Reachability of Communicating Timed Processes

Lorenzo Clemente (1), Frédéric Herbreteau (1),Amélie Stainer (2), and Grégoire Sutre (1)

Plouzané, Tuesday 16th April 2013

(1) University of Bordeaux/LaBRI(2) University of Rennes I

At a glance

Model: Communicating Finite State Machines + Time

Problem: Decidability and complexity of reachability w.r.t. the communication topology

Results: Adding time does not change decidability, but the complexity worsens

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?b

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bε ε

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bεa

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bεba

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bcba

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bba ε

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bb ε

Communicating Finite State MachinesNetwork of finite automata communicating over unbounded FIFO channels.

!a !c ?a ?cP Q R

Reachability: Every process is in a final state and channels are empty

!b ?bεε

Communicating Finite State Machines

Reachability is in general undecidable [Brand&Zafiropulo].Decidabile restrictions:

• Bound the channel (→ finite state system).

• Restrict the message alphabet to a singleton (→ Petri nets) [Karp&Miller’69].

• Make the channel lossy [Abdulla&Jonsson’96, Cece&Finkel&Iyer’96].

• Restrict to mutex communication [Heussner&Leroux&Muscholl&Sutre’10].

Communicating Finite State Machines

Reachability is in general undecidable [Brand&Zafiropulo].Decidabile restrictions:

• Bound the channel (→ finite state system).

• Restrict the message alphabet to a singleton (→ Petri nets) [Karp&Miller’69].

• Make the channel lossy [Abdulla&Jonsson’96, Cece&Finkel&Iyer’96].

• Restrict to mutex communication [Heussner&Leroux&Muscholl&Sutre’10].

• Restrict the communication topology [La Torre&Madhusudan&Parlato’08].

Communicating Finite State MachinesDecidability for restricted topologies.

!a !c ?a ?cP Q R

Topology: P → Q → R

!b ?b

Communicating Finite State MachinesDecidability for restricted topologies.

Theorem [La Torre&Madhusudan&Parlato’08].Reachability for CFSMs is decidable iff the topology is a polyforest.

Theorem [La Torre&Madhusudan&Parlato’08].Reachability is PSPACE-complete on polyforest topologies.

Our aim: Extend this results to models with time.

Examples of polyforest: Non-example:P

QRP Q R

(no undirected cycle)

P QR

S

Communicating FSMs + Time

Discrete time Dense time

• Each process is a tick automaton [Gruber&Holzer&Kiehn&Koenig]

• Add a synchronising action τ

• All processes perform τ at the same time

• Each process is a timed automaton [Alur&Dill’94]

• Clocks are local to each process

• All clocks evolve at the same rate

Discrete time

!a !b ?a τP Q

Rτ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

Discrete time

!a !b ?a τP Q

Rτ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

ε ε

Discrete time

!a !b ?a τP Q

Rτ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

a ε

Discrete time

!a !b ?a τP Q

Rτ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

a ε

Discrete time

!a !b ?a

P QR

τ ττ ?b

• Add a synchronising action τ • All processes perform τ at the same time

a ε τ

Discrete time

!a !b ?a

P QR

τ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

a b τ

Discrete time

!a !b ?a

P QR

τ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

b τε

Discrete time

!a !b ?a

P QR

τ τ

τ ?b

• Add a synchronising action τ • All processes perform τ at the same time

τε ε

Dense time• Each process is a timed

automaton with local clocks • All clocks evolve at the same rate

0<x<1,!a,{x}P x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

ε

x=0

y=0

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

ε

x=0.5

y=0.5

Elapse 0.5

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

a

x=0

y=0.5

Elapse 0.5

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

a

x=0.2

y=0.7

Elapse 0.5+0.2

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

x=0.2

y=0

Elapse 0.5+0.2 ε

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

Elapse 0.5+0.2+0.8 ε

y=0.8

x=1

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

Elapse 0.5+0.2+0.8 b

y=0.8

x=1

Dense time

0<x<1,!a,{x}P

• Each process is a timed automaton with local clocks • All clocks evolve at the same rate

x=1,!b

0<y<1,?a,{y}Q 0<y<1,?b

Elapse 0.5+0.2+0.8

y=0.8

x=1

ε

Communicating FSMs + Time

Discrete time Dense time

• Each process is a tick automaton [Gruber&Holzer&Kiehn&Koenig]

