Upload
stewart-dickerson
View
217
Download
0
Tags:
Embed Size (px)
Citation preview
Process Algebra (2IF45)
Introduction From Labeled Transition Systems back to Equational Theory
Dr. Suzana Andova
2 Process Algebra (2IF45)
Reactive systems – general
• Computing systems which are supposed to offer some (well-defined) services to their users
• These systems are large and usually consist of a number of components which interact with each other
• Many of them are control crucial and/or safety critical
3 Process Algebra (2IF45)
Reactive systems - Correctness problem
• It is important that a realization of these systems is just as intended
• Intended behaviour can be validated
• Solution: MODELING
• abstract model of the system
• unambiguous description
• methods and tools for model analysis
4 Process Algebra (2IF45)
Model of Labeled Transition Systems (LTS)
x:= 1;y:= x+1;out(y).
?x
y:=x+1
!y
in(x);y:= x+1;while (true) { out(y);}.
?x
y:=x+1
!y
out(x);in(y).
!x
?y
5 Process Algebra (2IF45)
Model of Labeled Transition Systems (LTS)Intermezzo
6 Process Algebra (2IF45)
Model of Labeled Transition Systems
!tea ?coin !coffee
VM1
?coin
?return
!tea !coffee
error
VM3
?return
!tea !coffee
VM2
?coin
!coin
User
?coffee
Using VM1
coin
coffee
?coin !coffee !tea
7 Process Algebra (2IF45)
Model of Labeled transition systems
!tea ?coin !coffee
!coin
?return
!tea !coffee
?coin
?return
!tea !coffee
error
VM1 VM2’ VM3
User
?coin
!coffee
?coffee
?tea
?coffee
8 Process Algebra (2IF45)
Observation
• LTSs consist of states and transitions labeled with (action) labels
• Initial state is indicated, final states are indicated
• LTSs can interact according to predefined communications
9 Process Algebra (2IF45)
Questions
• What is a state?
•How do we know drawing a transition from a state s to a state s’ is
right? How do we know which label to assign to it?
• How do we combine LTSs? • When modeling a system, is an LTS a model to start with or is it something to be obtained as a final or side product?
• What ingredient do we need to have predefined, to be able to produce
an LTS?
10 Process Algebra (2IF45)
Answers
• What is a state?
A state is an expression in a specification language (signature)
• How do we know whether drawing a transition from a state s to a state s’ is
right? How do we know which label to assign to it?
A transition and its label are determined by a set of rules, defining the behaviour
of any specification given in the language
• How do we combine LTSs?
Any composition (operation) on LTSs must be predefined in the language and
with the rules
11 Process Algebra (2IF45)
Answers
• When modeling a system, is an LTS a model to start with or is it
something to be obtained as a final or side product?
• What ingredient do we need to have predefined, to be able to produce
and work with LTSs?
12 Process Algebra (2IF45)
Answers
• When modeling a system, is an LTS a model to start with or is it
something to be obtained as a final or side product?
In (model checking) tools
manipulating the state space (LTSs):UPPAAL, Prism, MRMC
manipulating the specification (language):
mCRL2, Chi, CADP, FDR, PEPA, MRMC updated IMCoffers flexibility
components’ specifications
the whole system specification
the state space
verificationmodel checking
reductionon specification
reductionon specification
reductionon LTSs
composition by axiom
SS generation by the SOS rules
property specification
Yes!
No!
…
13 Process Algebra (2IF45)
components’ specifications
Equational theory in place
In (model checking) tools
manipulating the state space (LTSs):UPPAAL, Prism, MRMC
manipulating the specification (language):
mCRL2, Chi, CADP, FDR, PEPA, MRMC updated IMC
the whole system specification
the state space
verificationmodel checking
reductionon specification
reductionon specification
reductionon LTSs
composition by axiom
SS generation by the SOS rules
property specification
Yes!
No!
… equiational theory (a
xioms)
Operational semantics
(SOS)
reduction to
basic forms
reduction by
equations
reduction by
equivalence
relations
(bisimulation)
14 Process Algebra (2IF45)
components’ specifications
Equational theory in place
In (model checking) tools
manipulating the state space (LTSs):UPPAAL, Prism, MRMC
manipulating the specification (language):
mCRL2, Chi, CADP, FDR, PEPA, MRMC updated IMC
the whole system specification
the state space
verificationmodel checking
reductionon specification
reductionon specification
reductionon LTSs
composition by axiom
SS generation by the SOS rules
property specification
Yes!
No!
… equiational theory (a
xioms)
Operational semantics
(SOS)
reduction to
basic forms
reduction by
equations
reduction by
equivalence
relations
(bisimulation)
consistent
15 Process Algebra (2IF45)
components’ specifications
Equational theory in place
In (model checking) tools
manipulating the state space (LTSs):UPPAAL, Prism, MRMC
manipulating the specification (language):
mCRL2, Chi, CADP, FDR, PEPA, MRMC updated IMC
the whole system specification
the state space
verificationmodel checking
reductionon specification
reductionon specification
reductionon LTSs
composition by axiom
SS generation by the SOS rules
property specification
Yes!
No!
… equiational theory (a
xioms)
Operational semantics
(SOS)
reduction to
basic forms
reduction by
equations
reduction by
equivalence
relations
(bisimulation)
consistent
In this course we will learn HOW to build a consistent
Process Algebra = specification language
+ axioms
+ SOS rules
+ reduction equivalence relations
so that the initial specification and the model checked LTS, they both
describe the same system!
