The Impressive Power of Stopwatches
29
The Impressive The Impressive Power Power of of Stopwatches Stopwatches Franck Cassez IRCCyN, Nantes, FRANCE Kim G. Larsen BRICS, Aalborg, DENMARK
Transcript of The Impressive Power of Stopwatches
Microsoft PowerPoint - Stopwatch AutomataFranck Cassez IRCCyN,
Nantes, FRANCE
Kim G. Larsen BRICS, Aalborg, DENMARK
Cb
TIMED AUTOMATATIMED AUTOMATA
x-y<=n Operations: resets
LINEAR HYBRID AUTOMATALINEAR HYBRID AUTOMATA
tcup del-coford-cof
Rate: x’ in [l,u] Guards: linear inequalities Operations: linear assignments
Cb
MotivationMotivation
Expressivity
MotivationMotivation
Expressivity
Cb
STOPWATCH AUTOMATASTOPWATCH AUTOMATA Leaking Gas BurnerLeaking Gas Burner
time
x,y,z
10
20
30
x>=n x-y<=n
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Z
Zone
Cb
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
Z*:
IFIF THENTHEN
Symbolic Symbolic Reachability Reachability AnalysisAnalysis Stopwatch AutomataStopwatch Automata
n x’=1 y’=0
x>3
y:=0
-2<=x-y<=3
-2<=x-y
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Zone
Z*:
IFIF THENTHEN
if x’=1
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zTrueFuture(Z):
• Z* is an overapproximation of Future(Z)
• We may compuate an over-approximation of reachable states of an SWA using TA-datastructures,
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zFuture(Z):
Scheduler (preemptive)
a<=b
Cb
Further Extensions of TA Further Extensions of TA ??
ALL ALL LINEAR HYBRID LINEAR HYBRID AUTOMATAAUTOMATA
Cb
Linear Linear Stopwatch AutomataStopwatch Automata SWASWA + Linear + Linear guards guards (and (and assignassign.).)
2x+y<3x’=1 y’=1
l1
l2
I I
I (u’=0)
LSWA LSWA to to SWASWA ((principleprinciple))
φ(x)>n
l1 l2
ii xa∑ ii xb∑t:=0 u:=0 v:=0
t:=0
u v
u-v>n
l1 l2
Leaking Gas BurnerLeaking Gas Burner
Test Automata
( )yzyAG ≤⇒≥ 2060
LEAKING LEAKING GASBURNERGASBURNER in in UPPAALUPPAALswsw
Cb
Linear Hybrid Linear Hybrid AutomataAutomata = = LSWALSWA With IntervalWith Interval--rates rates on clockson clocks
ON
OFF
¯ 22CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 23CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 24CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (2)(2) Negative Negative constant slopesconstant slopes
x’=-2
t:=0
x = xp – xn
A
T(A)
Cb
LHA LHA to to LSWA LSWA (3)(3) Slope Slope IntervalsIntervals
x’=[2,4]
k:=2 u:=0
u:=0;k-- u=t
u=0 k=0
u:=0 k:=4-2
WaterWater--Level MonitorLevel Monitor
Water Level MonitorWater Level Monitor in in UPPAALUPPAALswsw
Cb
SummarySummary//ConclusionsConclusions
• Translation T from LHA to SWA is – ”exact” wíth respect to reachability of locations – more precisely
– timed (w-) language-preserving • Extension of UPPAAL to SWA
– Reuse of efficient datastructures – Overapproximation
• Applications – Preemptive Schedulers (Bang&Olufsen Power Down) – Gasburner – Water Level Control,……..
• Complexity and accurracy of encoding?
