xctl explicit clock temporal logic l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
XCTL (Explicit Clock Temporal Logic) PowerPoint Presentation
Download Presentation
XCTL (Explicit Clock Temporal Logic)

Loading in 2 Seconds...

play fullscreen
1 / 28

XCTL (Explicit Clock Temporal Logic) - PowerPoint PPT Presentation


  • 488 Views
  • Uploaded on

XCTL (Explicit Clock Temporal Logic) Real-Time Extension for LTL Qualitative properties responsiveness: “Every stimulus p must be eventually followed by a system response q” invariance: “The system constantly emits signal q” Quantitative properties

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'XCTL (Explicit Clock Temporal Logic)' - benjamin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
xctl explicit clock temporal logic

XCTL(Explicit Clock Temporal Logic)

Real-Time Extension for LTL

qualitative properties
Qualitative properties
  • responsiveness:

“Every stimulus p must be eventually

followed by a system response q”

  • invariance:

“The system constantly emits signal q”

quantitative properties
Quantitative properties
  • bounded responsiveness:

“Every stimulus p must be followed by a

system response q within t time units”

  • bounded invariant:

“The system emits signal q for 2 seconds”

approaches to time quantification
Approaches to Time Quantification

First order monadic logic

t. p(t) s. q(s)  st  s  t+3

Current time variable:

x. □((pT=x  ◊(q  T x+3))

Bounded operators:

□(p  ◊[0,3]q)

Freeze quantification:

□x.(p  ◊y.(q  y x+3))

xctl syntax
XCTL: Syntax

Vocabulary:

  • Propositions: p, q,…
  • Timing elements:
    • Time Constants: C = {a, b, c,…}
    • Timing variables: V = {x, y,…}
    • Clock variable: T

Atomic formulae

  • Propositions
  • a + x  T, a + x  c where: aNat.,{, , }

Formulae:

        • Atomic formulae
        • p, pq, Op, pUq
examples
Examples
  • Atomic time expressions:

xT, Ty5, x>3

  • ((p(xT)) (q(Tx5)))
xctl model semantics
XCTL Model & Semantics

Model for a formula [P,V]*:

(0,t0), (1,t1), (2,t2)… where i2P, tiInt

s.t.

  • For all i, titi+1
  • nInt j s.t. tjn.

Semantics:

j |= a+x  T iff a+x  tj for every  : {x} Int.

j |= a+x  c iff a+x  c for every  : {x} Int.

A model  satisfies a formula [P,V] iff

0 |=  for every  : V Int.

* P- set of propositions, V- set of time variables in 

example
Example

A model for: ((p(xT)) (q(Tx5)))

railroad crossing in xctl assertions
Railroad Crossing in XCTL: Assertions
  • 40 seconds minimal delay between trains.

Tin  O1,39Tin

Tin (x=T) O(Tin  (x40T))

  • It takes a train 6 seconds to arrive at the signal.

Tin  O6(AtSignal)

Tin(x=T) (AtSignal(x+6=T))

railroad crossing in xctl assertions10
Railroad Crossing in XCTL: Assertions
  • Trains exit XR within 15 to 25 seconds after passing the signal.

(AtSignalTwait)  (TwaitPass)O15,25Tout

((AtSignalTwait)  (TwaitPass)x=T)

(Tout (x+15T)(x+25T))

railroad crossing in xctl requirements
Railroad Crossing in XCTL: Requirements
  • Every train that arrives at the signal is allowed to continue beyond the signal within 10 seconds.

AtSignal  O0,10(Twait)

AtSignal  (x=T) (Twait  (x+10T))

  • The gate is open whenever the crossing is empty for more than 10 seconds.

O0,10(Tcr0)  O10(Open)

(x=T)  Tcr0U(x+10=T) (Open  (x+10=T))

xctl closure
XCTL Closure

CL() - is the minimal set that satisfies:

  • CL(), tt, O(tt)CL()
  • CL() CL()
  • UCL() , , O(U)CL()
  • OCL() CL()
  • Timing formulae (next slide)
slide13

Closure Timing Formulae

  • Let {a+x}, {c,T}, {, , }
  •  CL() , , CL()
  •  T CL()  O( T), ( T)CL()

Also, the “difference table”:

|CL()| <3||2

example cl p t 5
Example: Cl((p  (T5)))

9.        (p(T=5),

10.        O(p(T=5),

11.        T5,

12.        T5,

13.        O(T5),

14.        (T5)

15.        (T5), (T5)

16. tt, ff, Ott

  1.        (p  (T5)),

  2.        (p  (T5)),

  3.        O(p  (T5)),

4.        p,

  5.        T=5,

  6.        p,

7.        (T=5),

  8.        (p(T=5)),

atoms
Atoms

A set ACL() such that:

  • tt, O(tt) A (guarantees infinite models)
  • for every CL(), A  A
  • for every CL(), A A or A
  • for every UCL(), UA A or ,O(U)A
  • for every CL() precisely one of , , A
  • TA  O(T)A
  • TA (T)A
  • The difference table w.r.t. A
  • The set of constraints in A, C(A), is consistent (a solution to a linear system).
timed next relation
Timed Next Relation

