chapter 7: transition systems - nanjing...
TRANSCRIPT
'
&
$
%
Chapter 7: Transition Systems
7.1 Definitions and notations
• The intuition is that a transition system consists of a set ofpossible states for the system and a set of transitions - or statechanges - which the system can effect.
• When a stste change is the result of an external event or of anaction made by the system, then that transition is labeled withthat event or action.
• Particular states or transitions in a transition system can bedistinguished.
1
'
&
$
%
7.1.1 Transition systems
A transition systems is a quadruple A = 〈S, T, α, β〉 where
• S is a finite or infinite set of states,
• T is a finite or infinite set of transitions,
• α and β are two mapping from T to S which take each transitiont in T to the two states α(t) and β(t), respectively the source andthe target of the transition t.
A transition t with some source s and target s′ is written t : s −→ s′.Several transitions can have the same source and target.
A transition system is finite if S and T are finite.
2
'
&
$
%
Paths
A path of length n, n > 0, in a transition system A is a sequence oftransitions t1, t2, . . . , tn such that ∀i : 1 ≤ i < n, β(ti) = α(ti+1).
Similarly, an infinite path is an infinite sequence of transitionst1, t2, . . . , tn, . . .such that ∀i : 1 ≤ i < n, β(ti) = α(ti+1).
3
'
&
$
%
Labeled transition systems
A transition system labeled by an alphabet A is a 5-tupleA = 〈S, T, α, β, λ〉 where
• 〈S, T, α, β〉 is a transition system,
• λ is a mapping from T to A taking each transition t to its labelλ(t).
Intuitively, the label of a transition indicates the action or eventwhich triggers the transition. It is therefore logical to assume thattwo different transitions cannot have the same source, target andlabel.
4
'
&
$
%
Traces
If c = t1t2 . . . is a path in a labeled transition system, the sequence ofactions trace(c) = λ(t1)λ(t2) . . . is called the trace of the path.
5
'
&
$
%
7.1.2 Transition system homomorphisms
Definition
Let A = 〈S, T, α, β〉 and A′ = 〈S′, T ′, α′, β′〉 be two transitionsystems. A homomorphism h from A to A′ is a pair (hσ, hτ ) ofmappings
hσ : S −→ S′ ,
hτ : T −→ T ′ ,
which satisfies, for every transition t of T :
α′(hτ (t)) = hσ(α(t)) ,
β′(hτ (t)) = hσ(β(t)) .
6
'
&
$
%
Labeled transition system homomorphisms
Let A = 〈S, T, α, β〉 and A′ = 〈S′, T ′, α′, β′〉 be two transitionsystems labeled by the same alphabet. A labeled transition systemhomomorphism from A to A′ is a homomorphism h which alsosatisfies the condition
λ′(hτ (t)) = λ(t) .
7
'
&
$
%
The free product of transition systems
Consider n transition systems Ai = 〈Si, Ti, αi, βi〉, i = 1, 2, . . . , n.The free product A1 ×A2 . . .An of those n transition systems is thetransition system A = 〈S, T, α, β〉 defined by
S = S1 × . . .× Sn ,
T = T1 × . . .× Tn ,
α(t1, . . . , tn) = 〈α1(t1), . . . , αn(tn)〉 ,β(t1, . . . , tn) = 〈β1(t1), . . . , βn(tn)〉 .
8
'
&
$
%
If, in addition, each Ai is labeled by an alphabet Ai, the free productis a transition system labeled by the alphabet A1 × . . . An; transitionsare labeled as follows:
λ(t1, . . . , tn) = 〈λ1(t1), . . . λ(tn)〉 .
9
'
&
$
%
If the transition system A is in global state s = 〈s1, . . . , sn〉, eachcomponent transition system Ai is in state si. Each Ai canindependently effect transition ti, changing to state s′i. After havingeffected the global transition t = 〈t1, . . . , tn〉, the transition system Achanges to global state s′ = 〈s′1, . . . , s′n〉. In the case of labeledtransition systems, the vector λ(t) is the global action that triggeredthe global transition t.
10
'
&
$
%
The free product assumes that in a global system, all componentsystems execute their transitions simultanously, i.e., it is possible todivide time into intervals in such a way that during each of thoseintervals each component executes exactly one transition. In otherwords, the same ‘clock’ drives the different transition systemsforming the product.
