2nd Exam. First Name: Second Name: Matriculation Number: Degree Programme (please mark): CS Bachelor CS Master CS Lehramt SSE Master Other:

Similar documents
The State Explosion Problem

Overview. 1 Lecture 1: Introduction. 2 Lecture 2: Message Sequence Charts. Joost-Pieter Katoen Theoretical Foundations of the UML 1/32

Semantics and Verification

Branching Bisimilarity with Explicit Divergence

Exam Theoretical Foundations of UML WS 2012/13

Fault Tolerance. Dealing with Faults

Finite Automata and Regular Languages (part II)

Communication and Concurrency: CCS

Trace Refinement of π-calculus Processes

Finding Complex Solutions of Quadratic Equations

SUFFIX TREE. SYNONYMS Compact suffix trie

Automata, Logic and Games: Theory and Application

Vertical Implementation

A Note on Scope and Infinite Behaviour in CCS-like Calculi p.1/32

Semantic Equivalences and the. Verification of Infinite-State Systems 1 c 2004 Richard Mayr

Topics in Concurrency

Communication and Concurrency: CCS. R. Milner, A Calculus of Communicating Systems, 1980

Structure Preserving Bisimilarity,

Combinational Techniques for Reliability Modeling

Program Analysis. Lecture 5. Rayna Dimitrova WS 2016/2017

Complex Systems Design & Distributed Calculus and Coordination

A Weak Bisimulation for Weighted Automata

Decidable Subsets of CCS

Representation theory of SU(2), density operators, purification Michael Walter, University of Amsterdam

Methods for the specification and verification of business processes MPB (6 cfu, 295AA)

CONNECTOR ALGEBRAS FOR C/E AND P/T NETS INTERACTIONS

CpE358/CS381. Switching Theory and Logical Design. Class 16

A Brief Introduction to Model Checking

Building a befer mousetrap. Transi-on Graphs. L = { abba } Building a befer mousetrap. L = { abba } L = { abba } 2/16/15

Local state refinement on Elementary Net Systems: an approach based on morphisms

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Reliable Computing I

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.

Final Exam /614 Bug Catching: Automated Program Verification Matt Fredrikson André Platzer. December 17, 2017

Trustworthy, Useful Languages for. Probabilistic Modeling and Inference

Characterizing Fault-Tolerant Systems by Means of Simulation Relations

CCS: Syntax & Semantics (Final Version)

Plan for Today and Beginning Next week (Lexical Analysis)

Models of Concurrency

Formal Techniques for Software Engineering: CCS: A Calculus for Communicating Systems

Finite-State Model Checking

Inequalities. Inequalities. Curriculum Ready.

CSE Theory of Computing: Homework 3 Regexes and DFA/NFAs

Department of Electrical and Computer Engineering University of Wisconsin Madison. Fall Midterm Examination CLOSED BOOK

Reversal of regular languages and state complexity

TTA and PALS: Formally Verified Design Patterns for Distributed Cyber-Physical

CS 4120 Lecture 3 Automating lexical analysis 29 August 2011 Lecturer: Andrew Myers. 1 DFAs

A Simplified Approach for Testing Real-Time Systems Based on Action Refinement

High Performance Computing

Recent results on Timed Systems

From High-Level Component-Based Models to Distributed Implementations

M = (Q,Σ,δ,q 0,F) Σ is the alphabet over which the transitions are defined.

Efficient Computation of Program Equivalence for Confluent Concurrent Constraint Programming

Some techniques and results in deciding bisimilarity

Lecture 4 Event Systems

CS 420, Spring 2018 Homework 4 Solutions. 1. Use the Pumping Lemma to show that the following languages are not regular: (a) {0 2n 10 n n 0};

DES. 4. Petri Nets. Introduction. Different Classes of Petri Net. Petri net properties. Analysis of Petri net models

Math Analysis CP WS 4.X- Section Review A

LING/C SC/PSYC 438/538. Lecture 17 Sandiway Fong

Department of Electrical and Computer Engineering University of Wisconsin Madison. Fall Midterm Examination CLOSED BOOK

