CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
-
Upload
rodger-wilkins -
Category
Documents
-
view
224 -
download
1
Transcript of CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
![Page 1: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/1.jpg)
CS5270 Lecture 4 1
Timed Automata I
CS 5270 Lecture 4
![Page 2: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/2.jpg)
CS5270 Lecture 4 2
Where we were…
• RT systems– Modelling vs synthesis, hard vs soft, RT
architectures
• The real-time computing environment– Temporal accuracy, clocks– TTP – time triggered protocols
• Scheduling– Preemption, feasibility, schedulability– RMS, priority inversion, PCP
![Page 3: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/3.jpg)
CS5270 Lecture 4 3
Where we are going…
• Formal basis for Uppaal:– Detailed study of a basis for efficient real-time
analysis/model checkingTransition systems, Automata, Model checkingTimed transition systems,Zones/regions (efficient timed systems)
• This will all take time… perhaps 4/5 weeks
![Page 4: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/4.jpg)
CS5270 Lecture 4 4
The immediate road map
• State transition systems – some definitions – parallel composition
• Timed transition systems – formal definition– parallel composition– Reduction of a TTS (which has possibly infinite states and
actions) to a finite TS by quotienting… (takes time)
• Efficiency in TTS– Regions– zones
• Automata and safety properties
![Page 5: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/5.jpg)
CS5270 Lecture 4 5
The long distance road map
• Local road map, and then…
– Verification of temporal propertiesLTL and CTL temporal/modal logicThe verification setting
– CTL model checkingDefinition of CTLKripke structuresDefinition of the modelling relationModel checking algorithm for CTL
– TCTL model checkingDefinition of TCTLModel checking for TCTL
![Page 6: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/6.jpg)
CS5270 Lecture 4 6
Transition Systems Vs Automata
• Automata = Transition system +
accepting conditions.
• Transition systems ---- State spaces,
dynamics
• Automata ----- Languages,
Properties
![Page 7: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/7.jpg)
CS5270 Lecture 4 7
Example
Resource ManagerReq
Release
Grant
![Page 8: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/8.jpg)
CS5270 Lecture 4 8
Example
FR W
Bad
Req
Release
BU Grant
crash
![Page 9: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/9.jpg)
Example
Bad
Req
Release
Grant
crash Any sequence over
{Req, Grant, Release} as allowed by the automaton.
Rq G Rl Rq G allowed.
Rq G Rl Cr not wanted!
![Page 10: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/10.jpg)
CS5270 Lecture 4 10
Example
Bad
Req
Release
Grant
crashAny sequence over
{Req, Grant, Release} as allowed by the automaton ?
![Page 11: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/11.jpg)
CS5270 Lecture 4 11
Example
Bad
Req
Release
Grant
crash Any sequence that ends with Release (except for the null string)
![Page 12: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/12.jpg)
CS5270 Lecture 4 12
Transition Systems
• A Simple model of dynamic systems.
• Discrete time
• States
• Transitions
• Initial state(s).
• No accepting states.
![Page 13: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/13.jpg)
CS5270 Lecture 4 13
Example
CH
On-heat On-ac
OKOK
Off-acOff-heat
![Page 14: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/14.jpg)
CS5270 Lecture 4 14
Signal Flow
TemperatureAC-motor
Heater-motor
![Page 15: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/15.jpg)
CS5270 Lecture 4 15
Example
CH
On-heat On-ac
OKOK
Off-heatOff-ac
![Page 16: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/16.jpg)
CS5270 Lecture 4 16
Example
CH
On-heat On-ac
OKOK
Off-acOff-heat
State
![Page 17: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/17.jpg)
Example
CH
On-heat On-ac
OKOK
Off-acOff-heat
State
OK Transition
![Page 18: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/18.jpg)
Example
CH
On-heat On-ac
OKOK
Off-acOff-heat
State
a TransitionOff-ac Action
![Page 19: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/19.jpg)
CH
On-heat On-ac
OKOK
Off-acOff-heat
State
OK TransitionOff-ac Action
Initial State
![Page 20: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/20.jpg)
CS5270 Lecture 4 20
S4
S5
S6
S1
S2
S3
CH
On-heat On-ac
OKOK
Off-acOff-heat
S0
PATH – S4 on-heat S5 OK S6 off-heat S0 ? S1 ….
Non- Paths: S5 off-heat S6 off-heat S0
S1 on-ac S5 OK S6….
![Page 21: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/21.jpg)
CS5270 Lecture 4 21
S4
S5
S6
S1
S2
S3
CH
On-heat On-ac
OKOK
Off-acOff-heat
S0
PATH – S4 S5 S6 S0 S1 ….
