Laboratory for Foundations of Computer Science. An Unfolding Approach. University of Edinburgh. Model Checking. Javier Esparza

Similar documents
Unfoldings of Networks of Timed Automata

2.4 Theoretical Foundations

Counting Paths Between Vertices. Isomorphism of Graphs. Isomorphism of Graphs. Isomorphism of Graphs. Isomorphism of Graphs. Isomorphism of Graphs

18.06 Problem Set 4 Due Wednesday, Oct. 11, 2006 at 4:00 p.m. in 2-106

Chapter 4 State-Space Planning

CSC2542 State-Space Planning

Bisimulation, Games & Hennessy Milner logic

CS 491G Combinatorial Optimization Lecture Notes

Mid-Term Examination - Spring 2014 Mathematical Programming with Applications to Economics Total Score: 45; Time: 3 hours

Finite Automata Theory and Formal Languages TMV027/DIT321 LP4 2018

Automatic Synthesis of New Behaviors from a Library of Available Behaviors

Common intervals of genomes. Mathieu Raffinot CNRS LIAFA

Automata and Regular Languages

Lecture 6: Coding theory

NON-DETERMINISTIC FSA

CS311 Computational Structures Regular Languages and Regular Grammars. Lecture 6

Technische Universität München Winter term 2009/10 I7 Prof. J. Esparza / J. Křetínský / M. Luttenberger 11. Februar Solution

CS 360 Exam 2 Fall 2014 Name

A Disambiguation Algorithm for Finite Automata and Functional Transducers

Subsequence Automata with Default Transitions

Solutions for HW9. Bipartite: put the red vertices in V 1 and the black in V 2. Not bipartite!

Implication Graphs and Logic Testing

CS 2204 DIGITAL LOGIC & STATE MACHINE DESIGN SPRING 2014

CIT 596 Theory of Computation 1. Graphs and Digraphs

Metodologie di progetto HW Technology Mapping. Last update: 19/03/09

Learning Moore Machines from Input-Output Traces

CS 573 Automata Theory and Formal Languages

Petri Nets. Rebecca Albrecht. Seminar: Automata Theory Chair of Software Engeneering

Lecture 11 Binary Decision Diagrams (BDDs)

Nondeterministic Automata vs Deterministic Automata

Concepts of Concurrent Computation Spring 2015 Lecture 9: Petri Nets

Behavior Composition in the Presence of Failure

Alpha Algorithm: Limitations

CS415 Compilers. Lexical Analysis and. These slides are based on slides copyrighted by Keith Cooper, Ken Kennedy & Linda Torczon at Rice University

22: Union Find. CS 473u - Algorithms - Spring April 14, We want to maintain a collection of sets, under the operations of:

Anatomy of a Deterministic Finite Automaton. Deterministic Finite Automata. A machine so simple that you can understand it in less than one minute

Analysis of Temporal Interactions with Link Streams and Stream Graphs

The DOACROSS statement

Logic, Set Theory and Computability [M. Coppenbarger]

Prefix-Free Regular-Expression Matching

Abstraction of Nondeterministic Automata Rong Su

C. C^mpenu, K. Slom, S. Yu upper boun of mn. So our result is tight only for incomplete DF's. For restricte vlues of m n n we present exmples of DF's

Lesson 2.1 Inductive Reasoning

On the Maximally-Permissive Range Control Problem in Partially-Observed Discrete Event Systems

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Categorical approaches to bisimilarity

Necessary and sucient conditions for some two. Abstract. Further we show that the necessary conditions for the existence of an OD(44 s 1 s 2 )

Lesson 2.1 Inductive Reasoning

Minimal DFA. minimal DFA for L starting from any other

Alpha Algorithm: A Process Discovery Algorithm

CS 188: Artificial Intelligence Spring 2007

CMSC 330: Organization of Programming Languages. DFAs, and NFAs, and Regexps (Oh my!)

Formal Methods for XML: Algorithms & Complexity

Computing all-terminal reliability of stochastic networks with Binary Decision Diagrams

CSE 332. Sorting. Data Abstractions. CSE 332: Data Abstractions. QuickSort Cutoff 1. Where We Are 2. Bounding The MAXIMUM Problem 4

Finite Automata. Informatics 2A: Lecture 3. John Longley. 22 September School of Informatics University of Edinburgh

Formal Language and Automata Theory (CS21004)

Global alignment. Genome Rearrangements Finding preserved genes. Lecture 18

Finite State Automata and Determinisation

I1 = I2 I1 = I2 + I3 I1 + I2 = I3 + I4 I 3

1 PYTHAGORAS THEOREM 1. Given a right angled triangle, the square of the hypotenuse is equal to the sum of the squares of the other two sides.