11
'
&
$
%
The synchronous product of transition systems
When processes interact, not all possible global actions are useful,since the interaction is subject to communication and synchronizationconstraints. The transition system associated with the system ofprocesses must therefore be a subsystem of the free product of thecomponent transition systems. The communication andsynchronization constraints that define the subsystem can always besimply expressed by the synchronous product, formally defined below.
12
'
&
$
%
If Ai, i = 1, . . . , n, n transition systems labeled by alphabets Ai, andif I ⊆ A1 × . . .×An is a synchronization constraint, the synchronousproduct of the Ai under I, written 〈A1, . . . ,An, I〉, is the transitionsystem of the free product of the Ai containing only the globaltransitions 〈t1, . . . , tn〉 whose vectors of labels 〈λ(t1), . . . , λ(tn)〉 areelements of I.
In other words, the synchronous product allows only those globaltransitions corresponding to action vectors included in thesynchronization constraint.
13
'
&
$
%
Chapter 8: Petri Nets
A Petri net is a four-tuple, N = (P, T, F, µ0), where
• P = {p1, p2, . . . , pm} is a finite set of places;
• T = {t1, t2, . . . , tn} is a finite set of transitions (P ∩ T = ∅);• F ⊂ (P × T ) ∪ (T × P ) is the flow relation;
• µ0 ⊂ P is the initial marking of the net.
A marking µ of N is any subset of P . For any transition t,•t = {p ∈ P |(p, t) ∈ F} and t• = {p ∈ P |(t, p) ∈ F} denote the presetand postset of t, respectively. A transition t is enabled in a marking µ
if •t ⊆ µ; otherwise, it is disabled. Let enabled(µ) be the set oftransitions enabled in µ.
14
'
&
$
%
½¼
¾»
½¼
¾»
½¼
¾»
½¼
¾»½¼
¾»
½¼
¾»
x x
?
?
?
?
?
?
?
?
6
6
?
?
p1
t1
p2
t2
p3
t3
p4
t4
p5
p6
15
'
&
$
%
A transition t may fire from marking µ if and only if the followingtwo conditions hold:
• t ∈ enabled(µ), and
• (µ− •t) ∩ t• = ∅.
The first condition is the normal firing condition for Petri nets. Thesecond condition requires contact-freenes.
16
'
&
$
%
When transition t fires from marking µ, the new marking µ′ is givenas follows: µ′ = (µ− •t) ∪ t•.
Note that since we assume contact-freeness, a self-loop will not beenabled.
17
'
&
$
%
A run of a Petri net is a finite or infinite sequence of markings andtransitions
µ0t0−→ µ1
t1−→ . . .tn−1−→ µn
tn−→ . . .
such that µ0 is the initial marking of the net, ti ∈ enabled(µi) for anyi (i ≥ 0), and that µi = (µi−1 −• ti−1) ∪ t•i−1 for any i (i ≥ 1).
18
'
&
$
%
Time Petri Nets
Time Petri nets are classical Petri Nets where to each transition t atime interval [a, b] is associated. The times a and b are relative to themoment at which t was last enabled. Assuming that t was enabled attime c, then t may fire only during the interval [c + a, c + b] and mustfire at the time c + b at the latest, unless it is disabled before by thefiring of another transition. Firing a transition takes no time.
19
'
&
$
%
½¼
¾»
½¼
¾»
½¼
¾»
½¼
¾»½¼
¾»
½¼
¾»
x x
?
?
?
?
?
?
?
?
6
6
?
?
p1
t1
p2
t2
p3
t3
p4
t4
p5
p6
[1, 4]
[3, 9]
[2, 5]
[5, 8]
20
'
&
$
%
Thus, the philosophy of this kind of time dependent Petri net is:when a transition becomes enabled it may not fire at once (ingeneral) but during a certain time interval and at the end of theinterval there is a force to fire. If the upper bound of the interval isat infinity, then the second characteristic, the obligation to fire, islost. That is why we consider only time intervals whose upperbounds are finite numbers (b 6= ∞).
21
'
&
$
%
Let N be the set of natural numbers. A time Petri net is a six-tuple,N = (P, T, F, Eft, Lft, µ0), where
• P = {p1, p2, . . . , pm} is a finite set of places;
• T = {t1, t2, . . . , tn} is a finite set of transitions (P ∩ T = ∅);• F ⊂ (P × T ) ∪ (T × P ) is the flow relation;
• Eft, Lft : T → N are functions for the earliest and latest firingtimes of transitions, satisfying that for any t ∈ T ,Eft(t) ≤ Lft(t) < ∞;
• µ ⊂ P is the initial marking of the net.