AT(A) LHA.A ≈∈∀
European (semi-) final rematch ++++
European (semi-) final rematch ++++
Kim G. Larsen BRICS, Aalborg, DENMARK
Cb
TIMED AUTOMATATIMED AUTOMATA
x-y<=n Operations: resets
LINEAR HYBRID AUTOMATALINEAR HYBRID AUTOMATA
tcup del-coford-cof
Rate: x’ in [l,u] Guards: linear inequalities Operations: linear assignments
Cb
MotivationMotivation
Expressivity
MotivationMotivation
Expressivity
Cb
STOPWATCH AUTOMATASTOPWATCH AUTOMATA Leaking Gas BurnerLeaking Gas Burner
time
x,y,z
10
20
30
x>=n x-y<=n
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Z
Zone
Cb
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
n x’=1 y’=1
x>3
y:=0
-2<=x-y<=3
a
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
ZoneZ Z*
Z*:
IFIF THENTHEN
Symbolic Symbolic Reachability Reachability AnalysisAnalysis Stopwatch AutomataStopwatch Automata
n x’=1 y’=0
x>3
y:=0
-2<=x-y<=3
-2<=x-y
Symbolic transition (n,Z)=a=>(m,Z’) where Z is a zone
Zone
Z*:
IFIF THENTHEN
if x’=1
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zTrueFuture(Z):
• Z* is an overapproximation of Future(Z)
• We may compuate an over-approximation of reachable states of an SWA using TA-datastructures,
OverapproximationOverapproximation n
x:=0 m x’=1 y’=1 z’=0
Z: x=0 z=y Z*:
x>=0, y>=x y>=z, x>=z
z>=0 y-x=zFuture(Z):
Scheduler (preemptive)
a<=b
Cb
Further Extensions of TA Further Extensions of TA ??
ALL ALL LINEAR HYBRID LINEAR HYBRID AUTOMATAAUTOMATA
Cb
Linear Linear Stopwatch AutomataStopwatch Automata SWASWA + Linear + Linear guards guards (and (and assignassign.).)
2x+y<3x’=1 y’=1
l1
l2
I I
I (u’=0)
LSWA LSWA to to SWASWA ((principleprinciple))
φ(x)>n
l1 l2
ii xa∑ ii xb∑t:=0 u:=0 v:=0
t:=0
u v
u-v>n
l1 l2
Leaking Gas BurnerLeaking Gas Burner
Test Automata
( )yzyAG ≤⇒≥ 2060
LEAKING LEAKING GASBURNERGASBURNER in in UPPAALUPPAALswsw
Cb
Linear Hybrid Linear Hybrid AutomataAutomata = = LSWALSWA With IntervalWith Interval--rates rates on clockson clocks
ON
OFF
¯ 22CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 23CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (1)(1) Positive Positive constant slopesconstant slopes
x’=2 y’=1
x’=u’=1 t’=y’=0
y’=u’=1 t’=x’=0
x’=0 y’=0t:=0
k:=2 u:=0
u:=0;k-- u=t
u=t
¯ 24CONCUR’00, State College¯ Kim G. Larsen
LHA LHA to to LSWA LSWA (2)(2) Negative Negative constant slopesconstant slopes
x’=-2
t:=0
x = xp – xn
A
T(A)
Cb
LHA LHA to to LSWA LSWA (3)(3) Slope Slope IntervalsIntervals
x’=[2,4]
k:=2 u:=0
u:=0;k-- u=t
u=0 k=0
u:=0 k:=4-2
WaterWater--Level MonitorLevel Monitor
Water Level MonitorWater Level Monitor in in UPPAALUPPAALswsw
Cb
SummarySummary//ConclusionsConclusions
• Translation T from LHA to SWA is – ”exact” wíth respect to reachability of locations – more precisely
– timed (w-) language-preserving • Extension of UPPAAL to SWA
– Reuse of efficient datastructures – Overapproximation
• Applications – Preemptive Schedulers (Bang&Olufsen Power Down) – Gasburner – Water Level Control,……..
• Complexity and accurracy of encoding?
AT(A) LHA.A ≈∈∀
European (semi-) final rematch ++++
European (semi-) final rematch ++++
