Lecture 81 Regional Automaton CS 5270 Lecture 8. Lecture 82 What We Need to Do Problem: –We need...

Lecture 8 1

Regional Automaton

CS 5270 Lecture 8

Lecture 8 2

What We Need to Do

• Problem: – We need to analyze the timed behavior of a TTS.– The timed behavior of TTS is given by TSTTS – But TSTTS is an infinite transition system!

• Solution:– Represent TSTTS as a finite transition system.– How?– By using the notion of regions, quotient TSTTS into a

finite transition system RTS.– Using regions we can compute RTS from TTS.– UPPAAL computes a refined version of RTS from

TTS.

Lecture 8 3

The Reductions.

TSTTS

TATTS

RTS

Both the set of states and actions are infinite.

Time abstraction

Finite set of actions but infinite set of states.

Quotient via bisimulation of finite index.

Both states and actions are finite sets.

TTSSemantics

Regions

Lecture 8 4

The Reductions.

TSTTS

TATTS

RTS




RTS is computed directly from TTS (a finite object)

s is reachable in TTS iff the corresponding state is reachable in RTS.

TTSSemantics

Regions

Lecture 8 5

The Reductions.

TSTTS

TATTS

RTS




TTSSemantics

Regions

Lecture 8 6

Behaviors

• TTS = (S, sin, Act, X, I, )

• We associate a “normal” transition system with TTS while taking time into account:– TSTTS = (S, sin, Act R, )

– R, non-negative reals S Act R S

• TSTTS is an infinite transition system!

Lecture 8 7

Behaviors

• TTS = (S, sin, Act, X, I, )

• TSTTS = (S, sin, Act R, )

• S = S V

• V --- Valuations– A valuation says what the current values of

each clock variable is. v : X R

Lecture 8 8

Behaviors

• TTS = (S, sin, Act, X, I, !)

• TSTTS = (S, sin, Act R, ) R, non-negative reals S Act R S

• S = S V

• sin = (sin, VZERO)

– VZERO (x) = 0 for every x in X.

Lecture 8 9

Behaviors

• There will be two types of transitions.

• Time pass move:– (s, v) (s, v’)

t units of time pass starting from V. V’ (x) = V(x) + t for every x. V’ = V + t

t

Lecture 8 10

Behaviors

• Instantaneous transition.– (s, v) (s’, v’)– In TTS there is a transition of the form

(s, a, X, g, s’) such that: V satisfies g. V’(x) = 0 if x is in X. V’(x) = V(x) if x is not in X.

a

Lecture 8 11

The Reductions.

TSTTS

TATTS

RTS




TTSSemantics

Regions

Lecture 8 12

Time Abstraction

• TTS = (S, S0, Act, X, I, !) s 2 S

• TSTTS = (SV, svin, Act [ R, ))

• TATTS = (SV, svin, Act, ) where :

– (s, V) (s’, V’) iff there exists such that

– (s, V) ) (s, V+) in TS and

– (s, V+) ) (s’, V’) in TS.

a

a

Lecture 8 13

Time Abstraction

• TTS = (S, S0, Act, X, I, !) s 2 S


• TATTS = (SV, svin, Act, )

• FACT: s is reachable in TTS (TS) iff s is reachable in TA.

• Infinite number of states but only a finite number of actions.

Lecture 8 14

The Reductions.

TSTTS

TATTS

RTS




TTSSemantics

Regions

Lecture 8 15

Bisimulation

• Finite index bisimulation relation – Used to quotient a big transition system into

small one. big --- infinite small ---- finite.

Lecture 8 16

Bisimulation

• TS = (S, sin, Act, !)• t S S, an equivalence relation

– s s for every s in S (reflexive)– s s’ implies s’ s (symmetric)– s s’ and s’ s’’ implies s s’’ (transitive) – s t t and s s’ implies there exists t’

such that t t’ and s’ t t’.– s t t and t t’ implies there exists s’ such

that s s’ and s’ t t’.

a

a

a

a

Lecture 8 17

Stable Relation

s t t

a

s’

Lecture 8 18

Stable Relation

s’

s t t

a

t t’

a

Lecture 8 19

Finite Index Bisimulation

• TS = (S, sin, Act, !)

