^{1}

^{*}

^{1}

^{*}

In this paper, we present formal analysis of 2CS-WSN collision resolution protocol for wireless sensor networks using probabilistic model checking. The 2CS-WSN protocol is designed to be used during the contention phase of IEEE 802.15.4. In previous work on 2CS-WSN analysis, authors formalized protocol description at abstract level by defining counters to represent number of nodes in specific local state. On abstract model, the properties specifying individual node behavior cannot be analyzed. We formalize collision resolution protocol as a Markov Decision Process to express each node behavior and perform quantitative analysis using probabilistic model checker PRISM. The identical nodes induce symmetry in the reachable state space which leads to redundant search over equivalent areas of the state space during model checking. We use “ExplicitPRISMSymm” on-the-fly symmetry reduction approach to prevent the state space explosion and thus accommodate large number of nodes for analysis.

In last few years, our lives have been greatly influenced by a wireless communication technology that promotes the development of low cost tiny sensor devices which are capable of sensing, processing and communicating. These tiny sensor devices are collaborated to form an ad hoc and self-configurable network, generally referred as the Wireless Sensor Network (WSN) [

To communicate with each other, each node initiates neighbor discovery process which collects the neighbor nodes information by receiving packets from them. If two or more nodes send their packets at the same time, a collision may occur at the receiving node. A key challenge for successful neighbor discovery is to resolve the collisions that occur at the receiving node. Here, we focus onto two cells sorted wireless sensor network (2CS- WSN) collision resolution protocol [

In this paper, we consider formal verification of 2CS-WSN collision resolution protocol using probabilistic model checker PRISM [

José A. Mateo et al. have also presented formal analysis of 2CS-WSN protocol using PRISM in [

We use Markov Decision Process (MDP) as formalization to capture the complete behavior of each node in 2CS-WSN protocol. We evaluate quantitative properties such as “probability of node 1 to transmit successfully within 10 seconds”. Major constraint of our modeling approach is the verification of protocol model with large number of nodes. As the number of nodes increases, states will grow exponentially which is known as state space explosion problem. State explosion prevents the analysis of protocol with large number of nodes. To prevent the state space explosion, we use “ExplicitPRISMSymm” on-the-fly symmetry reduction technique [

We can perform modifications in our modeling approach according to the situations occur in the protocol. For example, we can assign priority to any node like cluster head, so any message from higher priority node will be transmitted before all other messages.

The paper proceeds with the informal description of 2CS-WSN collision resolution protocol in next section. In section 3, we discuss the protocol modeling using counter abstraction based approach and its limitations. Section 4 explains protocol formalization using MDP. Experimental results are explained in section 5 followed by conclusion in section 6.

In this section, we give brief introduction of probabilistic model checking and symmetry reduction. Symmetry reduction is a well-known abstraction technique to prevent the state space explosion in concurrent system analysis.

Probabilistic model checking integrates automated verification techniques aim to quantitatively analyze the probabilistic systems. Calculating likelihood of the occurrence of certain events during the system execution is referred as quantitative analysis.

PRISM is a widely used probabilistic model checker, has been developed at the University of Birmingham [

The system to be analyzed is described in a high-level PRISM specification language then transformed into an internal representation, such as symbolic [

The probabilistic model checker exhaustively search entire reachable state space associated with the system model, and generate two types of outputs, either true/false which indicate whether the specification holds in model or not, or the numerical value, for example, the probability or expected time to reach a state satisfying the specification [

One of the major problems associated with probabilistic model checking is the state space explosion. This problem is more severe with concurrent system analysis as it contains non-distinguishable components [

Symmetry reduction discovers the equivalence classes of symmetrical states to prevent the state explosion in concurrent system analysis. Symmetry reduction reduces the size of system model by choosing only one state as a representative from each equivalence class of states [

PRISM has built-in symmetry reduction technique “PRISMSymm” [

Model building task is much faster using symbolic compare to explicit. But explicit performs better in property evaluation compare to symbolic. For verification of any system, model building is one time task only, where property evaluation can be performed frequently on built model [

2CS-WSN protocol is originally adapted from 2C (two cell) algorithm introduced in [

・ Collision detection in 2CS: In a given time slot, node transmits a packet and receives a feedback message from the central station. The feedback message represents C if collision takes place otherwise represents NC.

