix.cpp
-
3src/storage/SparseMatrix.h
-
27src/utility/numerical.h
@ -0,0 +1,116 @@ |
|||
// Workstation cluster [HHK00] |
|||
// dxp/gxn 11/01/00 |
|||
|
|||
ctmc |
|||
|
|||
const int N; // Number of workstations in each cluster |
|||
const int left_mx = N; // Number of work stations in left cluster |
|||
const int right_mx = N; // Number of work stations in right cluster |
|||
|
|||
// Failure rates |
|||
const double ws_fail = 1/500; // Single workstation: average time to fail = 500 hrs |
|||
const double switch_fail = 1/4000; // Switch: average time to fail = 4000 hrs |
|||
const double line_fail = 1/5000; // Backbone: average time to fail = 5000 hrs |
|||
|
|||
// Left cluster |
|||
module Left |
|||
|
|||
left_n : [0..left_mx] init left_mx; // Number of workstations operational |
|||
left : bool; // Being repaired? |
|||
|
|||
[startLeft] !left & (left_n<left_mx) -> 1 : (left'=true); |
|||
[repairLeft] left & (left_n<left_mx) -> 1 : (left'=false) & (left_n'=left_n+1); |
|||
[] (left_n>0) -> ws_fail*left_n : (left_n'=left_n-1); |
|||
|
|||
endmodule |
|||
|
|||
// Right cluster |
|||
module Right = Left[left_n=right_n, |
|||
left=right, |
|||
left_mx=right_mx, |
|||
startLeft=startRight, |
|||
repairLeft=repairRight ] |
|||
endmodule |
|||
|
|||
// Repair unit |
|||
module Repairman |
|||
|
|||
r : bool; // Repairing? |
|||
|
|||
[startLeft] !r -> 10 : (r'=true); // Inspect Left |
|||
[startRight] !r -> 10 : (r'=true); // Inspect Right |
|||
[startToLeft] !r -> 10 : (r'=true); // Inspect ToLeft |
|||
[startToRight] !r -> 10 : (r'=true); // Inspect ToRight |
|||
[startLine] !r -> 10 : (r'=true); // Inspect Line |
|||
|
|||
[repairLeft] r -> 2 : (r'=false); // Repair Left |
|||
[repairRight] r -> 2 : (r'=false); // Repair Right |
|||
[repairToLeft] r -> 0.25 : (r'=false); // Repair ToLeft |
|||
[repairToRight] r -> 0.25 : (r'=false); // Repair ToRight |
|||
[repairLine] r -> 0.125 : (r'=false); // Repair Line |
|||
|
|||
endmodule |
|||
|
|||
// Line/backbone |
|||
module Line |
|||
|
|||
line : bool; // Being repaired? |
|||
line_n : bool init true; // Working? |
|||
|
|||
[startLine] !line & !line_n -> 1 : (line'=true); |
|||
[repairLine] line & !line_n -> 1 : (line'=false) & (line_n'=true); |
|||
[] line_n -> line_fail : (line_n'=false); |
|||
|
|||
endmodule |
|||
|
|||
// Left switch |
|||
module ToLeft = Line[line=toleft, |
|||
line_n=toleft_n, |
|||
line_fail=switch_fail, |
|||
startLine=startToLeft, |
|||
repairLine=repairToLeft ] |
|||
endmodule |
|||
|
|||
// Right switch |
|||
module ToRight = Line[line=toright, |
|||
line_n=toright_n, |
|||
line_fail=switch_fail, |
|||
startLine=startToRight, |
|||
repairLine=repairToRight ] |
|||
endmodule |
|||
|
|||
// Formulas + labels |
|||
|
|||
// Minimum QoS requires 3/4 connected workstations operational |
|||
const int k = floor(0.75*N); |
|||
// left_operational_i : left_n>=i & toleft_n |
|||
// right_operational_i : right_n>=i & toright_n |
|||
// operational_i : (left_n+right_n)>=i & toleft_n & line_n & toright_n |
|||
// minimum_k : left_operational_k | right_operational_k | operational_k |
|||
formula minimum = (left_n>=k & toleft_n) | |
|||
(right_n>=k & toright_n) | |
|||
((left_n+right_n)>=k & toleft_n & line_n & toright_n); |
|||
label "minimum" = (left_n>=k & toleft_n) | (right_n>=k & toright_n) | ((left_n+right_n)>=k & toleft_n & line_n & toright_n); |
|||
// premium = minimum_N |
|||
label "premium" = (left_n>=left_mx & toleft_n) | (right_n>=right_mx & toright_n) | ((left_n+right_n)>=left_mx & toleft_n & line_n & toright_n); |
