Barbara jobstmann roderick bloem graz university of technology austria 15 november 2006
This presentation is the property of its rightful owner.
Sponsored Links
1 / 26

Optimizations for LTL Synthesis PowerPoint PPT Presentation


  • 48 Views
  • Uploaded on
  • Presentation posted in: General

Barbara Jobstmann Roderick Bloem Graz University of Technology, Austria 15 November 2006. Optimizations for LTL Synthesis. Motivation. Synthesis from specification Correct by construction - no verification You say what, it says how Theory well established

Download Presentation

Optimizations for LTL Synthesis

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Barbara jobstmann roderick bloem graz university of technology austria 15 november 2006

Barbara Jobstmann

Roderick Bloem

Graz University of Technology, Austria

15 November 2006

Optimizations for LTL Synthesis


Motivation

Motivation

  • Synthesis from specification

  • Correct by construction - no verification

  • You say what, it says how

  • Theory well established

    • Long history: Church (early 60’s)

    • Theory: Rabin, Ramadge/Woham, Pnueli/Rosner

  • What has changed since then?


Outline

Outline

  • Introduction

  • Approaches and optimizations for LTL synthesis

  • Lily

  • Conclusion


Ltl synthesis

LTL Synthesis

  • Automatically build design from specification

  • Input

    • Set of LTL formulae, e.g. G(s1→ ¬s2), (s1 U s2),…

    • Partition of the atomic propositions (input/output signals)Reactive systems: Some signals controlled by system others not

  • Output

    • Automatically created functionally correct finite-state machine (Moore)

  • Proposed for LTL by Pnueli, Rosner (POPL'89)

  • Difference between monitoring and synthesis

    • Monitoring: build passive system (nondeterministic)

    • Synthesis: build reactive system (deterministic)


Key observation

Tree (regular)

r=1,r=0 ....directions D

a=1,a=0 ..alphabet Σ (labeling)

Key Observation

  • Moore machine

    • Input signal r, output signal a

    • r=1,r=0 ....input alphabet

    • a=1,a=0 ..output alphabet

Σ-labeled D-tree


Optimizations for ltl synthesis

Idea

  • Build a tree automaton

    • Accepts all trees representing moore machines that fulfill spec φ

    • Directions are input values (D=2I, input signals I)

    • Alphabet are output values (Σ=2O, output signals O)

    • Automaton accepts all Σ-labeled D-trees where all paths satisfy the given formula φ

  • Compute language emptiness

  • Build FSM from the witness (a Σ-labeled D-tree)


Necessary theory

Necessary Theory

  • Infinite game theory

  • Automata theory

    • Branching mode (Deterministic, Nondeterministic, Universal, Alternating)

    • Acceptance condition (Büchi, Co-Büchi, Weak, ..)

    • Input element (Word,Tree)

    • Use of KV's abbreviation (e.g.,NBW,UCT,...)


Alternating word automata

Alternating Word Automata

  • N+U branching (edges we can follow and edges we must follow)

  • Notation:

    • Circles represent states

    • Boxes represent universal edges

    • Edges are labeled with sets of labels


Tree automata

Tree Automata

Universal edges:

Foreach direction,

follow only

the matching edges


Optimizations for ltl synthesis

Universal and tree branching


Safraful approach pr89

φ

Build NBW

NBW

Build DRW

DRW

+i/o

Build DRT

DRT

Lang. Emp.

FSM

Safraful Approach [PR89]

  • Build an NBW for φ

  • Convert to DRW

    • Safra's determinizations algorithm

  • Split alphabet into I/O DRT

  • Check Language Emptiness

    • Build transducer (fsm)


Issues

φ

Build NBW

NBW

Build DRW

DRW

+i/o

Build DRT

DRT

Lang. Emp.

FSM

Issues

exp

blow-up

  • 2EXP worst case complexity

  • Safra's determinization construction

exp

blow-up


Solutions

Solutions

  • Concentrate on subsets of LTL

    • Alur, Madhusudan, Nam (BMC'03, STTT'05)

    • Wallmeier, Hütter, Thomas (CIAA'03)

    • Harding, Ryan, Schobbens (TACAS'05)

    • Piterman, Pnueli, Sa'ar (VMCAI'06)

  • Full LTL (Safraless approach)

    • Kupferman, Vardi (FOCS'05)

    • Kupferman, Piterman, Vardi (CAV'06)


Safraless approach kv05

φ+i/o

Build UCT

UCT

Build AWT

AWT

Build NBT

NBT

Lang. Emp.