Reliability of Technical Systems

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either

Communicating and Mobile Systems

Midterm 1. Your Exam Room: Name of Person Sitting on Your Left: Name of Person Sitting on Your Right: Name of Person Sitting in Front of You:

Model Checking I. What are LTL and CTL? dack. and. dreq. and. q0bar

Topics in Concurrency

Dependable Computer Systems

Fachgebiet Leistungselektronik und Elektrische Antriebstechnik. Test Examination: Mechatronics and Electrical Drives

Labeled Transition Systems

10. The GNFA method is used to show that

Theoretical Foundations of the UML

Distributed Timed Automata with Independently Evolving Clocks

Trace- and Failure-Based Semantics for Responsiveness

CS 121, Section 2. Week of September 16, 2013

A Compositional Approach to Bisimulation of Arenas of Finite State Machines

Formal Methods for Specifying and Verifying Distributed Algorithms Process Algebra vs I/O Automata

Name: Matriculation Number: Tutorial Group: A B C D E

Pseudo-automata for generalized regular expressions

INTRODUCTION TO NONMONOTONIC REASONING

Process Algebras and Concurrent Systems

Theoretical Foundations of the UML Lecture 18: Statecharts Semantics (1)

Logic: Intro & Propositional Definite Clause Logic

A Behavioral Congruence for Concurrent Constraint Programming with Nondeterministic Choice

MCS 115 Exam 2 Solutions Apr 26, 2018

Click to edit. Master title. style

Model Checking I. What are LTL and CTL? dack. and. dreq. and. q0bar

Failure detectors Introduction CHAPTER

Please give details of your answer. A direct answer without explanation is not counted.

Algorithms Exam TIN093 /DIT602

Algorithms, Probability, and Computing Fall 2010 Exam

Complete Process Semantics for Inhibitor Nets Technical Report

A Logical Viewpoint on Process-Algebraic Quotients

Communication Engineering Prof. Surendra Prasad Department of Electrical Engineering Indian Institute of Technology, Delhi

An introduction to process calculi: Calculus of Communicating Systems (CCS)

Fault Tolerant Computing CS 530 Fault Modeling. Yashwant K. Malaiya Colorado State University

The WHILE Hierarchy of Program Schemes is Infinite

Model Checking for Propositions CS477 Formal Software Dev Methods

On Decision Problems for Probabilistic Büchi Automata

CSCE 155N Fall Homework Assignment 2: Stress-Strain Curve. Assigned: September 11, 2012 Due: October 02, 2012

Comparing State Machines: Equivalence and Refinement

Transcription:

2 Concurrency Theory WS 2013/2014 Chair for Software Modeling and Verification Rheinisch-Westfälische Technische Hochschule Aachen Prof. Dr. Ir. Joost-Pieter Katoen apl. Prof. Dr. Thomas Noll S. Chakraorty, B. Kaminski, H. Wu Concurrency Theory WS 2013/2014 2nd Exam First Name: Second Name: Degree Programme (please mark): CS Bachelor CS Master CS Lehramt SSE Master Other: General Information: Mark every sheet with your matriculation numer. Check that your copy of the exam consists of 12 sheets (24 pages). Duration of exam: 120 minutes. No helping materials (e.g. ooks, notes, slides) are permitted. Give your solution on the respective sheet. Also use the ackside if necessary. If you need more paper, ask the assistants. Write with lue or lack ink; do not use a pencil or red ink. Make sure all electronic devices are switched off and are nowhere near you. Any attempt at deception leads to failure for this exam, even if it is detected only later. Σ Points Task 1 16 Task 2 27 Task 3 22 Task 4 21 Task 5 23 Task 6 11 Σ 120 Points otained

