1 / 49

# Timed Automata - PowerPoint PPT Presentation

Timed Automata. Timed Automata Intelligent Light Control. press?. Off. Light. Bright. press?. Press?. Press?. WANT: if press is issued twice quickly then the light will get brighter ; otherwise the light is turned off. Timed Automata Intelligent Light Control. press?. X<=3.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about ' Timed Automata' - palti

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

### Timed Automata

Timed AutomataIntelligent Light Control

press?

Off

Light

Bright

press?

Press?

Press?

WANT: if press is issued twice quickly

then the light will get brighter; otherwise the light is

turned off.

Timed AutomataIntelligent Light Control

press?

X<=3

Off

Light

Bright

X:=0

press?

Press?

Press?

X>3

(Alur & Dill 1990)

Clocks:x, y

Guard

Boolean combination of comp with

integer bounds

n

Reset

Action perfumed on clocks

Action

used

for synchronization

x<=5 & y>3

State

(location , x=v , y=u ) where v,u are in R

a

Transitions

x := 0

a

(n , x=2.4 , y=3.1415 )

(m , x=0 , y=3.1415 )

m

e(1.1)

(n , x=2.4 , y=3.1415 )

(n , x=3.5 , y=4.2415 )

Timed Safety Automata = Timed Automata + Invariants

(Henzinger et al, 1992)

n

Clocks:x, y

x<=5

Transitions

x<=5 & y>3

e(3.2)

Location

Invariants

(n , x=2.4 , y=3.1415 )

a

e(1.1)

(n , x=2.4 , y=3.1415 )

(n , x=3.5 , y=4.2415 )

x := 0

m

y<=10

g4

g1

Invariants ensure progress!!

g3

g2

guard

location

reset

guard

location

reset

push

push

click

Switch may be turned on whenever at least 2 time units has elapsed since last “turn off”

Light Switch

push

push

click

Switch may be turned on whenever at least 2 time units has elapsed since last “turn off”

Light automatically switches off after 9 time units.

Light Switch

push

push

click

Semantics elapsed since last “turn off”

• clock valuations:

• state:

• Semantics of timed automata is a labeledtransition systemwhere

• action transition

• delay Transition

g a r

l

l’

Semantics: Example elapsed since last “turn off”

push

push

click

Networks of Timed Automata elapsed since last “turn off” + Integer Variables + arrays ….

m1

l1

x>=2

i==3

y<=4

………….

Two-way synchronization

on complementary actions.

Closed Systems!

a!

a?

x := 0

i:=i+4

l2

m2

Example transitions

(l1, m1,………, x=2, y=3.5, i=3,…..) (l2,m2,……..,x=0, y=3.5, i=7,…..)

(l1,m1,………,x=2.2, y=3.7, I=3,…..)

tau

0.2

IfaURGENT CHANNEL

Timed Systems elapsed since last “turn off”

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

Timed Systems elapsed since last “turn off”

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

time

Timed Systems elapsed since last “turn off”

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

z <= 3

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

approach

time

Timed Systems elapsed since last “turn off”

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

y <= 1

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

approach

lower

time

z <= 3

Timed Systems elapsed since last “turn off”

up

lower

y <= 1

y := 0

y >= 1

raise

approach

y <= 2

y := 0

z <= 3

down

z := 0

lower

raise

exit

z <= 1

z := 0

x = 2.1

y = 0.9

z = 2.1

Timed Automata

approach

far

near

x >= 1

x <= 5

x := 0

exit

enter

x := 0

x > 2

in

Train

Gate

Controller

approach

lower

enter

time

x > 2 x <= 5

### Timed CTL elapsed since last “turn off”

TCTL = CTL + Time elapsed since last “turn off”

constraints over formula clocks and automata clocks

“freeze operator” introduces new formula clock z

E[ f U f ], A[ f U f ] - like in CTL

No EX f

Derived Operators elapsed since last “turn off”

=

Along any path f holds continuously until within 7 time units

y becomes valid.

