Document Sample

From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University Outline •Model Checking •Infinite-State Systems •Methodology: Monotonicity Well Quasi-Orderings •Models Petri Nets Lossy Channel Systems Timed Petri Nets •Extension to Games Model Checking T sat f ? transition specification system Model Checking T sat f ? transition specification system Transition System Transition System Reachability Init Fin Init reaches Fin? Transition Systems Reachability Init Saftey Properties = Reachability Fin Init reaches Fin? Forward Reachability Analysis Forward Reachability Analysis Post Forward Reachability Analysis Post Forward Reachability Analysis = computing Post Init Fin Backward Reachability Analysis Backward Reachability Analysis Pre Backward Reachability Analysis Pre Backward Reachability Analysis = computing Pre Init Fin Forward Reachability Analysis Init Fin Backward Reachability Analysis Init Fin Infinite-State Systems 1. Unbounded Data Structures • stacks • queues • clocks • counters, etc. 2. Unbounded Control Structures • Parameterized Systems • Dynamic Systems Backward Reachability Analysis Init Fin infinite Backward Reachability Analysis Init Fin infinite effective symbolic representation Petri Nets States = Markings Transitions Transitions t Firing t Transitions t t is disabled Monotonicity Monotonicity Monotonicity Petri Nets: infinite state Petri Nets: infinite state Petri Nets: infinite state Petri Nets: infinite state Petri Nets: infinite state Mutual Exclusion W R=1? R:=1 R:=0 C Mutual Exclusion W R=1? R:=1 R:=0 C R=1? R=1? R=1? R:=1 R:=1 R:=1 R:=0 R:=0 R:=0 Mutual Exclusion R=1? R=1? R=1? R:=1 R:=1 R:=1 R:=0 R:=0 R:=0 Mutual Exclusion R=1? R=1? R=1? R:=1 R:=1 R:=1 R:=0 R:=0 R:=0 Initial states: • R=1 Infinitely • All processes in many Mutual Exclusion R=1? R=1? R=1? R:=1 R:=1 R:=1 R:=0 R:=0 R:=0 Initial states: • R=1 Infinitely • All processes in many Bad states: Two or more processes in Mutual Exclusion R=1? R=1? R=1? R:=1 R:=1 R:=1 R:=0 R:=0 R:=0 C W R=1 Mutual Exclusion C W R=1 Set of initial states : infinite Mutual Exclusion C W R=1 Mutual Exclusion C W R=1 C W R=1 Mutual Exclusion C W R=1 Mutual Exclusion C W R=1 C W R=1 Safety Properties • mutual exclusion: #tokens in critical section > 1 critical section Safety Properties • mutual exclusion: #tokens in critical section > 1 Ideal = Upward closed set of markings critical section Safety Properties • mutual exclusion: #tokens in critical section > 1 Ideal = Upward closed set of markings critical section safety = reachability of ideals Petri Nets • Concurrent systems • Infinite-state: symbolic representation • Monotonic behaviour • Safety properties: reachability of ideals Petri Nets • Concurrent systems • Infinite-state: symbolic representation • Monotonic behaviour • Safety properties: reachability of ideals Monotonicity ideals closed under computing Pre Monotonicity ideals closed under computing Pre I Monotonicity ideals closed under computing Pre I Monotonicity ideals closed under computing Pre I Monotonicity ideals closed under computing Pre Pre(I) I Backward Reachability Analysis Fin Ideals Ideals: Symbolic Representation i : index (generator) i : generator of ideal i : denotes all markings larger than i Ideals: Symbolic Representation index (generator) Ideals: Symbolic Representation index (generator) Ideals: Symbolic Representation index (generator) Ideals: Symbolic Representation index (generator) Ideals: Symbolic Representation C Index for bad states Ideals: Symbolic Representation C Index for bad states Each ideal can be characterized by a finte set of generators Index is minimal element of its ideal j If i j then i Monotonicity ideals closed under computing Pre C Index for bad states Indices of Pre Monotonicity ideals closed under computing Pre C Index for bad states i: index Indices of Pre Pre(i) computable Backward Reachability Analysis C Step 0 : Backward Reachability Analysis C Step 0 : Step 1 : Backward Reachability Analysis C Step 0 : Step 1 : Backward Reachability Analysis C Step 0 : Step 1 : Step 2 : Backward Reachability Analysis C Step 0 : Step 1 : Step 2 : Backward Reachability Analysis C Step 0 : Step 1 : Step 2 : Step 3 : Backward Reachability Analysis C Step 0 : Step 1 : Step 2 : Step 3 : What did we need? 1. Computable ordering 2. Monotonicity, Computability of Pre 3. Termination -- Ordering is WQO What did we need? 1. Computable ordering 2. Monotonicity, Computability of Pre 3. Termination -- Ordering is WQO ”nice properties” Well Quasi-Ordering (WQO) (A, ) is WQO if a0 a1 a2 a3 ....... i,j: i<j and ai aj WQO : Simple Example ( Nat , ) is WQO x0 x1 x2 x3 ....... : natural numbers i,j: i<j and xi xj Properties of WQO Finite Sets ( A , = ) is WQO if A is finite a0 a1 a2 b a3 a4 a5 b a6 .............. Properties of WQO Words if ( A , ) is WQO w1 : a0 a1 a2 * w2 : b0 b1 b2 b3 b4 b5 b6 then ( A*, * ) is WQO Properties of WQO Multisets if ( A , ) is WQO then ( AM , M ) is WQO M1 M M2 M1 M2 Methodology Start from a finite domain Build more complicated data structures: words, multisets, lists, sets, etc. Examples -- WQO ( A* , ) A : finite alphabet w1 w2 : w1 subword of w2 e.g. ab xaybz Examples -- WQO Words of natural numbers 5 2 7 w1 3 7 1 4 2 8 w2 w1 w2 Multisets over a finite alphabet Words of multisets over a finite alphabet Lossy Channel Systems !m • finite state process ?n • unbounded lossy channel • send and receive operations m n n m …… • Infinite state space • Perfect channel = Turing machine • Motivation: Link protocols State !m mpnm npn ?n Transitions Send !m m Transitions Send !m m Receive ?m m Transitions Send !m m Receive ?m m Messages may nondeterministically be lost Example !m ?n pnmpn nmpm mpm Ordering • same colour • subword mn pmpnp mn pmpnp mn pmp mn pmpnp Ordering • same colour • subword mn pmpnp Computable mn pmpnp and WQO mn pmp mn pmpnp Monotonicity w1 w3 w2 Monotonicity w1 w3 w2 Downward closed Ideal Index mnp denotes all larger states mnp mnmp mmnmp ………… mnp mnmp mmnmp ………… Each ideal can be characterized by a finite set of generators By WQO of Computing Pre Pre ( w ) contains the following: Computing Pre Pre ( w ) contains the following: !m if and w = w’ m then w’ Computing Pre Pre ( w ) contains the following: !m if and w = w’ m then w’ !m if and last(w) = m then w Computing Pre Pre ( w ) contains the following: !m if and w = w’ m then w’ !m if and last(w) = m then w ?m then mw if Example Pre ( a d b ) !b if ad !d if adb ?d if dadb Methodology (applied to LCS) 1. Computable ordering 2. Monotonicity, Computability of Pre 3. Ordering is WQO LCS -- Forward vs Backward Analysis Pre*(w) is regular and computable Post*(w) is regular but not computable