Download - Constraint Automata
Constraint AutomataConstraint AutomataDavid Costa
CWIIPA Lentedagen 2007
OutlineOutline
MotivationTimed Data StreamsConstraint Automata
◦ Data Constraints◦ Models of Reo connectors
Automata Operators◦ Product◦ Hiding
Behaviour equivalence and containmentRelated workConclusionsOngoing work
April 4 2IPA Lentedagen 2007
MotivationMotivationWhat do we want to model?What do we want to model?
Observable data flow of coordinating connectors ◦data flow at input/output ports (source/sink nodes) of
a connector
Composition operators◦facilitate the modelling of large systems
We abstain from what:◦data flow direction◦topology of the connector
April 4 3IPA Lentedagen 2007
Timed Data Stream (TDS)Timed Data Stream (TDS)
Non-empty set of data: DataData◦domain of data that can flow through the connector
The set of a data streams over the set DataData, are all the infinite sequences over DataData denoted by:
The set of timed streams over the set IR IR ++, are all the infinite sequences over IR IR ++ denoted by:
April 4 IPA Lentedagen 2007 4
Timed Data Stream (TDS)Timed Data Stream (TDS)
The set of timed data streams, TDSTDS, over the set DataData, is given by:
A set of NNamesames to use for the input or output ports of the connector
Assigning a TDS TDS to a connector port Ai defines the data flow behaviour of a port Ai
April 4 IPA Lentedagen 2007 5
Connectors as TDS-tupplesConnectors as TDS-tupples
Channels◦assigning a binary relations R R µ µ TDSTDS££TDS TDS
defines the data flow behaviour of a channel.Example
◦the data flow behaviour of a synchronous channel is formally described by the relation:
April 4 IPA Lentedagen 2007 6
Reference:F.Arbab and J.J.M.M.Rutten. A coinductive calculus of component connectors. WADT 2002.
Reference:F.Arbab and J.J.M.M.Rutten. A coinductive calculus of component connectors. WADT 2002.
Constraint AutomataConstraint AutomataThe idea/InformalyThe idea/Informaly
April 4 7IPA Lentedagen 2007
Automata◦as acceptors of relations on timed data streams, such
automaton observes the data occurring at certain input/output ports and either fires a transition according to the observed data or rejects it if there is no corresponding transition in the automaton.
State◦possible configurations (buffer contents)
Transition◦one-step possible data flow satisfying some data
constraints and its effect on the present configuration
Data ConstraintsData Constraints
Symbolic representation of sets of data assignments (subsets of DataData)
Built from the atoms: ddA A == d d with the grammar:
Common derived data constraints:
DCDC((NN, , DataData)) ◦N non-empty subset of NNamesames◦denotes the set of data constraints d dA A == d d, , A A 2 N
April 4 IPA Lentedagen 2007 8
Constraint AutomataConstraint AutomataFormal definitionFormal definition
April 4 9IPA Lentedagen 2007
1-Bounded FIFO Channel1-Bounded FIFO Channel
buffer FIFO1 with ports A and B
April 4 IPA Lentedagen 2007 10
buffer FIFO1
Constraint AutomataConstraint AutomataModels of Reo connectors (I)Models of Reo connectors (I)
Channels
April 4 11IPA Lentedagen 2007
syncsyncdrain/syncspout
asyncdrain/asyncspout
Constraint AutomataConstraint AutomataModels of Reo connectors (II)Models of Reo connectors (II)
Merger
April 4 12IPA Lentedagen 2007
merger
Constraint AutomataConstraint AutomataModels of Reo connectors (III)Models of Reo connectors (III)
lossy (synchronous) channel
April 4 13IPA Lentedagen 2007
lossy/lossysync
Intuitive behaviour of a CAIntuitive behaviour of a CA
Given a TDS-tuple we inspect whether it corresponds to an accepting run of the automaton.
Accepting runs (accepting behaviour)◦is given by all infinite runs of the automaton starting
from an initial state
Rejecting runs (rejecting behaviour)◦is given by all finite (possibly empty) run of the
automaton
April 4 IPA Lentedagen 2007 14
Operators and Analysis Operators and Analysis methodsmethods
Now we know how to model small connectors.The question next is: what can we do with
these models?◦Combine them to build models of larger systems
Composition and abstraction operators◦Check for equivalence between two models◦Check for behaviour containment of one model into
another model.◦Adapt know model checking methods from reactive
systems and !-automata for our constraint automata
April 4 IPA Lentedagen 2007 15
Automata OperatorsAutomata OperatorsProduct Product
April 4 IPA Lentedagen 2007 16
Product of two FIFOProduct of two FIFO11
We consider 2 FIFO1 over DataData = = ff11gg with ports ffAA, , CCg g and ffCC, , BBgg respectively
April 4 IPA Lentedagen 2007 17
Hiding operationHiding operation
Hiding a port C in constraint automata corresponds to make unobservable the data flow at that port.
Removes all the information about port C.
April 4 IPA Lentedagen 2007 18
Automata OperatorsAutomata OperatorsHiding Hiding
April 4 IPA Lentedagen 2007 19
Hiding Hiding C C on product of two on product of two FIFOFIFO11
99C C [FIFO[FIFO11 ./ ./ FIFOFIFO11]]
April 4 IPA Lentedagen 2007 20
Bisimulation and Bisimulation and SimulationSimulation
An alternative characterization of language equivalence and inclusion can be given using branching time relations◦they allow a simpler way to verify if two
automata are language equivalent, or if the language is contained in the language of the other.
April 4 IPA Lentedagen 2007 21
BehaviourBehaviour Equivalence EquivalenceBisimulation vs. Language Bisimulation vs. Language Equiv.Equiv.
April 4 22IPA Lentedagen 2007
BehaviourBehaviour Containment ContainmentSimulation vs. Language Simulation vs. Language InclusionInclusion
April 4 23IPA Lentedagen 2007
What do you mean: What do you mean: Compositionality?Compositionality?
Congruence result for bisimulation equivalence and the simulation preorder for the operators product and hiding
April 4 IPA Lentedagen 2007 24
Related WorkRelated Work
Briefly mention:◦other similar automata formalism:
IO automata◦ labels with action names (data independent)◦ input enabledness◦strict notion of time
timed port automata◦ input enabledness◦strict notion of time
interface automata◦based on game theory◦allow automatic checking of compatibility between interfaces
April 4 IPA Lentedagen 2007 25
ConclusionsConclusions
CA allows to build formal models of the data flow behaviour of coordinating connectors
provides composition and abstraction operators to build larger models out of existing models
provides analysis and verification methods adapted from known methods for reactive systems or formal languages
April 4 IPA Lentedagen 2007 26
Ongoing workOngoing work
Extend the formalism to allow models for context sensitive connectors◦two approaches
capturing intentional behaviour embedding some notion of priority in the
behaviour domainImplementation of model checking
algorithms
April 4 IPA Lentedagen 2007 27