Download presentation

Presentation is loading. Please wait.

Published byLouis Gadd Modified about 1 year ago

1
From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University

2
Outline Model Checking Infinite-State Systems Methodology: Monotonicity Well Quasi-Orderings Models Petri Nets Lossy Channel Systems Timed Petri Nets Extension to Games

3
Model Checking T sat ? transition system specification

4
Model Checking T sat ? transition system specification Transition System

5
Reachability Init Fin Init reaches Fin?

6
Transition Systems Reachability Init Fin Init reaches Fin? Saftey Properties = Reachability

7
Forward Reachability Analysis

8
Post

9
Fin Forward Reachability Analysis = computing Post Init Forward Reachability Analysis Post

10
Backward Reachability Analysis

11
Pre

12
Init Fin Backward Reachability Analysis = computing Pre Backward Reachability Analysis Pre

13
Init Fin Backward Reachability Analysis Fin Forward Reachability Analysis Init

14
Infinite-State Systems 1. Unbounded Data Structures stacks queues clocks counters, etc. 2. Unbounded Control Structures Parameterized Systems Dynamic Systems

15
Init Fin Backward Reachability Analysis infinite

16
Init Fin Backward Reachability Analysis infinite effective symbolic representation

17
Petri Nets

18
States = Markings

19
Transitions

20
Firing t Transitions t

21
t is disabled Transitions t

22
Monotonicity

23

24

25
Petri Nets: infinite state

26

27

28

29

30
W C R=1? R:=0 R:=1 Mutual Exclusion

31
W C R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion

32
R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion

33
R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion Initial states: R=1 All processes in Infinitely many

34
R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion Initial states: R=1 All processes in Infinitely many Bad states: Two or more processes in

35
R=1? R:=0 R:=1 R=1? R:=0 R:=1 R=1? R:=0 R:=1 Mutual Exclusion WC R=1

36
Mutual Exclusion WC R=1 Set of initial states : infinite

37
Mutual Exclusion WC R=1

38
Mutual Exclusion WC R=1 WC

39
Mutual Exclusion WC R=1

40
Mutual Exclusion WC R=1 WC

41
mutual exclusion: #tokens in critical section > 1 critical section Safety Properties

42
mutual exclusion: #tokens in critical section > 1 Ideal = Upward closed set of markings critical section Safety Properties

43
mutual exclusion: #tokens in critical section > 1 Ideal = Upward closed set of markings safety = reachability of ideals critical section Safety Properties

44
Petri Nets Concurrent systems Infinite-state: symbolic representation Monotonic behaviour Safety properties: reachability of ideals

45
Petri Nets Concurrent systems Infinite-state: symbolic representation Monotonic behaviour Safety properties: reachability of ideals

46
Monotonicity ideals closed under computing Pre

47
I Monotonicity ideals closed under computing Pre

48
Monotonicity ideals closed under computing Pre I

49
I Monotonicity ideals closed under computing Pre

50
IPre(I) Monotonicity ideals closed under computing Pre

51
Fin Backward Reachability Analysis Ideals

52
Ideals: Symbolic Representation i : index (generator) i : generator of ideal i : denotes all markings larger than i

53
Ideals: Symbolic Representation index (generator)

54
Ideals: Symbolic Representation index (generator)

55
Ideals: Symbolic Representation index (generator)

56
Ideals: Symbolic Representation index (generator)

57
Ideals: Symbolic Representation Index for bad states C

58
Ideals: Symbolic Representation Index for bad states C

59
Each ideal can be characterized by a finte set of generators

60
Index is minimal element of its ideal If i j then j i

61
Index for bad states C Indices of Pre Monotonicity ideals closed under computing Pre

62
Index for bad states C Indices of Pre Monotonicity ideals closed under computing Pre i: index Pre(i) computable

63
Backward Reachability Analysis Step 0 : C

64
Backward Reachability Analysis Step 0 : C Step 1 :

65
Backward Reachability Analysis Step 0 : C Step 1 :

66
Backward Reachability Analysis Step 0 : C Step 1 : Step 2 :

67
Backward Reachability Analysis Step 0 : C Step 1 : Step 2 :

68
Backward Reachability Analysis Step 0 : C Step 1 : Step 2 : Step 3 :

69
Backward Reachability Analysis Step 0 : C Step 1 : Step 2 : Step 3 :

70
What did we need? 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Termination -- Ordering is WQO

71
What did we need? 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Termination -- Ordering is WQO ”nice properties”

