From CCS to Hybrid π via baby steps. Bill Rounds CSE, U of Michigan

Transcription

1 From CCS to Hybrid π via baby steps Bill Rounds CSE, U of Michigan

2 Main idea The hybrid pi-calculus extends pi-calculus by adding a component called the continuous environment, which evolves over time and interacts with a pi-process. It makes sense to extend earlier calculi like CCS this way. An environment that doesn t evolve turns out to be a store. But the name-passing features of hybrid pi suggest a name-passing regime for CCS, which amounts to parameter passing by reference.

3 CCS+ A retrofitting of CCS Get rid of value-passing Add name-passing Add explicit storage (so more like Dijkstra)

4 A small grammar for CCS P ::= 0 q S rec q.p νap (P P ) S ::= α.p (S + S) α is positive, negative, or τ

5 We extend CCS to be more Dijkstralike (already anticipated in CSP) A process can have another process as an environment, but it can also have a storage as a separate environment. Storage represented as a (finite)valuation E : Ivar N

6 Assignment statements interact with the environment. x := e is an environmental action which can be prefixed to a process. [x := 10].0 initializes x to 10.

7 New grammar for CCS+ Add a new class of names x, y, ranging over integers or reals P ::= 0 q S rec q.p νap νxp (P P ) S ::= a x.p a( x).p τ.p [x := e].p (S + S) Transition rule for assignments: (E, [x := e].p ) x:=e (E, P ) where E = E[x [[e]]].

8 Name-passing in CCS+ Consider a co-routine kind of situation: one process P is looking at the values of integer variables x and y, and wants a parallel process Q to multiply the values and return the result in a new variable, which can be passed as a pointer back to P. P ::= mult x 0, y 0.answer(z).c z.0 P sends the names x0, y0 to Q on channel mult, receives the result z on channel answer, then sends the result somewhere else on channel c.

9 The other partner Q ::= mult(x, y).νz[z := x y].answer z.q On each invocation, Q receives names x,y, declares local z, stores xy into z, sends z back to the calling process P.

10 Passing by reference in a reaction ((x 0 : 10; y 0 : 2), P Q) τ ((x 0 : 10; y 0 : 2), answer(z)c z.0 νz[z := x 0 y 0 ].answer z.q) Reaction rule: P a x 1,..., x k.p Q a (y 1,... y k )Q P Q τ P Q [y 1 x 1,..., y k x k ] (need abstractions, concretions here)

11 New local names ((E, νzq) τ (E, Q[z z 0 ])) where z 0 is fresh. ((x 0 : 10; y 0 : 2), νz[z := x 0 y 0 ].answer z.q) τ ((x 0 : 10; y 0 : 2), [z 0 := x 0 y 0 ].answer z 0.Q)) [z 0 :=x 0 y 0 ] (((x 0 : 10; y 0 : 2, z 0 : 20), answer z 0.Q))

12 Guarded assignment (Dijkstra) γ x := e where γ is a predicate on E. The assignment happens (atomically) only if E satisfies γ. By omitting the body, we get pure tests. By omitting the guard, we get an unconditional assignment.

13 What can you do with CCS+? -- Encode while-programs of the standard sort -- use Milner s encoding of ; by means of -- use rec q to define meaning of while loop -- with vector assignments, encode Petri nets

14 Petri nets %" %# %$!"!#!$ %& %' Rule for firing: if all input places are positive, remove a token from each input place and add a token to each output place t 1 ::= [(p 1, p 2 ) > (0, 0) (p 1,..., p 5 ) := (p 1,..., p 5 ) + (0, 1, 0, 1, 0)].t 1 P ::= t 1 t 2 t 3 Requires vector assignment statements

15 Making Petri nets mobile Name-passing is a way to achieve mobility (aka reconfigurability) in Petri nets. One obvious way to do this is to pass places (by reference) from one transition to another, since places are already named. Another way (Klavins) is to give the tokens names, and have them point to values. Then the input and output arcs can be named and used as channels to pass the tokens by name. This extends the colored PNs.

16 Towards hybrid systems The next step is to turn the ``storage into an active entity. P Q E x y z

17 Timed CCS We let the values pointed to by x, y, z evolve at a constant rate, as well as to remain constant (evolve at a zero rate). This involves specifying the rate as part of the environment. E = x : 3.21 ẋ : 1 y : 10 clock ẏ : 0 If processes don t pass x, y names, but can introduce clocks, this gives Timed CCS.

