# From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University.

## Presentation on theme: "From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University."— Presentation transcript:

From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University

Outline Model Checking Infinite-State Systems Methodology: Monotonicity Well Quasi-Orderings Models Petri Nets Lossy Channel Systems Timed Petri Nets Extension to Games

Model Checking T sat  ? transition system specification

Model Checking T sat  ? transition system specification Transition System 

 Reachability Init Fin Init reaches Fin?

Transition Systems  Reachability Init Fin Init reaches Fin? Saftey Properties = Reachability

Forward Reachability Analysis

Post

Fin Forward Reachability Analysis = computing Post Init Forward Reachability Analysis Post

Backward Reachability Analysis

Pre

Init Fin Backward Reachability Analysis = computing Pre Backward Reachability Analysis Pre

Init Fin Backward Reachability Analysis Fin Forward Reachability Analysis Init

Infinite-State Systems 1. Unbounded Data Structures stacks queues clocks counters, etc. 2. Unbounded Control Structures Parameterized Systems Dynamic Systems

Init Fin Backward Reachability Analysis infinite

Init Fin Backward Reachability Analysis infinite effective symbolic representation

Petri Nets

States = Markings

Transitions

Firing t Transitions t

t is disabled Transitions t

Monotonicity

Petri Nets: infinite state

W C R=1? R:=0 R:=1 Mutual Exclusion

W C R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion

R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion

R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion Initial states: R=1 All processes in Infinitely many

R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion Initial states: R=1 All processes in Infinitely many Bad states: Two or more processes in

R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion WC R=1

Mutual Exclusion WC R=1 Set of initial states : infinite

Mutual Exclusion WC R=1

Mutual Exclusion WC R=1 WC

Mutual Exclusion WC R=1

Mutual Exclusion WC R=1 WC

mutual exclusion: #tokens in critical section > 1 critical section Safety Properties

mutual exclusion: #tokens in critical section > 1 Ideal = Upward closed set of markings critical section Safety Properties

mutual exclusion: #tokens in critical section > 1 Ideal = Upward closed set of markings safety = reachability of ideals critical section Safety Properties

Petri Nets Concurrent systems Infinite-state: symbolic representation Monotonic behaviour Safety properties: reachability of ideals

Petri Nets Concurrent systems Infinite-state: symbolic representation Monotonic behaviour Safety properties: reachability of ideals

Monotonicity ideals closed under computing Pre

I Monotonicity ideals closed under computing Pre

Monotonicity ideals closed under computing Pre I

I Monotonicity ideals closed under computing Pre

IPre(I) Monotonicity ideals closed under computing Pre

Fin Backward Reachability Analysis Ideals

Ideals: Symbolic Representation i : index (generator) i : generator of ideal i : denotes all markings larger than i

Ideals: Symbolic Representation index (generator)

Ideals: Symbolic Representation index (generator)

Ideals: Symbolic Representation index (generator)

Ideals: Symbolic Representation index (generator)

Ideals: Symbolic Representation Index for bad states C

Ideals: Symbolic Representation Index for bad states C

Each ideal can be characterized by a finte set of generators

Index is minimal element of its ideal If i j then j i

Index for bad states C Indices of Pre Monotonicity ideals closed under computing Pre

Index for bad states C Indices of Pre Monotonicity ideals closed under computing Pre i: index Pre(i) computable

Backward Reachability Analysis Step 0 : C

Backward Reachability Analysis Step 0 : C Step 1 :

Backward Reachability Analysis Step 0 : C Step 1 :

Backward Reachability Analysis Step 0 : C Step 1 : Step 2 :

Backward Reachability Analysis Step 0 : C Step 1 : Step 2 :

Backward Reachability Analysis Step 0 : C Step 1 : Step 2 : Step 3 :

Backward Reachability Analysis Step 0 : C Step 1 : Step 2 : Step 3 :

What did we need? 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Termination -- Ordering is WQO

What did we need? 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Termination -- Ordering is WQO ”nice properties”

Well Quasi-Ordering (WQO) ( A, ) is WQO if a 0 a 1 a 2 a 3....... i,j: i { "@context": "http://schema.org", "@type": "ImageObject", "contentUrl": "http://images.slideplayer.com/14/4184172/slides/slide_72.jpg", "name": "Well Quasi-Ordering (WQO) ( A, ) is WQO if a 0 a 1 a 2 a 3.......", "description": "i,j: i

Properties of WQO ( A, = ) is WQO if A is finite a 0 a 1 a 2 b a 3 a 4 a 5 b a 6.............. Finite Sets

Properties of WQO if ( A, ) is WQO w 2 : b 0 b 1 b 2 b 3 b 4 b 5 b 6 Words w 1 : a 0 a 1 a 2 * then ( A, ) is WQO **

Properties of WQO if ( A, ) is WQO Multisets then ( A M, M ) is WQO M1M1 M2M2 M 1 M M 2

Methodology  Start from a finite domain  Build more complicated data structures: words, multisets, lists, sets, etc.