・ Collision detection in 2CS-WSN: In 2C, it is assumed that, there is a central station which continuously monitors the channel and provides the feedback message. However, this assumption is unrealistic in self-configuring wireless ad hoc network. For instance, a wireless node may infer that its transmission has collided if the reply to its request does not arrive.

In next slot, if TC contains more than one node, then nodes again redistribute in TC and WC with the help of probabilities. This process repeat until only one node remains in TC and transmit successfully.

In this example, node N1 and N3 choose to stay in TC, whereas N2 decide to move into WC1. Further N1 and N3 attempt to retransmit, and collide again. In next slot, N1 move to WC1, at the same time N2 shift to WC2. Now there is only one node N3 in TC, thus achieve successful transmission. Now TC becomes empty and N1 and N2 move to TC and WC1 respectively. This process repeats until all nodes achieve successful transmission.

José A. Mateo et. al have also presented formal analysis of 2CS-WSN collision resolution protocol using probabilistic model checking [

Counter abstraction is a well-known abstraction method [

Let’s consider a probabilistic model of a concurrent system consisting n finite number of concurrently executing processes. Let

Let

can be in. Here,

In counter abstraction method, the abstract state contains a counter for each possible local state that a process

can be in. An abstract state

denotes the number of processes currently in local state

Authors of [

In formalization, they maintain different counters for transmission cell and waiting cells. Let’s consider a protocol configured with 2 waiting cells. Then representation of system state can be: (TC, WC1, WC2) where TC represents the number of nodes collide in TC and WC1, WC2 represents the number of nodes waiting in each respective cell. For example, state

Here, major restriction of counter abstraction is that the model cannot capture the behavior of individual node. We cannot analyze the performance of a single node behavior. For example, we cannot measure collision resolution time for individual node.

The MDP model for the 2CS-WSN protocol will be obtained by composing MDPs for each node.

An integer variable

Initially all nodes collide into TC, then they choose to move into state TC or WC1 with

Node can transmit a packet if collision does not occur into local state TC, and node moves from TC to FIN. whenever counter

Let’s consider 2CS-WSN protocol configured with one waiting cell WC1 and transmission probability^{2} states. State space of such model tends to grow exponentially large with increasing number of nodes. Due to this state space explosion problem, verification of protocol with large number of nodes is not feasible. A model of such system frequently contains the symmetrical components in form of nodes where behavior of all nodes is indistinguishable.

For example, symmetrical components exist in 2CS-WSN protocol model, e.g. two states s1: (TC,WC1) and s2: (WC1,TC) are symmetric to each other in

In formal verification, all states belonging to the same equivalence class indicate the same event in the system. Therefore, considering only one state instead of all from each equivalence class will not affect the results. Symmetry reduction exploits this fact and reduces the state space: only one representative from each equivalence class of states is chosen.

We now proceed to quantitative analysis of 2CS-WSN protocol. In [

To analyze the protocol, significant properties are expressed using PCTL logical formulas. Specific properties for probabilistic model checking can be grouped into three different categories [

1). Probabilistic Reachability: This type of property verifies that event will take place or not with defined probability at some point in the future during the system execution. Two probabilistic reachability properties for 2CS-WSN protocol are as follows:

First we want to verify that whether all nodes have performed successful transmission or not. This is computed by using the following formula:

where z = number of nodes.

- P1: “Eventually with probability at least 1, all nodes successfully transmit”

If the property evaluate to true then it ensures that the protocol eventually terminates successfully.

- P2: “Eventually with probability at least 1, node 1 successfully transmit”

This property ensures that whether node n1 has performed successful transmission or not.

2). Time Bounded Probabilistic Reachability: These properties allow to evaluating the specific event within bounded time deadline.

- T1: Minimum probability of protocol termination within time T.

- T2: Minimum probability that node 1 correctly transmit its packet within time T.

3). Expected Reachability: Reachability reward properties can be analyzed by associating rewards/costs to PRISM model. For evaluation, tool accumulates expected reward values along a path until a certain point is reached.