Run ---- Path starting from an initial state
----- S0 S1 S2 S3 S0 S1 ….
![Page 22: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/22.jpg)
CS5270 Lecture 4 22
Transition Systems
• TS = (S, Act, !, Sin) --- Transition System– S --- States– Act --- A set of actions– ! µ S £ Act £ S ---- Transition Relation– Sin µ S ---- Initial states
• Often:– S and Act are finite sets.– Sin has only one element.– The transition relation is deterministic.
![Page 23: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/23.jpg)
CS5270 Lecture 4 23
Deterministic Transition Systems
• TS = (S, Act, , Sin) --- Transition System
• (s, a, s’)
– s s’a
![Page 24: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/24.jpg)
CS5270 Lecture 4 24
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
S = ?
![Page 25: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/25.jpg)
CS5270 Lecture 4 25
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
S = { S0, S1, S2, …,S6}
![Page 26: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/26.jpg)
CS5270 Lecture 4 26
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
Act = ?
![Page 27: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/27.jpg)
CS5270 Lecture 4 27
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
Act = {C, On-heat, H, on-ac,..}
![Page 28: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/28.jpg)
CS5270 Lecture 4 28
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
= ?
![Page 29: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/29.jpg)
CS5270 Lecture 4 29
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
= { (S0, H, S1), (S0, C, S4),….}
![Page 30: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/30.jpg)
CS5270 Lecture 4 30
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
Sin = ?
![Page 31: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/31.jpg)
CS5270 Lecture 4 31
Transition Systems• TS = (S, Act, !, Sin) --- Transition System
S4
S5
S6
S1
S2
S3
C HOn-heat
On-ac
OKOKOff-acOff-heat
S0
Sin = {S0}
![Page 32: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/32.jpg)
CS5270 Lecture 4 32
Deterministic Transition Systems
s
s1 s2
a a
s as1 s a
s2AND IMPLIES s1 = s2
Non-determinism is useful for getting succinct specifications.
Abstractions (hiding details) give rise to non-determinism.
![Page 33: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/33.jpg)
CS5270 Lecture 4 33
Non-Determinism
Arrive at Junction
Toss Coin
H T
Turn-left Turn-right
![Page 34: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/34.jpg)
CS5270 Lecture 4 34
Non-Determinism
Arrive at Junction
Toss Coin
H T
Turn-left Turn-right
![Page 35: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/35.jpg)
CS5270 Lecture 4 35
Non-Determinism
Arrive at Junction
Toss Coin
H T
Turn-left Turn-right
Toss Coin
![Page 36: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/36.jpg)
CS5270 Lecture 4 36
Non-Determinism
Arrive at Junction
Toss Coin
Turn-left Turn-right
Toss Coin
![Page 37: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/37.jpg)
CS5270 Lecture 4 37
S4
S5
S6
S1
S2
S3
CH
On-heat On-ac
OKOK
Off-acOff-heat
S0
PATH – S4 S5 S6 S0 S1 ….
Run ---- Path starting from an initial state
----- S0 S1 S2 S3 S0 S1 ….
![Page 38: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/38.jpg)
CS5270 Lecture 4 38
Computations
• TS = (S, Act, , Sin)
• Behaviors can also be defined as action sequences:– Computations, traces,…
• s0 s1 s2 ……. sn ---- run.
• s0 a1 s1 a2 s2 ….sn-1 an sn
• si si+1
• a1 a2 a3 ….an is a computation.
ai
![Page 39: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/39.jpg)
CS5270 Lecture 4 39
S4
S5
S6
S1
S2
S3
CH
On-heat On-ac
OKOK
Off-acOff-heat
S0
Run ----- S0 S1 S2 S3
Computation ----- ?
![Page 40: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/40.jpg)
CS5270 Lecture 4 40
S4
S5
S6
S1
S2
S3
CH
On-heat On-ac
OKOK
Off-acOff-heat
S0
Run ----- S0 S1 S2 S3 S0
Computation ----- H On-ac OK off-ac
![Page 41: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/41.jpg)
CS5270 Lecture 4 41
Behaviors (Linear Time)
• The behavior of a transition system is:– Its set of runs.– Its set of computations.
• Does the behavior of TS have the desired property?– Does every computation (run) of the transition
system have the desired property?– In no computation, C is immediately followed
by On-Ac.
![Page 42: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/42.jpg)
CS5270 Lecture 4 42
Behaviors
• Properties:– Is there a run leading to deadlock?
s0 ---------------> s s0 2 Sin
No action is enabled at s
– Is the state s reachable (via a run) ?– Is there a bad state which is reachable?
• Often TS is presented implicitly!– For example, as a network of smaller
transition systems.