16 Process Algebra (2IF45)
Labeled transition systems – basic notions
17 Process Algebra (2IF45)
Labeled transition systems – basic notions
• Given a set of labels L• An LTS consists of:
• S is a set of states
S x L x S
• S0 S is the initial state
S is the set of final states
!tea !coffee
VM1’
?coin
deadlock state
successful termination
nondeterministic choice
18 Process Algebra (2IF45)
Labeled transition systems - choice
!tea !coffee
VM1’
?coin
nondeterministic choice
!tea !coffee
VM1’’
?coin ?coin
nondeterministic choice
Using VM1’
coin
coffee
Using VM1’’
coffee
coin coin
or
19 Process Algebra (2IF45)
Labeled transition systems - relations
!tea !coffee
VM1’
?coin
!tea !coffee
VM1’’
?coin ?coin
Similarities of the LTSs: they both have the same traces, {?coin, ?coin !coffee, ?coin !tea}
Differences of the LTSs:The moment a choice is made is different. In VM1’ the choice is made before ?coin is executed. In VM1’’ the choice is made after ?coin is executed.
20 Process Algebra (2IF45)
LTS Equivalence spectrum
Rob J. van Glabbeek “The Linear Time-Branching Time Spectrum”, CONCUR 1990
21 Process Algebra (2IF45)
Bisimulation on LTSs
!coffee !coffee
?coin
!coffee
?coin
Bisimilar LTSs
Bisimulation relation: A binary relation R on the set of state S of an LTS is bisimulation relation iff the following transfer conditions hold:
1. for all states s, t, s’ S, whenever (s, t) R and s –a-> s’ for some a L, then there is a state t’ S such that t –a-> t’ and (s’, t’) R;
2. vice versa, for all states s, t, s’ S, whenever (s, t) R and t –a-> t’ for some a L, then there is a state s’ S such that s –a-> s’ and (s’, t’) R;
3. whenever (s, t) R and s then t ; 4. whenever (s, t) R and t then s ;
Two LTSs s and t are bisimilar, s t, iff there is a bisimulation relation R such that (s, t) R
22
Bisimulation relation: A binary relation R on the set of state S of an LTS is bisimulation relation iff the following transfer conditions hold:
1. for all states s, t, s’ S, whenever (s, t) R and s –a-> s’ for some a L, then there is a state t’ S such that t –a-> t’ and (s’, t’) R;
2. vice versa, for all states s, t, s’ S, whenever (s, t) R and t –a-> t’ for some a L, then there is a state s’ S such that s –a-> s’ and (s’, t’) R;
3. whenever (s, t) R and s then t ; 4. whenever (s, t) R and t then s ;
Two LTSs s and t are bisimilar, s t, iff there is a bisimulation relation R such that (s, t) R
Process Algebra (2IF45)
Bisimulation on LTSs
!coffee !coffee
?coin
!coffee
?coin
Bisimilar LTSs
!tea !tea !coffee
?coin ?coin
!coffee
?coin
Not bisimilar LTSs
??
23 Process Algebra (2IF45)
Structural Operational Semantics – general introduction
components’ specifications
the whole system specification
the state space
…
24 Process Algebra (2IF45)
Structural Operational Semantics – general introduction
Ingredients• A set of labels L• Language (signature/ syntax) : consists of symbols denoting
constants, operators, variables, functions, additional symbols• All expressions (terms) in the language are build from the
symbols in the signature, denoted C()• An expression corresponds to a state in a state space (LTS)
• Example: Language of Natural numbers
0 “zero”
s(_) “successor function”
a(_, _) “addition”
m(_, _) “multiplication”
Terms in the language: s(s(0)), a(s(0),m(s(0),s(s(s(0))))), 0,
s(x) where x is a variable, …
25 Process Algebra (2IF45)
Structural Operational Semantics – general introduction
Ingredients (cont.) • Deduction (SOS) rules
• Rules are in the form
where is a set of formulas called premises; it can be an empty set
• is a formula called conclusion
• Formula is either a transition s –a-> t or a termination s for some terms s and t in the language, s, t C() and a label a L
• Deduction rules determine transitions in a LTS• A language and a set of rules defined over the language is
called deduction system
26
Example: Deduction system for “Counting down”
Process Algebra (2IF45)
• Example: Language of Natural numbers
0 “zero”
s(_) “successor function”
a(_, _) “addition”
m(_, _) “multiplication”
Question: How to define deduction rules that generate the following LTS
s(s(0))
s(0)
0
1
1
27
Example: Deduction system for “Counting down”
Process Algebra (2IF45)
• Example: Language of Natural numbers
0 “zero”
s(_) “successor function”
a(_, _) “addition”
m(_, _) “multiplication”
Question: How to define deduction rules that generate the following LTS
s(s(0))
s(0)
0
1
1
0
1
1 y y’
a(x,y) a(x, y’)
s(x) x1
1
1 x x’ , y a(x,y) x’
x, y a(x,y)
28
Example: Deduction system for “Counting down”
Process Algebra (2IF45)
1
0
1
1 y y’
a(x,y) a(x, y’)
s(x) x1
1
1 x x’ , y a(x,y) x’
x, y a(x,y)
a( s(s(0)), s(s(s(0))) ) a( s(s(0)), s(s(0)) )1
a( s(s(0)), s(0) )
1a( s(s(0)), 0 )
s(0)
1
01
29
Example: Deduction system for “Counting
down” --- Alternative rules
Exercise: Write an alternative rules for the Counting down deduction system!