Behavior Composition in the Presence of Failure

Nondeterminism. Nondeterministic Finite Automata. Example: Moves on a Chessboard. Nondeterminism (2) Example: Chessboard (2) Formal NFA

Outline Data Structures and Algorithms. Data compression. Data compression. Lossy vs. Lossless. Data Compression

Automata and Languages

DATA Search I 魏忠钰. 复旦大学大数据学院 School of Data Science, Fudan University. March 7 th, 2018

Learning Partially Observable Markov Models from First Passage Times

Welcome. Balanced search trees. Balanced Search Trees. Inge Li Gørtz

Unit 4. Combinational Circuits

State Complexity of Union and Intersection of Binary Suffix-Free Languages

where the box contains a finite number of gates from the given collection. Examples of gates that are commonly used are the following: a b

Finite Automata. Informatics 2A: Lecture 3. Mary Cryan. 21 September School of Informatics University of Edinburgh

Section 2.3. Matrix Inverses

Now we must transform the original model so we can use the new parameters. = S max. Recruits

Chapter 2 Finite Automata

CARLETON UNIVERSITY. 1.0 Problems and Most Solutions, Sect B, 2005

Scientific notation is a way of expressing really big numbers or really small numbers.

Probability The Language of Chance P(A) Mathletics Instant Workbooks. Copyright

Core 2 Logarithms and exponentials. Section 1: Introduction to logarithms

Technology Mapping Method for Low Power Consumption and High Performance in General-Synchronous Framework

Algebra 2 Semester 1 Practice Final

Theory of Computation Regular Languages. (NTU EE) Regular Languages Fall / 38

Compression of Palindromes and Regularity.

19 Optimal behavior: Game theory

Graph Algorithms. Vertex set = { a,b,c,d } Edge set = { {a,c}, {b,c}, {c,d}, {b,d}} Figure 1: An example for a simple graph

Table of Content. c 1 / 5

Graph Theory. Simple Graph G = (V, E). V={a,b,c,d,e,f,g,h,k} E={(a,b),(a,g),( a,h),(a,k),(b,c),(b,k),...,(h,k)}

Harvard University Computer Science 121 Midterm October 23, 2012

Supervisory Control under Partial Observation

Vidyalankar S.E. Sem. III [CMPN] Discrete Structures Prelim Question Paper Solution

Theory of Computation Regular Languages

CMSC 330: Organization of Programming Languages

Types of Finite Automata. CMSC 330: Organization of Programming Languages. Comparing DFAs and NFAs. Comparing DFAs and NFAs (cont.) Finite Automata 2

11.1 Finite Automata. CS125 Lecture 11 Fall Motivation: TMs without a tape: maybe we can at least fully understand such a simple model?

Java II Finite Automata I

A Process-Algebraic Semantics for Generalised Nonblocking

1.4 Nonregular Languages

Grammar. Languages. Content 5/10/16. Automata and Languages. Regular Languages. Regular Languages

Improving the Precision of INCA by Preventing Spurious Cycles Λ

COMPUTING THE QUARTET DISTANCE BETWEEN EVOLUTIONARY TREES OF BOUNDED DEGREE

Transcription:

An Unfoling Approh to Moel Cheking Jvier Esprz Lbortory for Fountions of Computer Siene University of Einburgh

Conurrent progrms Progrm: tuple P T 1 T n of finite lbelle trnsition systems T i A i S i i s 0i 1 i n where A i is n lphbet of tions, S i is finite set of (lol) sttes, i S i A i i is trnsition reltion, n s 0i S i is the initil stte

REQ0 b0:=f ENT0 REQ1 b1:=f ENT1 b0:=t t=1 b1=f b1:=t t=0 b0=f Exmple t:=0 b0=f t=0 t:=1 b1=f t:=0 b0:=t b0:=f t:=1 t:=0 b1:=t b1:=f t:=1 b0=t t=1 b1=t

Semntis The behviour of P is efine by the (rehble subset of) the globl trnsition system where T P A S s 0 A A 1 A n (A prtitione into visible n invisible tions), S S 1 S n (s i enotes the ith omponent of s S), s 0 s 01 s 0n, s s iff for every 1 i n A i s i s i i, n A i s i s i

Reuing the moel heking problem The moel heking problem for progrm P T 1 T n n be reue to (severl instnes of) the following problems: The forbien tre problem (FT) Given: Progrm P, tion To eie: Does T P exhibit forbien tre, ie, tre 0 1 2 n A suh tht n? The forbien infinite tre problem (FIT) Given: Progrm P, tion To eie: Does T P exhibit forbien infinite tre, ie, n infinite tre 0 1 2 A ω suh tht i for infinitely mny i 0? The livelok problem (L) Given: Progrm P, tion To eie: Does T P exhibit livelok, ie, n infinite tre 0 1 2 A ω suh tht i for some i, n j is invisible for every j i?

