Presentation is loading. Please wait.

Presentation is loading. Please wait.

About Alternating Automata Daniel Choi Provable Software Laboratory KAIST.

Published byAngelica O’Neal’ Modified over 8 years ago

Similar presentations

Presentation on theme: "About Alternating Automata Daniel Choi Provable Software Laboratory KAIST."— Presentation transcript:

1 About Alternating Automata Daniel Choi Provable Software Laboratory KAIST

2 Overview About Alternating Automata, Daniel Choi @ PSWLAB, KAIST2/33 Model checking – Specify requirement properties and build system model – Generate possible states from the model and then check whether given requirement properties are satisfied within the state space OK Error Trace Found or Target Program Requirement Properties Model Checking 

3 Overview About Alternating Automata, Daniel Choi @ PSWLAB, KAIST3/33 Model Checking Target Program Requirement Properties 

4 Overview About Alternating Automata, Daniel Choi @ PSWLAB, KAIST4/33 LTL to Büchi Automata LTL Formula Negated Formula Automaton Is there a smarter way to express LTL formula? State Explosion!! State Explosion!! Alternating Automata Vardi ’96, ‘97

5 Content Branching Choices in Automaton – Existential Choice – Universal Choice Alternating Automata Translate LTL into Alternating Automata Future study & Conclusion About Alternating Automata, Daniel Choi @ PSWLAB, KAIST5/33

6 Branching Choices in Automaton Existential Choice Automaton A – Accepts an input word w iff there exists an accepting run of A on w About Alternating Automata, Daniel Choi @ PSWLAB, KAIST6/33 4 12 A B 3 B A Automaton A A Input word : A + B ω Run 1: 1 + 2 ω Run 2: 1 + 3 ω Run 1 is accepting run Run 2 is not accepting run

7 Branching Choices in Automaton Universal Choice Automaton A –Accepts an input word w iff all the runs of A on input word w are accepting About Alternating Automata, Daniel Choi @ PSWLAB, KAIST7/33 4 12 A B B A Input word : A + B ω Run 1: 1 + 2 ω Run 2: 1 + 3 ω Automaton A 4 3 A Run 1 is accepting run Run 2 is accepting run

8 Deterministic automaton has unique accepting run on input word – Existential Choice There exist one accepting run on input word – Universal Choice There is unique accepting run About Alternating Automata, Daniel Choi @ PSWLAB, KAIST8/33 Branching Choices in Automaton Deterministic Automaton 4 123 A C A B,C B Input word : AAB Run : 123 Deterministic automaton has Existential branching choice and Universal branching choice (Trivially)

9 Branching Choices in Automaton Branching Choices of Several Automatons Nondeterministic Automaton –Existential branching choice For-all Automaton (Z. Mannar, A. Pruneli, 1987) –Nondeterministic automaton Trivial existential branching choice –Universal branching choice Alternating Automaton –Allows both existential and universal branching choices About Alternating Automata, Daniel Choi @ PSWLAB, KAIST9/33

10 Content Branching Choices in Automaton – Existential Choice – Universal Choice Alternating Automata Translate LTL into Alternating Automata Future study & Conclusion About Alternating Automata, Daniel Choi @ PSWLAB, KAIST10/33

11 Alternating Automata Positive Boolean formulas Positive Formulas – Formula that does not contain the negation symbol – Closed under conjunction and disjunction Definition of B + ( Q ) – Set of positive Boolean formulas over Q – Boolean formulas built from elements in Q using ∧ and ∨ – true and false are allowed – When Y⊆ Q, Y satisfies a formula θ ∈ B + ( Q ) iff the truth assignment that assigns true to the members of Y and assigns false to the members of Q \ Y satisfies θ About Alternating Automata, Daniel Choi @ PSWLAB, KAIST11/33

12 Alternating Automata Example of B + ( Q ) Q = {q 1, q 2, q 3 } θ = (q 1 ∨ q 2 ) ∧ q 3 ∈ B + ( Q ) {q 1, q 3 } satisfies θ – Assign true to q 1 and q 3 – Assign false to Q – {q 1, q 3 } θ = (q 1 ∨ q 2 ) ∧ q 3 = (true ∨ false) ∧ true = true {q 1, q 2 } does not satisfies θ – Assign true to q 1 and q 2 – Assign false to Q – {q 1, q 2 } θ = (q 1 ∨ q 2 ) ∧ q 3 = (true ∨ true) ∧ false = false About Alternating Automata, Daniel Choi @ PSWLAB, KAIST12/33