• t a bisimulation.

• s S

• [s]t – the equivalence class containing s.

– {s’ | s t s’}

• t is of finite index if {[s] | s S} is a finite set.

Lecture 8 20

An Example

1 2 3 4 5 6a b a b a b

i t j iff (i is odd and j is odd) OR (i is even and j is even).

t is a bisimulation of finite index.

{1, 3, 5,….} = [5] {2, 4, 6, ..} = [8]

Lecture 8 21

The Quotient Transition System

• TS = (S, sin, Act, )

• t a bisimulation.

• QTS = (QS, qsin, Act, )

– The t - quotient of TS.

– QS = { [s]t | s 2 S}

– qsin = [sin]t

– [s] [s’] iff there exists s1 [s] and s1’ [s’] such that s1 s1’ in TS.

a

a

22

An Example

1 2 3 4 5 6a b a b a b

i t j iff (i is odd and j is odd) OR (i is even and j is even).

t is a stable equivalence relation of finite index.

{1, 3, 5,….} = [5] {2, 4, 6, ..} = [8]

[5] [12]

a

b

Lecture 8 23

The Reductions.

TSTTS

TATTS

RTS




TTSSemantics

Regions

Lecture 8 24

The Equivalence based on Regions.

• TA = (SV, svin, Act, )

• t SV SV, a bisimulation of finite index.

• (s, V) t (s’, V’) iff– s = s’– V Reg V’

V and V’ belong to the same clock region.

Lecture 8 25


• TTS = (S, S0, Act, X, I, !) • Let m1/ n1, m2 / n2,…, mk / nk be all the

(irreducible) rationals that appear in the transitions. Let K be the LCM of {n1, n2,.., nk}.

• Transform a constraint of the form x · m/n into x · (m/n) £ K etc.

• Let TTS’ be the resulting timed transitions system. Then s is reachable in TTS iff it is reachable in TTS’.– TTS’ has only integer-valued constants in the guards!

Lecture 8 26

An example

x < 2.1 y > 2x 1.2 ; y

ay < 2.3

b

21/10 12/10 2 = 20/10 23/10

Lecture 8 27

An example

x < 21 y > 20x 12 ; y

ay < 23

b

Reachability properties will be preserved,

Lecture 8 28


• TA = (S, S0, Act, )

• t µ S £ S , a bisimulation of finite index.

• (s, V) t (s’, V’) iff– s = s’– V Reg V’ ( V and V’ belong to the same

region).

Lecture 8 29

Regional Equivalence

• X = {x1, x2, …, xn}, the set of clock variables.• V, V’ ---- Two clock valuations.

– V : X R– V’ : X R

• V Reg V’ ?• r 2 R.

– b r c , the largest integer less than or equal to r. (the integral part of r).

– b 2.8 c = 2– b c = 3

• r 2 R– fr( r ) , the fractional part of r.

• r = b r c + fr(r)

Lecture 8 30


• X = {x1, x2, …, xn}, the set of clock variables.• V, V’ ---- Two clock valuations.

– V : X R– V’ : X R

• V Reg V’ ?• cx = MAX{ c | “x REL c” is a

clock constraint appearing in some guard or invariant} • x REL c ----- x ≤ c x ≥ c x < c x > c • We are assuming all constants mentioned in the guards

are integers.

Lecture 8 31

An example

x < 21 y > 20x 12 ; y

ay < 23

b

Cx = ? Cy = ?

Lecture 8 32


• X = {x1, x2, …, xn}, the set of clock variables.• V, V’ ---- Two clock valuations.• V Reg V’ iff

(i) For every x, either b V(x) c > cx and b V’(x) c > cx

OR V(x) · cx and V’(x) cx. Further, V(x) = V’(x) and fr(V(x))

= 0 iff fr(V’(x)) = 0

(ii) Suppose V(x) · cx and V(y) · cy. Then fr(V(x)) · fr(V(y)) iff fr(V’(x)) · fr(V’(y)).

