1 / 25

Symbolic Algorithm for Generation Büchi Automata from LTL Formulas

Symbolic Algorithm for Generation Büchi Automata from LTL Formulas. Irina V. Shoshmina and Alexey B. Belyaev Saint-Petersburg State Polytechnical University ishoshmina@dcn.ftk.spbstu.ru belyaevab@gmail.com. Errors Detection of Parallel and Distributed Programs

diep
Download Presentation

Symbolic Algorithm for Generation Büchi Automata from LTL Formulas

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Symbolic Algorithm for Generation BüchiAutomata from LTL Formulas Irina V. Shoshmina and Alexey B. Belyaev Saint-Petersburg State PolytechnicalUniversity ishoshmina@dcn.ftk.spbstu.ru belyaevab@gmail.com

  2. Errors Detection of Parallel and Distributed Programs • Combinations of partly ordered events • Parallel systems working correctly “almost always” may keep subtle errors over the years • “Concurrency errors are particularly difficult to find by program testing since they are often hard to reproduce” E. Clarke • Model Checking • Formal language for specification behaviorproperties of parallel and distributed SW systems (Behavior requirements) • Formal model of discrete devices and parallel and distributed SW systems • Algorithms to check whether a given logical formula is true on a system model PACT’2011

  3. Kripkestructure К LTL formulaФ K:: Büchi automatonВФ К Ф { }, {р}, {q}, {р,q} {р}, { } К->Büchi LTL->Büchi {р,q} {р, q},{р} BФ:: АК ВФ s r Synchronouscomposition 1 2 3 4 АК ВФ LAkLВф=? Model Checking forLinear Temporal Logic (LTL) LTL formulas are defined by the grammar:  = р |  |    | X  | U  Negation Ф: Ф=G(pXFq)= = F( p  XGq) AK:: {р,q} { } { } { } { } Yes No PACT’2011

  4. Kripkestructure К LTL formulaФ К Ф К->Büchi LTL->Büchi АК ВФ Synchronouscomposition АК ВФ LAkLВф=? Model Checking forLinear Temporal Logic (LTL) LTL formulas are defined by the grammar:  = р |  |    | X  | U  • Upper bound of a Büchi automaton size: O(2|Ф|) • Complexity of LTL model checking algorithm is: О( |K| * 2|  Ф| ) • A lot of requirement specification is described by short formulas • But in practice there are some cases when formulas are long Yes No PACT’2011

  5. Fairness assumptions. Vessel power supply controller We require some behavior of the distributed and parallel system if there is a concrete environment behavior • Reaction to a button: “always by pressing the RESET button the vessel power supply becomes active sometime in future” p1, q p1 p1 p1 • q – “button is pressed” • r – “vessel power supply system is active” G(q ⇒ F r) But there is a trace: • {p1,q} – {} – {} … • p1 – alternator state is consistent • system activation is blocked GF p1 ⇒ G(q ⇒ F r) • In real system there are dozen of such assumptions … Size of LTL formula is growing … … … … PACT’2011

  6. Requirement Specification Verification • Error could be as in program so in a specification • To check if specification is valid: it is true for any model • Or specification is unsatisfiable: there is no model that satisfy a requirement • To verify specification model checking could be used [Rozier,Vardi, 2007]: • Construct a universal model M • If LM∩ Lφ ≠∅thanφis satisfiable or valid • If LM∩Lφ≠∅thanφis satisfiable or unsatisfiable • Verify a conjunction of specification formulas • Lφ1 ≠∅ и Lφ2 ≠∅ и Lφn ≠∅ ⇏ Lφ1∩ Lφ2∩… ∩ Lφn≠∅ Size of LTL formula is growing PACT’2011

  7. LTL to Büchi translation • SPIN translates a formula with 4 fairness constraints during 1 hour • LTL2BA translates a formula with 9 fairness constraints during 1 hour • 60% of translation time algorithms used for optimization Main goal is to develop an algorithm for explicit model checking: • Small number of Büchi automaton states • Deterministic Büchi automaton transitions when it is possible • Time efficient Used methods: • Small number of Büchi automaton states – the best known explicit LTL to Büchi algorithm with Alternating Automata [Gastin, Oddoux2001] • Deterministic Büchi automaton transitions when it is possible –LTL to Alternating Automata algorithm [Vardi 1999] • Time efficient – BDD for finite sets [Bryant 1986] PACT’2011

  8. Büchi automaton: finite model of ω-languages • Büchiautomaton (automaton for infinite words)B=(Q, , I, , F)Q – finite state set- finite alphabetI Q– initial states set Q x x Q– transition relationF  Q – accepting states set • Büchi automaton B computation over -word w=a0a1...   - an infinite sequence =q0q1 ... such that q0I and (iN)(qiaiqi+1)   •  is acceptediff (qF)qi=q infinite timesiNinf() F   • Language LB - a set of -words that for accepting computation  exists PACT’2011

  9. Buchi Automaton and LTL formula • LTL formula =F(a Ub) • Temporal subformulas: 1= a Ub, 2= F(a Ub) • Th. For every LTL formula  exists a Buchi automaton B such that L=LB s1 s0 s2 s4 s3 a,b a 2,1 2,1 2 2 ... A state s is labeled by set of temporal subformulasthat satisfied in computation starting in s PACT’2011

