Action and predicate safety of hybrid processes
Download
1 / 29

Action and Predicate Safety of Hybrid Processes - PowerPoint PPT Presentation


  • 89 Views
  • Uploaded on

Action and Predicate Safety of Hybrid Processes. Pieter Cuijpers Michel Reniers. Overview. HyPA Process representations Two levels of abstraction Specification of Safety Congruence Safety analysis of hybrid processes Conclusions. HyPA.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Action and Predicate Safety of Hybrid Processes' - luka


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Action and predicate safety of hybrid processes

Action and Predicate Safety of Hybrid Processes

Pieter Cuijpers

Michel Reniers


Overview
Overview

  • HyPA

  • Process representations

  • Two levels of abstraction

  • Specification of Safety

  • Congruence

  • Safety analysis of hybrid processes

  • Conclusions


HyPA

 termination  deadlockaction discrete action c flow clause (V|Pred) d >> P, b >> P re-initialization clause [V|Pred] P  P alternative composition P  P sequential composition P  P, P  P disrupt P || P, P  P, P  P parallel compositionH(P), Pred(P) encapsulation


Hybrid automaton representation
Hybrid automaton representation

Xici  jJ(i)dj >> actionj Xj

HA iI d’i >> Xi

d1

ci

d2


Constitutive hybrid process repr
Constitutive hybrid process repr.

Xi(jJ(i)dj >> cj)  Xi 

(jJ’(i)bj >> actionj)  Xi

CHP  ||iI Xi


State space representation linear hybrid process definition
State-space representation(Linear hybrid process definition)

XijJ(i)dj >> 

jJ’(i)dj >> actionj Xj

jJ’’(i)dj >> cj Xj

SSR  Xinit


Two levels of abstraction
Two levels of abstraction

  • On the lowest level of abstraction, HyPA is aimed at giving different representations of the same system.

  • At a higher level of abstraction,HyPA can also be used to analyse, for example, safety properties.


Two levels of abstraction1
Two levels of abstraction

Robust Bisimilarity

Initially stateless bisimilarity =

X  Y implies X = Y


Robust bisimilarity
Robust bisimilarity

x  x

x  y y x

x  (y  z) (x y)  z

x      x  x

  x  

x  (y  z) (x y)  z

(x y)  z  (x z)  (y z)

x  y  x  y  y

 x  

 x  

x (y z)  (xy) z

(x y)  z  (xz)  (yz)

d >> (x  y)  (d >> x)  (d >> y)

H(x  y) H(x)  H(y)

etc. etc. etc.


Initially stateless bisimilarity
Initially stateless bisimilarity

d >> action x = d >> action d! >> x

d >> c  x = d >> c  (d D(c))! >> x


Specification of safety
Specification of Safety

Safety for actions X= H(X)

Safety for predicates X= Pred(X)


Congruence
Congruence

X [x|x+ = 0] >> a1 a2

Y [x|x+ = 0] >> a1 [x- = 0] >> a2

Z [x|x+ = 1] >> a3

X =Y

X || Z Y || Z


Predicate safety of a state space repr
Predicate safety of a state-space repr.

When do we have SSR= Pred(SSR) ?


Predicate safety of a state space repr1
Predicate safety of a state-space repr.

Create a re-initialization for every recursion variable, signifying its reachable set.

[true] = Rinit

(Ri dj)!  Rj for all i and all jJ’(i)

(Ri dj D(cj))! Rj for all i and all jJ’’(i)


Predicate safety of a state space repr2
Predicate safety of a state-space repr.

When do we have

Ri >> Xi =Pred(Ri >> Xi),

and especially

SSR  [true] >> Xinit =

Pred([true] >> Xinit)  Pred(SSR) ?


Predicate safety of a state space repr3
Predicate safety of a state-space repr.

Ri >> Xi Ri >> (jJ(i)dj >> 

jJ’(i)dj >> actionj Xj

jJ’’(i)dj >> cj Xj)


Predicate safety of a state space repr4
Predicate safety of a state-space repr.

Ri >> Xi  jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj Xj

jJ’’(i)(Ridj) >> cj Xj


Predicate safety of a state space repr5
Predicate safety of a state-space repr.

Ri >> Xi =jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj (Rj >> Xj)

jJ’’(i)(Ridj) >> cj (Rj >> Xj)


Predicate safety of a state space repr6
Predicate safety of a state-space repr.

Pred(Ri >> Xi)  Pred (Ri >> (jJ(i)dj >> 

jJ’(i)dj >> actionj Xj

jJ’’(i)dj >> cj Xj))


Predicate safety of a state space repr7
Predicate safety of a state-space repr.

Pred(Ri >> Xi)  Pred (jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj Xj

jJ’’(i)(Ridj) >> cj Xj)


Predicate safety of a state space repr8
Predicate safety of a state-space repr.

Pred(Ri >> Xi) = Pred (jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj (Rj >> Xj)

jJ’’(i)(Ridj) >> cj (Rj >> Xj))


Predicate safety of a state space repr9
Predicate safety of a state-space repr.

Pred(Ri >> Xi) = jJ(i)Pred ((Ridj) >>  )

jJ’(i)Pred ((Ridj) >> actionj )

Pred (Rj >> Xj )

jJ’’(i)Pred ((Ridj) >> cj ) Pred (Rj >> Xj )


Predicate safety of a state space repr10
Predicate safety of a state-space repr.

Assuming safety of the following processes:

Pred ((Ridj) >>  ) = (Ridj) >> 

Pred ((Ridj) >> actionj ) = (Ridj) >> actionj

Pred ((Ridj) >> cj ) = (Ridj) >> cj


Predicate safety of a state space repr11
Predicate safety of a state-space repr.

Assuming safety of the following processes:

Pred ((Ridj) >> actionj ) = (Ridj) >> actionj

Pred ((Ridj) >> cj ) = (Ridj) >> cj


Predicate safety of a state space repr12
Predicate safety of a state-space repr.

Pred(Ri >> Xi) = jJ(i)(Ridj) >>  

jJ’(i)(Ridj) >> actionj  Pred (Rj >> Xj )

jJ’’(i)(Ridj) >> cj  Pred (Rj >> Xj )


Predicate safety of a state space repr13
Predicate safety of a state-space repr.

So Ri >> Xi and Pred(Ri >> Xi) are both solutions of the state space definition:

Yi = jJ(i)(Ridj) >>  

jJ’(i)(Ridj) >> actionj  Pred (Yi)

jJ’’(i)(Ridj) >> cj  Pred (Yi )


Predicate safety of a state space repr14
Predicate safety of a state-space repr.

Thus Ri >> Xi = Pred(Ri >> Xi) and hence

SSR = Pred(SSR).


Conclusions
Conclusions

  • Different model representations.

  • Analysis at the cost of congruence ||

  • Safety of state space representations depends on safety of sub-processes.

  • Termination of analysis method is a problem

  • Calculation of reachable sets is a problem


Future research
Future research

  • For CHP we have congruence ||

  • Termination using predicate abstraction

  • Calculation/approximation of reachable sets

  • Algebraic specification of other properties


ad