Presentation is loading. Please wait.

Presentation is loading. Please wait.

1212 /k Action and Predicate Safety of Hybrid Processes Pieter Cuijpers Michel Reniers.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1212 /k Action and Predicate Safety of Hybrid Processes Pieter Cuijpers Michel Reniers."— Presentation transcript:

1 1212 /k Action and Predicate Safety of Hybrid Processes Pieter Cuijpers Michel Reniers

2 1212 /k Overview HyPA Process representations Two levels of abstraction Specification of Safety Congruence Safety analysis of hybrid processes Conclusions

3 1212 /k HyPA  termination  deadlock actiondiscrete action cflow clause (V|Pred) d >> P, b >> Pre-initialization clause [V|Pred] P  Palternative composition P  Psequential composition P  P, P  Pdisrupt P || P, P  P, P  Pparallel composition  H (P),  Pred (P)encapsulation

4 1212 /k Hybrid automaton representation X i  c i   j  J(i) d j >> action j  X j HA   i  I d’ i >> X i cici d1d1 d2d2

5 1212 /k Constitutive hybrid process repr. X i  (  j  J(i) d j >> c j )  X i  (  j  J’(i) b j >> action j )  X i CHP  || i  I X i

6 1212 /k State-space representation (Linear hybrid process definition) X i   j  J(i) d j >>    j  J’(i) d j >> action j  X j   j  J’’(i) d j >> c j  X j SSR  X init

7 1212 /k Two levels of abstraction On the lowest level of abstraction, HyPA is aimed at giving different representations of the same system. At a higher level of abstraction, HyPA can also be used to analyse, for example, safety properties.

8 1212 /k Two levels of abstraction Robust Bisimilarity  Initially stateless bisimilarity= X  Y implies X = Y

9 1212 /k Robust bisimilarity x    x x  y  y  x x  (y  z)  (x  y)  z x      x  x   x   x  (y  z)  (x  y)  z (x  y)  z  (x  z)  (y  z) x  y  x  y  y   x     x   x  (y  z)  (x  y)  z (x  y)  z  (x  z)  (y  z) d >> (x  y)  (d >> x)  (d >> y)  H (x  y)   H (x)   H (y) etc. etc. etc.

10 1212 /k Initially stateless bisimilarity d >> action  x=d >> action  d ! >> x d >> c  x=d >> c  (d  D(c)) ! >> x

11 1212 /k Specification of Safety Safety for actionsX=  H (X) Safety for predicatesX=  Pred (X)

12 1212 /k Congruence X  [x|x + = 0] >> a1  a2 Y  [x|x + = 0] >> a1  [x - = 0] >> a2 Z  [x|x + = 1] >> a3 X=Y X || Z  Y || Z

13 1212 /k Predicate safety of a state-space repr. When do we have SSR =  Pred (SSR) ?

14 1212 /k Predicate safety of a state-space repr. Create a re-initialization for every recursion variable, signifying its reachable set. [true]=R init (R i  d j ) !  R j for all i and all j  J’(i) (R i  d j  D(c j )) !  R j for all i and all j  J’’(i)

15 1212 /k Predicate safety of a state-space repr. When do we have R i >> X i =  Pred (R i >> X i ), and especially SSR  [true] >> X init =  Pred ([true] >> X init )   Pred (SSR) ?

16 1212 /k Predicate safety of a state-space repr. R i >> X i  R i >> (  j  J(i) d j >>    j  J’(i) d j >> action j  X j   j  J’’(i) d j >> c j  X j )

17 1212 /k Predicate safety of a state-space repr. R i >> X i   j  J(i) (R i  d j ) >>    j  J’(i) (R i  d j ) >> action j  X j   j  J’’(i) (R i  d j ) >> c j  X j

18 1212 /k Predicate safety of a state-space repr. R i >> X i =  j  J(i) (R i  d j ) >>    j  J’(i) (R i  d j ) >> action j  (R j >> X j )   j  J’’(i) (R i  d j ) >> c j  (R j >> X j )

19 1212 /k Predicate safety of a state-space repr.  Pred (R i >> X i )  Pred ( R i >> (  j  J(i) d j >>    j  J’(i) d j >> action j  X j   j  J’’(i) d j >> c j  X j ))

20 1212 /k Predicate safety of a state-space repr.  Pred (R i >> X i )  Pred (  j  J(i) (R i  d j ) >>    j  J’(i) (R i  d j ) >> action j  X j   j  J’’(i) (R i  d j ) >> c j  X j )

21 1212 /k Predicate safety of a state-space repr.  Pred (R i >> X i )=  Pred (  j  J(i) (R i  d j ) >>    j  J’(i) (R i  d j ) >> action j  (R j >> X j )   j  J’’(i) (R i  d j ) >> c j  (R j >> X j ) )

22 1212 /k Predicate safety of a state-space repr.  Pred (R i >> X i )=  j  J(i)  Pred ( (R i  d j ) >>  )   j  J’(i)  Pred ( (R i  d j ) >> action j )   Pred ( R j >> X j )   j  J’’(i)  Pred ( (R i  d j ) >> c j )   Pred ( R j >> X j )

23 1212 /k Predicate safety of a state-space repr. Assuming safety of the following processes:  Pred ( (R i  d j ) >>  ) =(R i  d j ) >>   Pred ( (R i  d j ) >> action j ) =(R i  d j ) >> action j  Pred ( (R i  d j ) >> c j )= (R i  d j ) >> c j