![Page 43: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/43.jpg)
CS5270 Lecture 4 43
The Verification Setting
TS
Behavior of TS Check for property !
SystemModel extraction
Semantics
![Page 44: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/44.jpg)
The Verification Setting
TS
Behavior of TS
System
Property = Temporal logic formula
YES ! NO !
Model-Checker Models of
![Page 45: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/45.jpg)
CS5270 Lecture 4 45
S4
S5
S6
S1
S2
S3
C HOn-heat On-ac
OKOKOff-acOff-
heat
S0
Temperature Controller
![Page 46: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/46.jpg)
CS5270 Lecture 4 46
S4
S5
S6
S1
S2
S3
C HOn-heat On-ac
OKOKOff-acOff-
heat
S0
It is often convenient to consider both finite and infinite computations!
![Page 47: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/47.jpg)
S4
S5
S6
S1
S2
S3
C HOn-heat On-ac
OKOKOff-acOff-
heat
S0
Property : every (finite) computation that ends with “on-heat” can be extended to a computation that ends with “off-heat”
![Page 48: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/48.jpg)
CS5270 Lecture 4 48
Linear time Vs. Branching time
• Linear time – The (flat) set of computations.
• Branching time– The tree of computations– How computations branch off is kept track of.
![Page 49: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/49.jpg)
CS5270 Lecture 4 49
Linear time Vs. Branching time
• LTL (Linear time temporal logic).
• CTL (Computation tree logic)
• These two logics are incomparable.
• LTL – SPIN (Bell Labs, G. Holtzmann)
• CTL – SMV (Clarke, McMillan, CMU- Cadence Lab)
![Page 50: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/50.jpg)
CS5270 Lecture 4 50
Network of Transition Systems
• In general, the system will contain multiple components.
• The components will coordinate by communication.– Send/receive messages (asynchronous)– Perform common actions together
(synchronous, hand-shake). hand-shake is usually a convenient abstraction.
![Page 51: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/51.jpg)
CS5270 Lecture 4 51
Finite State Automata
• Finite State Automata (FSAs) are a basic computational model.
• FSAs = Regular Languages
= Temporal Logics.• Starting point for many system design
methodologies.– SDL, UML, POLIS,…
• Verification tools (SPIN, SMV) available.
![Page 52: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/52.jpg)
CS5270 Lecture 4 52
A Railway System
![Page 53: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/53.jpg)
CS5270 Lecture 4 53
The Gate/Train TS – graph view
open
close
Fin-Close
approach
brakeproceed
proceed
Gate Train
left
![Page 54: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/54.jpg)
CS5270 Lecture 4 54
The Gate Controller TS
approach
close
Fin-Close proceed
left
open
![Page 55: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/55.jpg)
CS5270 Lecture 4 55
The Signal Space
Gate
GateController
open
close
Fin-close
Fin-Close
approach
left
open
close
proceed
![Page 56: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/56.jpg)
CS5270 Lecture 4 56
Transition system
• To model the entire system, construct the parallel composition:
Gate ║ Train ║ Controller
(This is another TS)
![Page 57: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/57.jpg)
CS5270 Lecture 4 57
Parallel composition…
![Page 58: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/58.jpg)
Parallel Composition
open
close proceedleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
![Page 59: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/59.jpg)
Parallel Composition
open
closeleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
proceed
Fin-Close
![Page 60: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/60.jpg)
Parallel Composition
open
closeleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
proceed
Fin-Close
![Page 61: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/61.jpg)
Parallel Composition
open
closeleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
proceed
Fin-Close
![Page 62: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/62.jpg)
Parallel Composition
open
closeleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
proceed
Fin-Close
left
![Page 63: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/63.jpg)
Parallel Composition
open
closeleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
proceed
Fin-Close
left
![Page 64: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/64.jpg)
Parallel Composition
open
closeleft
approach
proceed
brake
approach
close
Fin-Close proceed
open
Enabled actions ?
proceed
Fin-Close
left
![Page 65: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/65.jpg)
Parallel Composition
g0
open
closeleft
t0
t1
approach
proceed
Brake
GC0
GC1
approach
close
Fin-Close proceed
open
proceed
Fin-Close
left
![Page 66: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/66.jpg)
CS5270 Lecture 4 66
Parallel Composition
TS = TrainTS || Gate-ControllerTS || GateTS
s = (t, GC, g) A state of TS
(g0, t0, GC0) (g0, t1, GC1)approach
t0 t1 (TRAIN)approach
GC1 (Gate-Controller)approachGC0
![Page 67: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/67.jpg)
CS5270 Lecture 4 67
State Space Explosion
• TS = TS1 || TS2 … || TSn
• TS is presented implicitly!– Fix a communication convention
– Present TS1, TS2,…, TSn
• We wish to analyze TS and often implement TS.• But constructing TS first explicitly is often
hopeless.