Lecture 8 33

An example

x < 21 y > 20x 12 ; y

ay < 23

b

V(x) = 22

V(y) = 21.6

V’(x) = 87

V’(y) = 21.8

Lecture 8 34

An example

x < 21 y > 20x 12 ; y

ay < 23

b

V(x) = 22

V(y) = 21.6

V’(x) = 24

V’(y) = 21.6

Lecture 8 35

An example

x < 21 y > 20x 12 ; y

ay < 23

b

V(x) = 20.4

V(y) = 21.6

V’(x) = 20.8

V’(y) = 21.9

Lecture 8 36

An example

x < 21 y > 20x 12 ; y

ay < 23

b

V(x) = 20.4

V(y) = 21.6

V’(x) = 20.8

V’(y) = 21.9

Lecture 8 37

An example

x < 21 y > 20x 12 ; y

ay < 23

b

V(x) = 20.4

V(y) = 21

V’(x) = 20.8

V’(y) = 21

Lecture 8 38

Example

X = {x, y} cx = 2 cy = 1

{(0, 1)} is a region.

{(x, y) | 0 < x = y < 1} is a region.

28 regions.

Lecture 8 39


• Reg is an equivalence relation (of finite index!);

• Each equivalence class of Reg is called a region.

• There are only a finite number of regions.

Lecture 8 40


• TA = (SV, svin, Act, )

• t µ SV SV a bisimulation of finite index.

• (s, V) t (s’, V’) iff– s = s’– V Reg V’ ( V and V’ belong to the same

region).

Lecture 8 41

The Quotienting

• One member of a clock region satisfies a clock constraint iff all members of the clock region satisfy the clock constraint.

• This can be used to compute the t -quotient of TA, called the regional transition system.

Lecture 8 42

The Reductions.

TSTTS

TATTS

RTS




TTSSemantics

Regions

Lecture 8 43

Time Abstraction

• TTS = (S, S0, Act, X, I, !) s 2 S


• TATTS = (SV, svin, Act, ) where :

– (s, V) (s’, V’) iff there exists such that

– (s, V) ) (s, V+) in TS and

– (s, V+) ) (s’, V’) in TS.

a

a

Lecture 8 44

The Region Automaton

• TATTS = (SV, svin, Act, )• (s, V) (s’, V’) iff s = s’ and V and V’ belong to

the same clock region.• [(s, V)] --------- (s, [V]).• RTS = (SRV, srVin, Act, )

– SRV = {(s, [V]) | (s, V) in SV }– srVin = (sin, [Vzero]) = (sin, {Vzero}) – (s, [V]) (s’, [V’]) iff for some V1 in [V] and some

V1’ in [V’] it is the case that in TATTS, (s, V1) (s’, V1’)

a

a

Lecture 8 45

Example: TTS

Lecture 8 46

The Representation of Regions

• For each clock x specify one formula of the form:– c x < c + 1 where c is in {0, 1, …., cx -1} OR

c = cx OR x > cx

– For each clock pair specify a constraint of the form x – y = 0 or x – y < k or y –x < k for a suitable k in case x cx and y cy.

Example: The Regional Transition System.

Only the reachable states have been shown.

Lecture 8 48

The Regional Construction

• Given a timed transition system, its (finite!) regional transition system can be computed effectively.

• Hence one can effectively solve the reachability problem (and other verification problems) concerning timed transition systems.

• This is the mathematical basis for the verification tools for timed transition systems and timed automata.

Lecture 81 Regional Automaton CS 5270 Lecture 8. Lecture 82 What We Need to Do Problem: –We need...

Documents

Transcript of Lecture 81 Regional Automaton CS 5270 Lecture 8. Lecture 82 What We Need to Do Problem: –We need...