CSE 555 Protocol Engineering

Slides:



Advertisements
Similar presentations
Finite-state Recognizers
Advertisements

Types of Logic Circuits
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
1 Combinational Logic Design&Analysis. 2 Introduction We have learned all the prerequisite material: – Truth tables and Boolean expressions describe functions.
Asynchronous Sequential Logic
Charles Kime & Thomas Kaminski © 2008 Pearson Education, Inc. (Hyperlinks are active in View Show mode) Chapter 5 – Sequential Circuits Part 1 – Storage.
Sequential Circuit Analysis & Design Dr. Aiman H. El-Maleh Computer Engineering Department King Fahd University of Petroleum & Minerals Dr. Aiman H. El-Maleh.
1 State Assignment Using Partition Pairs 2  This method allows for finding high quality solutions but is slow and complicated  Only computer approach.
Systems Analysis and Design 9th Edition
CMPT 354, Simon Fraser University, Fall 2008, Martin Ester 52 Database Systems I Relational Algebra.
1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.
ECE C03 Lecture 111 Lecture 11 Finite State Machine Optimization Hai Zhou ECE 303 Advanced Digital Design Spring 2002.
08/07/041 CSE-221 Digital Logic Design (DLD) Lecture-8:
The Control Unit: Sequencing the Processor Control Unit: –provides control signals that activate the various microoperations in the datapath the select.
Asynchronous Sequential Logic
ECE C03 Lecture 131 Lecture 13 Finite State Machine Optimization Prith Banerjee ECE C03 Advanced Digital Design Spring 1998.
CSE 830: Design and Theory of Algorithms
FunState – An Internal Design Representation for Codesign A model that enables representations of different types of system components. Mixture of functional.
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
01/27/2005 Combinationality of cyclic definitions EECS 290A – Spring 2005 UC Berkeley.
Copyright 2008 Koren ECE666/Koren Part.6a.1 Israel Koren Spring 2008 UNIVERSITY OF MASSACHUSETTS Dept. of Electrical & Computer Engineering Digital Computer.
Lecture 10 Topics: Sequential circuits Basic concepts Clocks
Fundamentals of Python: From First Programs Through Data Structures
Software Testing Sudipto Ghosh CS 406 Fall 99 November 9, 1999.
Ch.2 Part A: Requirements, State Charts EECE **** Embedded System Design.
Regular Model Checking Ahmed Bouajjani,Benget Jonsson, Marcus Nillson and Tayssir Touili Moran Ben Tulila
Fundamentals of Python: First Programs
Digital Computer Design Fundamental
Timed UML State Machines Ognyana Hristova Tutor: Priv.-Doz. Dr. Thomas Noll June, 2007.
Zvi Kohavi and Niraj K. Jha 1 Capabilities, Minimization, and Transformation of Sequential Machines.
1 COMP541 State Machines Montek Singh Feb 8, 2012.
Digital Logic Chapter 4 Presented by Prof Tim Johnson
Lecture 23: Finite State Machines with no Outputs Acceptors & Recognizers.
1 Sequential Machine Theory Prof. K. J. Hintz Department of Electrical and Computer Engineering Lecture 1 Adaptation to this.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Black Box Testing Techniques Chapter 7. Black Box Testing Techniques Prepared by: Kris C. Calpotura, CoE, MSME, MIT  Introduction Introduction  Equivalence.
Finite State Machines CT101 – Computing Systems. FSM Overview Finite State Machine is a tool to model the desired behavior of a sequential system. The.
Introduction to State Machine
Software Testing Input Space Partition Testing. 2 Input Space Coverage Four Structures for Modeling Software Graphs Logic Input Space Syntax Use cases.
Copyright © Cengage Learning. All rights reserved.
1 Finite State Machines (FSMs) Now that we understand sequential circuits, we can use them to build: Synchronous (Clocked) Finite State Machines Finite.
School of Computer Science, The University of Adelaide© The University of Adelaide, Control Data Flow Graphs An experiment using Design/CPN Sue Tyerman.
Strings Basic data type in computational biology A string is an ordered succession of characters or symbols from a finite set called an alphabet Sequence.
Systems Analysis and Design 8th Edition
Digital System Design using VHDL
Combinational Circuits
UNIT - I Formal Language and Regular Expressions: Languages Definition regular expressions Regular sets identity rules. Finite Automata: DFA NFA NFA with.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
1 Section 13.1 Turing Machines A Turing machine (TM) is a simple computer that has an infinite amount of storage in the form of cells on an infinite tape.
LECTURE 4 Logic Design. LOGIC DESIGN We already know that the language of the machine is binary – that is, sequences of 1’s and 0’s. But why is this?
1 Turing Machines and Equivalent Models Section 13.1 Turing Machines.
High Performance Embedded Computing © 2007 Elsevier Lecture 4: Models of Computation Embedded Computing Systems Mikko Lipasti, adapted from M. Schulte.
1 Introduction to Turing Machines
5-1-2 Synchronous counters. Learning Objectives: At the end of this topic you will be able to: draw a block diagram showing how D-type flip-flops can.
Universal Turing Machine
Lecture 1 Gunjeet kaur Dronacharya group of institutions.
Capabilities, Minimization, and Transformation of Sequential Machines
Week #7 Sequential Circuits (Part B)
ANALYSIS OF SEQUENTIAL CIRCUITS
Modeling Arithmetic, Computation, and Languages
Turing Machines Acceptors; Enumerators
Regular Expression Manipulation FSM Model
Implement FSM with fewest possible states • Least number of flip flops
Sequential Circuit Analysis & Design
Dr. Clincy Professor of CS
Abstraction.
CSE 370 – Winter Sequential Logic-2 - 1
CSE 555 Protocol Engineering
EGR 2131 Unit 12 Synchronous Sequential Circuits
ECE 352 Digital System Fundamentals
Presentation transcript:

CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed (KFUPM) Spring 2004 (Term 032)

Finite State Machines (FSMs)

Topics (Ch. 8) Finite state machines (FSMs) Petri nets Informal and formal descriptions Execution of machines Minimization of machines Combining machines Extended FSMs Generalization of machines Petri nets Term 032 6-1-3

Motivation for Using FSMs A communication system exhibits: Data flow Deals with data input and its manipulation Control flow Deals with state changes Can be expressed through finite state machine models FSMs are used extensively in hardware to model sequential machines: Inputs with well-defined next state Output produced Applicable model for protocols: Interactions can be modeled as inputs/outputs Protocol operations can be modeled as state changes Term 032 6-1-4

Introduction A protocol is often described as a state machine Helps understanding at a low level of abstraction Design criteria can be expressed in terms of desirable vs. undesirable states A state machine typically defines: Actions that a process is allowed to take Events that a process can expect to happen Actions that a process will take in response to various events A formal model of a communicating state machine is used for: Formal validation of protocols Protocol synthesis Conformance testing Term 032 6-1-5

Informal Description Several informal techniques to describe a finite state machine: Transition tables Transition diagrams A Turing machine Communicating FSMs Asynchronous coupling Synchronous coupling Term 032 6-1-6

Transition Table A finite state machine is informally specified in the form of a transition table Table specifies a set of transition rules for each control state Each row  specifies one rule Each state  usually specified by more than one rule Example: Consider four control states: q0, q1, q2, and q3 Each transition rule has four parts: Current state Input Output Next state These parts correspond to columns in the transition table… Term 032 6-1-7

Example “-”: don’t care In col#1: Rule applies to all states In col#2: Rule applies to all possible values of input “-”: no change In col#3: Output signal does not change In col#4: Control state remains unaffected Conditions for transition rule to be executable (first two columns): The current control state in which the machine must be; and A condition on the environment of the machine Example: value of an input signal Effect of a transition (last two columns) specify: How the environment changes due to transition Example: value of an output signal New state the machine attains after applying transition Term 032 6-1-8

State Transitions How many possible transition rules can be executable in a given state of the machine? None One Multiple Number of executable transition rules determines type of that state: No executable transition rule  machine in an end state Precisely one executable rule  deterministic state More than one executable rules  non-deterministic choice to select a transition rule Selection criteria is undefined Without further information, all options are equally likely Machines that can make such choices are called non-deterministic machines Term 032 6-1-9

Example Two transition rules for the same state q1: When input signal is 1, only the first rule is executable When input signal is 0, both rules are executable Term 032 6-1-10

Transition Diagram State transition diagram Graphical representation of the state machine Behavior more easily understood Control states  circles Transition rules  directed edges Edge labels (c/e), where c: transition condition, and e: effect Term 032 6-1-11

Turing Machines Can be considered as a generalization of finite state model For a truly finite state machine, environment must be of finite state If finite state requirement is dropped, the machine is called a Turing machine Environment for a Turing machine: A tape of infinite length Tape consists of a sequence of squares Each square can store one of a finite set of symbols All tape squares are initially blank Machine can read or write one tape symbol at a time Machine moves the tape left or right by one square at a time State transitions: Condition of transition depends on: current state and symbol Effect of transition rule: output a new symbol onto current square, a possible left or right move of the tape, and a jump to a new control state Term 032 6-1-12