13 Alternating Automata Definition of Alternating Automata A = ( Σ, S, s 0, ρ, F) –Σ: finite nonempty alphabet –S : finite nonempty set of states –s 0 : initial state S (unique initial state) –F : set of accepting states –Transition function ρ : S X Σ → B + ( S ) About Alternating Automata, Daniel Choi @ PSWLAB, KAIST13/33

14 Transitions of Alternating automata can be arbitrary formulas in B + ( Q ) ρ(s, a ) = (s 1 ∧ s 2 ) ∨ (s 3 ∧ s 4 ) – When it is in the state s, automaton accepts aw If it accepts the word w from both s 1 and s 2 or from both s 3 and s 4 About Alternating Automata, Daniel Choi @ PSWLAB, KAIST14/33 Alternating Automata Transition of Alternating Automata

15 Alternating Automata Example of transition ρ(s, A) = (s 1 ∧ s 2 ) ∨ s ρ(s, B) = false ρ(s 1, A) = s 1 ρ(s 2, A) = s 2 ρ(s 1, B) = true ρ(s 2, B) = true About Alternating Automata, Daniel Choi @ PSWLAB, KAIST15/33 4 ss1s1 A B B A Automaton A 4 s2s2 Input word : AAB A s s s1s1 s2s2 A s1s1 s2s2 A B

16 Alternating Automata Definition of Tree Due to the universal choice, run of an alternating automaton is a tree Definition – Tree has one node as a root (denoted by ε) – Every non-root node has a unique parent s is the parent of t and t is a child of s if there is an edge from s to t – Level |x| : distance from the root ε to x level of root is 0 – Branch β = x 0, x 1, … a maximal sequence of nodes s.t. x 0 is root and x i is the parent of x i+1 for all i > 0 About Alternating Automata, Daniel Choi @ PSWLAB, KAIST16/33

17 Alternating Automata Example of Tree Root : s 0 s 0 is parent of s 1 and s 1 is child of s 0 Level of s 2 : |s 2 | = 2 Branch β 1 = s 0 s 1 s 2 s 3 Branch β 2 = s 0 s 1 s 4 s 5 About Alternating Automata, Daniel Choi @ PSWLAB, KAIST17/33 s0s0 s1s1 s2s2 s4s4 s3s3 s5s5

18 Alternating Automata Run of Alternating Finite Automata Run of Alternating Finite Automata A – Run of AFA is Σ -labeled tree ( τ, T ) For a finite alphabet where τ is a tree and T is a mapping from nodes( τ ) to Σ – Run of A on finite word w =a 0,a 1,…,a n-1 When r is S-labeled tree, – If |x| = i < n, r (x) = s, and ρ (s, a i ) = θ, then x has k children x 1, …, x k for some k ≤ |S |, and { r (x 1 ), …, r (x k )} satisfies θ If ρ ( r (x), a i ) = true, then x does not need to have any children If ρ ( r (x), a i ) = false, then x can not have any children About Alternating Automata, Daniel Choi @ PSWLAB, KAIST18/33

19 Alternating Automata Run of Alternating Büchi Automata Run of Alternating Büchi Automata A – Run of ABA is Σ -labeled tree ( τ, T ) For a finite alphabet where τ is a tree and T is a mapping from nodes( τ ) to Σ – Run of A on infinite word w =a 0,a 1,…,a n-1 When r is S-labeled tree, – If |x| = i, r (x) = s, and ρ (s, a i ) = θ, then x has k children x 1, …, x k for some k ≤ |S |, and { r (x 1 ), …, r (x k )} satisfies θ If ρ ( r (x), a i ) = true, then x does not need to have any children If ρ ( r (x), a i ) = false, then x can not have any children About Alternating Automata, Daniel Choi @ PSWLAB, KAIST19/33

20 Alternating Automata AFA vs ABA Accepting Run – Every branch in an accepting run has to hit the true transition or hit an accepting state after reading all the input word Accepting Run of ABA – Every infinite branch in r includes infinitely many labels in F – Or, run can also have finite branches if |x| = i, r (x) = s, and ρ (s, a i ) = true About Alternating Automata, Daniel Choi @ PSWLAB, KAIST20/33