72
Well Quasi-Ordering (WQO) ( A, ) is WQO if a 0 a 1 a 2 a i,j: i

73
Properties of WQO ( A, = ) is WQO if A is finite a 0 a 1 a 2 b a 3 a 4 a 5 b a Finite Sets

74
Properties of WQO if ( A, ) is WQO w 2 : b 0 b 1 b 2 b 3 b 4 b 5 b 6 Words w 1 : a 0 a 1 a 2 * then ( A, ) is WQO **

75
Properties of WQO if ( A, ) is WQO Multisets then ( A M, M ) is WQO M1M1 M2M2 M 1 M M 2

76
Methodology Start from a finite domain Build more complicated data structures: words, multisets, lists, sets, etc.

77
Examples -- WQO ( A*, ) A : finite alphabet w 1 w 2 : w 1 subword of w 2 e.g. ab xaybz

78
Examples -- WQO Words of natural numbers w1w1 w2w2 w1w1 w2w2

79
Multisets over a finite alphabet

80
Words of multisets over a finite alphabet

81
Lossy Channel Systems !m ?n m n n m …… finite state process unbounded lossy channel send and receive operations Infinite state space Perfect channel = Turing machine Motivation: Link protocols

82
State !m ?n mpnm npn

83
Transitions Send !m m

84
Transitions Send !m m Receive ?m m

85
Transitions Send !m m Receive ?m m Messages may nondeterministically be lost

86
!m ?n Example p n m p n n m p m m p m

87
Ordering same colour subword m n p m p n p m n p m p m n p m p n p

88
Ordering same colour subword m n p m p n p m n p m p m n p m p n p Computable and WQO

89
Monotonicity w1w1 w2w2 w3w3

90
w1w1 w2w2 w3w3 Downward closed

91
Ideal Index m n p denotes all larger states m n m p m m n m p ………… m n p m n m p m m n m p ………… m n p

92
Each ideal can be characterized by a finite set of generators By WQO of

93
Computing Pre Pre ( ) contains the following: w

94
Computing Pre Pre ( ) contains the following: !m if and w = w’ m then w w’

95
Computing Pre Pre ( ) contains the following: !m if and w = w’ m then !m if and last( w) = m then w w’ w

96
Computing Pre Pre ( ) contains the following: !m if and w = w’ m then !m if and last( w) = m then ?m if then w w’ w m w

97
Example Pre ( ) !b if a d !d if a d b ?d if d a d b a d b

98
Methodology (applied to LCS) 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Ordering is WQO

99
LCS -- Forward vs Backward Analysis Pre*(w) is regular and computable Post*(w) is regular but not computable

100
Timed Petri Nets [1,5] [4,7] [0,3] [4, ) [1,2] [3,6]

101
[1,5] [4,7] [0,3] [1,2] States = Markings [4, ) [3,6]

102
[1,5] [4,7] [0,3] [1,2] Timed Transitions [4, ) [3,6]

103
[1,5] [4,7] [0,3] [1,2] [1,5] [4,7] [0,3] [1,2] increase age by [4, ) [3,6] Timed Transitions

104
[1,5] [4,7] [0,3] [1,2] t Discrete Transitions [4, ) [3,6]

105
[1,5] [4,7] [0,3] [1,2] t [1,5] [4,7] [0,3] [1,2] t 0.8 Firing t [4, ) [3,6] Discrete Transitions

106
Timed Petri Nets Concurrent timed systems Infinite-state: symbolic representation Monotonic behaviour Safety properties: reachability of ideals

107
Equivalence on Markings [1,5] [4,7] [0,3] [1,2] t 0.8 [4, ) max = 7 ages > max behave identically [3,6]

108
Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts Equivalence on Markings

109
Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts Equivalence on Markings

110
Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts Equivalence on Markings

111
Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts Equivalence on Markings

