reachability of communicating timed processesvacsim.inria.fr/reunions/2013-avril/labri.pdf ·...
Post on 17-Sep-2018
238 Views
Preview:
TRANSCRIPT
Reachability of Communicating Timed Processes
Lorenzo Clemente (1), Frédéric Herbreteau (1),Amélie Stainer (2), and Grégoire Sutre (1)
Plouzané, Tuesday 16th April 2013
(1) University of Bordeaux/LaBRI(2) University of Rennes I
At a glance
Model: Communicating Finite State Machines + Time
Problem: Decidability and complexity of reachability w.r.t. the communication topology
Results: Adding time does not change decidability, but the complexity worsens
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?b
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bε ε
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bεa
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bεba
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bcba
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bba ε
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bb ε
Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.
!a !c ?a ?cP Q R
Reachability: Every process is in a final state and channels are empty
!b ?bεε
Communicating Finite State Machines
Reachability is in general undecidable [Brand&Zafiropulo].Decidabile restrictions:
• Bound the channel (→ finite state system).
• Restrict the message alphabet to a singleton (→ Petri nets) [Karp&Miller’69].
• Make the channel lossy [Abdulla&Jonsson’96, Cece&Finkel&Iyer’96].
• Restrict to mutex communication [Heussner&Leroux&Muscholl&Sutre’10].
Communicating Finite State Machines
Reachability is in general undecidable [Brand&Zafiropulo].Decidabile restrictions:
• Bound the channel (→ finite state system).
• Restrict the message alphabet to a singleton (→ Petri nets) [Karp&Miller’69].
• Make the channel lossy [Abdulla&Jonsson’96, Cece&Finkel&Iyer’96].
• Restrict to mutex communication [Heussner&Leroux&Muscholl&Sutre’10].
• Restrict the communication topology [La Torre&Madhusudan&Parlato’08].
Communicating Finite State MachinesDecidability for restricted topologies.
!a !c ?a ?cP Q R
Topology: P → Q → R
!b ?b
Communicating Finite State MachinesDecidability for restricted topologies.
Theorem [La Torre&Madhusudan&Parlato’08].Reachability for CFSMs is decidable iff the topology is a polyforest.
Theorem [La Torre&Madhusudan&Parlato’08].Reachability is PSPACE-complete on polyforest topologies.
Our aim: Extend this results to models with time.
Examples of polyforest: Non-example:P
QRP Q R
(no undirected cycle)
P QR
S
Communicating FSMs + Time
Discrete time Dense time
• Each process is a tick automaton [Gruber&Holzer&Kiehn&Koenig]
• Add a synchronising action τ
• All processes perform τ at the same time
• Each process is a timed automaton [Alur&Dill’94]
• Clocks are local to each process
• All clocks evolve at the same rate
Discrete time
!a !b ?a τP Q
Rτ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
Discrete time
!a !b ?a τP Q
Rτ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
ε ε
Discrete time
!a !b ?a τP Q
Rτ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
a ε
Discrete time
!a !b ?a τP Q
Rτ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
a ε
Discrete time
!a !b ?a
P QR
τ ττ ?b
• Add a synchronising action τ • All processes perform τ at the same time
a ε τ
Discrete time
!a !b ?a
P QR
τ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
a b τ
Discrete time
!a !b ?a
P QR
τ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
b τε
Discrete time
!a !b ?a
P QR
τ τ
τ ?b
• Add a synchronising action τ • All processes perform τ at the same time
τε ε
Dense time• Each process is a timed
automaton with local clocks • All clocks evolve at the same rate
0<x<1,!a,{x}P x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
ε
x=0
y=0
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
ε
x=0.5
y=0.5
Elapse 0.5
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
a
x=0
y=0.5
Elapse 0.5
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
a
x=0.2
y=0.7
Elapse 0.5+0.2
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
x=0.2
y=0
Elapse 0.5+0.2 ε
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
Elapse 0.5+0.2+0.8 ε
y=0.8
x=1
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
Elapse 0.5+0.2+0.8 b
y=0.8
x=1
Dense time
0<x<1,!a,{x}P
• Each process is a timed automaton with local clocks • All clocks evolve at the same rate
x=1,!b
0<y<1,?a,{y}Q 0<y<1,?b
Elapse 0.5+0.2+0.8