Task 1 (Modeling with Value Passing CCS) (11+5 Points) In this task, you are requested to model a technique called Triple-Modular Redundancy (TMR) with error detection for fault tolerance in distriuted systems in value-passing CCS. The overview of the system is provided in following diagram. In TMR, to increase the reliaility three copies of system (called components) are used. Three input value copies are sent to each component y using a splitter (S) respectively; the voter then accepts the results from each of the component and outputs the majority value. In our case, one component consists of a module (M i ) and a detector (D i ) (1 i 3). A functional module normally will get and pass the same value to D i (via mo i ) as from what it gets, ut if a fault occurs, differing values will e passed. The detector will first record the value and pass the value to voter (via do i ), then later compare this value with the feedack value from the voter (via vo i ) to determine a fault situation. Here, we assume the set V al of input values is given y V al = {0, 1}, and only one of the three modular can e faulty and the splitter, voter and detectors work always errorless. Additional information: In the diagram, the action name in ( ) means it is an internal synchronization action, otherwise it is a external action. M1 (mi1) fault1 detect1 (do1) (vo1) in M2 D2 V out S (mi3) (mi2) (vo2) fault2 detect2 (do3) (vo3) (mo3) M3 (mo1) (mo2) D1 D3 (do2) fault3 detect3 (a) Model this system using value-passing CCS! You should reuse the component definition (with index) when it is possile. 2

3

() Now we add a new operator called hide with respect to an action set H in CCS language, which is defined y following SOS rule: a (hide P P 1 ) (a H H) hide H P a hide H P a (hide P P 2 ) (a H H) hide H P τ hide H P Informally speaking, this operator can turn all the actions in H into τ. Let Cycler 1 = fault 1.detect 1.Cycler 1 and let T MR e your modelled system. Argue why your system satisfies the verification condition that hide {in, out, fault 2, detect 2, fault 3, detect 3 } T MR Cycler 1 which states that if a fault occurs in M 1, D 1 should always detect this fault. 4

5

Task 2 (Laeled Transition Systems) (14+7+6 Points) (a) Consider the following CCS process definition: A = ( (B C) + D ) \ {com} B = a.com.b +.nil C = D + E D = com.d E =.C Derive all legal outgoing transitions A α A y giving their derivation tree! (act) a.com.b a com.b a (sum1) a.com.b +.nil com.b (call) B a com.b (par1) B C a com.b C (sum1) (B C) + D a com.b C ( ) a (res) (B C) + D \ {com} (com C) \ {com} (call) A a (com.b C) \ {com} (act).nil nil (sum2) a.com.b +.nil com.b (call) B com.b (par1) B C com.b C (sum1) (B C) + D com.b C ( ) (res) (B C) + D \ {com} (com C) \ {com} (call) A (com.b C) \ {com} (act).c C (call) E C (sum2) D + E C (call) C C (par2) B C B C (sum1) (B C) + D B C ( ) (res) (B C) + D \ {com} (B C) \ {com} (call) A (B C) \ {com} 6

7

() Reconsider the CCS process definition from Task 2 (a): A = ( (B C) + D ) \ {com} B = a.com.b +.nil C = D + E D = com.d E =.C Draw LTS(A) and lael the nodes with the corresponding CCS processes! A a a (com.b C) \ {com} (B C) \ {com} (nil C) \ {com} τ (B D) \ {com} (nil D) \ {com} a τ (com.b D) \ {com} 8

(c) Give the trace language Tr ( (B D) \ {com} ) of process (B D) \ {com}! Pref ( (aτ) ) = ( a(τa) + (aτ) ( + ε) ) 9

Task 3 (HML and Bisimulation) (15+7 Points) Given are the following three CCS processes: A =.B + a.c + a.d.c D = a.d.e + a.f +.G + a.i J = a.l +.K + a.m B = a.a + a.d.c E =.H + c.d.e K = a.o + a.n C =.A + c.d.c F =.D + c.d.f L = d.m G = a.d.e + a.h H =.G + a.d.f + a.e I = c.d.e +.D M =.J + c.n N = d.m O = a.l + a.m (a) Draw the LTSs for A, D, and J respectively. Prove or disprove A D, A J and D J. For proving or disproving that two processes are strongly isimilar, you can use the game characterization of isimilarity. For disproving you may provide an HML formula which is satisfied y one process ut not y the other. 10