112
words over multisets over a finite alphabet Markings equivalent if they agree on: colours integral parts of clock values ordering on fractional parts Equivalence on Markings

113
Ordering on Markings M 1 M 2 iff M 3 : M 1 M 3 M 3 M 2 <

114
Ordering on Markings M 1 M 2 iff M 3 : M 1 M 3 M 3 M 2 <

115

116
subword =

117
M 1 M 2 iff M 3 : M 1 M 3 M 3 M < Ordering on Markings

118
M 1 M 2 iff M 3 : M 1 M 3 M 3 M < Ordering on Markings

119
subword =

120
is a well quasi-ordering = subword ordering on multisets over a finite alphabet Properties of

121
Properties of -- Monotonicity M1M1 M3M3 M2M2

122
M1M1 M3M3 M2M2 M4M4

123
M1M1 M3M3 M2M2 M4M4 M5M5

124
M1M1 M3M3 M2M2 M4M4 M5M5 M6M6

125
M1M1 M3M3 M2M2 M4M4 M5M5 M6M6

126
Methodology (applied to TPN) 1.Computable ordering 2. Monotonicity, Computability of Pre 3. Ordering is WQO

127
Player A : Can B take game to ? Player B : Infinite-State Games

128
Backward Reachability Analysis Characterize losing states for A A-states B-states = Pre( )

129
Backward Reachability Analysis Characterize losing states for A B-states A-states = Pre( )

130
Backward Reachability Analysis Characterize losing states for A Pre

131
Vector Addition Systems with States (VASS) y -- x++ x-- Finite-state automaton operating on variables Variables range over natural numbers Operations: increment or decrement variable

132
y-- x++ x-- VASS = Petri nets x y VASS Petri net

133
x-- x++ VASS Games Player A : Player B : Can B take game to ?

134
x-- x

135
x-- x A cannot avoid

136
x-- x

137
x-- x A can avoid

138
x-- x

139
x-- x A cannot avoid

140
Player A: 0 -- lose 1 -- win >1 -- lose Monotonicity does not imply upward closedness

141
Backward Reachability Analysis Characterize losing states for A Pre Why scheme does not work for VASS? Monotonicity does not imply that ideals are closed under Pre

142
2-Counter Machines y-- x++ x-- x=0? Is reachable? Problem undecidable

143
Simulation of 2-Counter Machines by VASS Games x++ Counter machine VASS game

144
Simulation of 2-Counter Machines by VASS Games x-- Counter machine VASS game

145
Simulation of 2-Counter Machines by VASS Games x=0? x-- Counter machine VASS game

146
Safety undecidable for VASS Games Safety undecidable for Monotonic Games

147
B-Downward Closed Games s1s1 s2s2 s3s3

148
s1s1 s2s2 s3s3 any set ideal Pre

149
Backward Reachability Analysis B-Downward closed games Pre ideal

150
Backward Reachability Analysis B-Downward closed games Pre ideal characterization of A-losing states decidability of safety ”nice ordering”

151
Backward Reachability Analysis B-LCS Games B-LCS: characterization of A-losing states Safety decidable for B-LCS games ?n ?m !m !n !m Player B can lose messages

152
A-Downward Closed Games

153
Post

154
A-Downward Closed Games Post

155
A-Downward Closed Games

156

157
F

158
F

159
FT

160
FTFT Termination all leaves closed Evaluate tree: = OR = AND

161
A-Downward Closed Games FTFT Termination guaranteed if is WQO

162
A-Downward Closed Games FTFT Safety decidable for A-LCS Games Can we characterize winning states ?

163
A Problem for LCS !m ?n sfsf { w w } sfsf characterize Set regular But Not computable

164
A-LCS Games Winning set regular But not computable !m LCS A-LCS game

165
A-LCS Games Winning set regular But not computable ?m LCS A-LCS game

166
A-LCS Games Winning set regular But not computable A-LCS game For each :

167
Conclusions and Planned Work Define a WQO on state space Safety properties: reachability of ideals Examples: Timed Petri nets Parameterized systems Broadcast protocols Cache coherence protocols Lossy channel systems, etc.

168
Extension to Games Regular Model Checking Stochastic behaviours

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google