Timed automata
This presentation is the property of its rightful owner.
Sponsored Links
1 / 49

Timed Automata PowerPoint PPT Presentation


  • 97 Views
  • Uploaded on
  • Presentation posted in: General

Timed Automata. Timed Automata Intelligent Light Control. press?. Off. Light. Bright. press?. Press?. Press?. WANT: if press is issued twice quickly then the light will get brighter ; otherwise the light is turned off. Timed Automata Intelligent Light Control. press?. X<=3.

Download Presentation

Timed Automata

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Timed automata

Timed Automata


Timed automata intelligent light control

Timed AutomataIntelligent Light Control

press?

Off

Light

Bright

press?

Press?

Press?

WANT: if press is issued twice quickly

then the light will get brighter; otherwise the light is

turned off.


Timed automata intelligent light control1

Timed AutomataIntelligent Light Control

press?

X<=3

Off

Light

Bright

X:=0

press?

Press?

Press?

X>3

Solution: Add real-valued clock x


Timed automata1

Timed Automata

(Alur & Dill 1990)

Clocks:x, y

Guard

Boolean combination of comp with

integer bounds

n

Reset

Action perfumed on clocks

Action

used

for synchronization

x<=5 & y>3

State

(location , x=v , y=u ) where v,u are in R

a

Transitions

x := 0

a

(n , x=2.4 , y=3.1415 )

(m , x=0 , y=3.1415 )

m

e(1.1)

(n , x=2.4 , y=3.1415 )

(n , x=3.5 , y=4.2415 )


Timed safety automata timed automata invariants

Timed Safety Automata = Timed Automata + Invariants

(Henzinger et al, 1992)

n

Clocks:x, y

x<=5

Transitions

x<=5 & y>3

e(3.2)

Location

Invariants

(n , x=2.4 , y=3.1415 )

a

e(1.1)

(n , x=2.4 , y=3.1415 )

(n , x=3.5 , y=4.2415 )

x := 0

m

y<=10

g4

g1

Invariants ensure progress!!

g3

g2


Clock constraints

Clock Constraints


Timed safety automata

Timed (Safety) Automata


Timed automata example

Timed Automata: Example

guard

location

reset


Timed automata example1

Timed Automata: Example

guard

location

reset


Timed automata example2

Timed Automata: Example


Timed automata example3

Timed Automata: Example


Timed automata example4

Timed Automata: Example


Timed automata example5

Timed Automata: Example


Light switch

Light Switch

push

push

click


Light switch1

Switch may be turned on whenever at least 2 time units has elapsed since last “turn off”

Light Switch

push

push

click


Light switch2

Switch may be turned on whenever at least 2 time units has elapsed since last “turn off”

Light automatically switches off after 9 time units.

Light Switch

push

push

click


Semantics

Semantics

  • clock valuations:

  • state:

  • Semantics of timed automata is a labeledtransition systemwhere

  • action transition

  • delay Transition

g a r

l

l’


Semantics example

Semantics: Example

push

push

click


Networks of timed automata integer variables arrays

Networks of Timed Automata + Integer Variables + arrays ….

m1

l1

x>=2

i==3

y<=4

………….

Two-way synchronization

on complementary actions.

Closed Systems!

a!

a?

x := 0

i:=i+4

l2

m2

Example transitions

(l1, m1,………, x=2, y=3.5, i=3,…..) (l2,m2,……..,x=0, y=3.5, i=7,…..)

(l1,m1,………,x=2.2, y=3.7, I=3,…..)

tau

0.2

IfaURGENT CHANNEL


Timed automata2

Timed Systems

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller


Timed automata3

Timed Systems

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

time


Timed automata4

Timed Systems

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

z <= 3

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

approach

time


Timed automata5

Timed Systems

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

y <= 1

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

approach

lower

time

z <= 3


Timed automata6

Timed Systems

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

x = 2.1

y = 0.9

z = 2.1

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

approach

lower

enter

time

x > 2 x <= 5


Timed ctl

Timed CTL


Tctl ctl time

TCTL = CTL + Time

constraints over formula clocks and automata clocks

“freeze operator” introduces new formula clock z

E[ f U f ], A[ f U f ] - like in CTL

No EX f


Derived operators

Derived Operators

=

Along any path f holds continuously until within 7 time units

y becomes valid.