11

() Express the property that actions a and occur in alternation in HML+Recursion! Note that this does not imply that a and are strictly followed y each other (i.e. etween any two occurrences of a a occurs and vice versa, ut etween an a and a the other symols c and d may occur). Check whether process A satisfies the property or not! 12

13

Task 4 (Preservation of Strong Bisimilarity) (6+15 Points) (a) Let synhide L ( ), where L is a set of actions, e a unary CCS operator with the following semantics: (synhide) P α P β L: P β.p synhide L (P ) α synhide L (P ) Prove or disprove: synhide L ( ) preserves strong isimilarity, i.e. for any two strongly isimilar processes S T it holds that synhide L (S) synhide L (T ). synhide L ( ) does not preserve strong isimilarity. For that, consider the two (clearly isimilar) processes nil.nil and.nil. Applying synhide {} ( ) to oth processes yields on one hand the process synhide {} (nil.nil) which can make a transition to synhide {} (nil nil) and on the other hand the process synhide {} (.nil) which cannot mimic this transition. Hence the two processes synhide {} (nil.nil) and synhide {} (.nil) are not isimilar and thus synhide L ( ) does not preserve isimilarity. 14

15

() Let e a inary CCS operator with the following semantics: (dag1) P (dag2) P α Q α Q P Q α Q α P Q α P Q α P (dag3) P α P Q α Q P Q α P Q Prove or disprove: preserves strong isimilarity, i.e. for any two strongly isimilar processes S T and any other process R it holds that S R is strongly isimilar to T R (and you may omit in your proof the analogous case for R S is strongly isimilar to R T ). Let S T e two strongly isimilar processes. We define a new relation B = { (U R, V R) R Prc, S T } and prove that B is a strong isimulation on S R and T R for any process R: = S T [ ] S α S = T : T α T S T [ ] T α T = S : S α S S T (Def.) α Case 1: R : = = [ S R [ T R [ S R [ T R = S R B T R α Case 2: R R : [ = S R = [ S R [ T R [ T R = S R B T R ] α S = T : T R α T S T ] α T = S : S R α S S T ] α S = T : T R α T S B T ] α T = S : S R α S S B T ] α S R = T : T R α T R S T ] α T R = S : S R α S R S T ] α S = T : T R α T S R B T R ] α T = S : S R α S S R B R T (dag2 rule) ( B) (dag3 rule) (Def. B) 16

17

Task 5 (From Modified CCS to Petri Nets) (8+8+7 Points) In the lecture, we have introduce an occurrence net (Petri net) semantics for CCS processes. Now we modify the parallel composition operation to a new operator ( A ) w.r.t to an action set A. Informally speaking, this operator requests a forced synchronization on an action etween two processes if the action elongs to the set A. The formal SOS rules for this operator are as follows: (Syn) P a P Q a Q P A Q a P A Q a A a P P a A (Par 1 ) P A Q a P A Q a Q Q a A (Par 2 ) (a A) P A Q a P A Q (a) Give the occurrence net semantics for the process P! P = x.a.p + y.a.q Q = z.a.q 18

19

() Formally define the occurrence net semantics for the operator A and give the occurrence net semantics for P {a} Q ased on your definition! Note that, since the occurrence net is infinite, you should stop as soon as some part in the occurrence net repeats. 20

21

(c) Compute the McMillan prefix of the resulting occurrence net from (). 22

23

Task 6 (Petri net Acceptale Languages) (11 Points) Let Σ e a finite alphaet and let N = (P, T, F, M 0, λ) e a laelled Petri net in which all transitions in T are laelled y a laeling function λ: T Σ. Then the trace language Tr(N) of N is defined as the following set: { w = λ(a 1 ) λ(a k ) M 0 a 1 M1 a 1 a k Mk is a complete sequential run of N A language L Σ is called Petri net recognizale, if there exists a laelled Petri net N such that Tr(N) = L. Provide an exact description of the language that is recognized y the following Petri net! Your description shall not make any reference ack to the Petri net itself! }. c a a { w1 c w 2 w1, w 2 {a, }, w 1 w 2 a = w 1 w 2, w 1 a w 2, w 1 w 2 a } 24

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback