Parosh Aziz Abdulla Pritha Mahata Aletta Nyl é n Uppsala University Downward Closed Language Generators

Outline  Reachability Approaches  Downward-closed languages  Recognizability of Reachable sets  Simple Regular Expressions  Downward closed language generators  Hierarchical dlgs  Timed Petri Net  Ongoing Work

 Transition Systems Systems and properties (Set of states, set of initial states, alphabet, transition rules)  Safety Properties ( Nothing bad will ever happen) Verification of Safety property Reachability of a bad state in the system

Reachability Analysis Forward Reachability Backward Reachability Reachability Approaches Forward Reachability Bad states Initial state Post* Backward Reachability Initial states Bad state Pre*

Reachability Approaches (contd.) - Backward reachability set is sometimes computable, e.g LCS[AJ96b]. Still, Forward Reachability is an appealing approach. Why ? - Forward Reachability set is usually not computable, e.g LCS[CFI96].

Forward Reachability Set of reachable states of a system – R Computability of R Symbolic graph G (V, E) l v 1 v2v2 l V = partitions of R wrt some criterion E : v 1 v 2 iff (e.g control states) (finite state) abstraction

Forward Reachability Set of reachable states of a system – R Computability of R Symbolic graph G (V, E) l v 1 v2v2 f h l V = partitions of R wrt some criterion E : v 1 v 2 iff (e.g control states) (finite state) abstraction

Forward Reachability (contd.) If G satisfies a safetyproperty G simulates the transition system. Same result holds for the concrete system. Verification is easier in G. Problem : R is often not computable. But, is R recognizable ! Yes, if R is downward-closed [ABJ98] !!

 - finite alphabet - substring relation on  * L - a language over  * If x  L and y x => y  L, then L is downward closed. y x L Downward Closed Languages x - downward closed set x - upward closed set

Why downward closed languages ? TPN - TPN has monotonicity wrt a preorder on markings. M1M1 M2M2 and M 1 M 3 M 2 M 4 M3M3 M4M4 LCS – Channel Language is downward closed. A channel can always lose messages and become empty. Reachability set is downward-closed for LCS.

Why downward closed languages ? Note : Considering safety properties only, markings can be made downward-closed in TPN. Timed Petri Net, N Lossy TPN, N’ Set of Bad States, Bad (upward closed) Initial states, I M MlMl M MlMl M and M l B loss Bad B’ B M B

Is R recognizable ? Question : Can we find some generator  such that R = L (  ) ? R is upward closed. If a language R  A* is downward closed, then R is characterized by finite set of minimal elements {w 1,….,w m }. [Higman] R = w 1 U …. U w m R = w 1 …. w m UU If (A, ) is wqo, (A*, *) is a wqo. (Higman) A (A, ) is wqo if for each a 1,a 2,….  A, there is i,j such that i < j and a i a j

Is R recognizable ? (contd.) Answer : We can find some generator  such that R = L (  ) if  for a word w in A*, w = L (  ) and  generators are closed under intersection. Question : Can we find  s such that w 1, w 2, e are expressed by  s ? 1.Let A = {a,b,c} and w 1 = ab, w 2 = bc, then w 1 = A* a A* b A*, w 2 = A* b A* c A* and w 1 = (A\a)*(a+  ) (A\b)* w 2 = (A\b)*(b+  ) (A\c)* = (b+c)*(a+  )(c+a)* = (c+a)*(b    a+b)* 2.e = w 1 w 2 = c* a* + c* (b +  ) b* (a +  ) a* + c* (a +  ) (a + c)* a* U

Simple Regular Expressions Generators – simple regular expressions. M - a finite alphabet. Atomic expression e over M - a regular expression of the form  (a +  ) where a  M  (a 1 + a 2 + …. +a m )*, where a 1,a 2,….,a m  M A product p over M - a concatenation (possibly empty)  (e 1 e 2 e n ), where e 1,e 2,….,e n are atomic expressions over M. Simple regular expression over M - has the form  p 1 + p 2 + …. + p n, where p 1,p 2,….,p n are products over M.