Example Two output signals: One to overwrite the current state on the tape Other to move the tape left or right by one square Term 032 6-1-13

Limitations of Turning Machine Difficult to extend To model interaction of multiple FSMs is hard Infinite number of potential states of the environment: Many problems will become computationally intractable We need to explore other variants of the FSMs Term 032 6-1-14

Communicating Finite State Machines What happens when input and output signals are allowed to overlap Example: feedback the output as an input Assumption: signals have a finite range of possible values Values can change only at precisely defined moments Machine executes a two-step algorithm for ever: Step # 1: inspect input signal values and select an executable transition rule Step # 2: machine changes state wrt the rule and updates its output signals A signal has a state much like a finite state machine A signal can be interpreted as a variable that can be evaluated or assigned to only at precisely defined moments Term 032 6-1-15

Example: Revisited Behavior of this state machine is now fully defined Even if we assume a feedback from output to input signal At each step, machine inspects the output value that was set in the previous transition Machine loops through following states for ever: q0, q2, and q1 Elaborate systems of interacting machines can be built this way By connecting output signals of one machine to the input signals of another The machines must share a common “clock” for their two-step algorithm Term 032 6-1-16

Modeling Distributed Systems using FSMs FSMs are most useful if they can directly model distributed computer systems Two ways to do this: Asynchronous communication among systems Synchronous communication Term 032 6-1-17

Asynchronous Coupling Asynchronous coupling model: Machines are coupled via bounded first-in first-out (FIFO) message queues Signals are now abstract objects called messages Input signals are retrieved from input queues Output signals are appended to output queues Finiteness of the model: All queues and sets of signals are still finite How synchronization is achieved? By defining both input and output signals to be conditionals on the state of the message queues If an input queue is empty, no input signal is available from that queue  corresponding transition rule is unexecutable If an output queue is full, no output signal can be generated for that queue  corresponding transition rule in unexecutable Term 032 6-1-18

Asynchronous Coupling (Cont’d) Assumption: restrict model to one synchronization event per transition rule A single rule can specify either input or output but not both This assumption simplifies the model This assumption also models the real behavior of a distributed system process more closely Execution of a transition rule is atomic A single send/receive operation in most distributed systems is also atomic Example: transition table model of simple version of alternating bit protocol Term 032 6-1-19

Example: Alternating Bit Protocol Possibility of a retransmission Is not modeled in this table Retransmissions are modeled by adding these two rules Last received message can be marked as correct in states q1 and q4 Table models the possibility of retransmission not their probability This is okay as our analysis needs to be independent of any assumptions on the timing or speed of individual processes Term 032 6-1-20

Example: State Transition Diagrams Timeout option in the sender will produce an extra self loop on states q1 and q3 Term 032 6-1-21

Synchronous Coupling For a transition, a signal has to be selected by precisely two machines simultaneously In one machine as output signal, which is an input signal to the second When such a match occurs, both machines make corresponding transitions simultaneously As in case of asynchronous coupling, we allow only one synchronizing event per transition rule Synchronous communication can be considered a special case of asynchronous communication with a queue capacity of zero slots Consider an example of synchronously coupled state machines Term 032 6-1-22

Example: Synchronously Coupled FSMs First machine (user): One input selection P in state q0 One output selection V in state q1 Second machine (server): Same but inputs and output are swapped Synchronous coupling: We create two machines of the first type (User) and combine them with one machine of the second type (Server) The two user machines cannot be both in state q1 simultaneously Synchronous communication is binary: exactly two machines participate One with a given input selection and other with same output selection Term 032 6-1-23

Formal Description of FSMs A communicating FSM can be defined as a daemon It accepts input symbols Symbols are defined as abstract objects without content Generates output symbols Changes its inner state in accordance with a pre-defined plan FSM daemons communicate through FIFO queues Output of one daemon is mapped onto the input of another Formal definition of a message queue: It is a triple (S, N, C) where: S is a finite set called the queue vocabulary N is an integer that defines the number of slots in the queue C is the queue contents, which is an ordered set of elements from S Elements of S and C are called messages Term 032 6-1-24