24 1212 /k Predicate safety of a state-space repr. Assuming safety of the following processes:  Pred ( (R i  d j ) >> action j ) =(R i  d j ) >> action j  Pred ( (R i  d j ) >> c j )= (R i  d j ) >> c j

25 1212 /k Predicate safety of a state-space repr.  Pred (R i >> X i )=  j  J(i) (R i  d j ) >>    j  J’(i) (R i  d j ) >> action j   Pred ( R j >> X j )   j  J’’(i) (R i  d j ) >> c j   Pred ( R j >> X j )

26 1212 /k Predicate safety of a state-space repr. So R i >> X i and  Pred (R i >> X i ) are both solutions of the state space definition: Y i =  j  J(i) (R i  d j ) >>    j  J’(i) (R i  d j ) >> action j   Pred (Y i )   j  J’’(i) (R i  d j ) >> c j   Pred (Y i )

27 1212 /k Predicate safety of a state-space repr. Thus R i >> X i =  Pred (R i >> X i ) and hence SSR =  Pred (SSR).

28 1212 /k Conclusions Different model representations. Analysis at the cost of congruence || Safety of state space representations depends on safety of sub-processes. Termination of analysis method is a problem Calculation of reachable sets is a problem

29 1212 /k Future research For CHP we have congruence || Termination using predicate abstraction Calculation/approximation of reachable sets Algebraic specification of other properties

Download ppt "1212 /k Action and Predicate Safety of Hybrid Processes Pieter Cuijpers Michel Reniers."

Similar presentations

Model Checking Base on Interoplation

Model Checking Base on Interoplation
Solve a System Algebraically

Solve a System Algebraically
Hybrid automata - Abstraction Anders P. Ravn Department of Computer Science, Aalborg University, Denmark Hybrid Systems – PhD School Aalborg University.

Hybrid automata - Abstraction Anders P. Ravn Department of Computer Science, Aalborg University, Denmark Hybrid Systems – PhD School Aalborg University.
General Linear Model With correlated error terms  =  2 V ≠  2 I.

General Linear Model With correlated error terms  =  2 V ≠  2 I.
The Simple Regression Model

The Simple Regression Model
Primitive Recursive Functions (Chapter 3)

Primitive Recursive Functions (Chapter 3)
Fracture, Toughness and Strength by Gordon Williams.

Fracture, Toughness and Strength by Gordon Williams.
Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.

Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
Basic Properties of Relations

Basic Properties of Relations
Markov Chains Ali Jalali. Basic Definitions Assume s as states and s as happened states. For a 3 state Markov model, we construct a transition matrix.

Markov Chains Ali Jalali. Basic Definitions Assume s as states and s as happened states. For a 3 state Markov model, we construct a transition matrix.
Equivalence of open Petri nets Modeling and analysis with Petri net components. Marc Voorhoeve (AIS)

Equivalence of open Petri nets Modeling and analysis with Petri net components. Marc Voorhoeve (AIS)
Department of mathematics and computer science 1 of 21 Rob van Glabbeek (Sydney) Marc Voorhoeve (TUE) Liveness, Fairness and Impossible Futures.

Department of mathematics and computer science 1 of 21 Rob van Glabbeek (Sydney) Marc Voorhoeve (TUE) Liveness, Fairness and Impossible Futures.
Abstractions. Outline Informal intuition Why do we need abstraction? What is an abstraction and what is not an abstraction A framework for abstractions.

Abstractions. Outline Informal intuition Why do we need abstraction? What is an abstraction and what is not an abstraction A framework for abstractions.
Automatic Rectangular Refinement of Affine Hybrid Automata Tom Henzinger EPFL Laurent Doyen ULB Jean-François Raskin ULB FORMATS 2005 – Sep 27 th - Uppsala.

Automatic Rectangular Refinement of Affine Hybrid Automata Tom Henzinger EPFL Laurent Doyen ULB Jean-François Raskin ULB FORMATS 2005 – Sep 27 th - Uppsala.
Hybrid Systems a lecture over: Tom Henzinger’s The Theory of Hybrid Automata Anders P. Ravn Aalborg University PhD-reading course November 2005.

Hybrid Systems a lecture over: Tom Henzinger’s The Theory of Hybrid Automata Anders P. Ravn Aalborg University PhD-reading course November 2005.
On the fundamental matrix of the inverse of a polynomial matrix and applications N. P. Karampetakis S. Vologiannidis Department of Mathematics Aristotle.

On the fundamental matrix of the inverse of a polynomial matrix and applications N. P. Karampetakis S. Vologiannidis Department of Mathematics Aristotle.
Graphing Linear Equations Section 1.2. Lehmann, Intermediate Algebra, 3ed Section 1.2 Consider the equation. Let’s find y when So, when, which cab be.

Graphing Linear Equations Section 1.2. Lehmann, Intermediate Algebra, 3ed Section 1.2 Consider the equation. Let’s find y when So, when, which cab be.
Warm Up 1) Is (-3, 4) a solution to the system? 2)Solve the system by graphing y = -2x + 5 2y = x - 2.

Warm Up 1) Is (-3, 4) a solution to the system? 2)Solve the system by graphing y = -2x + 5 2y = x - 2.
Process Algebra (2IF45) Basic Process Algebra (Soundness proof) Dr. Suzana Andova.

Process Algebra (2IF45) Basic Process Algebra (Soundness proof) Dr. Suzana Andova.

Similar presentations

Ads by Google