R is recognizable ! e = c* a* + c* (b +  ) b* (a +  ) a* + c* (a +  ) (a + c)* a* Products of atomic expressions e = sum of products – an SRE w 1 = (b+c)*(a+  )(c+a)* w 2 = (c+a)*(b+  )(a+b)* atomic expressions

Lossy Channel System  M – Finite alphabet of messages  State – (s, w) s - control state, w  M* - channel content  Set of reachable states of LCS is downward closed and can be expressed by SREs. c?m c!n Channel Control ( LTS)

Well Quasi Ordering N (N, )is wqo x 1,x 2 ……natural numbers, there is i,j such that i < j and x i x j Natural numbers A (A, = )is wqo, if A is finite, a 1,a 2, a 3,a 4,b, a 5,a 6, a 7,a 8,b, a 9 …. Finite sets N (N *, * )is wqo w 1 * w 2 w 1 = w 2 = * Strings

SRE Downward Closed Language Generators (M, =), M : finite alphabet A wqo (A, ) (M*, =*), =* : substring N e.g Let A = N, B = {3} and L(~B) = {0,1,2} U {  } A (A *, * ) is wqo (a 1 + a 2 + …. +a m )* s.t a 1,a 2,….,a m  M ~B * N e.g Let A = N, B = {3} and L(~B) = {0,1,2}* = (L(~B))* * Atomic expressions : Let B  A. (a +  ) s.t a  M ~B : L(~B) = {a | a  A and a is not larger or equal to any element of B}

Downward Closed Language Generators Assume a wqo (A, ) Let B  A Atomic expressions are of the form ~ B or B L(~ B) = Set of elements in A which are not larger or equal to any element in B. L( B) = (L(~ B) )* ~  ~  A product p over A L(e 1 e n ) = {w 1 ….. w n | w 1  L (e 1 ), ….., w n  L (e n )} where e 1,e 2,….,e n are atomic expressions over A. DLG over A – L(p 1 + p 2 + …. + p n ) = L(p 1 ) U ….. U L(p n ), where p 1,p 2,….,p n are products over A.

DLG Answer : For a downward closed language R, we can find some generator  such that R = L (  ) if 1. for a word w in A*, w = L (  ) and 2. dlgs are closed under intersection. N 1.Let (N, ) be the wqo. and w 1 = 2 3, w 2 = 1 2, then w 1 = N* 2 N* 3 N* and w 2 = N* 1 N* 2 N* w 1 = {0,1}*(N U  0,1,2}* w 2 = 0*(N U {  }) {0,1}* ~  = L( 2) L(~ ø) L( 3) ~  ~  = L( 1) L(~ ø) L( 2) ~   2 = L( 2 3) ~  ~  = L( 1 2) ~  ~   1

DLG (contd.) 2. R = w 1 w 2 = {0}* (N U   {0,1}* + {0}* {0,1,  } {0,1}* {0,1,  } { 0,1 }* + {0}* {0,  } { 0}* {0,1,2,  } {0,1}* = L( {1} ( {2}) ) + L(………………) + L(……………..)  = L( {1}) L(~ ø) L( {2}) + ……………… + ……………… ~  ~  ~  = L( {1} ( {2}) + ……………… + ……………..) ~  ~  ~  

Bags (A B, B )is wqo  Application : Markings of a Petri Net are represented by bags. (A, ) is wqo and is equality. B 1 B B 2 B1B1 B2B2 N N B 1, B 2 : N N

Dlg for bags  L   L(  ) A bag dlg,  - ~{3} ~ {1} * = {0,1,2} 0*  L(  ) DLGs for bags  DLGs for words with operator both associative and commutative

String of Bags S1S1 S2S2 S 1 * S 2 ((A B )*, * ) is wqo

Dlg for String of Bags A dlg for string of bags,  s = ~{bag} ~ {bag} * = * e.g ~~~~ + ~ = ~ ~ 6 * ~4 ~7 ~3 * + ~4 ~4 ~6 * ~~ + ~ 3 * ~4 ~2 * + * are in language of  s. Bag dlg Bag dlg*

Dlg for String of Bags(contd.) A dlg for string of bags,  s = = a 2 b a e.g ~~~~ + ~ ~ {a,b} * ~{b,c} ~{b,c} ~b * + ~{b,c} ~{a,c} ~a * are in language of  s. Bag dlg a b b b c c c c A = {a,b,c} : a finite alphabet a b a c a a c c c c c c c

Hierarchical DLGs  (A, ) (A*, *)is wqo impliesis a wqo ( Higman’s Theorem).  If L  A* is downward closed, then L is recognizable by some dlg .  We can hierarchically define dlgs over A. Example : (A, ) (A B, B ) ((A B )*, * ) L dc  A B is recognizable by a dlg. Strings of Bags(A) Bags(A) A wqo Atomic expressions are dlgs for bag. L’ dc  (A B ) * is recognizable by a dlg.

Timed Petri Net P1P1 P3P3 P2P2 P4P4 [1:3][2:4] [4:5][1:6] [4:5] [0:1][2:5] [4:5] 2.0 Tokens have “ages” : Real numbers. Conditions on “ages” : Intervals. Extended bags of Real Numbers : Mapping from real numbers to natural numbers N U {ω}. B = {4.0, 4.0, 2.0} B(4.0) = 2 Marking M : A Ebag over (Places x Reals). M(P 3,4.0) = 2, M(P 1, 2.0) = 1

Timed Transitions P1P1 P3P3 P2P2 P4P4 [1:3][2:4] [0:0] P1P1 P3P3 P2P2 P4P4 [2:4] [0:0] [1:3] t t Increase of time by 1.0 [4:5] [0:1] [2:5] [4:5] [0:1][2:5] [4:5] T

Discrete Transitions P1P1 P3P3 P2P2 P4P4 [1:3][2:4] [0:0] 0. 0 P1P1 P3P3 P2P2 P4P4 [2:4] [0:0] [1:3] t t Firing t [0:1] [2:5] [4:5] [0:1][4:5] [2:5] [4:5] D

Transitions = T D U M1M1 M2M2 If M 1 T M2M2 or M 1 D M2M2 Remark : A TPN can have unbounded number of tokens !! Additionally, there are some lossy transitions in lossy TPN.

Ordering on Marking P1P1 P3P3 P2P2 P4P4 [1:3][2:4] [0:0] P1P1 P3P3 P2P2 P4P4 [2:4] [0:0] [1:3] t t [0:1] [2:5] [4:5] [0:1][4:5] [2:5] [4:5] 6.2 M1M1 M2M2 P 1,2. 0 P 2,3. 7 P 2,3. 5 P 1,2.2 P 1,2. 0 P 4,max frac = 0 Increasing fractional parts age >= 5 M1M1 M2M2

Finite no. of clocks (e.g Timed Automata) x y Two clocks x,y and c max = 3 Clock values are equivalent in timed automata if they have  same integral parts  same ordering of fractional parts  clock values beyond c max are equivalent 0 Regions

Region R : x y  V(x) = 0.6, V(y) = 0.5  V € R Not Powerful for Timed Petri Nets…… Regions(Example)

Dlgs for LTPN P1P1 P3P3 P2P2 P4P4 [1:3][2:4] [4:5][1:5] [4:5] [0:1][2:5] [4:5] c max = 5  Tokens with same fractional parts are in the same ebag.  Ordering of ebags is according to the ordering of fractional parts of ages.  Ages of tokens beyond c max are equivalent. Unboundedness in two directions : number of tokens age of tokens Abstraction of ages to express sets of markings :

Dlgs for LTPN Markings are downward closed for LTPN Constraints = strings of bags over a finite alphabet of (Places x {0,..max}) Sets of markings and Constraints are dlgs for strings of bags over a finite set !!!

Universal Regions ! P1P1 P3P3 P2P2 P4P4 [1:3][2:4] [4:5][1:5] [4:5] [0:1][2:5] [4:5] 2.0 Note : M can have at most same number of tokens as R. If M’ < M, then M’  R M = 2 0 4* 5 3 P1P1 P2P2 P3P3 P4P4 R = frac = 0Increasing fracage >= 5 * 3.75 P2P2

Universal Regions (contd.) P1P1 P3P3 P2P2 P4P4 [1:3)[2:4) [0:5)[1:3) [4:5) [0:1)[2:5) [4:5) t Let Universal Region R = c max = 5 T dlg Generates O((max-1)*2 + sizeof(product) + 1) new regions by timed transition. 2 3 Max bagZero bag max

Universal Regions (contd.) Lot of universal regions !!!Solution : Universal Zones !! t x3x3 x4x4 0 T followed by At most one token in P3 and one token in P4 with ages as follows : 2 3

Acceleration  Compute Post*  Acceleration - a sequence of transitions at each step  Lossy Channel system - accelerate by arbitrary iteration of control loops  Lossy TPN - accelerate by  arbitrary firing of enabled transitions followed by  timed transitions and  combine atomic expressions of the universal regions

Comparison with earlier TPN work  Forward Reachability Backward Reachability  Compute Post* Compute Pre*  Markings are downward closed(lossy TPN). Markings are upward closed.  Universal region. Existential region.  Maximal number of tokens in a Minimal number of tokens universal region. in an existential region.

Ongoing Work Compute Post*(R,t) for all transitions t. Apply forward reachability algorithm. Define universal zones.