Examples -- WQO ( A*, ) A : finite alphabet w 1 w 2 : w 1 subword of w 2 e.g. ab xaybz

Examples -- WQO Words of natural numbers 3 7 1 4 2 8 5 2 7w1w1 w2w2 w1w1 w2w2

Multisets over a finite alphabet

Words of multisets over a finite alphabet

Lossy Channel Systems !m ?n m n n m …… finite state process unbounded lossy channel send and receive operations Infinite state space Perfect channel = Turing machine Motivation: Link protocols

State !m ?n mpnm npn

Transitions Send !m m

Transitions Send !m m Receive ?m m

Transitions Send !m m Receive ?m m Messages may nondeterministically be lost

!m ?n Example p n m p n n m p m m p m

Ordering same colour subword m n p m p n p m n p m p m n p m p n p

Ordering same colour subword m n p m p n p m n p m p m n p m p n p Computable and WQO

Monotonicity w1w1 w2w2 w3w3

w1w1 w2w2 w3w3 Downward closed

Ideal Index m n p denotes all larger states m n m p m m n m p ………… m n p m n m p m m n m p ………… m n p

Each ideal can be characterized by a finite set of generators By WQO of

Computing Pre Pre ( ) contains the following: w

Computing Pre Pre ( ) contains the following: !m if and w = w’ m then w w’

Computing Pre Pre ( ) contains the following: !m if and w = w’ m then !m if and last( w) = m then w w’ w

Computing Pre Pre ( ) contains the following: !m if and w = w’ m then !m if and last( w) = m then ?m if then w w’ w m w

Example Pre ( ) !b if a d !d if a d b ?d if d a d b a d b

Methodology (applied to LCS) 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Ordering is WQO

LCS -- Forward vs Backward Analysis Pre*(w) is regular and computable Post*(w) is regular but not computable

Timed Petri Nets 2.1 8.5 0.5 6.2 4.6 [1,5] [4,7] [0,3] [4, ) [1,2] [3,6]

2.1 3.5 0.5 6.2 4.6 [1,5] [4,7] [0,3] [1,2] States = Markings 2.1 3.5 0.5 6.2 4.6 [4, ) [3,6]

2.1 3.5 0.5 6.2 4.6 [1,5] [4,7] [0,3] [1,2] Timed Transitions 2.1 3.5 0.5 6.2 4.6 [4, ) [3,6]

2.1 3.5 0.5 6.2 4.6 [1,5] [4,7] [0,3] [1,2] 3.4 4.8 1.8 7.5 5.9 [1,5] [4,7] [0,3] [1,2] increase age by 1.3 2.1 3.5 0.5 6.2 4.6 3.4 4.8 1.8 7.5 5.9 [4, ) [3,6] Timed Transitions

3.1 4.5 1.5 7.2 5.6 [1,5] [4,7] [0,3] [1,2] t Discrete Transitions 3.1 4.5 1.5 7.2 5.6 [4, ) [3,6]

3.1 4.5 1.5 7.2 5.6 [1,5] [4,7] [0,3] [1,2] t 3.1 7.2 5.6 [1,5] [4,7] [0,3] [1,2] t 0.8 Firing t 3.1 7.2 0.8 5.6 3.1 4.5 1.5 7.2 5.6 [4, ) [3,6] Discrete Transitions

Timed Petri Nets Concurrent timed systems Infinite-state: symbolic representation Monotonic behaviour Safety properties: reachability of ideals

Equivalence on Markings 3.1 7.2 5.6 [1,5] [4,7] [0,3] [1,2] t 0.8 [4, ) max = 7 ages > max behave identically [3,6]

Markings equivalent if they agree on:  colours  integral parts of clock values  ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3.2 4.8 1.6 6.4 5.7 Equivalence on Markings

Markings equivalent if they agree on:  colours  integral parts of clock values  ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3.2 4.8 1.6 6.4 5.7 3.1 1.5 4.8 Equivalence on Markings

Markings equivalent if they agree on:  colours  integral parts of clock values  ordering on fractional parts 3.1 4.8 1.5 6.2 5.6 3.2 4.8 1.6 6.4 5.7 3.1 1.5 4.8 3.2 1.6 4.7 Equivalence on Markings

3.1 4.8 1.5 6.2 5.6 3.2 4.8 1.6 6.4 5.7 3 6 1 5 4 Markings equivalent if they agree on:  colours  integral parts of clock values  ordering on fractional parts Equivalence on Markings

3.1 4.8 4.8 1.1 5.4 3.2 4.7 4.7 1.2 5.5 5 3131 4444 words over multisets over a finite alphabet Markings equivalent if they agree on:  colours  integral parts of clock values  ordering on fractional parts Equivalence on Markings

