Action and predicate safety of hybrid processes
This presentation is the property of its rightful owner.
Sponsored Links
1 / 29

Action and Predicate Safety of Hybrid Processes PowerPoint PPT Presentation


  • 60 Views
  • Uploaded on
  • Presentation posted in: General

Action and Predicate Safety of Hybrid Processes. Pieter Cuijpers Michel Reniers. Overview. HyPA Process representations Two levels of abstraction Specification of Safety Congruence Safety analysis of hybrid processes Conclusions. HyPA.

Download Presentation

Action and Predicate Safety of Hybrid Processes

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Action and predicate safety of hybrid processes

Action and Predicate Safety of Hybrid Processes

Pieter Cuijpers

Michel Reniers


Overview

Overview

  • HyPA

  • Process representations

  • Two levels of abstraction

  • Specification of Safety

  • Congruence

  • Safety analysis of hybrid processes

  • Conclusions


Action and predicate safety of hybrid processes

HyPA

terminationdeadlockactiondiscrete actioncflow clause (V|Pred) d >> P, b >> Pre-initialization clause [V|Pred] P  Palternative compositionP  Psequential compositionP  P, P  PdisruptP || P, P  P, P  Pparallel compositionH(P), Pred(P)encapsulation


Hybrid automaton representation

Hybrid automaton representation

Xici  jJ(i)dj >> actionj Xj

HAiI d’i >> Xi

d1

ci

d2


Constitutive hybrid process repr

Constitutive hybrid process repr.

Xi(jJ(i)dj >> cj)  Xi 

(jJ’(i)bj >> actionj)  Xi

CHP||iI Xi


State space representation linear hybrid process definition

State-space representation(Linear hybrid process definition)

XijJ(i)dj >> 

jJ’(i)dj >> actionj Xj

jJ’’(i)dj >> cj Xj

SSR Xinit


Two levels of abstraction

Two levels of abstraction

  • On the lowest level of abstraction, HyPA is aimed at giving different representations of the same system.

  • At a higher level of abstraction,HyPA can also be used to analyse, for example, safety properties.


Two levels of abstraction1

Two levels of abstraction

Robust Bisimilarity

Initially stateless bisimilarity=

X  Y implies X = Y


Robust bisimilarity

Robust bisimilarity

x  x

x  y y x

x  (y  z) (x y)  z

x      x  x

  x  

x  (y  z) (x y)  z

(x y)  z (x z)  (y z)

x  y  x  y  y

 x  

 x  

x (y z) (xy) z

(x y)  z (xz)  (yz)

d >> (x  y)(d >> x)  (d >> y)

H(x  y)H(x)  H(y)

etc. etc. etc.


Initially stateless bisimilarity

Initially stateless bisimilarity

d >> action x=d >> action d! >> x

d >> c  x=d >> c  (d D(c))! >> x


Specification of safety

Specification of Safety

Safety for actionsX= H(X)

Safety for predicatesX= Pred(X)


Congruence

Congruence

X[x|x+ = 0] >> a1 a2

Y[x|x+ = 0] >> a1 [x- = 0] >> a2

Z[x|x+ = 1] >> a3

X=Y

X || ZY || Z


Predicate safety of a state space repr

Predicate safety of a state-space repr.

When do we have SSR= Pred(SSR) ?


Predicate safety of a state space repr1

Predicate safety of a state-space repr.

Create a re-initialization for every recursion variable, signifying its reachable set.

[true]=Rinit

(Ri dj)!Rj for all i and all jJ’(i)

(Ri dj D(cj))!Rj for all i and all jJ’’(i)


Predicate safety of a state space repr2

Predicate safety of a state-space repr.

When do we have

Ri >> Xi =Pred(Ri >> Xi),

and especially

SSR  [true] >> Xinit =

Pred([true] >> Xinit)  Pred(SSR) ?


Predicate safety of a state space repr3

Predicate safety of a state-space repr.

Ri >> Xi Ri >> (jJ(i)dj >> 

jJ’(i)dj >> actionj Xj

jJ’’(i)dj >> cj Xj)


Predicate safety of a state space repr4

Predicate safety of a state-space repr.

Ri >> Xi  jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj Xj

jJ’’(i)(Ridj) >> cj Xj


Predicate safety of a state space repr5

Predicate safety of a state-space repr.

Ri >> Xi =jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj (Rj >> Xj)

jJ’’(i)(Ridj) >> cj (Rj >> Xj)


Predicate safety of a state space repr6

Predicate safety of a state-space repr.

Pred(Ri >> Xi)Pred (Ri >> (jJ(i)dj >> 

jJ’(i)dj >> actionj Xj

jJ’’(i)dj >> cj Xj))


Predicate safety of a state space repr7

Predicate safety of a state-space repr.

Pred(Ri >> Xi)Pred (jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj Xj

jJ’’(i)(Ridj) >> cj Xj)


Predicate safety of a state space repr8

Predicate safety of a state-space repr.

Pred(Ri >> Xi)=Pred (jJ(i)(Ridj) >> 

jJ’(i)(Ridj) >> actionj (Rj >> Xj)

jJ’’(i)(Ridj) >> cj (Rj >> Xj))


Predicate safety of a state space repr9

Predicate safety of a state-space repr.

Pred(Ri >> Xi)=jJ(i)Pred ((Ridj) >>  )

jJ’(i)Pred ((Ridj) >> actionj )

Pred (Rj >> Xj )

jJ’’(i)Pred ((Ridj) >> cj ) Pred (Rj >> Xj )


Predicate safety of a state space repr10

Predicate safety of a state-space repr.

Assuming safety of the following processes:

Pred ((Ridj) >>  )=(Ridj) >> 

Pred ((Ridj) >> actionj )=(Ridj) >> actionj

Pred ((Ridj) >> cj )=(Ridj) >> cj


Predicate safety of a state space repr11

Predicate safety of a state-space repr.

Assuming safety of the following processes:

Pred ((Ridj) >> actionj )=(Ridj) >> actionj

Pred ((Ridj) >> cj )=(Ridj) >> cj


Predicate safety of a state space repr12

Predicate safety of a state-space repr.

Pred(Ri >> Xi)=jJ(i)(Ridj) >>  

jJ’(i)(Ridj) >> actionj  Pred (Rj >> Xj )

jJ’’(i)(Ridj) >> cj  Pred (Rj >> Xj )


Predicate safety of a state space repr13

Predicate safety of a state-space repr.

So Ri >> Xi and Pred(Ri >> Xi) are both solutions of the state space definition:

Yi = jJ(i)(Ridj) >>  

jJ’(i)(Ridj) >> actionj  Pred (Yi)

jJ’’(i)(Ridj) >> cj  Pred (Yi )


Predicate safety of a state space repr14

Predicate safety of a state-space repr.

Thus Ri >> Xi = Pred(Ri >> Xi) and hence

SSR = Pred(SSR).


Conclusions

Conclusions

  • Different model representations.

  • Analysis at the cost of congruence ||

  • Safety of state space representations depends on safety of sub-processes.

  • Termination of analysis method is a problem

  • Calculation of reachable sets is a problem


Future research

Future research

  • For CHP we have congruence ||

  • Termination using predicate abstraction

  • Calculation/approximation of reachable sets

  • Algebraic specification of other properties


  • Login