22
'
&
$
%
Let the domain of time values T be the set of nonnegative realnumbers. A state of a time Petri net N = (P, T, F,Eft, Lft, µ0) is apair s = (µ, c), where µ is a marking of N , and c : enabled(µ) → T iscalled the clock function. The initial state of N is s0 = (µ0, c0) wherec0(t) = 0 for any t ∈ enabled(µ0).
23
'
&
$
%
A transition t may fire from state s = (µ, c) after delay δ ∈ T if andonly if the following four conditions hold:
• t ∈ enabled(µ),
• (µ− •t) ∩ t• = ∅,• Eft(t) ≤ c(t) + δ, and
• ∀t′ ∈ enabled(µ) : c(t′) + δ ≤ Lft(t′).
24
'
&
$
%
When transition t fires after delay δ from state s = (µ, c), the newstate s′ = (µ′, c′) is given as follows:
• µ′ = (µ− •t) ∪ t•, and
• for any t′ ∈ enabled(µ′), if t′ 6= t and t′ ∈ enabled(µ), thenc′(t′) = c(t′) + δ else c′(t′) = 0.
This is denoted by s′ = fire(s, (t, δ)).
25
'
&
$
%
A run
ρ = s0(t0,δ0)−→ s1
(t1,δ1)−→ . . .(tn−1,δn−1)−→ sn
(tn,δn)−→ . . .
of a time Petri net is a finite or infinite sequence of states,transitions, and delays such that s0 is the initial state, and for everyi ≥ 1, si is obtained from si−1 by firing a transition ti−1 after delayδi−1 which satisfies that si = fire(si−1, (ti−1, δi−1)).
26
'
&
$
%
Chapter 9: Timed Automata
To express system behaviors with timing constraints, we considerfinite graph augmented with a finite set of (real-valued) clocks. Thevertices of the graph are called locations, and edges are calledswitches. While the switches are instantaneous, time can elapse in alocation. A clock can be reset to zero simultaneously with anyswitch. At any instant, the reading of a clock equals the time elapsedsince the last time it was reset. With each switch we associate a clockconstraint, and require that the switch my be taken only if thecurrent values of the clocks satisfy this constraint. With each locationwe associate a clock constraint called its invariant, and require thattime can elapse in a location only as long as its invariant stays true.
27
'
&
$
%
¶
µ
³
´
¶
µ
³
´
¶
µ
³
´
¶
µ
³
´- - -
¡¡
@@I
c
@@
@@
@@¡
¡¡
¡¡
¡ª
d, y > 2
x := 0a
y := 0
b cs0 s3
s1
x < 1s2
x < 1
28
'
&
$
%
Clock Constrains
To define timed automata formally, we need to say what type of clockconstraints are allowed as invariants and enabling conditions. Anatomic constraint compares a clock value with a time constant, and aclock constraint is a conjunction of atomic constraints. Any valuefrom Q, the set of nonnegative rationals, can used as a time constant.
Formally, for a set X of clock variables, the set Φ(X) of clockconstraints φ is defined by the grammar
φ := x ≤ c | c ≤ x | x < c | c < x | φ1 ∧ φ2 ,
where x is a clock in X and c is a constant in Q.
29
'
&
$
%
Clock Interpretations
A clock interpretation v for a set X of clocks assigns a real value toeach clock; that is, it is a mapping from X to the set R ofnonnegative reals.
We say that a clock interpretation v for X satisfies a clock constraintφ over X iff φ evaluates to true according to the values given by v.
For δ ∈ R, v + δ denotes the clock interpretation which maps eachclock x to the value v(x) + δ.
For Y ⊆ X, v[Y := 0] denotes the clock interpretation for X whichassigns 0 to each x ∈ Y , and agree with v over the reset of the clocks.
30
'
&
$
%
A timed automaton is a tuple 〈L,L0, Σ, X, I, E〉, where
• L is a finite set of locations,
• L0 ⊆ L is a set of initial locations,
• Σ is a finite set of labels,
• X is a finite set of clocks,
• I is a mapping that labels each location s in L with some clockconstraint in Φ(X), and
• E ⊆ L× Σ× 2X × Φ(X)× L is a set of switches.
