Constraint Automata

transcript

Constraint AutomataConstraint AutomataDavid Costa

CWIIPA Lentedagen 2007

OutlineOutline

MotivationTimed Data StreamsConstraint Automata

◦ Data Constraints◦ Models of Reo connectors

Automata Operators◦ Product◦ Hiding

Behaviour equivalence and containmentRelated workConclusionsOngoing work

April 4 2IPA Lentedagen 2007

MotivationMotivationWhat do we want to model?What do we want to model?

Observable data flow of coordinating connectors ◦data flow at input/output ports (source/sink nodes) of

a connector

Composition operators◦facilitate the modelling of large systems

We abstain from what:◦data flow direction◦topology of the connector

Timed Data Stream (TDS)Timed Data Stream (TDS)

Non-empty set of data: DataData◦domain of data that can flow through the connector

The set of a data streams over the set DataData, are all the infinite sequences over DataData denoted by:

The set of timed streams over the set IR IR ++, are all the infinite sequences over IR IR ++ denoted by:

April 4 IPA Lentedagen 2007 4

Timed Data Stream (TDS)Timed Data Stream (TDS)

The set of timed data streams, TDSTDS, over the set DataData, is given by:

A set of NNamesames to use for the input or output ports of the connector

Assigning a TDS TDS to a connector port Ai defines the data flow behaviour of a port Ai

Connectors as TDS-tupplesConnectors as TDS-tupples

Channels◦assigning a binary relations R R µ µ TDSTDS££TDS TDS

defines the data flow behaviour of a channel.Example

◦the data flow behaviour of a synchronous channel is formally described by the relation:

Reference:F.Arbab and J.J.M.M.Rutten. A coinductive calculus of component connectors. WADT 2002.

Constraint AutomataConstraint AutomataThe idea/InformalyThe idea/Informaly

Automata◦as acceptors of relations on timed data streams, such

automaton observes the data occurring at certain input/output ports and either fires a transition according to the observed data or rejects it if there is no corresponding transition in the automaton.

State◦possible configurations (buffer contents)

Transition◦one-step possible data flow satisfying some data

constraints and its effect on the present configuration

Data ConstraintsData Constraints

Symbolic representation of sets of data assignments (subsets of DataData)

Built from the atoms: ddA A == d d with the grammar:

Common derived data constraints:

DCDC((NN, , DataData)) ◦N non-empty subset of NNamesames◦denotes the set of data constraints d dA A == d d, , A A 2 N

Constraint AutomataConstraint AutomataFormal definitionFormal definition

1-Bounded FIFO Channel1-Bounded FIFO Channel

buffer FIFO1 with ports A and B

buffer FIFO1

Constraint AutomataConstraint AutomataModels of Reo connectors (I)Models of Reo connectors (I)

Channels

syncsyncdrain/syncspout

asyncdrain/asyncspout

Constraint AutomataConstraint AutomataModels of Reo connectors (II)Models of Reo connectors (II)

Merger

merger

Constraint AutomataConstraint AutomataModels of Reo connectors (III)Models of Reo connectors (III)

lossy (synchronous) channel

lossy/lossysync

Intuitive behaviour of a CAIntuitive behaviour of a CA

Given a TDS-tuple we inspect whether it corresponds to an accepting run of the automaton.

Accepting runs (accepting behaviour)◦is given by all infinite runs of the automaton starting

from an initial state

Rejecting runs (rejecting behaviour)◦is given by all finite (possibly empty) run of the

automaton

Operators and Analysis Operators and Analysis methodsmethods

Now we know how to model small connectors.The question next is: what can we do with

these models?◦Combine them to build models of larger systems

Composition and abstraction operators◦Check for equivalence between two models◦Check for behaviour containment of one model into

another model.◦Adapt know model checking methods from reactive

systems and !-automata for our constraint automata

Automata OperatorsAutomata OperatorsProduct Product

Product of two FIFOProduct of two FIFO11

We consider 2 FIFO1 over DataData = = ff11gg with ports ffAA, , CCg g and ffCC, , BBgg respectively

Hiding operationHiding operation

Hiding a port C in constraint automata corresponds to make unobservable the data flow at that port.

Removes all the information about port C.

Automata OperatorsAutomata OperatorsHiding Hiding

Hiding Hiding C C on product of two on product of two FIFOFIFO11

99C C [FIFO[FIFO11 ./ ./ FIFOFIFO11]]

Bisimulation and Bisimulation and SimulationSimulation

An alternative characterization of language equivalence and inclusion can be given using branching time relations◦they allow a simpler way to verify if two

automata are language equivalent, or if the language is contained in the language of the other.

BehaviourBehaviour Equivalence EquivalenceBisimulation vs. Language Bisimulation vs. Language Equiv.Equiv.

BehaviourBehaviour Containment ContainmentSimulation vs. Language Simulation vs. Language InclusionInclusion

What do you mean: What do you mean: Compositionality?Compositionality?

Congruence result for bisimulation equivalence and the simulation preorder for the operators product and hiding

Related WorkRelated Work

Briefly mention:◦other similar automata formalism:

IO automata◦ labels with action names (data independent)◦ input enabledness◦strict notion of time

timed port automata◦ input enabledness◦strict notion of time

interface automata◦based on game theory◦allow automatic checking of compatibility between interfaces

ConclusionsConclusions

CA allows to build formal models of the data flow behaviour of coordinating connectors

provides composition and abstraction operators to build larger models out of existing models

provides analysis and verification methods adapted from known methods for reactive systems or formal languages

Ongoing workOngoing work

Extend the formalism to allow models for context sensitive connectors◦two approaches

capturing intentional behaviour embedding some notion of priority in the

behaviour domainImplementation of model checking

algorithms

Constraint Automata

Documents