|||
|
|||
// Reward structures |
|||
|
|||
// Percentage of operational workstations stations |
|||
rewards "percent_op" |
|||
true : 100*(left_n+right_n)/(2*N); |
|||
endrewards |
|||
|
|||
// Time that the system is not delivering at least minimum QoS |
|||
rewards "time_not_min" |
|||
!minimum : 1; |
|||
endrewards |
|||
|
|||
// Number of repairs |
|||
rewards "num_repairs" |
|||
[repairLeft] true : 1; |
|||
[repairRight] true : 1; |
|||
[repairToLeft] true : 1; |
|||
[repairToRight] true : 1; |
|||
[repairLine] true : 1; |
|||
endrewards |
@ -0,0 +1,151 @@ |
|||
ctmc |
|||
|
|||
// constants |
|||
const int MAX_COUNT; |
|||
const int MIN_SENSORS = 2; |
|||
const int MIN_ACTUATORS = 1; |
|||
|
|||
// rates |
|||
const double lambda_p = 1/(365*24*60*60); // 1 year |
|||
const double lambda_s = 1/(30*24*60*60); // 1 month |
|||
const double lambda_a = 1/(2*30*24*60*60); // 2 months |
|||
const double tau = 1/60; // 1 min |
|||
const double delta_f = 1/(24*60*60); // 1 day |
|||
const double delta_r = 1/30; // 30 secs |
|||
|
|||
// sensors |
|||
module sensors |
|||
|
|||
s : [0..3] init 3; // number of sensors working |
|||
|
|||
[] s>1 -> s*lambda_s : (s'=s-1); // failure of a single sensor |
|||
|
|||
endmodule |
|||
|
|||
// input processor |
|||
// (takes data from sensors and passes onto main processor) |
|||
module proci |
|||
|
|||
i : [0..2] init 2; // 2=ok, 1=transient fault, 0=failed |
|||
|
|||
[] i>0 & s>=MIN_SENSORS -> lambda_p : (i'=0); // failure of processor |
|||
[] i=2 & s>=MIN_SENSORS -> delta_f : (i'=1); // transient fault |
|||
[input_reboot] i=1 & s>=MIN_SENSORS -> delta_r : (i'=2); // reboot after transient fault |
|||
|
|||
endmodule |
|||
|
|||
// actuators |
|||
module actuators |
|||
|
|||
a : [0..2] init 2; // number of actuators working |
|||
|
|||
[] a>0 -> a*lambda_a : (a'=a-1); // failure of a single actuator |
|||
|
|||
endmodule |
|||
|
|||
// output processor |
|||
// (receives instructions from main processor and passes onto actuators) |
|||
module proco = proci [ i=o, s=a, input_reboot=output_reboot, MIN_SENSORS=MIN_ACTUATORS ] endmodule |
|||
|
|||
// main processor |
|||
// (takes data from proci, processes it, and passes instructions to proco) |
|||
module procm |
|||
|
|||
m : [0..1] init 1; // 1=ok, 0=failed |
|||
count : [0..MAX_COUNT+1] init 0; // number of consecutive skipped cycles |
|||
|
|||
// failure of processor |
|||
[] m=1 -> lambda_p : (m'=0); |
|||
// processing completed before timer expires - reset skipped cycle counter |
|||
[timeout] comp -> tau : (count'=0); |
|||
// processing not completed before timer expires - increment skipped cycle counter |
|||
[timeout] !comp -> tau : (count'=min(count+1, MAX_COUNT+1)); |
|||
|
|||
endmodule |
|||
|
|||
// connecting bus |
|||
module bus |
|||
|
|||
// flags |
|||
// main processor has processed data from input processor |
|||
// and sent corresponding instructions to output processor (since last timeout) |
|||
comp : bool init true; |
|||
// input processor has data ready to send |
|||
reqi : bool init true; |
|||
// output processor has instructions ready to be processed |
|||
reqo : bool init false; |
|||
|
|||
// input processor reboots |
|||
[input_reboot] true -> 1 : |
|||
// performs a computation if has already done so or |
|||
// it is up and ouput clear (i.e. nothing waiting) |
|||
(comp'=(comp | (m=1 & !reqo))) |
|||
// up therefore something to process |
|||
& (reqi'=true) |
|||
// something to process if not functioning and either |
|||
// there is something already pending |
|||
// or the main processor sends a request |
|||
& (reqo'=!(o=2 & a>=1) & (reqo | m=1)); |
|||
|
|||
// output processor reboots |
|||
[output_reboot] true -> 1 : |
|||
// performs a computation if it has already or |
|||
// something waiting and is up |
|||
// (can be processes as the output has come up and cleared pending requests) |
|||
(comp'=(comp | (reqi & m=1))) |
|||
// something to process it they are up or |
|||
// there was already something and the main processor acts |
|||
// (output now up must be due to main processor being down) |
|||
& (reqi'=(i=2 & s>=2) | (reqi & m=0)) |
|||
// output and actuators up therefore nothing can be pending |
|||
& (reqo'=false); |
|||
|
|||
// main processor times out |
|||
[timeout] true -> 1 : |
|||
// performs a computation if it is up something was pending |
|||
// and nothing is waiting for the output |
|||
(comp'=(reqi & !reqo & m=1)) |
|||
// something to process if up or |
|||
// already something and main process cannot act |
|||
// (down or outputs pending) |
|||
& (reqi'=(i=2 & s>=2) | (reqi & (reqo | m=0))) |
|||
// something to process if they are not functioning and |
|||
// either something is already pending |
|||
// or the main processor acts |
|||
& (reqo'=!(o=2 & a>=1) & (reqo | (reqi & m=1))); |
|||
|
|||
endmodule |
|||
|
|||
|
|||
// the system is down |
|||
formula down = (i=2&s<MIN_SENSORS)|(count=MAX_COUNT+1)|(o=2&a<MIN_ACTUATORS)|(m=0); |
|||
// transient failure has occured but the system is not down |
|||
formula danger = !down & (i=1 | o=1); |
|||
// the system is operational |
|||
formula up = !down & !danger; |
|||
|
|||
|
|||
// reward structures |
|||
|
|||
rewards "up" |
|||
up : 1/3600; |
|||
endrewards |
|||
|
|||
rewards "danger" |
|||
danger : 1/3600; |
|||
endrewards |
|||
rewards "down" |
|||
down : 1/3600; |
|||
endrewards |
|||
|
|||
//labels |
|||
// causes of failues |
|||
label "fail_sensors" = i=2&s<MIN_SENSORS; // sensors have failed |
|||
label "fail_actuators" = o=2&a<MIN_ACTUATORS; // actuators have failed |
|||
label "fail_io" = count=MAX_COUNT+1; // IO has failed |
|||
label "fail_main" = m=0; // ,main processor has failed |
|||
|
|||
// system status |
|||
label "down" = (i=2&s<MIN_SENSORS)|(count=MAX_COUNT+1)|(o=2&a<MIN_ACTUATORS)|(m=0); // system has shutdown |
|||
label "danger" = !down & (i=1 | o=1); // transient fault has occured |
|||
label "up" = !down & !danger; |
@ -0,0 +1,33 @@ |
|||
ctmc |
|||
|
|||
// constants |
|||
const int MAX_COUNT; |
|||
const int MIN_SENSORS = 2; |
|||
const int MIN_ACTUATORS = 1; |
|||
|
|||
// rates |
|||
const double lambda_p = 1/(365*24*60*60); // 1 year |
|||
const double lambda_s = 1/(30*24*60*60); // 1 month |
|||
const double lambda_a = 1/(2*30*24*60*60); // 2 months |
|||
const double tau = 1/60; // 1 min |
|||
const double delta_f = 1/(24*60*60); // 1 day |
|||
const double delta_r = 1/30; // 30 secs |
|||
|
|||
// sensors |
|||
module sensors |
|||
|
|||
s : [0..3] init 3; // number of sensors working |
|||
|
|||
[] s>1 -> s*lambda_s : (s'=s-1); // failure of a single sensor |
|||
|
|||
endmodule |
|||
|
|||
// input processor |
|||
// (takes data from sensors and passes onto main processor) |
|||
module proci |
|||
|
|||
i : [0..2] init 2; // 2=ok, 1=transient fault, 0=failed |
|||
|
|||
[] i>0 & s>=MIN_SENSORS -> lambda_p : (i'=0); // failure of processor |
|||
|
|||
endmodule |
@ -0,0 +1,51 @@ |
|||
// polling example [IT90] |
|||
// gxn/dxp 26/01/00 |
|||
|
|||
ctmc |
|||
|
|||
const int N = 2; |
|||
|
|||
const double mu = 1; |
|||
const double gamma = 200; |
|||
const double lambda = mu/N; |
|||
|
|||
module server |
|||
|
|||
s : [1..2]; // station |
|||
a : [0..1]; // action: 0=polling, 1=serving |
|||
|
|||
[loop1a] (s=1)&(a=0) -> gamma : (s'=s+1); |
|||
[loop1b] (s=1)&(a=0) -> gamma : (a'=1); |
|||
[serve1] (s=1)&(a=1) -> mu : (s'=s+1)&(a'=0); |
|||
|
|||
[loop2a] (s=2)&(a=0) -> gamma : (s'=1); |
|||
[loop2b] (s=2)&(a=0) -> gamma : (a'=1); |
|||
[serve2] (s=2)&(a=1) -> mu : (s'=1)&(a'=0); |
|||
|
|||
endmodule |
|||
|
|||
module station1 |
|||
|
|||
s1 : [0..1]; // state of station: 0=empty, 1=full |
|||
|
|||
[loop1a] (s1=0) -> 1 : (s1'=0); |
|||
[] (s1=0) -> lambda : (s1'=1); |
|||
[loop1b] (s1=1) -> 1 : (s1'=1); |
|||
[serve1] (s1=1) -> 1 : (s1'=0); |
|||
|
|||
endmodule |
|||
|
|||
// construct further stations through renaming |
|||
|
|||
module station2 = station1 [ s1=s2, loop1a=loop2a, loop1b=loop2b, serve1=serve2 ] endmodule |
|||
// (cumulative) rewards |
|||
|
|||
// expected time station 1 is waiting to be served |
|||
rewards "waiting" |
|||
s1=1 & !(s=1 & a=1) : 1; |
|||
endrewards |
|||
|
|||
// expected number of times station 1 is served |
|||
rewards "served" |
|||
[serve1] true : 1; |
|||
endrewards |
@ -0,0 +1,66 @@ |
|||
// polling example [IT90] |
|||
// gxn/dxp 26/01/00 |
|||
|
|||
ctmc |
|||
|
|||
const int N = 5; |
|||
|
|||
const double mu = 1; |
|||
const double gamma = 200; |
|||
const double lambda = mu/N; |
|||
|
|||
module server |
|||
|
|||
s : [1..5]; // station |
|||
a : [0..1]; // action: 0=polling, 1=serving |
|||
|
|||
[loop1a] (s=1)&(a=0) -> gamma : (s'=s+1); |
|||
[loop1b] (s=1)&(a=0) -> gamma : (a'=1); |
|||
[serve1] (s=1)&(a=1) -> mu : (s'=s+1)&(a'=0); |
|||
|
|||
[loop2a] (s=2)&(a=0) -> gamma : (s'=s+1); |
|||
[loop2b] (s=2)&(a=0) -> gamma : (a'=1); |
|||
[serve2] (s=2)&(a=1) -> mu : (s'=s+1)&(a'=0); |
|||
|
|||
[loop3a] (s=3)&(a=0) -> gamma : (s'=s+1); |
|||
[loop3b] (s=3)&(a=0) -> gamma : (a'=1); |
|||
[serve3] (s=3)&(a=1) -> mu : (s'=s+1)&(a'=0); |
|||
|
|||
[loop4a] (s=4)&(a=0) -> gamma : (s'=s+1); |
|||
[loop4b] (s=4)&(a=0) -> gamma : (a'=1); |
|||
[serve4] (s=4)&(a=1) -> mu : (s'=s+1)&(a'=0); |
|||
|
|||
[loop5a] (s=5)&(a=0) -> gamma : (s'=1); |
|||
[loop5b] (s=5)&(a=0) -> gamma : (a'=1); |
|||
[serve5] (s=5)&(a=1) -> mu : (s'=1)&(a'=0); |
|||
|
|||
endmodule |
|||
|
|||
module station1 |
|||
|
|||
s1 : [0..1]; // state of station: 0=empty, 1=full |
|||
|
|||
[loop1a] (s1=0) -> 1 : (s1'=0); |
|||
[] (s1=0) -> lambda : (s1'=1); |
|||
[loop1b] (s1=1) -> 1 : (s1'=1); |
|||
[serve1] (s1=1) -> 1 : (s1'=0); |
|||
|
|||
endmodule |
|||
|
|||
// construct further stations through renaming |
|||
|
|||
module station2 = station1 [ s1=s2, loop1a=loop2a, loop1b=loop2b, serve1=serve2 ] endmodule |
|||
module station3 = station1 [ s1=s3, loop1a=loop3a, loop1b=loop3b, serve1=serve3 ] endmodule |
|||
module station4 = station1 [ s1=s4, loop1a=loop4a, loop1b=loop4b, serve1=serve4 ] endmodule |
|||
module station5 = station1 [ s1=s5, loop1a=loop5a, loop1b=loop5b, serve1=serve5 ] endmodule |
|||
// (cumulative) rewards |
|||
|
|||
// expected time station 1 is waiting to be served |
|||
rewards "waiting" |
|||
s1=1 & !(s=1 & a=1) : 1; |
|||
endrewards |
|||
|
|||
// expected number of times station 1 is served |
|||
rewards "served" |
|||
[serve1] true : 1; |
|||
endrewards |
Write
Preview
Loading…
Cancel
Save
Reference in new issue