Timed Petri Nets 2.1 0.5 8.5 6.2 [3,6] [4,7] [1,5] [0,3] [4, ) [1,2] 4.6 States = Markings 2.1 0.5 3.5 6.2 [3,6] [4,7] [1,5] [0,3] [4, ) [1,2] 4.6 2.1 3.5 0.5 6.2 4.6 Timed Transitions 2.1 0.5 3.5 6.2 [3,6] [4,7] [1,5] 2.1 3.5 0.5 6.2 4.6 [0,3] [4, ) [1,2] 4.6 Timed Transitions 2.1 0.5 3.5 6.2 [3,6] [4,7] [1,5] 2.1 3.5 0.5 6.2 4.6 [0,3] [4, ) increase 4.6 [1,2] age by 1.3 3.4 1.8 4.8 7.5 [4,7] [1,5] 3.4 4.8 1.8 7.5 5.9 [0,3] [4, ) [1,2] 5.9 Discrete Transitions 3.1 1.5 4.5 7.2 [3,6] [4,7] [1,5] 3.1 4.5 1.5 7.2 5.6 t [0,3] [4, ) [1,2] 5.6 Discrete Transitions 3.1 1.5 4.5 7.2 [3,6] [4,7] [1,5] 3.1 4.5 1.5 7.2 5.6 t [0,3] [4, ) [1,2] 5.6 Firing t 3.1 7.2 [4,7] [1,5] 3.1 7.2 0.8 5.6 t [0,3] [4, ) [1,2] 0.8 5.6 Timed Petri Nets • Concurrent timed systems • Infinite-state: symbolic representation • Monotonic behaviour • Safety properties: reachability of ideals Equivalence on Markings 3.1 7.2 [3,6] [4,7] [1,5] t [0,3] [4, ) [1,2] 0.8 5.6 • max = 7 • ages > max behave identically Equivalence on Markings Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3.2 4.8 1.6 6.4 5.7 Equivalence on Markings Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3.1 1.5 4.8 3.2 4.8 1.6 6.4 5.7 Equivalence on Markings Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3.1 1.5 4.8 3.2 4.8 1.6 6.4 5.7 3.2 1.6 4.7 Equivalence on Markings Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3 6 1 54 3.2 4.8 1.6 6.4 5.7 Equivalence on Markings Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts 3.1 4.8 4.8 1.1 5.4 3 4 5 3.2 4.7 4.7 1.2 5.5 1 4 words over multisets over a finite alphabet Ordering on Markings M1 M2 iff M3 : M1 M3 M3 < M2 4.8 6.4 5.7 3.1 4.8 1.5 6.2 5.6 Ordering on Markings M1 M2 iff M3 : M1 M3 M3 < M2 4.8 6.4 5.7 4.8 6.2 5.6 3.1 4.8 1.5 6.2 5.6 4.8 6.4 5.7 4.8 6.2 5.6 3.1 4.8 1.5 6.2 5.6 4.8 6.4 5.7 4.8 6.2 5.6 3.1 4.8 1.5 6.2 5.6 6 5 4 = subword 6 5 4 subword 3 6 1 5 4 Ordering on Markings M1 M2 iff M3 : M1 M3 M3 < M2 3.2 1.2 4.7 3.1 4.8 4.8 1.1 5.4 Ordering on Markings M1 M2 iff M3 : M1 M3 M3 < M2 3.2 1.2 4.7 3.1 4.8 1.1 3.1 4.8 4.8 1.1 5.4 3.2 1.2 4.7 3.1 4.8 1.1 3.1 4.8 4.8 1.1 5.4 3 4 1 = subword 3 4 1 subword 3 4 5 1 4 Properties of = subword ordering on multisets over a finite alphabet is a well quasi-ordering Properties of -- Monotonicity M1 M3 M2 Properties of -- Monotonicity M1 M3 M4 M2 Properties of -- Monotonicity M1 M3 M4 M5 M2 Properties of -- Monotonicity M1 M3 M4 M5 M2 M6 Properties of -- Monotonicity M1 M3 M4 M5 M2 M6 Methodology (applied to TPN) 1. Computable ordering 2. Monotonicity, Computability of Pre 3. Ordering is WQO Infinite-State Games Player A : Player B : Can B take game to ? Backward Reachability Analysis Characterize losing states for A B-states A-states = Pre( ) Backward Reachability Analysis Characterize losing states for A A-states B-states = Pre( ) Backward Reachability Analysis Characterize losing states for A Pre Pre Pre Pre Vector Addition Systems with States (VASS) y -- x++ x-- • Finite-state automaton operating on variables • Variables range over natural numbers • Operations: increment or decrement variable VASS = Petri nets y-- x-- x++ VASS y Petri net x x++ VASS Games x++ x-- x-- x++ Player A : Player B : Can B take game to ? 