A first nlysis Complexity of FT, FIT n L: PSPACE-omplete Stnr solution: ompute the globl trnsition system TP, n use well-known grph lgorithms Time n spe omplexity O TP, but in prtie often O TP 2 Problem: exponentil in the size of P for very esy instnes, eg for ompletely inepenent proesses Our solution: work on the unfoling of the system Compt proof objets, exponentilly smller thn TP in fvourble ses Proof objets of size O TP for FT, n of size O TP 2 for FIT n L In this tlk: only FT n FIT (L more tehnil)

b Running exmple s0 r0 b s1 s2 r1 T1 T2

The unfoling s0 s0 s0 r0 r0 r0 s1 s1 s1 s2 s2 s2 r1 r1 r1 b b b b b

First tree s0 b s1 s2 b b s0 s0 b b s1 s2 s1 s2

Seon tree r0 r1 r0 r1 r0 r1

An exmple with n 1 In this se P T1 TP s0 s0 s1 s2 s1 s2 s1 s1 s2 s1 s2 s1 s1 s2 s1 s1 s2 s1 s2 s1 s2 s1 s1 s2 s1 s2

Solving FT for n 1 Proof tree: Prefix of the unfoling of P A noe n is terminl if (I) it is rehe by n event lbelle by, or (II) the proof tree onstrute so fr ontins noe n lbelle by the sme stte s n A tbleu is (miniml) proof tree suh tht ll leves re terminls A terminl n is suessful if it is of type I A proof tree is suessful if it hs t lest one suessful terminl Theorem: P exhibits forbien tre iff P hs suessful proof tree

Generliztion to n 1 First ttempt Problem: Terminls re lol sttes, but terminl s efinition must refer to globl sttes Ie [MMilln 92, 95]: Assoite to eh noe n of the unfoling globl stte GS n s follows: let Hist n be the history of n; let GS n be the result of exeuting Hist n New efinition of terminl: A noe n is terminl if (I) it is rehe by n event lbelle by, or (II) the proof tree onstrute so fr ontins noe n suh tht GS n GS n A terminl n is suessful if it is of type I

s0 s0 s0 r0 r0 r0 s1 s1 s1 s2 s2 s2 r1 r1 r1 b b b b b

p0 p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11 The ttempt fils! p1 1 2 p1 p2 p3 p4 3 4 5 6 p5 p6 p7 p8 p5 p6 p7 p8 7 8 10 9 p9 p9 p10 p10

Aequte orers GS n GS n too wek for terminl An orer on histories is equte if it is well-foune, preserves uslity: if h prefix of h then h h, n is preserve by finite extensions: if h h h h h for ll h h, then We sy n n if Hist n Hist n New efinition of terminl: A noe n is terminl if (I) it is rehe by n -trnsition, or (II) the proof tree onstrute so fr ontins noe n n suh tht GS n GS n A terminl n is suessful if it is of type I Theorem: P hs forbien tre iff it hs suessful tbleu

Problem: n n is n itionl onition less ples re terminls proof trees n be bigger! In [MMilln 92]: h h if size of h smller thn size of h Tbleux n be exponentilly bigger thn T P In [E,Römer,Vogler 96, E, Römer 99]: Totl orers Theorem: Any tbleux in whih the events re e in -orer hs size O T P

A solution to FIT for n 1 A noe n is terminl if Hist n ontins noe n lbelle with the sme stte s n A terminl n is suessful if Hist n Hist n (the pth from n to n) ontins some -lbelle trnsition Theorem: P exhibits forbien infinite tre iff P hs suessful tbleu Problem: tbleux n be exponentilly lrger thn T P

s1 s2 s2 s2 s4 s1 s1 s2 s1 s2

A better solution for n 1 New efinition of terminl: A noe n is terminl if there is noe n lbelle with the sme stte s n suh tht n belongs to Hist n, or n oes not belong to Hist n, n Hist n ontins t lest s mny -lbelle trnsitions s Hist n A terminl n is suessful if n belongs to Hist n n Hist n Hist n ontins some -lbelle trnsition Theorem: P hs forbien infinite tre iff it hs suessful tbleu The size of ny tbleu in whih events re e in -orer is O T P 2