Formal Description: Communicating FSMs A communicating FSM is defined as: A tuple of the form (Q, q0, M, T) where: Q is a finite, non-empty set of states q0 is an element of Q  the initial state M is a set of message queues T is a state transition relation Relation T has two arguments: T(q, a): q is the current state a is an action from: inputs, outputs, and null action e T defines a set of zero or more possible successor states in set Q for current state q This contains precisely one state unless non-determinism is modeled When T(q, a) is not explicitly defined T(q, a) = F T(q, e) specifies a spontaneous transition: sufficient condition for such transition is that the machine is in state q Term 032 6-1-25

Execution of Machines Consider a set of P FSMs Assume asynchronous coupling only Overlapping set of message queues whose union is M This set of communicating FSMs is executed by applying following rules: Set all machines in their initial states and initialize all message queues to empty Select an arbitrary machine i and an arbitrary transition rule Ti with an action a such that and execute it If no executable transition rule remains, the algorithm terminates Term 032 6-1-26

Executability of the Action a Action a can be: An input action; output action; or null action Let d(a) be destination queue of an action a Let m(a) be the message that is sent or received Let Ni represent the number of slots in message queue i Following three rules can be used to determine if a is executable: Term 032 6-1-27

Minimization Of Machines Basic idea: equivalence of two FSMs Two machines are equivalent if they can generate the same sequence of output symbols when offered with same sequence of input symbols Machines can make non-deterministic choices Possible to generate different output for same input even for two machines that are equal Rule of equivalence: Machines must have equivalent choices to be in equivalent states States within a single machine are equivalent if: Machine can be started in any one of these states; and Generate same set of possible sequences of outputs when offered any given test sequence of inputs Term 032 6-1-28

Example: Minimization Equivalent state transitions Equivalent state transition diagram Both machines seem to behave similarly One has three fewer states Term 032 6-1-29

Example: Minimization These two PROMELA processes are equivalent Two sequences of messages: {q?a;q?b and q?a;q?c} For non-deterministic communicating FSMs, processes A and B are not equivalent The input sequence of q?a;q?b is always accepted by process B but may lead to an unspecified reception in process A Term 032 6-1-30

Minimization: Approach Set of control states of a communicating finite state machine can be minimized by: Replacing every set of equivalent states with a single state This does not change external behavior of the machine Formally, equivalence relationship defines a partitioning of the states into a finite set of disjoint equivalence classes The smallest machine equivalent to the given one will have as many states as the original machine has equivalence classes We can now define an algorithm for minimization of an arbitrary finite state machine with |Q| states Term 032 6-1-31

Minimization Algorithm Step 1: Define an array E of |Q|x|Q| boolean values Initially all elements E[i,j] are set to the truth value of the following condition, for all actions a: Two states are not equivalent unless the corresponding state transition relations are defined for the same actions Step 2: If machine contains only deterministic choices, T defines a unique successor state for all true entries of array E. Change the value of all those entries E[i,j] to the value of: It means that states are not equivalent unless their successors are also equivalent When T(i,a) and T(j,a) can have more than one element, the value of E[i,j] is set to false if either of the following conditions is false for any action a: It means that states i and j are not equivalent unless for every possible successor state p of state i there is at least one equivalent successor state q of state j, and vice versa. Repeat step 2 until the number of false entries in E can no longer increase This procedure always terminates Term 032 6-1-32

Example: Equivalence Equivalence array E is obtained after applying steps 1 and 2 Following state pairs are equivalent: (q0, q3), (q1, q5), and (q2, q4) Therefore, we can reduce the state table to 3-state FSM Entries in array E are symmetric Term 032 6-1-33

Conformance Testing Problem Procedure of testing equivalence of states can also be applied to determine the equivalence of two machines Determine that every state in one machine has an equivalent in the other machine Machines need not be equal to be equivalent A practical application: A formal protocol specification in FSM form should be equivalent to an implementation of that specification That is, implementation seen as black box should respond to input signals exactly as the reference machine would Problem: find the right set of test sequences to establish the equivalence or non-equivalence of two machines This problem is known as fault detection or conformance testing problem Term 032 6-1-34

Combining Machines Combining two FSMs into a single FSM reduces the complexity of formal validation based on FSM model The problem is to find a tuple (Q, qo, M, T) for the combined machine, given two machines (Q1, q01, M1, T1) and (Q2, q02, M2, T2) Algorithm: Total states are: |Q1|x|Q2| and defined a combined set of states Q. The initial state q0 of the new machine is the combination q01q02 The set of message queues M is the union of two machines separate queues For each state q1q2 in Q, define transition relation T for each action a as the non-deterministic choice of the corresponding relation of M1 and M2 separately when placed in individual states q1 and q2 Term 032 6-1-35