文章通过NuSMV工具对智能家居场景下的自动化规则进行LTL规格检查,分析了在雨天窗户是否应关闭的逻辑错误。内容涉及状态机的循环、冲突状态、状态变量(如rain_count、smoke_count)以及修复尝试,如修改状态前的状态数、调整步骤设置和添加额外的标志变量来避免冲突。主要探讨了如何处理雨天窗户状态与烟雾检测之间的逻辑关系,确保规则的正确执行。
rain1,冲突状态前有三个状态,step设置为4,或者优先上一状态,无效才说明是extended
同时smoke和runin到期,确实要smoke放runin前
NuSMV > check_ltlspec -p "G((weather.rain=raining)->F(window.switch=close))"
-- specification G (weather.rain = raining -> F window.switch = close) is false
-- as demonstrated by the following execution sequence
Trace Description: LTL Counterexample
Trace Type: Counterexample
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
-> State: 1.3 <-
smoke = detected
smoke_count = 1
-> State: 1.4 <-
window.switch = open
smokeState = detected
smoke_count = 0
delaywindow = 5
-> State: 1.5 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 5
-> State: 1.6 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 4
-> State: 1.7 <-
smoke = clear
smoke_count = 1
runinwindow.timer = 3
-> State: 1.8 <-
smokeState = clear
smoke_count = 0
runinwindow.timer = 2
-> State: 1.9 <-
smoke = detected
smoke_count = 1
runinwindow.timer = 1
-- Loop starts here
-> State: 1.10 <-
smokeState = detected
smoke_count = 0
runinwindow.timer = 0
delaywindow = 0
-> State: 1.11 <-
fix1 通过改not_raining自然属性,所以不行,或者说是正常执行情况,rain属于影响不了的,温度属于能影响的,smoke也可以固定,包括在冲突状态 找close的原因,或open rain不同时出现的原因
flag反映了单谓词到多谓词
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = FALSE
flag4 = TRUE
flag5 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
flag3 = TRUE
flag4 = FALSE
flag5 = TRUE
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
step = 3
-- Loop starts here
-> State: 1.4 <-
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
step = 0
-> State: 1.5 <-
fix2 冲突状态仍存在,不处理而是共享后面正常结束的close,也是正常执行路径 改LTL为X、U不行,说明当前配置不行,应该!=原配置
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = FALSE
flag4 = TRUE
flag5 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
flag3 = TRUE
flag4 = FALSE
flag5 = TRUE
-> State: 1.3 <-
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
window.switch = open
smokeState = detected
smoke_count = 0
delaywindow = 5
step = 4
-> State: 1.5 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 5
step = 0
-> State: 1.6 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 4
-> State: 1.7 <-
runinwindow.timer = 3
-> State: 1.8 <-
runinwindow.timer = 2
-> State: 1.9 <-
runinwindow.timer = 1
-- Loop starts here
-> State: 1.10 <-
window.switch = close
runinwindow.timer = 0
delaywindow = 0
-- Loop starts here
-> State: 1.11 <-
-> State: 1.12 <-
fix3 同上
INVAR
!(flag1 = TRUE & flag2 = FALSE)
fix4 搜索有没有冲突状态,发现没有
INVAR
!(flag1 = TRUE & flag2 = FALSE) & !(flag1 = FALSE & flag2 = FALSE)
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = FALSE
flag2 = TRUE
flag3 = FALSE
flag4 = TRUE
flag5 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
flag3 = TRUE
-> State: 1.3 <-
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
smokeState = detected
smoke_count = 0
step = 4
-> State: 1.5 <-
weather.rain = not_raining
rain_count = 1
step = 0
-- Loop starts here
-> State: 1.6 <-
weather.rainState = not_raining
rain_count = 0
-> State: 1.7 <-
rain1_1 冲突状态前有4个状态,step设置为5。一直open
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
-> State: 1.4 <-
window.switch = open
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
delaywindow = 5
-> State: 1.5 <-
weather.rain = raining
rain_count = 1
runinwindow.timer = 5
-> State: 1.6 <-
weather.rainState = raining
rain_count = 0
runinwindow.timer = 4
-> State: 1.7 <-
weather.rain = not_raining
rain_count = 1
smoke = clear
smoke_count = 1
runinwindow.timer = 3
-> State: 1.8 <-
weather.rainState = not_raining
rain_count = 0
smokeState = clear
smoke_count = 0
runinwindow.timer = 2
-> State: 1.9 <-
smoke = detected
smoke_count = 1
runinwindow.timer = 1
-- Loop starts here
-> State: 1.10 <-
smokeState = detected
smoke_count = 0
runinwindow.timer = 0
delaywindow = 0
-> State: 1.11 <-
rain1_1_fix1 1.5的自然状态不同,而且满足LTL的形式很有意思
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = TRUE
flag5 = FALSE
flag6 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
window.switch = open
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
delaywindow = 5
step = 4
-> State: 1.5 <-
runinwindow.timer = 5
step = 5
-> State: 1.6 <-
runinwindow.timer = 4
step = 0
-> State: 1.7 <-
runinwindow.timer = 3
-> State: 1.8 <-
runinwindow.timer = 2
-> State: 1.9 <-
smoke = clear
smoke_count = 1
runinwindow.timer = 1
flag1 = FALSE
flag3 = FALSE
flag4 = FALSE
flag5 = TRUE
flag6 = TRUE
-- Loop starts here
-> State: 1.10 <-
smokeState = clear
smoke_count = 0
runinwindow.timer = 0
delaywindow = 0
flag1 = TRUE
flag3 = TRUE
flag4 = TRUE
flag5 = FALSE
flag6 = FALSE
-> State: 1.11 <-
rain1_1_fix2 冲突状态仍存在,是在下一状态变(因为先action),并没有像之前的消掉(因为后action) action要变
关键是找到没有close的raining而不是冲突状态,并不是说冲突状态导致LTL冲突,而是有rain一直没找到close
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = TRUE
flag5 = FALSE
flag6 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
window.switch = open
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
delaywindow = 5
step = 4
-> State: 1.5 <-
weather.rain = raining
rain_count = 1
runinwindow.timer = 5
step = 5
-> State: 1.6 <-
weather.rainState = raining
rain_count = 0
runinwindow.timer = 4
step = 0
-> State: 1.7 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 3
-> State: 1.8 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 2
-> State: 1.9 <-
smoke = clear
smoke_count = 1
runinwindow.timer = 1
flag1 = FALSE
flag3 = FALSE
flag4 = FALSE
flag5 = TRUE
flag6 = TRUE
-- Loop starts here
-> State: 1.10 <-
smokeState = clear
smoke_count = 0
runinwindow.timer = 0
delaywindow = 0
flag1 = TRUE
flag3 = TRUE
flag4 = TRUE
flag5 = FALSE
flag6 = FALSE
-> State: 1.11 <-
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = TRUE
flag5 = FALSE
flag6 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
window.switch = open
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
delaywindow = 5
step = 4
-> State: 1.5 <-
weather.rain = raining
rain_count = 1
runinwindow.timer = 5
step = 5
-> State: 1.6 <-
window.switch = close
weather.rainState = raining
rain_count = 0
runinwindow.timer = 4
step = 0
-> State: 1.7 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 3
-> State: 1.8 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 2
-> State: 1.9 <-
runinwindow.timer = 1
-- Loop starts here
-> State: 1.10 <-
runinwindow.timer = 0
delaywindow = 0
-> State: 1.11 <-
rain1_2 任务:找没有close匹配的raining
所以是1.10而不是1.1,step=10
-> State: 1.1 <-
window.switch = open
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
-> State: 1.4 <-
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
-> State: 1.5 <-
weather.rain = raining
rain_count = 1
-> State: 1.6 <-
window.switch = close
weather.rainState = raining
rain_count = 0
smoke = clear
smoke_count = 1
-> State: 1.7 <-
weather.rain = not_raining
rain_count = 1
smokeState = clear
smoke_count = 0
-> State: 1.8 <-
weather.rainState = not_raining
rain_count = 0
smoke = detected
smoke_count = 1
-> State: 1.9 <-
window.switch = open
smokeState = detected
smoke_count = 0
delaywindow = 5
-> State: 1.10 <-
weather.rain = raining
rain_count = 1
smoke = clear
smoke_count = 1
runinwindow.timer = 5
-> State: 1.11 <-
weather.rainState = raining
rain_count = 0
smokeState = clear
smoke_count = 0
runinwindow.timer = 4
-> State: 1.12 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 3