• Add a synchronising action τ

• All processes perform τ at the same time

• Each process is a timed automaton [Alur&Dill’94]

• Clocks are local to each process

• All clocks evolve at the same rate

We study discrete time first

and then extend to dense time

Discrete time

Network of Communicating Tick Automata

Petri NetsPetri Nets

Theorem: Reachability decidable iff polyforest topology

Theorem: The complexity is the same as Petri nets

(polyforest topologies)

(with a fixed polyforest topology)

Discrete time

Network of Communicating Tick Automata

Petri NetsPetri Nets

Theorem: Reachability decidable iff polyforest topology

Theorem: The complexity is the same as Petri nets

(polyforest topologies)

(with a fixed polyforest topology)

Discrete time Network of

Communicating Tick Automata

PetriNets

(polyforest topologies)

Discrete time Network of

Communicating Tick Automata

Network of Communicating

Counter Automata

un-tickingbound

channels

(any topology) (polyforest topology)

PetriNets

Discrete time Network of

Communicating Tick Automata

Network of Communicating

Counter Automata

un-tickingbound

channels

(any topology) (polyforest topology)

PetriNets

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

ε ε

P:

Q:

P:

Q:

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

ε ε

P: τ Q: τ

P:

Q:

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

ε τ

P: τ Q: τ

P: !τ Q:

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

a τ

P: τ !aQ: τ

P: !τ Q:

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

aτ

P: τ !aQ: τ

P: !τ !aQ:

a

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?aτ

P: τ !aQ: τ ?a

P: !τ !aQ:

aε

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?aτ

P: τ !aQ: τ ?a

P: !τ !aQ: c++

aε

c=1

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

P: τ !aQ: τ ?a

P: !τ !aQ: c++ ?τ c--

aε

c=0

Discrete time P:

Q:

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

• P sends its ticks

• Q increments a counter instead of doing a tick

• In any state, Q can receive a tick

?a

P: τ !aQ: τ ?a

P: !τ !aQ: c++ ?τ c-- ?a

ε

c=0

ε

Discrete time Network of

Communicating Tick Automata

Network of Communicating

Counter Automata

un-tickingbound

channels

(any topology) (polyforest topology)

PetriNets

τP

Q

!a

τ

!τP

Q

!a

c++?a

?τ; c-- ?τ; c--

un-ticking

?a

bound channels Product

construction

Discrete time Network of

Communicating Tick Automata

Network of Communicating

Counter Automata

un-tickingbound

channels PetriNets

un-counter

Discrete time Network of

Communicating Tick Automata

PetriNets

un-counter

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ• Replace c++ by c!m

• Replace c-- by d!m; τ

c

d

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

ε

ε

c

d

c=0

d=0

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

ε

ε

c

d

c=1

d=0

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

ε

c

d

c=1

d=0

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

ε

c

d

c=2

d=0

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

ε

c

d

c=2

d=0m

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

ε

c

d

c=2

d=0m

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

ε

c

d

c=2

d=0m

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

ε

c

d

c=1

d=0m

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

m

c

d

c=1

d=0m

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

c

d

c=1

d=0

ε

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

c

d

c=1

d=0

ε

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

c

d

c=1

d=1

ε

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

c

d

m

c=1

d=1

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

m

c

d

m

c=0

d=1

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

ε

c

d

m

c=0

d=1

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

d!m

Pc c?m

τ

Pd d?m

τ

c

d

m

c=0

d=2ε

• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time

A c++ c--

d++

P c!m d!m; τ

Pc c?m

τ

Pd d?m

τ

c

d

c=0

d=2ε

d!m m m• Replace c++ by c!m

• Replace c-- by d!m; τ

Discrete time Network of

Communicating Tick Automata

PetriNets

un-counter

The construction can be adapted to work for any given star topology

P

Pd1

Pdn

given countersd_1...d_n

...

Discrete time Network of

Communicating Tick Automata

PetriNets

un-counter

The construction can be adapted to work for any given star topology

P

Pd1

Pdn

given countersc_1...c_m andd_1...d_n

Pc1

Pcm

... ...