21 Alternating Automata Example: AFA and ABA About Alternating Automata, Daniel Choi @ PSWLAB, KAIST21/33 ρ(s, A) = (s 1 ∧ s 2 ) ∨ s ρ(s, B) = false ρ(s 1, A) = s 1 ρ(s 2, A) = s 2 ρ(s 1, B) = true ρ(s 2, B) = true 4 ss1s1 A B B A Automaton A 4 s2s2 A s s s1s1 s2s2 s1s1 s2s2 s s s1s1 s2s2 s1s1 s2s2 Input word : AABInput word : AAB ω

22 Alternating Automata Example: AFA and ABA About Alternating Automata, Daniel Choi @ PSWLAB, KAIST22/33 ρ(s, A) = (s 1 ∧ s 2 ) ∨ s ρ(s, B) = false ρ(s 1, A) = s 1 ρ(s 2, A) = s 2 ρ(s 1, B) = s 1 ρ(s 2, B) = s 2 4 ss1s1 A B B A Automaton A 4 s2s2 A s s s1s1 s2s2 s1s1 s2s2 s s s1s1 s2s2 s1s1 s2s2 Input word : AABInput word : AAB ω ……

23 Content Branching Choices in Automaton – Existential Choice – Universal Choice Alternating Automata Translate LTL into Alternating Automata Future study & Conclusion About Alternating Automata, Daniel Choi @ PSWLAB, KAIST23/33

24 Translate LTL into Alternating Automata Meaning of ABA which denotes LTL formula LTL formula φ, ABA A φ = ( Σ, S, s 0, ρ, F) –Σ = 2 Prop – S: Set of states (S consist all subformulas of and their negation) |S| is in O(|φ|) – Initial state : s 0 – Set F of accepting states consists of all formulas in S of the form ¬ ( φ 1 U φ 2 ) φ 1 U φ 2 does not ensure that φ 1 U φ 2 holds at that point, since it does not ensure that eventually holds φ 2 ¬ ( φ 1 U φ 2 ) ensures that φ 1 U φ 2 indeed fails at that point, since φ 2 fails from that point on About Alternating Automata, Daniel Choi @ PSWLAB, KAIST24/33

25 Translate LTL into Alternating Automata Transition function Transition function ρ About Alternating Automata, Daniel Choi @ PSWLAB, KAIST25/33

26 Translate LTL into Alternating Büchi Automata Example : Eventually p φ = true U p A φ = (2 {p}, { φ, ¬ φ, ¬ p, p}, φ, ρ, { ¬ φ }) About Alternating Automata, Daniel Choi @ PSWLAB, KAIST26/33 s ρ (s, {p}) ρ (s, {}) φ true φ ¬φ¬φ false ¬φ¬φ ptruefalse ¬p¬p true

27 About Alternating Automata, Daniel Choi @ PSWLAB, KAIST27/33 Translate LTL into Alternating Büchi Automata Example : ㅁ ⋄p LTL formula φ, ABA A φ = ( Σ, S, s 0, ρ, F) –Σ = 2 {p} – S: { ㅁ ⋄p, ¬ ㅁ ⋄p, ⋄p, ¬ ⋄p, p, ¬ p} – s 0 : ㅁ ⋄p – F: { ¬ (true U ¬ ⋄p ), ¬ ⋄p } – ρ ( true U ¬ ⋄p, a) = ¬ ( ρ (⋄p, a)) ∨ ( ρ ( true, a) ∧ true U ¬ ⋄p) = ¬ ( ρ ( true U p, a)) ∨ ( true U ¬ ⋄p) = ¬ ( ρ (p, a) ∨ ( ρ ( true, a) ∧ ⋄p)) ∨ ( true U ¬ ⋄p) = ¬ ( ρ (p, a) ∨ ⋄p) ∨ ( true U ¬ ⋄p) – ρ ( ¬( true U ¬ ⋄p), a) = ¬ ( ρ (⋄p, a)) ∨ ( ρ ( true, a) ∧ true U ¬ ⋄p) = ¬ ( ρ ( true U p, a)) ∨ ( true U ¬ ⋄p) = ¬ ( ρ (p, a) ∨ ( ρ ( true, a) ∧ ⋄p)) ∨ ( true U ¬ ⋄p) = ( ρ (p, a) ∨ ⋄p) ∧ ¬ ( true U ¬ ⋄p)