=

The property f may becomes valid within 5 time units.

Light Switch (cont) elapsed since last “turn off”

push

push

click

Timeliness Properties elapsed since last “turn off”

receive(m) always occurs within 5 time units after send(m)

receive(m) may occur exactly 11 time units after send(m)

putbox occurs periodically (exactly) every 25 time units

(note: other putbox’s may occur in between)

Fischer’s Protocol elapsed since last “turn off”A simple MUTEX Algorithm

2

• ´

V

Criticial Section

Init

V=1

V:=1

V=1

A1

CS1

B1

V:=2

V=2

CS2

B2

A2

Fischer’s Protocol elapsed since last “turn off”A simple MUTEX Algorithm

2

• ´

V

Criticial Section

X<1

X:=0

X>1

Init

V=1

V:=1

V=1

A1

CS1

B1

Y>1

Y<1

Y:=0

V:=2

V=2

CS2

B2

A2

Paths elapsed since last “turn off”

push

Example:

push

click

Elapsed time in path elapsed since last “turn off”

Example:

s=

D(s,1)=3.5, D(s,6)=3.5+9=12.5

TCTL Semantics elapsed since last “turn off”

s - (location, clock valuation)

w - formula clock valuation

PM(s) - set of paths from s

Pos(s) - positions in s

D(s,i) - elapsed time

¥

(i,d) <<(i’,d’) iff (i<j) or ((i=j) and (d<d’))

### Region Automata elapsed since last “turn off”Model Checking

Infinite State Space? elapsed since last “turn off”

Regions elapsed since last “turn off”Finite partitioning of state space

”Definition”

y

2

1

1

2

3

x

Regions elapsed since last “turn off”Finite partitioning of state space

”Definition”

y

2

1

1

2

3

x

max determined

by timed automata

(and formula)

Regions elapsed since last “turn off”Finite partitioning of state space

Alternative

to JPK

Definition

y

2

1

1

2

3

x

max determined

by timed automata

(and formula)

Regions elapsed since last “turn off”Finite partitioning of state space

Definition

y

2

1

1

2

3

x

An equivalence class (i.e. a region)

in fact there is only a finite number of regions!!

Regions elapsed since last “turn off”Finite partitioning of state space

Definition

y

2

1

r

Successor regions, Succ(r)

1

2

3

x

An equivalence class (i.e. a region)

Regions elapsed since last “turn off”Finite partitioning of state space

Definition

y

2

1

THEOREM

r

{x}r

{y}r

1

2

3

x

Reset

regions

An equivalence class (i.e. a region) r

Region graph of elapsed since last “turn off”a simple timed automata

X<1 elapsed since last “turn off”

X:=0

X>1

V:=1

V=1

A1

CS1

B1

Y>1

Y<1

Y:=0

V:=2

V=2

CS2

B2

A2

Fischers again

Untimed case

Timed case

Partial

Region Graph

A1,A2,v=1

A1,A2,v=1

x=y=0

A1,A2,v=1

0 <x=y <1

A1,A2,v=1

x=y=1

A1,A2,v=1

1 <x,y

A1,B2,v=2

A1,B2,v=2

0 <x<1

y=0

A1,B2,v=2

0 <y < x<1

A1,B2,v=2

0 <y < x=1

y=0

A1,B2,v=2

0 <y<1

1 <x

A1,CS2,v=2

A1,B2,v=2

1 <x,y

A1,B2,v=2

y=1

1 <x

B1,CS2,v=1

A1,CS2,v=2

1 <x,y

CS1,CS2,v=1

No further behaviour possible!!

Modified light switch elapsed since last “turn off”

Reachable part elapsed since last “turn off”

of region graph

Properties

Roughly speaking.... elapsed since last “turn off”

Model checking a timed automata

against a TCTL-formula amounts to

model checking its region graph

against a CTL-formula

Problem to be solved elapsed since last “turn off”

Model Checking TCTL is PSPACE-hard