In the following we give a pseudo-formal semantics for the requirement specification language of UPPAAL. We assume the existens of a timed transition system (S, s0, ->) as defined in the semantics of UPPAAL.
The UPPAAL requirement specification language supports five types of properties, which can be reduced to two types as illustrated by the following table (here p is a state property).
| Name | Property | Equivalent to |
|---|---|---|
| Possibly | E<> p | |
| Invariantly | A[] p | not E<> not p |
| Potentially always | E[] p | |
| Eventually | A<> p | not E[] not p |
| Leads to | p --> q | A[] (p imply A<> q) |
Thus in the following we will define the Possibly and Potentially always operators.
The property E<> p evaluates to true for a timed transition system if and only if there is a sequence of alternating delay transitions and action transitions s0-->s1-->...-->sn, where s0 is the initial state and sn satisfies p.
The property E[] p evaluates to true for a timed transition system if and only if there is a sequence of alternating delay or action transitions s0-->s1-->...-->si-->... for which p holds in all states si and which either:
Any side-effect free expression is a valid state property. In addition it is possible to test whether a process is in a particular location and whether a state is a deadlock.
Expressions on the form P.l, where P is a process and l is a location, evaluate to true in a state (L, v) if and only if P.l is in L.
The state property deadlock evaluates to true for a state (L, v) if and only if for all d >= 0 there is no action successor of (L, v + d).