1 s0 s1 s2 2 3 s1 s2 s1 4 5 6 7 8 s1 s1 s2 9 10

Generliztion to n 1 Definition of terminl: A noe n is terminl if there is noe n suh tht GS n GS n, n n n belongs to Hist n, or n oes not belong to Hist n, n Hist n ontins t lest s mny -lbelle trnsitions s Hist n A terminl n is suessful if n belongs to Hist n n Hist n Hist n ontins some -lbelle trnsition Theorem: T P hs forbien infinite tre iff it hs suessful tbleu With the equte orers of [E,Römer,Vogler 96] n [E, Römer 99] the size of ny tbleu is t most O T P 2

A suessful tbleu s0 r0 s1 s2 r1 s0 r0 s1 s2 r1

System Struture Petri net Prefix BDD size (sle) Ples Trns Globl Sttes Ples Trns (Petrify) CY(12) 95 71 74264 232 104 DPD(7) 63 63 109965 86310 4314 SR(10) 100 100 81 10 12 119450 86180 EL(4) 736 1939 43440 32354 16935 PC 231 202 31 106 2164 1035 40188 CP 150 140 28 10 7 1671 780 210249 DME(64) 257 256 18 10 62 385 256 45460 RW(10) 86 66 16 10 6 29132 15974 7576

CY : Cyler (Milner) DPD: Philosophers with elok voine SR: Slotte ring protool EL: Elevtor PC: Proution ell CP: Conurrent Pushers (Heimer) DME: STG speifition of iruit for istribute mutul exlusion RW: Reers n writers (Hellwgner)

Unfolings vs BDDs Coneptul similrities n ifferenes: Both tehniques ompress the stte spe BDDs exploit regulrity Unfolings exploit onurreny Consequenes: Robustness: Unfolings less sensitive to hnges in the system Compression: Prefix smller for loosely ouple systems, BDDs smller for tightly ouple systems

100 rnom tbles with right-hne, left-hne, n mbiextrous philosophers BDD for the set of rehble sttes (Petrify) Nr of BDD size phil Averge Min Mx StDev Aver/StDev 4 178 94 355 52 030 6 583 248 1716 305 052 8 1553 390 8678 1437 092 10 3140 510 27516 4637 148 12 4855 632 47039 8538 176 14 33742 797 429903 85798 254

100 rnom tbles with right-hne, left-hne, n mbiextrous philosophers Noes of the omplete prefix (PEP) Nr of Prefix size phil Averge Min Mx StDev Aver/StDev 4 46 40 60 513 010 6 70 60 85 599 009 8 95 80 110 692 007 10 117 100 135 778 007 12 141 120 160 740 005 14 161 140 185 925 006

Cheking elok-freeom with BDDs 100 rnom tbles with right-hne, left-hne, n mbiextrous philosophers SMV on SUN Ultr 60, 2 proessors, 640 MB Nr of Time in seons phil Averge Min Mx StDev Aver/StDev 4 008 005 013 002 029 6 036 020 118 016 046 8 414 125 1460 245 059 10 5660 1580 38800 4690 083 12 159500 22800 1061600 161500 101

Cheking elok-freeom with unfolings 100 rnom tbles with right-hne, left-hne, n mbiextrous-philosophers PEP + stble moels on SUN Ultr 60, 2 proessors, 640 MB Nr of Time in seons phil Averge Min Mx St Dev Aver/St Dev 8 001 004 003 0007 024 10 001 006 003 0009 027 12 002 007 004 0012 028 14 002 005 004 0007 020 16 002 005 004 0007 017 18 003 005 004 0007 017

Unfolings vs stubborn sets Coneptul similrities n ifferenes: Both tehniques exploit onurreny Stubborn sets isr informtion Unfolings ompress informtion Stubborn sets re onservtive: smll overhe is gurntee, t the prie of suboptiml reution Unfolings tke risks : lrge overhe is possible, but optiml ompression Consequenes: No loss of informtion All rehbility properties hekble on the sme prefix Cuslity informtion vilble (ex lrm ptterns) Lrger overhes for tightly ouple systems

Cheking elok-freom with stubborn sets n unfolings 1 left-hne, 1 right-hne, n n 2 mbiextrous philosophers SUN Ultr 60, 2 proessors, 640 MB Nr of Time in seons phil PROD PEP + smoels 10 18 004 12 69 004 14 834 004 16 5003 004 18 29257 006

Tenttive rules of thumb BDDs more suitble for very regulr systems Stubborn sets n unfolings more suitble for irregulr but onurrent systems Stubborn sets more suitble for systems with little onurreny Unfolings more suitble for highly onurrent systems

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback