The TASM Toolset: Specification, Simulation, and Formal Verification of Real-Time Systems (Tool Paper) Martin Ouimet and Kristina Lundqvist Embedded Systems Laboratory Massachusetts Institute of Technology Cambridge, MA, 02139, USA {mouimet,kristina}@mit.edu Abstract. In this paper, we describe the features of the Timed Abstract State Ma- chine toolset. The toolset implements the features of the Timed Abstract State Ma- chine (TASM) language, a specification language for reactive real-time systems. The TASM language enables the specification of functional and non-functional properties using a unified language. The toolset incorporates features to create specifications, simulate specifications, and verify formal properties of specifica- tions. Properties that can be verified using the toolset include completeness, con- sistency, worst-case execution time, and best-case execution time. The toolset is being developed as part of an architecture-based framework for embedded real- time system engineering. We describe how the features of the toolset were used successfully to model and analyze case studies from the aerospace and automotive communities. 1 Introduction The Timed Abstract State Machine (TASM) specification language is a specification language for reactive real-time systems. The TASM language aims to capture the three key aspects of real-time system behavior, namely, functional behavior, timing behavior and resource consumption. TASM is based on the theory of Abstract State Machines (ASM), a method for system design that can be applied at various levels of abstrac- tion [1]. The TASM language has formal semantics, which makes its meaning pre- cise and enables executable specifications. The time semantics of the language revolve around the concept of durative actions. The TASM toolset implements the features of the TASM language through three main components - an editor, an analyzer, and a simulator. The toolset can be used dur- ing the early phases of development to understand behavior before the system is built, or it can be used throughout the development of the system to guide implementation. The type of analysis that can be performed with the toolset include verifying completeness and consistency of the specification [2] and verifying timing properties of the specifi- cation such as the absence of deadlocks and Worst-Case Execution Time (WCET). The philosophy of the toolset is to reuse the state of the art in analytical engines to perform formal verification. The TASM toolset integrates the UPPAAL tool suite [3] to verify W. Damm and H. Hermanns (Eds.): CAV 2007, LNCS 4590, pp. 126–130, 2007. c  Springer-Verlag Berlin Heidelberg 2007