y=0.8
x=1
ε
Communicating FSMs + Time
Discrete time Dense time
• Each process is a tick automaton [Gruber&Holzer&Kiehn&Koenig]
• Add a synchronising action τ
• All processes perform τ at the same time
• Each process is a timed automaton [Alur&Dill’94]
• Clocks are local to each process
• All clocks evolve at the same rate
We study discrete time first
and then extend to dense time
Discrete time
Network of Communicating Tick Automata
Petri NetsPetri Nets
Theorem: Reachability decidable iff polyforest topology
Theorem: The complexity is the same as Petri nets
(polyforest topologies)
(with a fixed polyforest topology)
Discrete time
Network of Communicating Tick Automata
Petri NetsPetri Nets
Theorem: Reachability decidable iff polyforest topology
Theorem: The complexity is the same as Petri nets
(polyforest topologies)
(with a fixed polyforest topology)
Discrete time Network of
Communicating Tick Automata
PetriNets
(polyforest topologies)
Discrete time Network of
Communicating Tick Automata
Network of Communicating
Counter Automata
un-tickingbound
channels
(any topology) (polyforest topology)
PetriNets
Discrete time Network of
Communicating Tick Automata
Network of Communicating
Counter Automata
un-tickingbound
channels
(any topology) (polyforest topology)
PetriNets
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
ε ε
P:
Q:
P:
Q:
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
ε ε
P: τ Q: τ
P:
Q:
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
ε τ
P: τ Q: τ
P: !τ Q:
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
a τ
P: τ !aQ: τ
P: !τ Q:
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
aτ
P: τ !aQ: τ
P: !τ !aQ:
a
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?aτ
P: τ !aQ: τ ?a
P: !τ !aQ:
aε
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?aτ
P: τ !aQ: τ ?a
P: !τ !aQ: c++
aε
c=1
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
P: τ !aQ: τ ?a
P: !τ !aQ: c++ ?τ c--
aε
c=0
Discrete time P:
Q:
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
• P sends its ticks
• Q increments a counter instead of doing a tick
• In any state, Q can receive a tick
?a
P: τ !aQ: τ ?a
P: !τ !aQ: c++ ?τ c-- ?a
ε
c=0
ε
Discrete time Network of
Communicating Tick Automata
Network of Communicating
Counter Automata
un-tickingbound
channels
(any topology) (polyforest topology)
PetriNets
τP
Q
!a
τ
!τP
Q
!a
c++?a
?τ; c-- ?τ; c--
un-ticking
?a
bound channels Product
construction
Discrete time Network of
Communicating Tick Automata
Network of Communicating
Counter Automata
un-tickingbound
channels PetriNets
un-counter
Discrete time Network of
Communicating Tick Automata
PetriNets
un-counter
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ• Replace c++ by c!m
• Replace c-- by d!m; τ
c
d
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
ε
ε
c
d
c=0
d=0
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
ε
ε
c
d
c=1
d=0
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
ε
c
d
c=1
d=0
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
ε
c
d
c=2
d=0
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
ε
c
d
c=2
d=0m
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
ε
c
d
c=2
d=0m
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
ε
c
d
c=2
d=0m
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
ε
c
d
c=1
d=0m
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
m
c
d
c=1
d=0m
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
c
d
c=1
d=0
ε
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
c
d
c=1
d=0
ε
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
c
d
c=1
d=1
ε
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
c
d
m
c=1
d=1
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
m
c
d
m
c=0
d=1
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
ε
c
d
m
c=0
d=1
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
d!m
Pc c?m
τ
Pd d?m
τ
c
d
m
c=0
d=2ε
• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time
A c++ c--
d++
P c!m d!m; τ
Pc c?m
τ
Pd d?m
τ
c
d
c=0
d=2ε
d!m m m• Replace c++ by c!m
• Replace c-- by d!m; τ
Discrete time Network of
Communicating Tick Automata
PetriNets
un-counter
The construction can be adapted to work for any given star topology
P
Pd1
Pdn
given countersd_1...d_n
...
Discrete time Network of
Communicating Tick Automata
PetriNets
un-counter
The construction can be adapted to work for any given star topology
P
Pd1
Pdn
given countersc_1...c_m andd_1...d_n
Pc1
Pcm
... ...
