Presentation is loading. Please wait.

Presentation is loading. Please wait.

Translating from logic to automata (Book: Chapter 6)

Published byErin Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "Translating from logic to automata (Book: Chapter 6)"— Presentation transcript:

1 Translating from logic to automata (Book: Chapter 6)

2 Why translating? Want to write the specification in some logic. Want model-checking tools to be able to check the specification automatically.

3 Generalized Büchi automata Acceptance condition F is a set F={f 1, f 2, …, f n } where each f i is a set of states. To accept, a run needs to pass infinitely often through a state from every set f i.

4 Translating into simple Büchi automaton q0q0 q2q2 q1q1 q0q0 q2q2 q1q1 Version 0 Version 1 c c c c b a b a

5 Translating into simple Büchi automaton q0q0 q2q2 q1q1 q0q0 q2q2 q1q1 Version 0 Version 1 c c c c b a b a

6 Translating into simple Büchi automaton q0q0 q2q2 q1q1 q0q0 q2q2 q1q1 Version 0 Version 1 c c c c b a b a

7 Preprocessing Convert into normal form, where negation only applies to propositional variables. ¬[]  becomes <>¬ . ¬<>  becomes [] ¬ . What about ¬ (  U  )? Define operator V such that ¬ (  U  ) = (¬  ) R (¬  ), ¬ (  R  ) = (¬  ) U (¬  ).

8 Semantics of pR q p qqqqqqq q qq qqqq ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p ¬p¬p

9 Replace ¬ true by false, and ¬ false by true. Replace ¬ (  \/  ) by ( ¬  ) /\ ( ¬  ) and ¬ (  /\  ) by ( ¬  ) \/ ( ¬  )

10 Eliminate implications, <>, [] Replace  ->  by ( ¬  ) \/ . Replace <>  by (true U  ). Replace []  by (false R  ).

11 Example Translate ( []<>P )  ( []<>Q ) Eliminate implication ¬( []<>P ) \/ ( []<>Q ) Eliminate [], <>: ¬( false R ( true U P ) ) \/ ( false R ( true U Q ) ) Push negation inwards: (true U (false U ¬ P ) ) \/ ( false V ( true U Q ) )

12 The data structure Incoming NewOld Next Name

13 The main idea  U  =  \/ (  /\ O (  U  ) )  V  =  /\ (  \/ O (  R  ) ) This separates the formulas to two parts: one holds in the current state, and the other in the next state.

14 How to translate? Take one formula from “New” and add it to “Old”. According to the formula, either Split the current node into two, or Evolve the node into a new version.

15 Splitting Incoming New Old Next Incoming New Old Next Incoming New Old Next Copy incoming edges, update other field.

16 Evolving Incoming New Old Next Incoming New Old Next Copy incoming edges, update other field.

17 Possible cases:  U , split: Add  to New, add  U  to Next. Add  to New. Because  U  =  \/ (  /\ O (  U  )).  R , split: Add  to New. Add  to New,  R  to Next. Because  R  =  /\ (  \/ O (  R  )).

18 More cases:  \/ , split: Add  to New. Add  to New.  /\ , evolve: Add  to New. O , evolve: Add  to Next.

19 How to start? Incoming NewOld Next init aU(bUc)

20 Incoming init aU(bUc) Incoming aU(bUc) bUcbUc a init

21 Incoming aU(bUc)bUcbUc init Incoming aU(bUc) c (bUc) b

22 When to stop splitting? When “New” is empty. Then compare against a list of existing nodes “Nodes”: If such a with same “Old”, “Next” exists, just add the incoming edges of the new version to the old one. Otherwise, add the node to “Nodes”. Generate a successor with “New” set to “Next” of father.

23 Incoming a,aU(bUc) aU(bUc) init Incoming aU(bUc) Creating a successor node.

24 How to obtain the automaton? There is an edge from node X to Y labeled with propositions P (negated or non negated), if X is in the incoming list of Y, and Y has propositions P in field “Old”. Initial node is init. Incoming NewOld Next X Node Y a, b, ¬c

25 The resulted nodes. a, aU(bUc) b, bUc, aU(bUc)c, bUc, aU(bUc) b, bUcc, bUc

26 a, aU(bUc) b, bUc, aU(bUc)c, bUc, aU(bUc) b, bUcc, bUc All nodes with incoming edge from “init”. Initial nodes

27 Include only atomic propositions Init a b c cb

28 Acceptance conditions Use “generalized Buchi automata”, where there are several acceptance sets F1, F2, …, Fn, and each accepted infinite sequence must include at least one state from each set infinitely often. Each set corresponds to a subformula of form  U . Guarantees that it is never the case that  U  holds forever, without .

29 Accepting w.r.t. bU c a, aU(bUc) b, bUc, aU(bUc)c, bUc, aU(bUc) b, bUcc, bUc All nodes with c, or without bUc.

30 Acceptance w.r.t. aU (bU c) a, aU(bUc) b, bUc, aU(bUc)c, bUc, aU(bUc) b, bUcc, bUc All nodes with bUc or without aU(bUc).

Download ppt "Translating from logic to automata (Book: Chapter 6)"

Similar presentations

Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.

Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.
Translating from logic to automata Book: Chapter 6.

Translating from logic to automata Book: Chapter 6.
Black Box Checking Book: Chapter 9 Model Checking Finite state description of a system B. LTL formula. Translate into an automaton P. Check whether L(B)

Black Box Checking Book: Chapter 9 Model Checking Finite state description of a system B. LTL formula. Translate into an automaton P. Check whether L(B)
Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.

Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Partial Order Reduction: Main Idea

Partial Order Reduction: Main Idea
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Vered Gafni – Formal Development of Real Time Systems 1 Statecharts Semantics.

Vered Gafni – Formal Development of Real Time Systems 1 Statecharts Semantics.
Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 

Propositional and First Order Reasoning. Terminology Propositional variable: boolean variable (p) Literal: propositional variable or its negation p 
1 Generalized Buchi automaton. 2 Reminder: Buchi automata A=  Alphabet (finite). S: States (finite).  : S x  x S ) S is the transition relation. I.

1 Generalized Buchi automaton. 2 Reminder: Buchi automata A=  Alphabet (finite). S: States (finite).  : S x  x S ) S is the transition relation. I.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Methods of Proof Chapter 7, second half.. Proof methods Proof methods divide into (roughly) two kinds: Application of inference rules: Legitimate (sound)

Methods of Proof Chapter 7, second half.. Proof methods Proof methods divide into (roughly) two kinds: Application of inference rules: Legitimate (sound)
For Friday No reading Homework: –Chapter 9, exercise 4 (This is VERY short – do it while you’re running your tests) Make sure you keep variables and constants.

For Friday No reading Homework: –Chapter 9, exercise 4 (This is VERY short – do it while you’re running your tests) Make sure you keep variables and constants.
Methods of Proof Chapter 7, Part II. Proof methods Proof methods divide into (roughly) two kinds: Application of inference rules: Legitimate (sound) generation.

Methods of Proof Chapter 7, Part II. Proof methods Proof methods divide into (roughly) two kinds: Application of inference rules: Legitimate (sound) generation.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.

CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Introduction to Computability Theory

Introduction to Computability Theory

Similar presentations

Ads by Google