31
'
&
$
%
The semantics of a timed automaton A is defined by associating atransition system SA with it.
A state of SA is pair (s, v) such that s is a location of A and v is aclock interpretation for X such that v satisfies the invariant I(s). Astate (s, v) is an initial state if s is an initial location of A andv(x) = 0 for all clocks x.
There are two types of transitions in SA:
• State can change due to elapse of time: for a state (s, v) and a
real-valued time increment δ ≥ 0, (s, v) δ0−→ (s, v + δ) if for all0 ≤ δ′ ≤ δ, v + δ′ satisfies the invariant I(s).
• State can change due to a location-switch: for a switch〈s, a, ϕ, λ, s′〉 such that v satisfies ϕ, (s, v) a−→ (s′, v[λ := 0]).
32
'
&
$
%
Product constructions
Let A1 = 〈L1, L01,Σ1, X1, I1, E1〉 and A2 = 〈L2, L
02, Σ2, X2, I2, E2〉 be
two timed automata. Assume that the clock sets X1 and X2 aredisjoint. Then, the product, denoted A1||A2, is the timed automaton〈L1 × L2, L
01 × L0
2, Σ1 ∪ Σ2, X1 ∪X2, I, E〉 whereI(s1, s2) = I(s1) ∧ I(s2) and the switches are defined by:
1. for a ∈ Σ1 ∩ Σ2, for every 〈s1, a, ϕ1, λ1, s′1〉 in E1 and
〈s2, a, ϕ2, λ2, s′2〉 in E2, E contains
〈(s1, s2), a, ϕ1 ∧ ϕ2, λ1 ∪ λ2, (s′1, s′2)〉.
2. for a ∈ Σ1 \Σ2, for every 〈s, a, ϕ, λ, s′〉 in E1 and every t in L2, E
contains 〈(s, t), a, ϕ, λ, (s′, t)〉.3. for a ∈ Σ2 \Σ1, for every 〈s, a, ϕ, λ, s′〉 in E2 and every t in L1, E
contains 〈(t, s), a, ϕ, λ, (t, s′)〉.
33
'
&
$
%
¶
µ
³
´
¶
µ
³
´
¶
µ
³
´
¶
µ
³
´- -
¾¾a, x := 0 b, y := 0
b, x ≥ 1 c, y ≥ 1
s ts′
x ≤ 2t′
y ≤ 2
¶
µ
³
´
¶
µ
³
´
¶
µ
³
´
¶
µ
³
´
-
¾©©©©©©©©©©©©©©©*
HHHHHHHHHHHHHHHY
?
a, x := 0
a, x := 0
x ≥ 1, b, y := 0
c, y ≥ 1
c, y ≥ 1
(s, t)
(s′, t′)x ≤ 2, y ≤ 2
(s, t′)y ≤ 2
(s′, t)x ≤ 2
34
'
&
$
%
Chapter 10: Message Sequence Charts
Message sequence chart (MSC) is a graphical and textual languagefor the description and specification of the interactions betweensystem components. The main area of application for MSCs is asoverview specification of the communication behavior of real-timesystems, in particular telecommunication switching systems.
MSCs represent typical execution scenarios, providing examples ofeither normal or exceptional executions of the proposed system. TheMSC standard as defined by ITU-T in Recommendation Z.120introduces two basic concepts: basic MSCs and High-Level MSCs.
35
'
&
$
%
Basic MSCs
A basic MSC describes exactly one scenario, which consists of a set ofprocesses that run in parallel and exchange messages in a one to one,asynchronous fashion.
36
'
&
$
%
Monitor Controller Gate
-Arrivinge1 e2
-MoveDowne3 e4
¾ Downe6 e5
-Leavinge7 e8
-MoveUpe9 e10
¾ Upe12 e11
-Arrivinge13 e14
100 ≤ e13 − e1 < ∞0 ≤ 2(e13 − e12)− (e13 − e1) < ∞
37
'
&
$
%
The semantics of a bMSC essentially consists of sequences (of traces)of messages that are sent and received among the concurrentprocesses in the bMSC. The order of communication events (i.e.message sending or receiving) in a trace is deduced from the visualpartial order determined by the flow of control within each process inthe bMSC along with a causal dependency between the events ofsending and receiving a message.
