Lecture 81 Regional Automaton CS 5270 Lecture 8

Lecture 82 What We Need to Do Problem: –We need to analyze the timed behavior of a TTS. –The timed behavior of TTS is given by TS TTS –But TS TTS is an infinite transition system! Solution: –Represent TS TTS as a finite transition system. –How? –By using the notion of regions, quotient TS TTS into a finite transition system RTS. –Using regions we can compute RTS from TTS. –UPPAAL computes a refined version of RTS from TTS.

Lecture 83 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Time abstraction Finite set of actions but infinite set of states. Quotient via bisimulation of finite index. Both states and actions are finite sets. TTS Semantics Regions

Lecture 84 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Finite set of actions but infinite set of states. Both states and actions are finite sets. RTS is computed directly from TTS (a finite object) s is reachable in TTS iff the corresponding state is reachable in RTS. TTS Semantics Regions

Lecture 85 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Finite set of actions but infinite set of states. Both states and actions are finite sets. TTS Semantics Regions

Lecture 86 Behaviors TTS = (S, s in, Act, X, I,  ) We associate a “normal” transition system with TTS while taking time into account: – TS TTS = ( S, s in, Act  R,  ) – R, non-negative reals    S  Act  R  S TS TTS is an infinite transition system!

Lecture 87 Behaviors TTS = (S, s in, Act, X, I,  ) TS TTS = ( S, s in, Act  R,  ) S = S  V V --- Valuations –A valuation says what the current values of each clock variable is.  v : X R

Lecture 88 Behaviors TTS = (S, s in, Act, X, I, ! ) TS TTS = ( S, s in, Act  R,  )  R, non-negative reals    S  Act  R  S S = S  V s in = (s in, V ZERO ) –V ZERO (x) = 0 for every x in X.

Lecture 89 Behaviors There will be two types of transitions. Time pass move: –(s, v)  (s, v’)  t units of time pass starting from V.  V’ (x) = V(x) + t for every x.  V’ = V + t t

Lecture 810 Behaviors Instantaneous transition. –(s, v)  (s’, v’) –In TTS there is a transition of the form (s, a, X, g, s’) such that:  V satisfies g.  V’(x) = 0 if x is in X.  V’(x) = V(x) if x is not in X. a

Lecture 811 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Finite set of actions but infinite set of states. Both states and actions are finite sets. TTS Semantics Regions

Lecture 812 Time Abstraction TTS = (S, S0, Act, X, I, ! ) s 2 S TS TTS = (SV, sv in, Act [ R, ) ) TA TTS = (SV, sv in, Act, ) where : –(s, V) (s’, V’) iff there exists  such that –(s, V) ) (s, V+  ) in TS and –(s, V+  ) ) (s’, V’) in TS. a  a

Lecture 813 Time Abstraction TTS = (S, S0, Act, X, I, ! ) s 2 S TS TTS = (SV, sv in, Act [ R, ) ) TA TTS = (SV, sv in, Act, ) FACT: s is reachable in TTS (TS) iff s is reachable in TA. Infinite number of states but only a finite number of actions.

Lecture 814 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Finite set of actions but infinite set of states. Both states and actions are finite sets. TTS Semantics Regions

Lecture 815 Bisimulation Finite index bisimulation relation –Used to quotient a big transition system into small one.  big --- infinite  small ---- finite.

Lecture 816 Bisimulation TS = (S, s in, Act, ! ) t  S  S, an equivalence relation – s  s for every s in S (reflexive) – s  s’ implies s’  s (symmetric) –s  s’ and s’  s’’ implies s  s’’ (transitive) –s t t and s s’ implies there exists t’ such that t t’ and s’ t t’. –s t t and t t’ implies there exists s’ such that s s’ and s’ t t’. a a a a

Lecture 817 Stable Relation s t t a s’

Lecture 818 Stable Relation s’ s t t a t t’ a

Lecture 819 Finite Index Bisimulation TS = (S, s in, Act, ! ) t a bisimulation. s  S [s] t – the equivalence class containing s. –{s’ | s t s’} t is of finite index if {[s] | s  S} is a finite set.

Lecture 820 An Example ababab i t j iff (i is odd and j is odd) OR (i is even and j is even). t is a bisimulation of finite index. {1, 3, 5,….} = [5] {2, 4, 6,..} = [8]

Lecture 821 The Quotient Transition System TS = (S, s in, Act,  ) t a bisimulation. QTS = (QS, qs in, Act, ) –The t - quotient of TS. –QS = { [s] t | s 2 S} –qs in = [s in ] t –[s] [s’] iff there exists s1  [s] and s1’  [s’] such that s1  s1’ in TS. a a

22 An Example ababab i t j iff (i is odd and j is odd) OR (i is even and j is even). t is a stable equivalence relation of finite index. {1, 3, 5,….} = [5] {2, 4, 6,..} = [8] [5] [12] a b

Lecture 823 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Finite set of actions but infinite set of states. Both states and actions are finite sets. TTS Semantics Regions

Lecture 824 The Equivalence based on Regions. TA = (SV, sv in, Act, ) t  SV  SV, a bisimulation of finite index. (s, V) t (s’, V’) iff – s = s’ – V Reg V’  V and V’ belong to the same clock region.

Lecture 825 The Equivalence based on Regions. TTS = (S, S0, Act, X, I, ! ) Let m 1 / n 1, m 2 / n 2,…, m k / n k be all the (irreducible) rationals that appear in the transitions. Let K be the LCM of {n 1, n 2,.., n k }. Transform a constraint of the form x · m/n into x · (m/n) £ K etc. Let TTS’ be the resulting timed transitions system. Then s is reachable in TTS iff it is reachable in TTS’. –TTS’ has only integer-valued constants in the guards!