Discrete time (summary)

Network of Communicating Tick Automata

Petri NetsPetri Nets

Theorem: Reachability decidable iff polyforest topology

Theorem: The complexity is the same as Petri nets

(polyforest topologies)

(for any fixed star topology)

Dense time

Network of Communicating Timed Automata

Theorem: Reachability decidable iff polyforest topology

Theorem: The complexity is Petri net-hard and in Exp-Petri net

(polyforest topologies)

(any topology)

Network of Communicating Tick Automata

un-timing (exponential blow-up)

Dense time

Network of Communicating Timed Automata

(polyforest topologies)Network of

Communicating Tick Automata

un-timing (exponential blow-up)

Network of Communicating Timed Automata

Network of Communicating Tick Automata

Dense time

In order to preserve the topology, we would like to apply the region construction locally to each automaton. But this is incorrect.

P

Q

RS

P’’

Q’’

R’’S’’

Network of Communicating Timed Automata

Network of Communicating Tick Automata

Dense time Network of

Instrumented Timed Automata

Instrumented automaton: just a timed automaton with tick actions

instrumentation

region construction

.

P

Q

RS

P’’

Q’’

R’’S’’

P’

Q’

R’S’

instrumentation region construction

Network of Communicating Timed Automata

Network of Communicating Tick Automata

Dense time Network of

Instrumented Timed Automata

instrumentation

region construction

.

Intuition for instrumentation:add ticks to mark the beginning and end of integer time points

timed run instrumented run

...0 1 2

a0 a1 a2 ......

0 1 2

a0 a1 a2 ...τ τ τ τ τ

This can be achieved by a simple construction on each timed automaton

Network of Communicating Timed Automata

Network of Communicating Tick Automata

Dense time Network of

Instrumented Timed Automata

instrumentation

region construction

.

Realising instrumentation:add a new clock t

x>0,!a,{x}P

t=0&x>0,!a,{x}P,0

0<t<1&x>0,!a,{x}P,1

t=0,τ

t=1,τ,{t}

t=0,τ

t=1,τ,{t}

Network of Communicating Timed Automata

Network of Communicating Tick Automata

Dense time Network of

Instrumented Timed Automata

instrumentation

region construction

.

P

Q

RS

P’’

Q’’

R’’S’’

P’

Q’

R’S’

instrumentation region construction

has an accepting run

has an accepting run

has an accepting runiff only if

The other direction follows from a Rescheduling Lemma for timed automata

Dense time P’’

Q’’

R’’S’’

P’

Q’

R’S’

region construction

has an accepting run

has an accepting runif

• An accepting run on the left induces a local accepting run in each P’’, Q’’, etc...

• Instrumentation guarantees that integral timestamps agree.

• What about non-integral ones?Instrumentation just ensures that they are in the same interval (k, k+1)

...0 1 2

a0 a1 a2 ...τ τ τ τ τ

Need to preserve send/receive causality ordering!

A Rescheduling Lemma ensures that on polyforest topologies timestamps can be chosen to preserve causality

Dense time

Network of Communicating Timed Automata

(polyforest topologies)

(any topology)

Network of Communicating Tick Automata

un-timing (exponential blow-up)

Network of Communicating Timed Automata

Network of Communicating Tick Automata

Dense time

Simulate ticks locally by interpreting τ as one time unit

τP !a t=1, {t}P’ t=0,!a

(any topology)

Dense time (summary)

Network of Communicating Timed Automata

Theorem: Reachability decidable iff polyforest topology

Theorem: The complexity is Petri net-hard and in Exp-Petri net

(polyforest topologies)

(any topology)

Network of Communicating Tick Automata

un-timing (exponential blow-up)

Extension: UrgencyNot shown in this presentation: Urgent channels

• Urgency: receptions have priority over internal actions.

• We show that urgent channel are equivalent to zero tests on counters.

Theorem (Discrete time): Rechability decidable iff at most 1 urgent channel for each weakly connected component.

• [Krcal&Yi’06]: Reachability is undecidable in the urgent pipeline of length 2.

Extension (Dense time): Reachabiliy undecidable if any weakly connected component contains at least 2 urgent channels.

P Q R

Future directions

• Our generic topology-preserving transformation dense --> discrete time does not work in the presence of urgency.

• Obtain a complete characterisation in the presence of urgency also for dense time.

• Study richer models where timestamps can be sent along the channel.