the impressive power of stopwatches
TRANSCRIPT
Microsoft PowerPoint - Stopwatch AutomataFranck Cassez IRCCyN,
Nantes, FRANCE
Kim G. Larsen BRICS, Aalborg, DENMARK
Cb
TIMED AUTOMATATIMED AUTOMATA
x-y<=n Operations: resets
LINEAR HYBRID AUTOMATALINEAR HYBRID AUTOMATA
tcup del-coford-cof
Rate: x’ in [l,u] Guards: linear inequalities Operations: linear assignments
Cb
MotivationMotivation
Expressivity
MotivationMotivation
Expressivity
Cb
STOPWATCH AUTOMATASTOPWATCH AUTOMATA Leaking Gas BurnerLeaking Gas Burner
time
x,y,z
10
20
30
x>=n x-y<=n
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Z
Zone
Cb
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
Z*:
IFIF THENTHEN
Symbolic Symbolic Reachability Reachability AnalysisAnalysis Stopwatch AutomataStopwatch Automata
n x’=1 y’=0
x>3
y:=0
-2<=x-y<=3
-2<=x-y
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Zone
Z*:
IFIF THENTHEN
if x’=1
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zTrueFuture(Z):
• Z* is an overapproximation of Future(Z)
• We may compuate an over-approximation of reachable states of an SWA using TA-datastructures,
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zFuture(Z):
Scheduler (preemptive)
a<=b
Cb
Further Extensions of TA Further Extensions of TA ??
ALL ALL LINEAR HYBRID LINEAR HYBRID AUTOMATAAUTOMATA
Cb
Linear Linear Stopwatch AutomataStopwatch Automata SWASWA + Linear + Linear guards guards (and (and assignassign.).)
2x+y<3x’=1 y’=1
l1
l2
I I
I (u’=0)
LSWA LSWA to to SWASWA ((principleprinciple))
φ(x)>n
l1 l2
ii xa∑ ii xb∑t:=0 u:=0 v:=0
t:=0
u v
u-v>n
l1 l2
Leaking Gas BurnerLeaking Gas Burner
Test Automata
( )yzyAG ≤⇒≥ 2060
LEAKING LEAKING GASBURNERGASBURNER in in UPPAALUPPAALswsw
Cb
Linear Hybrid Linear Hybrid AutomataAutomata = = LSWALSWA With IntervalWith Interval--rates rates on clockson clocks
ON
OFF
¯ 22CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 23CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 24CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (2)(2) Negative Negative constant slopesconstant slopes
x’=-2
t:=0
x = xp – xn
A
T(A)
Cb
LHA LHA to to LSWA LSWA (3)(3) Slope Slope IntervalsIntervals
x’=[2,4]
k:=2 u:=0
u:=0;k-- u=t
u=0 k=0
u:=0 k:=4-2
WaterWater--Level MonitorLevel Monitor
Water Level MonitorWater Level Monitor in in UPPAALUPPAALswsw
Cb
SummarySummary//ConclusionsConclusions
• Translation T from LHA to SWA is – ”exact” wíth respect to reachability of locations – more precisely
– timed (w-) language-preserving • Extension of UPPAAL to SWA
– Reuse of efficient datastructures – Overapproximation
• Applications – Preemptive Schedulers (Bang&Olufsen Power Down) – Gasburner – Water Level Control,……..
• Complexity and accurracy of encoding?
AT(A) LHA.A ≈∈∀
European (semi-) final rematch ++++
European (semi-) final rematch ++++
Kim G. Larsen BRICS, Aalborg, DENMARK
Cb
TIMED AUTOMATATIMED AUTOMATA
x-y<=n Operations: resets
LINEAR HYBRID AUTOMATALINEAR HYBRID AUTOMATA
tcup del-coford-cof
Rate: x’ in [l,u] Guards: linear inequalities Operations: linear assignments
Cb
MotivationMotivation
Expressivity
MotivationMotivation
Expressivity
Cb
STOPWATCH AUTOMATASTOPWATCH AUTOMATA Leaking Gas BurnerLeaking Gas Burner
time
x,y,z
10
20
30
x>=n x-y<=n
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Z
Zone
Cb
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
Z*:
IFIF THENTHEN
Symbolic Symbolic Reachability Reachability AnalysisAnalysis Stopwatch AutomataStopwatch Automata
n x’=1 y’=0
x>3
y:=0
-2<=x-y<=3
-2<=x-y
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Zone
Z*:
IFIF THENTHEN
if x’=1
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zTrueFuture(Z):
• Z* is an overapproximation of Future(Z)
• We may compuate an over-approximation of reachable states of an SWA using TA-datastructures,
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zFuture(Z):
Scheduler (preemptive)
a<=b
Cb
Further Extensions of TA Further Extensions of TA ??
ALL ALL LINEAR HYBRID LINEAR HYBRID AUTOMATAAUTOMATA
Cb
Linear Linear Stopwatch AutomataStopwatch Automata SWASWA + Linear + Linear guards guards (and (and assignassign.).)
2x+y<3x’=1 y’=1
l1
l2
I I
I (u’=0)
LSWA LSWA to to SWASWA ((principleprinciple))
φ(x)>n
l1 l2
ii xa∑ ii xb∑t:=0 u:=0 v:=0
t:=0
u v
u-v>n
l1 l2
Leaking Gas BurnerLeaking Gas Burner
Test Automata
( )yzyAG ≤⇒≥ 2060
LEAKING LEAKING GASBURNERGASBURNER in in UPPAALUPPAALswsw
Cb
Linear Hybrid Linear Hybrid AutomataAutomata = = LSWALSWA With IntervalWith Interval--rates rates on clockson clocks
ON
OFF
¯ 22CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 23CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 24CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (2)(2) Negative Negative constant slopesconstant slopes
x’=-2
t:=0
x = xp – xn
A
T(A)
Cb
LHA LHA to to LSWA LSWA (3)(3) Slope Slope IntervalsIntervals
x’=[2,4]
k:=2 u:=0
u:=0;k-- u=t
u=0 k=0
u:=0 k:=4-2
WaterWater--Level MonitorLevel Monitor
Water Level MonitorWater Level Monitor in in UPPAALUPPAALswsw
Cb
SummarySummary//ConclusionsConclusions
• Translation T from LHA to SWA is – ”exact” wíth respect to reachability of locations – more precisely
– timed (w-) language-preserving • Extension of UPPAAL to SWA
– Reuse of efficient datastructures – Overapproximation
• Applications – Preemptive Schedulers (Bang&Olufsen Power Down) – Gasburner – Water Level Control,……..
• Complexity and accurracy of encoding?
AT(A) LHA.A ≈∈∀
European (semi-) final rematch ++++
European (semi-) final rematch ++++