Assignment Chef icon Assignment Chef
All English tutorials

Programming lesson

Mastering Model Checking and Automata for Compsys705: A 2026 Guide to CTL, CCS, and Timed Automata

Struggling with Compsys705? This tutorial breaks down CTL formulae, timed automata, and Z3-based bounded model checking with 2026-relevant examples from AI and gaming.

Compsys705 exam model checking tutorial CTL formulae timed automata Z3 solver bounded model checking CCS processes Kripke model automata theory formal verification runtime verification pacemaker security AI safety verification gaming logic verification SMT solving 2026 exam guide

Introduction to Model Checking and Automata Theory

Model checking is a formal verification technique used to automatically verify finite-state systems. In the context of Compsys705, you'll encounter CCS processes, Kripke models, CTL (Computation Tree Logic), automata, and timed automata. This tutorial provides a step-by-step guide to tackling these topics, using current trends like AI safety verification and real-time gaming systems to make the concepts relatable.

Understanding CCS Processes and Kripke Models

CCS (Calculus of Communicating Systems) describes concurrent systems. For example, consider a simple process: P = a.P1 + b.c.P2. This means P can perform action 'a' and then behave like P1, or perform 'b' followed by 'c' and then behave like P2. Kripke models represent states and transitions. In Figure 1, you might see states labeled with atomic propositions (AP = {p1, p2, p3}). Key to exam success: identify which CTL formulae hold in a given model.

Validating CTL Formulae

CTL uses temporal operators like AG (always globally), AF (always finally), and EX (exists next). For instance, AG(p1 ⇒ AX(p1 ∧ p2)) means: in all reachable states, if p1 holds, then in the next state both p1 and p2 hold. To convert to an adequate set, you can express AF, EG, and EU using only EX, EG, and EU (or other minimal sets). For example, AF(p1 ⇒ FG(p1 U p2)) can be rewritten using the equivalences: AF φ ≡ ¬EG ¬φ and FG φ ≡ ¬EF ¬φ. Practice these conversions.

Automata and Timed Automata

Automata are state machines that accept or reject strings. For example, given Σ = {a,b,c,d}, determine if bbabab* is accepted by A1. Justify by tracing the transitions. Timed automata add clock constraints like z >= 12 ∧ x == 20 or x - y = 1000. Valid constraints must be conjunctions of comparisons of clocks with integers (no mixing of clocks in subtraction except difference constraints). The constraint z == x + 5 is valid because it compares a clock to a sum of a clock and an integer.

Runtime Verification for Pacemakers (Trend: AI in Healthcare)

Runtime verification monitors system behavior in real-time. For pacemakers, a monitor can observe ECG signals without direct access. A timed automaton property could be: if heart rate exceeds 120 bpm for more than 10 seconds, raise alert. This is modeled with a clock that resets on each beat. Such techniques are used in AI-powered health apps today.

Symbolic Bounded Model Checking with Z3

Z3 is an SMT solver used for symbolic model checking. You can model traces with at most 4 variables. For example, use Boolean variables for state bits. The Z3 API allows defining sorts, functions, and constraints. Here's a snippet (from the exam):

from z3 import *
T = DeclareSort('T')
f = Function('f', T, T, IntSort())
a, b = Consts('a b', T)
s = Solver()
s.add(ForAll([a, b], Implies(a > 0, b < 10)))

Use s.check() and s.model() to get a satisfying assignment. This approach is used in AI fairness verification and game logic testing.

Conclusion

Mastering these concepts requires practice with CTL equivalences, automata acceptance, and Z3 constraints. Relating them to real-world systems like AI safety monitors or real-time gaming engines makes the learning stick. Good luck with your Compsys705 exam!