  10. Coding a Büchi automaton • Finite alphabet is a set of predicates 2AP • A Büchi automata state labeled by a subset of temporal subformulas • χ(q) – Boolean function • si=1 – temporal subformulai is in the state q • Else si=0 • Transition relation between states is temporal obligations depending on symbols accepting by a state • χ() – Boolean function state predicate next state • Binary Decision Diagrams are used for presentation of Boolean functions PACT’2011

  11. I. From LTL formula to Alternating Automaton • Define a temporal subformula and its temporal obligations • Transform to Negation Normal Form GFp  :: =p|p | | | U | R • Construct an alternating automaton • AND,OR transitions • si– subformulaof a given formula is in a state T • δ: B(s)→B+(2APx2S) T p • Rules for constructing transition relations δ(sp) = psT δ(sp) = psT δ(sT) = sT δ(s) = δ(s)  δ(s) δ(s) = δ(s) δ(s) δ(sR) = δ(s)  (δ(s) sR) δ(sU) = δ(s)  (δ(s) sU) PACT’2011

  12. I. From LTL formula to Alternating Automaton GFp • Define a temporal subformula and its temporal obligations • Transform to Negation Normal Form  :: =p|p | | | U | R • Construct an alternating automaton • AND,OR transitions • si– subformulaof a given formula is in a state T p p • δ: B(s)→B+(2APx2S) T p • Rules for constructing transition relations δ(sp) = psT δ(sp) = psT δ(sT) = sT δ(s) = δ(s)  δ(s) δ(s) = δ(s) δ(s) δ(sR) = δ(s)  (δ(s) sR) δ(sU) = δ(s)  (δ(s) sU) PACT’2011

  13. I. From LTL formula to Alternating Automaton GFp • Define a temporal subformula and its temporal obligations p • Transform to Negation Normal Form  :: =p|p | | | U | R • Construct an alternating automaton p • AND,OR transitions • si– subformulaof a given formula is in a state T p p • δ: B(s)→B+(2APx2S) T p • Rules for constructing transition relations δ(sp) = psT δ(sp) = psT δ(sT) = sT δ(s) = δ(s)  δ(s) δ(s) = δ(s) δ(s) δ(sR) = δ(s)  (δ(s) sR) δ(sU) = δ(s)  (δ(s) sU) PACT’2011

  14. II. From an Alternating Automaton to Generalized Büchi Automaton GFp • Determine sets of temporal logic subformulas • Find corresponding transition relations • Define groups of accepting transitions p GFp p Fp T p p T s • Generalized Büchi Automaton: • state – a set of subformulas • several groups of accepting transitions (one for every U-subformula) s1 s2 Z PACT’2011

  15. Finding sets of subformulas Alternating automaton transition is a positive Boolean function for s1..sn • mintermis an BDD operation to find a minimum conjunct for a positive Boolean function • 0 – weight of false edge • 1 – weight of true edge • Find a path with minimum weight δs = p(s0s2 s2s3 s4s5  s1s4s5 s0s2s4s5) Büchi automaton state is a minimum positive conjunct of s1..sn δ = s0s2 s2s3 s4s5 PACT’2011

  16. Finding sets of subformulas • a minimum positive conjunct is determined for a transition function “without” predicates • h=SUBBDDL(f) is a BDD operation to determine subBDD at level L • h is f subgraph, • hroot vertex is at level i≥ L, • there is no path from f to h root vertex from vertexes L,…,i – 1 PACT’2011

  17. Büchi accepting condition for transitions • An co-Büchi accepting state in Alternating Automaton – a state labeled by U-operator • An Alternating Automaton co-Büchi accepting state corresponds to a group of Büchi-accepting transitions • ti(p1,…, pm,s1,…,sn )–a labeling function for a transition • A transition could be labeled by several accepting labels PACT’2011

  18. (III.) From Generalized Büchi Automaton to Büchi automaton • Construct a group of accepting states instead of several accepting transitions groups t1 t2 t1 Example: ((GFp)→ G(q→ Fr)) Degeneralizer Generalized Büchi Automaton Büchi Automaton t1 t2 t1 t2 t1, t2 – labels of accepting transitions t1 t2 PACT’2011

  19. (III.) From Generalized Büchi Automaton to Büchi automaton • Construct a group of accepting states instead of several accepting transitions groups t1 t2 t1 Example: ((GFp)→ G(q→ Fr)) Degeneralizer Generalized Büchi Automaton Büchi Automaton t1 t2 t1 t2 • In our algorithm steps II and III are joined t1, t2 – labels of accepting transitions t1 t2 PACT’2011

  20. Time results. Pattern formulas Φ(n) = ((GFp1…GFpn) → G(q →Fr)) PACT’2011

  21. Time results. Pattern formulas Ψ(n) = (p1U(p2U(...Upn)...)) PACT’2011

  22. Time results. Pattern formulas H(n)=¬(Fp1∧Fp2∧…∧Fpn ∧ G(p1 → XG ¬ p1) ∧ G(p2 → XG ¬ p2) ∧…∧ G(pn → XG ¬ pn)) PACT’2011

  23. Time results. Random formulas P = 0.75, N = 100. Logarithmic scale • P – probability of temporal operators U, R, F, G; • N – size of alphabet PACT’2011

  24. Conclusions • develop an algorithm for translation Linear Temporal Logic formula to a Büchi automaton • use symbolic approach for presentation of finite sets of states and transitions at all stages • translate LTL formula to Alternating Automata • suggest an algorithm of translation Büchi Automata from Altrenating Automata • time results for pattern and random formulas show advantage of this algorithm for some types of LTL formulas PACT’2011

  25. Thank you for attention PACT’2011

More Related