=

The property f may becomes valid within 5 time units.


Light switch cont

Light Switch (cont)

push

push

click


Timeliness properties

Timeliness Properties

receive(m) always occurs within 5 time units after send(m)

receive(m) may occur exactly 11 time units after send(m)

putbox occurs periodically (exactly) every 25 time units

(note: other putbox’s may occur in between)


Fischer s protocol a simple mutex algorithm

Fischer’s ProtocolA simple MUTEX Algorithm

2

  • ´

V

Criticial Section

Init

V=1

V:=1

V=1

A1

CS1

B1

V:=2

V=2

CS2

B2

A2


Fischer s protocol a simple mutex algorithm1

Fischer’s ProtocolA simple MUTEX Algorithm

2

  • ´

V

Criticial Section

X<1

X:=0

X>1

Init

V=1

V:=1

V=1

A1

CS1

B1

Y>1

Y<1

Y:=0

V:=2

V=2

CS2

B2

A2


Paths

Paths

push

Example:

push

click


Elapsed time in path

Elapsed time in path

Example:

s=

D(s,1)=3.5, D(s,6)=3.5+9=12.5


Tctl semantics

TCTL Semantics

s - (location, clock valuation)

w - formula clock valuation

PM(s) - set of paths from s

Pos(s) - positions in s

D(s,i) - elapsed time

¥

(i,d) <<(i’,d’) iff (i<j) or ((i=j) and (d<d’))


Region automata model checking

Region AutomataModel Checking


Infinite state space

Infinite State Space?


Regions finite partitioning of state space

RegionsFinite partitioning of state space

”Definition”

y

2

1

1

2

3

x


Regions finite partitioning of state space1

RegionsFinite partitioning of state space

”Definition”

y

2

1

1

2

3

x

max determined

by timed automata

(and formula)


Regions finite partitioning of state space2

RegionsFinite partitioning of state space

Alternative

to JPK

Definition

y

2

1

1

2

3

x

max determined

by timed automata

(and formula)


Regions finite partitioning of state space3

RegionsFinite partitioning of state space

Definition

y

2

1

1

2

3

x

An equivalence class (i.e. a region)

in fact there is only a finite number of regions!!


Regions finite partitioning of state space4

RegionsFinite partitioning of state space

Definition

y

2

1

r

Successor regions, Succ(r)

1

2

3

x

An equivalence class (i.e. a region)


Regions finite partitioning of state space5

RegionsFinite partitioning of state space

Definition

y

2

1

THEOREM

r

{x}r

{y}r

1

2

3

x

Reset

regions

An equivalence class (i.e. a region) r


Region graph of a simple timed automata

Region graph of a simple timed automata


Fischers again

X<1

X:=0

X>1

V:=1

V=1

A1

CS1

B1

Y>1

Y<1

Y:=0

V:=2

V=2

CS2

B2

A2

Fischers again

Untimed case

Timed case

Partial

Region Graph

A1,A2,v=1

A1,A2,v=1

x=y=0

A1,A2,v=1

0 <x=y <1

A1,A2,v=1

x=y=1

A1,A2,v=1

1 <x,y

A1,B2,v=2

A1,B2,v=2

0 <x<1

y=0

A1,B2,v=2

0 <y < x<1

A1,B2,v=2

0 <y < x=1

y=0

A1,B2,v=2

0 <y<1

1 <x

A1,CS2,v=2

A1,B2,v=2

1 <x,y

A1,B2,v=2

y=1

1 <x

B1,CS2,v=1

A1,CS2,v=2

1 <x,y

CS1,CS2,v=1

No further behaviour possible!!


Modified light switch

Modified light switch


Timed automata

Reachable part

of region graph

Properties


Roughly speaking

Roughly speaking....

Model checking a timed automata

against a TCTL-formula amounts to

model checking its region graph

against a CTL-formula


Problem to be solved

Problem to be solved

Model Checking TCTL is PSPACE-hard


Timed automata

END


  • Login