Dynamic Networks of Timed Automata for Collaborative Systems: a Network Monitoring Case Study Salvatore Campana s.campana@computervaritt.it Computer VAR ITT - Verona, Italy Luca Spalazzi spalazzi@univpm.it DIIGA, Universit` a Politecnica delle Marche - Ancona, Italy Francesco Spegni spegni@diiga.univpm.it DIIGA, Universit` a Politecnica delle Marche - Ancona, Italy ABSTRACT We introduce Dynamic Networks of Timed Automata, an extension of (Networks of) Timed Automata useful for specifying concurrently executing timed-processes. The main difference with Timed Automata is that we allow the instantiation at run-time of multiple copies of automata. In this paper we also show an industrial case study where a system for monitoring a network of wireless devices is built applying Dynamic Networks of Timed Automata. The network is characterized by a high degree of dynamism, since its infrastructure is fixed but a big amount of its hosts continuously connect and disconnect. We see how extending XAL, an executable language for Timed Automata, we can first model our system, made of cooperating timed processes, and finally transform such model into an executable application. We also show how to model-check relevant properties of our application, expressing them through a temporal logic called TCTL and using existing formal methods and tools. KEYWORDS Timed Automata, Collaborative Sys- tems, Visual Programming 1. INTRODUCTION A collaborative system is given by a multitude of agents that cooperate in order to reach a common goal. Such agents are usually humans or automated, perhaps software, procedures, and are generally characterized by the neces- sity of interacting for reaching their aims. In this paper we mainly focused on the latter. Here we introduce Dynamic Networks of Timed Automata (DNTA), a formalism that extends (Networks of) Timed Automata (NTA) [12, 11]. Through NTA you can specify a (soft) real-time process as a finite state automaton whose transitions and states may include constraints defined over certain temporal variables. The added value that we give is the possibility to describe a timed-system where automata (and thus processes) can be instantiated and destroyed at run-time. This brings a whole new flexibility to the lan- guage, very useful for describing processes that are intrinsi- cally dynamical, for which the programmer cannot foresee how many copies of a single process is needed to complete the job. We also integrate DNTA in XAL [13], an executable lan- guage that allows to describe an application as one or more cooperating automata with temporal constraints. In [13], it has been shown how to use XAL in order to formalize and contemporary implement precise SLAs (Service Level Agreements) specifications in real-world web-applications and services. From a software engineering point of view we think that XAL represents a good balance between a formal model, i.e. a theoretical description of the process behavior on which you can reason, and a programming language, through which the software engineer can write her/his ap- plications. We choose to define DNTA, and then XAL, extending Networks of Timed Automata because the latter has a well defined semantics and because it has well known verification procedures, mainly based on bisimulation [12] and model-checking [11, 17, 18]. In our approach we distinguish between automaton defini- tions and automaton instances. A system is defined as a set of automaton definitions while its execution is described by 113 978-1-4244-6622-1/10/$26.00 ©2010 IEEE