• |TSi| = 10 n = 6 – |TS| = ? (worst case)
![Page 68: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/68.jpg)
CS5270 Lecture 4 68
Timed Transition Systems
• Timed Transition Systems = Transition Systems + Clock Variables.• Clock variables.
– Used to record the passage of (real) time.– Act like Timers.– Can be read.– Transitions constrained (guarded) by current
values of clock variables.– Can be reset to 0 during a transition.
![Page 69: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/69.jpg)
CS5270 Lecture 4 69
Using Clock Variables
Hot On-ac OK
Off-ac
Spec. : Turn off ac if the temperature is OK or 5 units of time has elapsed since turning it on.
![Page 70: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/70.jpg)
CS5270 Lecture 4 70
Using Clock Variables
Hot On-ac; x OK
Off-ac
Spec. : Turn off ac if the temperature is OK or 5 units of time has elapsed since turning it on.
x 5 Off-ac
![Page 71: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/71.jpg)
CS5270 Lecture 4 71
Using Clock Variables
Hot On-ac; x OK
Off-acx 5Off-ac
Clock variable x is set to 0.
On-ac ; x
is short form for:
On-ac ; x := 0
![Page 72: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/72.jpg)
CS5270 Lecture 4 72
Using Clock Variables
Hot On-ac; x OK
Off-acx 5Off-ac
Clock variable x is used to form a guard:
x 5
![Page 73: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/73.jpg)
CS5270 Lecture 4 73
Using Clock Variables
Hot On-ac OK
Off-ac
Spec. :
Turn off ac if the temperature is OK or 5 units of time has elapsed since turning it on.
Turn on ac within 3 time units after receiving Hot signal.
![Page 74: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/74.jpg)
CS5270 Lecture 4 74
Using Clock Variables
Hot; y On-ac; x OK
Off-acx 5Off-ac
Spec. :
Turn off ac if the temperature is OK or 5 units of time has elapsed since turning it on.
Turn on ac within 3 time units after receiving Hot signal.
y ≤ 3
![Page 75: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/75.jpg)
CS5270 Lecture 4 75
Using Clock Variables
Hot; y On-ac; x OK
Off-acx 5Off-ac
y ≤ 3
Three components:
Action on-ac
Reset x
Guard y ≤ 3
![Page 76: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/76.jpg)
CS5270 Lecture 4 76
Using Clock Variables
Hot; y On-ac; x OK
Off-acx 5Off-ac
y ≤ 3
Do we need two clocks?
![Page 77: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/77.jpg)
CS5270 Lecture 4 77
Using Clock Variables
Hot; x On-ac; x OK
Off-acx 5Off-ac
x ≤ 3
Do we need two clocks? NO!
![Page 78: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/78.jpg)
78
Timed Transitions
a ; X
g
a, an action
X, a set of clock variables; the clock variables set to 0.
g, a guard; a predicate based on the values of the clock variables.
g :: = x ≤ c | x c | x c | x c | g1 g2
x CL
CL ---- The set of clock variables used by the model.
c ----- A rational number (integer)
![Page 79: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/79.jpg)
CS5270 Lecture 4 79
State Invariants
• A clock constraint is associated with each state: state invariant– The system can stay in the state only as long
as the state’s invariant is not violated.
• For time points which violate the invariant one expects an output transition to be enabled.– Otherwise a time deadlock.
The progress of time is blocked (in the model!).
![Page 80: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/80.jpg)
CS5270 Lecture 4 80
State Invariants
x ≤ 2a ; x b
![Page 81: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/81.jpg)
CS5270 Lecture 4 81
State Invariants
x ≤ 2a ; x b
a ; x bx > 2
SAME AS ?
![Page 82: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/82.jpg)
CS5270 Lecture 4 82
State Invariants
x ≤ 2a ; x b
x > 3
At (s1, x = 2.4) the behavior is undefined!
s0s1 s2
![Page 83: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/83.jpg)
CS5270 Lecture 4 83
State Invariants
g
g1 g2 g3
At all “times” g OR g1 OR g2 OR g3 is satisfied.
If more than one output transition is enabled, the choice is made non-deterministically.
![Page 84: CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.](https://reader036.fdocuments.net/reader036/viewer/2022062408/56649f0d5503460f94c20b77/html5/thumbnails/84.jpg)
CS5270 Lecture 4 84
Timed Transition systems and automata
• How do we model real time systems?
• How do we specify (real time) behavioral properties?
• How do verify behavioral properties?
• What is the behavior of a timed transition system?