1 / 14

Linear and Branching Time Safety, Liveness, and Fairness

Linear and Branching Time Safety, Liveness, and Fairness. Lam Quoc Dang FAdCo T-79.5306 Reactive Systems. Contents. Linear and Branching Time General Overview Linear Time Branching Time Safety, Liveness, and Fairness Safety Property Liveness Property Fairness Assumption.

rae
Download Presentation

Linear and Branching Time Safety, Liveness, and Fairness

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Linear and Branching TimeSafety, Liveness, and Fairness Lam Quoc Dang FAdCo T-79.5306 Reactive Systems

  2. Contents • Linear and Branching Time • General Overview • Linear Time • Branching Time • Safety, Liveness, and Fairness • Safety Property • Liveness Property • Fairness Assumption

  3. General Overview • An abstraction mechanism consisting of π and Ɛπ, Σ and ƐΣ, or both is used. • Properties of individual states, transitions, and their relations over time are specified.

  4. Linear Time • Looking at each complete execution separately • ”K ||− φ” is defined as Ɛπ(K) ||− φ, or ƐΣ(K) ||− φ, or Ɛπ+Σ(K) ||− φ. • Property φ belongs to a system iff K ||− φ for every K ∈ CEx. • Such property is a linear-time property. • Eg: Reachability of a deadlock, 4-boundedness of a Petri net place p are linear-time property.

  5. Linear Time • Checking: including a proposition is_deadlock in π, checking whether is_deadlock holds in any abstracted states in sequences of Ɛπ(CEx). • A structural transition t ∈ T is Petri-net-live iff ”t is enabled”. • Petri-net-liveness of t is not a linear-time property.

  6. Branching Time • Petri-net-liveness is determined with t_enab ∈ π and all execution trees shown. • An execution tree represents all executions starting with s1 ∈ S1, and records all positions where two executions separate. • Execution tree of state space (S, T, Δ, S1) with s1 ∈ S1 is formally defined as rooted edge-labelled graph (V, E, S1).

  7. Branching Time • Each node in execution tree contains only information provided by Ɛπ. • Edges of execution tree are defined in two different ways if structural transitions are abstracted with Σ or away totally. • Property whose validity is defined on Ɛ-abstracted execution trees is branching-time property. • Branching-time property is proper if it is not linear-time property, eg: Petri-net-liveness.

  8. Safety Property • Safety in concurrent systems corresponds to partial correctness in sequential programs. • Linear-time safety is property of Ɛ-abstracted executions having finite counterexamples. • A safety property belongs to a system iff all its executions have such property. • No property is simultaneously a safety and liveness property.

  9. Safety Property • Eg: ”the program will not terminate” is safety property, so as ”prefix” property of fifo queue and 4-boundedness of Petri net place. • Safety property can be defined in branching-time by replacing ”execution trees” for ”executions”. • Verification for safety is easier than for liveness properties (existing algorithms and not depending on fairness).

  10. Liveness Property • Liveness (progress) in concurrent systems corresponds to termination in sequential programs. • Liveness is system-specific and more difficult to formulate than termination. • Linear-time liveness is property whose counterexamples are Ɛ-abstractions of ony complete executions.

  11. Liveness Property • Eg: ”the program will eventually terminate” is liveness property, so as the ”length” property of fifo queues. • Counterexamples of linear-time liveness are infinite executions (finite ”prefix” + repeating finite cycle). • Counterexamples for proper branching-time properties are more complicated.

  12. Fairness Assumption • Fairness is assumption often needed for ensuring liveness. • Two well-known notions: weak fairness (justice) and strong fairness (compassion). • If a structural transition t is enbled in every state from some point on (but never occurs), weak-fairness will eventually occur.

  13. Fairness Assumption • Fairness is used to modelling process schedule to ensure each process gets processor time. • Fairness is used to ensure a serve serves its clients equally. • In strong fairness, if t is enabled infinitely many times, it should occur infinitely many times.

  14. THANKS FOR YOUR ATTENTION!

More Related