Lecture 826 An example x < 2.1 y > 2 x  1.2 ; y a y < 2.3 b 21/10 12/10 2 = 20/10 23/10

Lecture 827 An example x < 21 y > 20 x  12 ; y a y < 23 b Reachability properties will be preserved,

Lecture 828 The Equivalence based on Regions. TA = ( S, S 0, Act, ) t µ S £ S, a bisimulation of finite index. (s, V) t (s’, V’) iff – s = s’ – V Reg V’ ( V and V’ belong to the same region).

Lecture 829 Regional Equivalence X = {x 1, x 2, …, x n }, the set of clock variables. V, V’ ---- Two clock valuations. –V : X R –V’ : X R V Reg V’ ? r 2 R. – b r c, the largest integer less than or equal to r. (the integral part of r). – b 2.8 c = 2 – b  c = 3 r 2 R –fr( r ), the fractional part of r. r = b r c + fr(r)

Lecture 830 Regional Equivalence X = {x 1, x 2, …, x n }, the set of clock variables. V, V’ ---- Two clock valuations. –V : X R –V’ : X R V Reg V’ ? c x = MAX{ c | “x REL c” is a clock constraint appearing in some guard or invariant} x REL c x ≤ c x ≥ c x c We are assuming all constants mentioned in the guards are integers.

Lecture 831 An example x < 21 y > 20 x  12 ; y a y < 23 b C x = ? C y = ?

Lecture 832 Regional Equivalence X = {x 1, x 2, …, x n }, the set of clock variables. V, V’ ---- Two clock valuations. V Reg V’ iff (i) For every x, either  b V(x) c > c x and b V’(x) c > c x OR  V(x) · c x and V’(x)  c x. Further,  V(x)  =  V’(x)  and fr(V(x)) = 0 iff fr(V’(x)) = 0 (ii) Suppose V(x) · c x and V(y) · c y. Then fr(V(x)) · fr(V(y)) iff fr(V’(x)) · fr(V’(y)).

Lecture 833 An example x < 21 y > 20 x  12 ; y a y < 23 b V(x) = 22 V(y) = 21.6 V’(x) = 87 V’(y) = 21.8

Lecture 834 An example x < 21 y > 20 x  12 ; y a y < 23 b V(x) = 22 V(y) = 21.6 V’(x) = 24 V’(y) = 21.6

Lecture 835 An example x < 21 y > 20 x  12 ; y a y < 23 b V(x) = 20.4 V(y) = 21.6 V’(x) = 20.8 V’(y) = 21.9

Lecture 836 An example x < 21 y > 20 x  12 ; y a y < 23 b V(x) = 20.4 V(y) = 21.6 V’(x) = 20.8 V’(y) = 21.9

Lecture 837 An example x < 21 y > 20 x  12 ; y a y < 23 b V(x) = 20.4 V(y) = 21 V’(x) = 20.8 V’(y) = 21

Lecture 838 Example X = {x, y} c x = 2 c y = 1 {(0, 1)} is a region. {(x, y) | 0 < x = y < 1} is a region. 28 regions.

Lecture 839 Regional Equivalence Reg is an equivalence relation (of finite index!); Each equivalence class of Reg is called a region. There are only a finite number of regions.

Lecture 840 The Equivalence based on Regions. TA = (SV, sv in, Act, ) t µ SV  SV a bisimulation of finite index. (s, V) t (s’, V’) iff – s = s’ – V Reg V’ ( V and V’ belong to the same region).

Lecture 841 The Quotienting One member of a clock region satisfies a clock constraint iff all members of the clock region satisfy the clock constraint. This can be used to compute the t - quotient of TA, called the regional transition system.

Lecture 842 The Reductions. TS TTS TA TTS RTS Both the set of states and actions are infinite. Finite set of actions but infinite set of states. Both states and actions are finite sets. TTS Semantics Regions

Lecture 843 Time Abstraction TTS = (S, S0, Act, X, I, ! ) s 2 S TS TTS = (SV, sv in, Act [ R, ) ) TA TTS = (SV, sv in, Act, ) where : –(s, V) (s’, V’) iff there exists  such that –(s, V) ) (s, V+  ) in TS and –(s, V+  ) ) (s’, V’) in TS. a  a

Lecture 844 The Region Automaton TA TTS = (SV, sv in, Act, ) (s, V)  (s’, V’) iff s = s’ and V and V’ belong to the same clock region. [(s, V)] (s, [V]). RTS = (SRV, srV in, Act, ) –SRV = {(s, [V]) | (s, V) in SV } –srV in = (s in, [V zero ]) = (s in, {V zero }) –(s, [V]) (s’, [V’]) iff for some V1 in [V] and some V1’ in [V’] it is the case that in TA TTS, (s, V1) (s’, V1’) a a

Lecture 845 Example: TTS

Lecture 846 The Representation of Regions For each clock x specify one formula of the form: –c  x < c + 1 where c is in {0, 1, …., c x -1} OR c = c x OR x > c x – For each clock pair specify a constraint of the form x – y = 0 or x – y < k or y –x < k for a suitable k in case x  c x and y  c y.

Example: The Regional Transition System. Only the reachable states have been shown.

Lecture 848 The Regional Construction Given a timed transition system, its (finite!) regional transition system can be computed effectively. Hence one can effectively solve the reachability problem (and other verification problems) concerning timed transition systems. This is the mathematical basis for the verification tools for timed transition systems and timed automata.