28 About Alternating Automata, Daniel Choi @ PSWLAB, KAIST28/33 s ρ (s, {p}) ρ (s, {}) φφ ⋄p ∧ φ ¬φ¬φ ¬φ¬φ ¬ ⋄p ∨ ¬ φ ⋄p⋄p true ⋄p⋄p ¬⋄p¬⋄p false ¬⋄p¬⋄p ptruefalse ¬p¬p true Translate LTL into Alternating Büchi Automata Example : ㅁ ⋄p A φ = ( Σ, S, s 0, ρ, F) Σ = 2 {p} S: { ㅁ ⋄p, ¬ ㅁ ⋄p, ⋄p, ¬ ⋄p, p, ¬ p} s 0 : ㅁ ⋄p F: { ¬ (true U ¬ ⋄p ), ¬ ⋄p } Input: ¬ p, ¬ p, p, … φ ⋄p⋄p φ ⋄p⋄p⋄p⋄p φ φ …

29 Compare with Generalized Büchi Automaton About Alternating Automata, Daniel Choi @ PSWLAB, KAIST29/33 Translate LTL into Alternating Büchi Automata Example : ㅁ ⋄p

30 Content Branching Choices in Automaton – Existential Choice – Universal Choice Alternating Automata Translate LTL into Alternating Automata Future study & Conclusion About Alternating Automata, Daniel Choi @ PSWLAB, KAIST30/33

31 Conclusion Size of alternating automaton – Linear in the size of formula (exponentially succinct) Alternating automata have same expressive power as nondeterministic automata Translate specification into alternating Büchi automaton – automaton is simplified – Translate simplified automaton into a nondeterministic Büchi automaton About Alternating Automata, Daniel Choi @ PSWLAB, KAIST31/33

32 Future study Study about other variation of Alternating Automata – Weak Alternating Automata – Two-way Alternating Automata – Alternating Tree Automata Other properties of Alternating Automata – Memoryless property – Fixed point logic and alternating automata – Converting alternating Büchi automata to nondeterministic Büchi automata Alternating-time Temporal Logic – R. Alur, T. Henzinger and Kupferman, “Alternating-time Temporal Logic,” COMPOS’97 About Alternating Automata, Daniel Choi @ PSWLAB, KAIST32/33

33 Reference Checking Finite Traces using Alternating Automata by Bernd Finkbeiner and Henny Sipma In FMSD Vol. 24, Issu e 2 (March 2004) Weak Alternating Automata Are Not That Weak by Orna Kupferman and Moshe Y. Vardi In ISTCS'97 An Automata Theoretic Approach to Linear Temporal Logic by Moshe Y. Vardi In BANFF’94 Tree Automata Technique and Applications, Chapter 7 by H. Comon, M Dauchet, R. Gilleron, F Jacquemard, D. Lugiez, S. Tison and M. Tommasi, At http://www.grappa.univ-lille3.fr/tata/ About Alternating Automata, Daniel Choi @ PSWLAB, KAIST33/33

Download ppt "About Alternating Automata Daniel Choi Provable Software Laboratory KAIST."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.

Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.
Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
Avoiding Determinization Orna Kupferman Hebrew University Joint work with Moshe Vardi.

Avoiding Determinization Orna Kupferman Hebrew University Joint work with Moshe Vardi.
1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.

1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.
Recognising Languages We will tackle the problem of defining languages by considering how we could recognise them. Problem: Is there a method of recognising.

Recognising Languages We will tackle the problem of defining languages by considering how we could recognise them. Problem: Is there a method of recognising.
Black Box Checking Book: Chapter 9 Model Checking Finite state description of a system B. LTL formula. Translate into an automaton P. Check whether L(B)

Black Box Checking Book: Chapter 9 Model Checking Finite state description of a system B. LTL formula. Translate into an automaton P. Check whether L(B)
A Survey of Runtime Verification Jonathan Amir 2004.

A Survey of Runtime Verification Jonathan Amir 2004.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Determinization of Büchi Automata

Determinization of Büchi Automata
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture # 11.

1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture # 11.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.

Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.
On-the-fly Model Checking from Interval Logic Specifications Manuel I. Capel & Miguel J. Hornos Dept. Lenguajes y Sistemas Informáticos Universidad de.

On-the-fly Model Checking from Interval Logic Specifications Manuel I. Capel & Miguel J. Hornos Dept. Lenguajes y Sistemas Informáticos Universidad de.
1 Translating from LTL to automata Book: Chapter 6.

1 Translating from LTL to automata Book: Chapter 6.

Similar presentations

Ads by Google