18 Time transitions Represent the values of all the clock variables in a state as a vector. Suppose E = E(x 0,..., x n ). Then (E(x 0, x n ), P ) t (E(x 0 + t,..., x n + t), P ) unless P ρ P where ρ is a guarded assignment with a true guard at some time s < t. The reason for this is maximal progress. A guarded assignment must execute as soon as it is enabled.

19 Example: defining a timeout (Schneider) The process Q 1 d Q2 offers a time-sensitive choice between Q1 and Q2. If Q1 performs an observable action before d time units have elapsed, then the choice is resolved for Q1 and Q2 is discarded. If Q1 performs no such action, then the process Q2 is enabled after d units of time and Q1 is discarded. Q 1 d Q2 def = νx([x. = 0].[ẋ := 1].(Q 1 + [x = d].q 2 )) where x is not free in Q 1 or Q 2 and Q 1 is itself a sum.

20 Hybrid CCS -- Allow continuously differentiable functions as values of dotted variables. -- Allow assignments to these variables which reset or combine functions using addition, multiplication -- Don t allow any name-passing -- Regard the collection of dotted variables and their values as defining a vector field -- Environments now evolve over time according to the flow determined by the vector field. -- Add invariant predicates as a component of the environment

21 An example environment current state vector field (x : 1.5, y : 0) (ẋ : x y x 3, ẏ : x + y y 3 ) {{(x, y) (x 0) (1 x 2 + y 2 2)}}. invariant region (can be a set of these) I got this out of a differential equations book. The flow stays in the described annulus.

22 Example: forming closed-loop system A plant is given by x = F(x,u) and a controller by u = G(u) The following code constructs the closed-loop combination of these: ([x := x 0 ].[ẋ := F (x, u)].0) ([u := u 0 ].[ u := G(u)].0) Executing all of these assignments in the null environment gives ( ( (x, u) : (x 0, u 0 ) (ẋ, u) : (F (x, u), G(u)) ), 0 0)

23 Hybrid CCS with name-passing: HCCS+ Allow sends and receives of environment names. Sufficient to represent mobile Petri nets, many other reconfigurable physical systems Robotic minifactory (Klavins) Built using palette of controllers, navigation functions (Saranli s talk)

24 Hybrid π-calculus ( φ-calculus) Simply allow channel names (i.e., pointers to processes) to be passed. This move is uniform in the non-hybrid and the hybrid setting. HCCS+ is useful when one has fixed system of concurrent processes, used to control differing groups of physical agents. Phi-calculus used to reconfigure the process structure itself.

25 Example: mobile phone system Communication structure: car with cell phone communicates with tower 1 until signal is too low; then finds tower 2 Interaction between car and tower 1 morphs into interaction between car and tower 2. This is accomplished by channel name-passing (Milner). Trajectory of car can be modelled explicitly or as an input function. Signal strength proportional to distance from tower. Invariant regions are simply circles around each tower. We assume circles intersect.

26

27 Logics and model-checking Various logics have been developed for hybrid systems One of the first was Davoren s extension of modal mu-calculus. It s also possible to use Buchi automata as a kind of linear temporal logic. This idea underlies SPIN, a model checker for LTL. Hosung Song (the real inventor of hybrid pi) is extending SPIN model-checking to the hybrid case.

28 Research issues Investigate the implications of these ideas with respect to other languages like CSP. That is, add name passing, both channels and environment names. Follow up the Petri net connection. Let the tokens be named, and consider a syntax for combining nets based on the process-algebra connectives. Use theory developed for nets (i.e., event structures) to study HCCS+. Bisimulation. Get a workable definition just for CCS+; then extend to more expressive languages. Integrate with current notions of bisimulations for hybrid automata. Logics. A fortiori, a logic for CCS+ is a logic for Petri nets. Moving up the scale, logics for hybrid systems (modal mu-calculus with a time modality, Davoren) can be expanded to spatial logics (Caires, Cardelli). Add continuous environments to other mobility calculi -- in particular, the ambient calculus. Important for biological applications.

29 The end.