FSM

Safraless Approach [KV05]

  • Build a UCT

    • Negate φ

    • Build an NBW for ¬φ

    • Invert NBW → UCT

  • Convert to AWT

  • Convert to NBT

  • Check Language Emptiness

L(UCT) = Ltree(φ)

L(AWT)  LT(φ)

LT(φ)   L(AWT)  

L(NBT)  LT(φ)

LT(φ)   L(NBT)  


List of optimizations

φ+i/o

Build UCT

UCT

Build AWT

AWT

Build NBT

NBT

Lang. Emp.

FSM

List of Optimizations

  • Game-based Heuristic language emptiness

  • Simulation-basedcf. Alur, Henzinger, Kupferman, Vardi (CONCUR’98)cf. Fritz, Wilke (FSTTCS’02)

  • Simplify KV-constructionsBuild AWT, Build NBTcf. Gurumurthy, Kupferman, Somenzi, Vardi (CHARME’05)

  • Process steps incrementalCombine steps


Game based optimization

φ+i/o

Build UCT

UCT

Build AWT

AWT

Build NBT

NBT

Lang. Emp.

FSM

Game-based Optimization

  • Heuristic language emptiness

  • Alternating Tree Automaton

  • Idea

    • Find states with empty language (accept no tree)

    • Runs with non-accepting path are rejected

    • Environment can force a non-accepting path

    • Sufficient (but not necessary) for language emptiness


Game based optimization1

Game-based Optimization

  • Game

    • System picks the label and the nondeterminism

    • Environment picks direction and universality

  • State s is winning for environment → LT(s) empty


Example 1

Example (1)

  • φ=GF timer → G(light → light U timer)

  • UCT with co-Büchi state (n3)


Example 2

Example (2)

  • Game:

    • Systems aims to avoid infinitely many visits to n3

    • Environment aims to force those visits

    • Co-Büchi game

φ=GF timer → G(light → light U timer)

weak automaton


List of optimizations1

φ+i/o

Build UCT

UCT

Build AWT

AWT

Build NBT

NBT

Lang. Emp.

FSM

List of Optimizations

  • Game-based Heuristic language emptiness

  • Simulation-basedcf. Alur, Henzinger, Kupferman, Vardi (CONCUR’98)cf. Fritz, Wilke (FSTTCS’02)

  • Simplify KV-constructionsBuild AWT, Build NBTcf. Gurumurthy, Kupferman, Somenzi, Vardi (CHARME’05)

  • Process steps incrementalCombine steps


Lily linear logic synthesizer

Lily - Linear Logic sYnthesizer

  • First tool to offer synthesis for full LTL

  • Based on Fabio Somenzi's Wring

  • Implements KV05 and all mentioned optimizations

  • http://www.ist.tugraz.at/staff/jobstmann/lily/


Ltl specification traffic light

hl

fl

hl

sensor(ec)

LTL Specification: Traffic Light

.inputs timer car

.outputs fl hl

G(F(timer=1)) -> (

G(fl=1 -> (fl=1 U timer=1))

G(hl=1 -> (hl=1 U timer=1))

G(car=1 -> F(fl=1))

G(F(hl=1))

G(!(hl=1 * fl=1)))


Generated system traffic light

Generated System: Traffic Light

module traffic(hl,fl,clk,car,timer);

input clk,car,timer;

outputfl,hl;

wire clk,fl,hl,car,timer;

reg state;

assignhl = (state == 0);

assignfl = (state == 1);

initial state=0;

always @(posedge clk) begin

case(state)

0: begin

if (timer==0) state = 0;

if (timer==1 && car==1) state = 1;

if (car==0) state=0;

end

1: begin

if (timer==1) state = 0;

if (timer==0) state = 1;

end

endcase

end

endmodule //traffic


Conclusion

Conclusion

  • First implementation of synthesis for full LTL

  • Optimizations are enabling factor

  • Our examples are small but useful for property debugging (or learning LTL)

  • Future


Thank you for your attention

Thank you for your attention!


  • Login