38
'
&
$
%
Each bMSC corresponds to a visual order for a pair of events e1 ande2 such that e1 precedes e2 in the following cases:
• Causality: A sending event e1 and its corresponging receivingevent e2.
• Controlability: The event e1 appears above the event e2 on thesame process line, and e2 is a sending event. This order reflectsthe fact that a sending event can wait for other events to occur.On the other hand, we sometimes have less control on the orderin which receiving events occur.
• Fifo order: The receiving event e1 appears above the receivingevent e2 on the same process line, and the corresponding sendingevents e′1 and e′2 appear on a mutual process line where e′1 isabove e′2.
39
'
&
$
%
A bMSC is a tuple D = (P, E, M, L, V ) where
• P is a finite set of processes;
• E is a finite set of events corresponding to sending a message andreceiving a message.
• M is a finite set of messages. Each message in M is of the form(e, g, e′) where e, e′ ∈ E corresponds to sending and receiving themessage respectively, and g is the message name which is acharacter string.
• L : E → P is labelling function which maps each event e ∈ E to aprocess L(e) ∈ P .
• V is a finite set whose elements are a pair (e, e′) where e, e′ ∈ E
and e precedes e′, which is corresponding to a visual order;
40
'
&
$
%
We use event sequences to represent the traces of bMSCs which arecorresponding to the untimed behavior of bMSCs. Any eventsequence is of the form e0ˆe1ˆ . . . ˆem, which represents that ei+1
takes place after ei for any i (0 ≤ i ≤ m− 1).
Let D = (P,E, M, L, V, C) be a bMSC. An event sequencee0ˆe1ˆ . . . ˆem is a trace of D if and only if the following conditionshold:
• all events in E occur in the sequence, and each event occurs onlyonce, i.e. {e0, e1, . . . , em} = E and ei 6= ej for anyi, j (0 ≤ i < j ≤ m); and
• e1, e2, . . . , em satisfy the visual order defined by V , i.e. for any ei
and ej , if (ei, ej) ∈ V , then 0 ≤ i < j ≤ m.
41
'
&
$
%
MSC Specifications
For describing multiple scenarios, MSC specifications are introduced,which are a combination of a set of basic MSCs and a high-LevelMSC describing their compositions.
42
msc M3P1 P2 P3
¾ DR
¾Dind
msc M1P1 P2 P3
-Creq
-CR
msc M2P1 P2 P3
¾ CC
¾Cind
M1
M2 M3
e? ?
¢¢AA
AA¢¢¾
42-1
'
&
$
%
A MSC specification (MSS) is a tuple S = (U,N, succ, ref) where
• U is a finite set of bMSCs satisfying that for anyD = (P, E, M, L, V ) and D′ = (P ′, E′,M ′, L′, V ′) in U , ifD 6= D′, then E ∩ E′ = ∅;
• N = {>} ∪ I ∪ {⊥} is a finite set of nodes partitioned into thethree sets: the singleton-set of start node, the set of intermediatenodes, and the singleton-set of end node, respectively;
• succ ⊂ N ×N is the relation which reflects the connectivity ofthe nodes in N such that any node in N is reachable from thestart node; and
• ref : I 7→ U is a function that maps each intermediate node toa bMSC in U .
43
'
&
$
%
According to the synchronous interpretation of the concatenation oftwo bMSCs in a MSS, we define the behavior of a MSS S as theevent sequences which are the concatenation of the event sequencesrepresenting the behavior of the bMSCs which make up S.
The synchronous interpretation of the concatenation of two bMSCsin a MSS means that when moving one node to the other, all eventsin the previous bMSC finish before any event in the following bMSCoccurs, which is closed to the visual structure of the MSS and may beclosed to the behavior of the system that the designer of the MSS hasin mind.
44
'
&
$
%
Part I: Introduction
Chapter 0: Preliminaries
Chapter 1: Language and Computation
Part II: Models
Chapter 2: Finite Automata
Chapter 3: Regular Expressions
Chapter 4: Context-Free Grammars
Chapter 5: Pushdown Automata
Chapter 6: Turing Machines
45
'
&
$
%
Part III: Modelling
Chapter 7: Transition Systems
Chapter 8: Petri Nets, Time Petri Nets
Chapter 9: Timed Automata, Hybrid Automata
Chapter 10: Message Sequence Charts
46