Discrete time (summary)
Network of Communicating Tick Automata
Petri NetsPetri Nets
Theorem: Reachability decidable iff polyforest topology
Theorem: The complexity is the same as Petri nets
(polyforest topologies)
(for any fixed star topology)
Dense time
Network of Communicating Timed Automata
Theorem: Reachability decidable iff polyforest topology
Theorem: The complexity is Petri net-hard and in Exp-Petri net
(polyforest topologies)
(any topology)
Network of Communicating Tick Automata
un-timing (exponential blow-up)
Dense time
Network of Communicating Timed Automata
(polyforest topologies)Network of
Communicating Tick Automata
un-timing (exponential blow-up)
Network of Communicating Timed Automata
Network of Communicating Tick Automata
Dense time
In order to preserve the topology, we would like to apply the region construction locally to each automaton. But this is incorrect.
P
Q
RS
P’’
Q’’
R’’S’’
Network of Communicating Timed Automata
Network of Communicating Tick Automata
Dense time Network of
Instrumented Timed Automata
Instrumented automaton: just a timed automaton with tick actions
instrumentation
region construction
.
P
Q
RS
P’’
Q’’
R’’S’’
P’
Q’
R’S’
instrumentation region construction
Network of Communicating Timed Automata
Network of Communicating Tick Automata
Dense time Network of
Instrumented Timed Automata
instrumentation
region construction
.
Intuition for instrumentation:add ticks to mark the beginning and end of integer time points
timed run instrumented run
...0 1 2
a0 a1 a2 ......
0 1 2
a0 a1 a2 ...τ τ τ τ τ
This can be achieved by a simple construction on each timed automaton
Network of Communicating Timed Automata
Network of Communicating Tick Automata
Dense time Network of
Instrumented Timed Automata
instrumentation
region construction
.
Realising instrumentation:add a new clock t
x>0,!a,{x}P
t=0&x>0,!a,{x}P,0
0<t<1&x>0,!a,{x}P,1
t=0,τ
t=1,τ,{t}
t=0,τ
t=1,τ,{t}
Network of Communicating Timed Automata
Network of Communicating Tick Automata
Dense time Network of
Instrumented Timed Automata
instrumentation
region construction
.
P
Q
RS
P’’
Q’’
R’’S’’
P’
Q’
R’S’
instrumentation region construction
has an accepting run
has an accepting run
has an accepting runiff only if
The other direction follows from a Rescheduling Lemma for timed automata
Dense time P’’
Q’’
R’’S’’
P’
Q’
R’S’
region construction
has an accepting run
has an accepting runif
• An accepting run on the left induces a local accepting run in each P’’, Q’’, etc...
• Instrumentation guarantees that integral timestamps agree.
• What about non-integral ones?Instrumentation just ensures that they are in the same interval (k, k+1)
...0 1 2
a0 a1 a2 ...τ τ τ τ τ
Need to preserve send/receive causality ordering!
A Rescheduling Lemma ensures that on polyforest topologies timestamps can be chosen to preserve causality
Dense time
Network of Communicating Timed Automata
(polyforest topologies)
(any topology)
Network of Communicating Tick Automata
un-timing (exponential blow-up)
Network of Communicating Timed Automata
Network of Communicating Tick Automata
Dense time
Simulate ticks locally by interpreting τ as one time unit
τP !a t=1, {t}P’ t=0,!a
(any topology)
Dense time (summary)
Network of Communicating Timed Automata
Theorem: Reachability decidable iff polyforest topology
Theorem: The complexity is Petri net-hard and in Exp-Petri net
(polyforest topologies)
(any topology)
Network of Communicating Tick Automata
un-timing (exponential blow-up)
Extension: UrgencyNot shown in this presentation: Urgent channels
• Urgency: receptions have priority over internal actions.
• We show that urgent channel are equivalent to zero tests on counters.
Theorem (Discrete time): Rechability decidable iff at most 1 urgent channel for each weakly connected component.
• [Krcal&Yi’06]: Reachability is undecidable in the urgent pipeline of length 2.
Extension (Dense time): Reachabiliy undecidable if any weakly connected component contains at least 2 urgent channels.
P Q R
Future directions
• Our generic topology-preserving transformation dense --> discrete time does not work in the presence of urgency.
• Obtain a complete characterisation in the presence of urgency also for dense time.
• Study richer models where timestamps can be sent along the channel.
top related