-> State: 1.13 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 2
-> State: 1.14 <-
smoke = detected
smoke_count = 1
runinwindow.timer = 1
-- Loop starts here
-> State: 1.15 <-
smokeState = detected
smoke_count = 0
runinwindow.timer = 0
delaywindow = 0
-> State: 1.16 <-
rain1_2_fix1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = FALSE
flag5 = TRUE
flag6 = FALSE
rain1_1_fix3 冲突状态
INVAR
!(flag1 = TRUE & flag2 = FALSE & flag3 = TRUE & flag4 = TRUE & flag5 = FALSE & flag6 = FALSE)
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = FALSE
flag5 = FALSE
flag6 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
window.switch = open
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
delaywindow = 5
step = 4
-> State: 1.5 <-
weather.rain = raining
rain_count = 1
runinwindow.timer = 5
step = 5
-> State: 1.6 <-
weather.rainState = raining
rain_count = 0
runinwindow.timer = 4
step = 0
-> State: 1.7 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 3
-> State: 1.8 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 2
-> State: 1.9 <-
weather.rain = raining
rain_count = 1
runinwindow.timer = 1
-- Loop starts here
-> State: 1.10 <-
weather.rainState = raining
rain_count = 0
runinwindow.timer = 0
delaywindow = 0
-> State: 1.11 <-
rain1_1_fix4 冲突状态
INVAR
!(flag1 = TRUE & flag2 = FALSE & flag3 = TRUE & flag4 = TRUE & flag5 = FALSE & flag6 = FALSE)
INVAR
!(flag1 = TRUE&flag2 = FALSE&flag3 = TRUE&flag4 = FALSE&flag5 = FALSE&flag6 = FALSE)
-> State: 1.1 <-
window.switch = close
weather.rain = raining
weather.rainState = not_raining
rain_count = 1
smoke = clear
smokeState = clear
smoke_count = 1
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = FALSE
flag5 = TRUE
flag6 = FALSE
-> State: 1.2 <-
weather.rainState = raining
rain_count = 0
smoke_count = 0
step = 2
-> State: 1.3 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
step = 3
-> State: 1.4 <-
window.switch = open
weather.rainState = not_raining
rain_count = 0
smokeState = detected
smoke_count = 0
delaywindow = 5
step = 4
-> State: 1.5 <-
weather.rain = raining
rain_count = 1
runinwindow.timer = 5
step = 5
-> State: 1.6 <-
weather.rainState = raining
rain_count = 0
runinwindow.timer = 4
step = 0
-> State: 1.7 <-
weather.rain = not_raining
rain_count = 1
runinwindow.timer = 3
-> State: 1.8 <-
weather.rainState = not_raining
rain_count = 0
runinwindow.timer = 2
-> State: 1.9 <-
weather.rain = raining
rain_count = 1
smoke = clear
smoke_count = 1
runinwindow.timer = 1
-- Loop starts here
-> State: 1.10 <-
weather.rainState = raining
rain_count = 0
smokeState = clear
smoke_count = 0
runinwindow.timer = 0
delaywindow = 0
-> State: 1.11 <-
rain1_1_fix5
INVAR
!(flag1 = TRUE & flag2 = FALSE & flag3 = TRUE & flag4 = TRUE & flag5 = FALSE & flag6 = FALSE)
INVAR
!(flag1 = TRUE & flag2 = FALSE & flag3 = TRUE & flag4 = FALSE & flag5 = FALSE & flag6 = FALSE)
INVAR
!(flag1 = TRUE & flag2 = FALSE & flag3 = TRUE & flag4 = FALSE & flag5 = TRUE & flag6 = FALSE)
rain1_1_fix6
NuSMV > check_ltlspec -p "G((weather.rain=raining)->F(window.switch=close))"
-- specification G (weather.rain = raining -> F window.switch = close) is false
-- as demonstrated by the following execution sequence
Trace Description: LTL Counterexample
Trace Type: Counterexample
-> State: 1.1 <-
window.switch = close
windowSwitchState = close
weather.rain = raining
rain_count = 0
smoke = clear
smoke_count = 0
alarm.alarmCap.alarm = both
alarmState = off
runinalarm.timer = 0
delayalarm = 0
runinwindow.timer = 0
delaywindow = 0
-> State: 1.2 <-
smoke = detected
smoke_count = 1
alarmState = both
-> State: 1.3 <-
window.switch = open
smoke_count = 0