OA B

(A,B)X  c A c B

=TA =TB or TB

example cl p t 5 atoms18
Example: Cl((p  (T5))) Atoms

Atom#1

(p  (T5)),

O(p  (T5)),

T5,

(T5)

Atom#2

(p  (T5)),

(p  (T5)),

p,

T=5,

(T5)

Atom#3

T5,

O(T5),

graph construction

Atom#1

Atom#2

Atom#3

Graph Construction

G()(At,X)

where At is the set of all atoms that contain ,

or are accessed from an atom that contains 

via the X relation

scs classification
SCS Classification

Let C be a strongly connected sub-graph of G()

  • C is terminal if it has no outgoing edges.
  • C is self-fulfilling if every atom has a successor within C, and for every pUqA (in C) there is an atom B (in C) such that qB.
  • C is useless if it is terminal and not self-fulfilling.
timing relations between atoms
Timing Relations between Atoms

(A,B)X,

C(A)={T1,…,Tk, L1,…,Lm}

 by definition

C(B)={T'1,…,T'k, L1,…,Lm} such that:

  • if Tj is T then T'j is T
  • if Tj is T then T'j is T or T
  • if Tj is T then T'j is T

Li are of theform a+x ~ c, and Ti are of the form a+x ~ T.

lemmas
Lemmas

BW-Lemma: If u1,…,un,t' Int satisfy C(B) then

there exists tt' such that u1,…,un,t

satisfy C(A).

FW-Lemma: If A, B belong to a self-fulfilling s.c.s.

then C(A)=C(B) and all time constraints

in C(A) are of the form T.

slide23
BW-Lemma: If u1,…,un,t' Int satisfy C(B) then thereexists

tt' such that u1,…,un,t satisfy C(A).

Proof

  • u=u1,…,un |= L1,…,LmC(A), C(B) (t’)
  • iTC(A)iT | i<TC(B), def. t=i(u) t=i(u)t’.

for <TC(A)i- >0C(A)t>(u), sim. for >TC(A).

  • iTC(A), def

El= { i | i<T}, let l=max(l(u)) (l if El= )

Eg={ i | i >T}, let g=min(g(u)) (g if Eg=)

g-l>1C(A) g>l+1, let t=l+1  l<t<g.

l<TC(A)l<TC(B)l(u)=l<t’ t t'

slide24
FW-Lemma: If A, B belong to a self-fulfilling s.c.s.

then C(A)=C(B) and all time constraints

in C(A) are of the form T.

Proof

AB, BA  {Li} same in A,B & <TC(A)iff <TC(B).

Assume =T |>T C(A)(<T)A DC, <TD,

but DA  <TC(A) !!!

  • From FW-Lemma: If u1,…,un,t satisfy C(A) then it is a

solution forevery atom in a self-fulfilling s.c.s. that contains A.Also, u1,…,un,t' is a solution for every t't.

fulfilling paths
Fulfilling Paths

An infinite path A0,A1,… in G() is called a

fulfilling path for  if:

  • For every i, (Ai,Ai+1)X,
  • For every i, and every pUqAi, there exists some ji such that qAj.
  • A0
fulfilling paths and satisfiability
Fulfilling Paths and Satisfiability

Theorem:

 is satisfiable iff there exists a fulfilling path for  in G().

Sketch of proof:

  • if  is satisfiable construct the sequence:

A0,A1,.. where Ai={ CL() | i |=  }

Show that  is fulfilling path.

- Given A0,A1,.. is fulfilling path of . define 0,1,.. s.t.: i={ pAi }. Since  is infinite there exists k s.t. all the atoms from k head are contained in a self-fulfilling SCS. Let u1,...un,tk be a solution of Ak, then trace  backwards and assign values titk (possible by BW-Lemma). Also by FW-Lemma assign k+1,k+2,.. by tk+1, tk+2,...

satisfiability checking algorithm
Satisfiability Checking Algorithm
  • Let G0=G().
  • repeat with the last defined graph Gi

Let C be a useless maximal SCS in Githen define

Gi+1=(Wi+1,Xi+1) by:

 Wi+1=Wi-C

Xi+1=Xi(Wi+1Wi+1)

until Gi is empty or does not contain anyuseless maximal SCS.

  • If there is an atom AGi such that A
    • then report success
    • else report fail.

Theorem: is satisfiable iff the algorithm reports success.

remarks
Remarks
  • The algorithm does not check for complete models(time

increases with at most 1 t.u.).. Hence, the Formula

(x=T)  O(x+2=T)

is satisfiable though it does not have a complete model.

  • The definition of a model does not require time to be non-

negative. Hence, the formula

(x=T)  O(x=-1)

is satisfiable but only by a model where t00. In order to

restrict models to non-negative clocks we need to augment

formulae with a proper constraint

p  (0T)