Ordering on Markings M 1 M 2 iff M 3 :  M 1 M 3  M 3 M 2 < 3.1 4.8 1.5 6.2 5.6 4.8 6.4 5.7

Ordering on Markings M 1 M 2 iff M 3 :  M 1 M 3  M 3 M 2 < 3.1 4.8 1.5 6.2 5.6 4.8 6.4 5.7 4.8 6.2 5.6

3.1 4.8 1.5 6.2 5.6 4.8 6.4 5.7 4.8 6.2 5.6

6 5 4 3 6 1 5 4 subword 3.1 4.8 1.5 6.2 5.6 4.8 6.4 5.7 4.8 6.2 5.6 6 5 4 =

M 1 M 2 iff M 3 :  M 1 M 3  M 3 M 2 3.2 1.2 4.7 < 3.1 4.8 4.8 1.1 5.4 Ordering on Markings

M 1 M 2 iff M 3 :  M 1 M 3  M 3 M 2 3.2 1.2 4.7 < 3.1 4.8 4.8 1.1 5.4 Ordering on Markings 3.1 4.8 1.1

subword 4 3131 5 3131 4444 4 3131 = 3.2 1.2 4.7 3.1 4.8 4.8 1.1 5.4 3.1 4.8 1.1

is a well quasi-ordering = subword ordering on multisets over a finite alphabet Properties of

Properties of -- Monotonicity M1M1 M3M3 M2M2

M1M1 M3M3 M2M2 M4M4

M1M1 M3M3 M2M2 M4M4 M5M5

M1M1 M3M3 M2M2 M4M4 M5M5 M6M6

M1M1 M3M3 M2M2 M4M4 M5M5 M6M6

Methodology (applied to TPN) 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Ordering is WQO

Player A : Can B take game to ? Player B : Infinite-State Games

Backward Reachability Analysis Characterize losing states for A A-states B-states = Pre( )

Backward Reachability Analysis Characterize losing states for A B-states A-states = Pre( )

Backward Reachability Analysis Characterize losing states for A Pre

Vector Addition Systems with States (VASS) y -- x++ x-- Finite-state automaton operating on variables Variables range over natural numbers Operations: increment or decrement variable

y-- x++ x-- VASS = Petri nets x y VASS Petri net

x-- x++ VASS Games Player A : Player B : Can B take game to ?

x-- x++ 0 0 1 2 3 4

x-- x++ 0 0 1 2 3 4 A cannot avoid

x-- x++ 1 1 2 3 4 5 0

x-- x++ 1 1 2 3 4 5 0 A can avoid

x-- x++ 2 2 3 4 5 6 1 0 1 2 3

x-- x++ 2 2 3 4 5 6 1 0 1 2 3 A cannot avoid

Player A: 0 -- lose 1 -- win >1 -- lose Monotonicity does not imply upward closedness

Backward Reachability Analysis Characterize losing states for A Pre Why scheme does not work for VASS? Monotonicity does not imply that ideals are closed under Pre

2-Counter Machines y-- x++ x-- x=0? Is reachable? Problem undecidable

Simulation of 2-Counter Machines by VASS Games x++ Counter machine VASS game

Simulation of 2-Counter Machines by VASS Games x-- Counter machine VASS game

Simulation of 2-Counter Machines by VASS Games x=0? x-- Counter machine VASS game

Safety undecidable for VASS Games Safety undecidable for Monotonic Games

B-Downward Closed Games s1s1 s2s2 s3s3

s1s1 s2s2 s3s3 any set ideal Pre

Backward Reachability Analysis B-Downward closed games Pre ideal

Backward Reachability Analysis B-Downward closed games Pre ideal characterization of A-losing states decidability of safety ”nice ordering”

Backward Reachability Analysis B-LCS Games B-LCS: characterization of A-losing states Safety decidable for B-LCS games ?n ?m !m !n !m Player B can lose messages

A-Downward Closed Games

Post

A-Downward Closed Games Post

A-Downward Closed Games

F

F

FT

FTFT Termination all leaves closed Evaluate tree: = OR = AND

A-Downward Closed Games FTFT Termination guaranteed if is WQO

A-Downward Closed Games FTFT Safety decidable for A-LCS Games Can we characterize winning states ?

A Problem for LCS !m ?n sfsf { w w } sfsf characterize Set regular But Not computable

A-LCS Games Winning set regular But not computable !m LCS A-LCS game

A-LCS Games Winning set regular But not computable ?m LCS A-LCS game

A-LCS Games Winning set regular But not computable A-LCS game For each :

Conclusions and Planned Work  Define a WQO on state space  Safety properties: reachability of ideals  Examples: Timed Petri nets Parameterized systems Broadcast protocols Cache coherence protocols Lossy channel systems, etc.

 Extension to Games  Regular Model Checking  Stochastic behaviours

Download ppt "From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University."

Similar presentations