alarm.alarmCap.alarm = siren
delayalarm = 3
delaywindow = 5
-> State: 1.4 <-
windowSwitchState = open
weather.rain = not_raining
rain_count = 1
alarmState = siren
runinalarm.timer = 3
runinwindow.timer = 5
-> State: 1.5 <-
rain_count = 0
runinalarm.timer = 2
runinwindow.timer = 4
-> State: 1.6 <-
runinalarm.timer = 1
runinwindow.timer = 3
-> State: 1.7 <-
runinalarm.timer = 0
delayalarm = 0
runinwindow.timer = 2
-> State: 1.8 <-
runinwindow.timer = 1
-- Loop starts here
-> State: 1.9 <-
runinwindow.timer = 0
delaywindow = 0
-> State: 1.10 <
NuSMV > check_ltlspec -p "G((weather.rain=raining)->!F(window.switch=close))"
-- specification G (weather.rain = raining -> !( F window.switch = close)) is false
-- as demonstrated by the following execution sequence
Trace Description: LTL Counterexample
Trace Type: Counterexample
-> State: 1.1 <-
window.switch = close
windowSwitchState = close
weather.rain = raining
rain_count = 0
smoke = clear
smoke_count = 0
alarm.alarmCap.alarm = both
alarmState = off
runinalarm.timer = 0
delayalarm = 0
runinwindow.timer = 0
delaywindow = 0
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = FALSE
flag5 = TRUE
flag6 = FALSE
flag7 = FALSE
flag8 = FALSE
flag9 = TRUE
flag10 = FALSE
-> State: 1.2 <-
weather.rain = not_raining
rain_count = 1
smoke = detected
smoke_count = 1
alarmState = both
-> State: 1.3 <-
window.switch = open
rain_count = 0
smoke_count = 0
alarm.alarmCap.alarm = siren
delayalarm = 3
delaywindow = 5
-> State: 1.4 <-
windowSwitchState = open
alarmState = siren
runinalarm.timer = 3
runinwindow.timer = 5
-> State: 1.5 <-
runinalarm.timer = 2
runinwindow.timer = 4
-> State: 1.6 <-
runinalarm.timer = 1
runinwindow.timer = 3
-> State: 1.7 <-
runinalarm.timer = 0
delayalarm = 0
runinwindow.timer = 2
-> State: 1.8 <-
runinwindow.timer = 1
-- Loop starts here
-> State: 1.9 <-
runinwindow.timer = 0
delaywindow = 0
-> State: 1.10 <-
NuSMV >
-- specification G (weather.rain = raining -> F window.switch = close) is false
-- as demonstrated by the following execution sequence
Trace Description: LTL Counterexample
Trace Type: Counterexample
-> State: 1.1 <-
window.switch = close
windowSwitchState = close
weather.rain = raining
rain_count = 1
smoke = clear
smoke_count = 1
alarm.alarmCap.alarm = both
alarmState = off
runinalarm.timer = 0
delayalarm = 0
runinwindow.timer = 0
delaywindow = 0
step = 1
flag1 = TRUE
flag2 = FALSE
flag3 = TRUE
flag4 = FALSE
flag5 = TRUE
flag6 = FALSE
flag7 = FALSE
flag8 = FALSE
flag9 = TRUE
flag10 = FALSE
-> State: 1.2 <-
rain_count = 0
smoke_count = 0
alarmState = both
step = 2
flag3 = FALSE
flag4 = TRUE
flag9 = FALSE
flag10 = TRUE
-> State: 1.3 <-
window.switch = open
smoke = detected
smoke_count = 1
alarm.alarmCap.alarm = off
delaywindow = 5
step = 3
flag3 = TRUE
flag4 = FALSE
flag9 = TRUE
flag10 = FALSE
-> State: 1.4 <-
windowSwitchState = open
weather.rain = not_raining
rain_count = 1
smoke_count = 0
alarm.alarmCap.alarm = siren
alarmState = off
delayalarm = 3
runinwindow.timer = 5
-> State: 1.5 <-
rain_count = 0
alarmState = siren
runinalarm.timer = 3
runinwindow.timer = 4
-> State: 1.6 <-
runinalarm.timer = 2
runinwindow.timer = 3
-> State: 1.7 <-
runinalarm.timer = 1
runinwindow.timer = 2
-> State: 1.8 <-
runinalarm.timer = 0
delayalarm = 0
runinwindow.timer = 1
-- Loop starts here
-> State: 1.9 <-
runinwindow.timer = 0
delaywindow = 0
-> State: 1.10 <-
NuSMV >
BUG LOCATION 继续弄
考虑如下智能家居场景,用户家中有以下智能设备:温湿度传感器、人体传感器、烟雾传感器、智能灯、智能窗户、智能报警器、智能风扇。为了实现智能家居自动化,设置如下X条TAP规则:1)IF 烟雾传感器检测到烟雾,THEN 智能报警器报警;2)IF 烟雾传感器检测到烟雾,THEN 打开智能窗户10min后关闭;3)IF 烟雾传感器检测到烟雾,THEN 打开智能风扇10min后关闭;4)IF 室内环境潮湿,THEN 打开智能风扇10min后关闭;
448
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
