Formal semantics and efficient analysis of Timed Rebeca in Real-Time Maude

Abstract

The actor model is a well-established and intuitive model of distributed computation. Timed Rebeca is a timed extension of the actor-based modeling language Rebeca. Although Rebeca is supported by a rich verification toolset, Timed Rebeca has not had an executable formal semantics, and has therefore had limited support for formal analysis. In this paper, we provide a formal semantics for Timed Rebeca in Real-Time Maude. Our semantics exploits the isolation inherent in the actor model: since no actor can access the state variables of other actors, and since actors execute only one message server at a time, the effect of executing a statement is not observable by other actors. We can therefore “group together” a number of statements and execute them in one “atomic” rewrite step; this significantly improves the performance of model checking compared to standard approaches where each action is performed by a rewrite step. We have automated the translation from Timed Rebeca to Real-Time Maude, allowing Timed Rebeca models to be automatically analyzed using Real-Time Maude's reachability analysis tool and LTL and timed CTL model checkers. This enables a formal model-engineering methodology which combines the convenience of intuitive modeling in Timed Rebeca with formal verification in Real-Time Maude. We illustrate this methodology—and the performance gained by our new “partial-order-reduction-like” optimized semantics—with a number of case studies, including the IEEE 802.11 RTS/CTS collision avoidance protocol for wireless networks.