According to the original protocol description [

- R1: Maximum expected time taken by protocol to resolve all the conflicts

- R2: Maximum expected time taken by node 1 to successfully transmit its packet

We built an MDP model of 2CS-WSN protocol using PRISM’s explicit representation. We first analyze property P1, that evaluate to true, which ensures that protocol has successfully resolved all the collisions.

Time bounded probabilistic property T1 calculates the probability of protocol termination within given time. As the time deadline T increases, probability of protocol termination is also increase.

We validate our MDP model by comparing “Expected reachability value of property R1” for different number of nodes with the results given in [

In 2CS-WSN protocol verification, as the number of node increases, reachable states also increase. Thus, the full MDP model with large number of nodes cannot build using explicit representation. Therefore, we have applied “ExplicitPRISMSymm” on-the-fly symmetry reduction technique [

In

Properties P2, T2 and R2 cannot analyze using counter abstraction based approach. But using our MDP formalization, we can analyze properties related to individual node as it represents information of each node.

PRISM gives facility to define symmetry parameters as NBS and NFS, in which we can specify number of non-symmetric nodes. Here NBS represents number of non-symmetric nodes before symmetric nodes and NFS defines number of non-symmetric nodes after symmetric nodes. That means, all symmetric nodes must be defined in a consecutive manner.

For example, we want to verify that what is the probability that node n1 will successfully transmit its packet within given deadline. For that, we can specify symmetry reduction parameters as 1.0 which perform the symmetry reduction on all nodes except node 1.

We have evaluated property T2 against node 1 with varying the time deadline and number of nodes.

We have also evaluated property R2, “expected collision resolution time” for n1 with different

Finish Time T (ms) | N = 3 | N = 6 | N = 9 | N = 12 | N = 15 | N = 18 | N = 21 |
---|---|---|---|---|---|---|---|

10 | 0.93 | 0.53 | 0.32 | 0.23 | 0.17 | 0.14 | 0.11 |

15 | 0.99 | 0.83 | 0.52 | 0.38 | 0.32 | 0.25 | 0.21 |

20 | 0.99 | 0.95 | 0.74 | 0.53 | 0.41 | 0.34 | 0.28 |

25 | 0.99 | 0.98 | 0.89 | 0.68 | 0.53 | 0.43 | 0.37 |

30 | 0.99 | 0.99 | 0.96 | 0.83 | 0.65 | 0.53 | 0.45 |

35 | 0.99 | 0.99 | 0.99 | 0.92 | 0.78 | 0.63 | 0.53 |

40 | 0.99 | 0.99 | 0.99 | 0.97 | 0.88 | 0.73 | 0.62 |

45 | 0.99 | 0.99 | 0.99 | 0.99 | 0.94 | 0.83 | 0.71 |

50 | 0.99 | 0.99 | 0.99 | 0.99 | 0.98 | 0.91 | 0.79 |

60 | 0.99 | 0.99 | 0.99 | 0.99 | 0.99 | 0.98 | 0.92 |

70 | 0.99 | 0.99 | 0.99 | 0.99 | 0.99 | 0.99 | 0.98 |

80 | 0.99 | 0.99 | 0.99 | 0.99 | 0.99 | 0.99 | 0.99 |

We formalized 2CS-WSN collision resolution protocol as Markov Decision Process and performed quantitative analysis using probabilistic model checking techniques implemented in the model checker PRISM. We have analyzed quantitative properties such as “probability of node 1 to transmit successfully within 20 seconds”. From experimental results, we infer that probability of transmission

In collision resolution protocol, all nodes are identical; behavior of all nodes is similar. In protocol model, as the number of node increases, state space explosion problem arises. We have successfully applied “Explicit- PRISMSymm” on-the-fly symmetry reduction technique to prevent the state explosion in probabilistic model checking and make the protocol analysis with large number of nodes feasible.

ReemaPatel,DhirenPatel, (2015) A Quantitative Analysis of Collision Resolution Protocol for Wireless Sensor Network. Journal of Software Engineering and Applications,08,361-371. doi: 10.4236/jsea.2015.88036