0 x++ 0 x++ x-- 1 x-- 2 x++ 3 4 0 x++ 0 x++ x-- 1 x-- 2 x++ 3 A cannot avoid 4 1 x++ 1 0 x++ x-- 2 x-- 3 x++ 4 5 1 x++ 1 0 x++ x-- 2 x-- 3 x++ 4 A can avoid 5 2 x++ 2 1 x++ x-- 3 0 x-- 4 1 x++ 5 2 6 3 2 x++ 2 1 x++ x-- 3 0 x-- 4 1 x++ 5 2 A cannot avoid 6 3 Player A: 0 -- lose 1 -- win >1 -- lose Monotonicity does not imply upward closedness Backward Reachability Analysis Characterize losing states for A Pre Pre Pre Pre Why scheme does not work for VASS? Monotonicity does not imply that ideals are closed under Pre 2-Counter Machines y-- x++ x-- x=0? Is reachable? Problem undecidable Simulation of 2-Counter Machines by VASS Games x++ Counter machine x++ VASS game Simulation of 2-Counter Machines by VASS Games x-- Counter machine x-- VASS game Simulation of 2-Counter Machines by VASS Games x=0? Counter machine x-- VASS game Safety undecidable for Monotonic Games Safety undecidable for VASS Games B-Downward Closed Games s1 s3 s2 B-Downward Closed Games s1 s3 s2 Pre ideal any set Backward Reachability Analysis B-Downward closed games Pre Pre Pre Pre ideal Backward Reachability Analysis B-Downward closed games Pre Pre Pre Pre ”nice ordering” ideal characterization of A-losing states decidability of safety Backward Reachability Analysis B-LCS Games !m Player B can lose messages !n ?m ?n !m B-LCS: characterization of A-losing states Safety decidable for B-LCS games A-Downward Closed Games A-Downward Closed Games Post A-Downward Closed Games Post A-Downward Closed Games A-Downward Closed Games A-Downward Closed Games F A-Downward Closed Games F A-Downward Closed Games T F A-Downward Closed Games T F T F Termination • all leaves closed • Evaluate tree: = OR = AND A-Downward Closed Games T F T F Termination guaranteed if is WQO A-Downward Closed Games T F T F Safety decidable for A-LCS Games Can we characterize winning states ? A Problem for LCS !m ?n characterize sf {w w sf } • Set regular • But Not computable A-LCS Games • Winning set regular • But not computable !m LCS !m A-LCS game A-LCS Games • Winning set regular • But not computable ?m LCS ?m A-LCS game A-LCS Games • Winning set regular • But not computable For each : A-LCS game Conclusions and Planned Work Define a WQO on state space Safety properties: reachability of ideals Examples: Timed Petri nets Parameterized systems Broadcast protocols Cache coherence protocols Lossy channel systems, etc. Extension to Games Regular Model Checking Stochastic behaviours

DOCUMENT INFO

Shared By:

Categories:

Tags:
in Bonn, album password, The Corrs, caroline corr, andrea Corr, sharon corr, Name Last modified Size Description, bulletin boards, full size, MySpace backgrounds

Stats:

views: | 2 |

posted: | 2/19/2010 |

language: | English |

pages: | 168 |

OTHER DOCS BY liaoxiuli1

How are you planning on using Docstoc?
BUSINESS
PERSONAL

By registering with docstoc.com you agree to our
privacy policy and
terms of service, and to receive content and offer notifications.

Docstoc is the premier online destination to start and grow small businesses. It hosts the best quality and widest selection of professional documents (over 20 million) and resources including expert videos, articles and productivity tools to make every small business better.

Search or Browse for any specific document or resource you need for your business. Or explore our curated resources for Starting a Business, Growing a Business or for Professional Development.

Feel free to Contact Us with any questions you might have.