theoretical foundations of the uml lecture 5+6 ... · outline 1 a non-decomposable msc 2...
TRANSCRIPT
Theoretical Foundations of the UML
Lecture 5+6: Compositional Message Sequence Graphs
Joost-Pieter Katoen
Lehrstuhl für Informatik 2Software Modeling and Verification Group
moves.rwth-aachen.de/teaching/ss-20/fuml/
May 4, 2020
Joost-Pieter Katoen Theoretical Foundations of the UML 1/29
0
Be
BEE
Outline
1 A non-decomposable MSC
2 Compositional Message Sequence Charts
3 Compositional Message Sequence Graphs
4 Safe Compositional Message Sequence Graphs
5 Existence of Safe Paths
6 Universality of Safe Paths
Joost-Pieter Katoen Theoretical Foundations of the UML 2/29
} two decision problem ,
Undecidable
decidable
B•
Compositional MSCs [Gunter, Muscholl, Peled 2001]
Solution: drop restriction that e and m(e) belong to the same MSC
(= allow for incomplete message transfer)
Definition (Compositional MSC)M = (P, E, C, l,m,�) is a compositional MSC (CMSC, for short)
where P, E, C and l are defined as before, and
m : E! ! E? is a partial, injective function such that (as before):
m(e) = e0 ^ l(e) = !(p, q, a) implies l(e0) = ?(q, p, a)
� =�S
p2P <p [ {(e,m(e)) | e 2 dom(m)| {z }domain of m| {z }
“m(e) is defined”
}�⇤
Note:An MSC is a CMSC where m is total and bijective.
Joost-Pieter Katoen Theoretical Foundations of the UML 6/29
.
--
egad
CMSC example
m(e2) = e3e1 /2 dom(m)e4 /2 rng(m)
Joost-Pieter Katoen Theoretical Foundations of the UML 7/29
÷i÷÷÷÷:÷÷÷zydeco
Paths
Let G = (V,!, v0, F,�) be a CMSG.
Definition (Path in a CMSG)A path ⇡ of G is a finite sequence
⇡ = u0 u1 . . . un with ui 2 V (0 i n) and ui ! ui+1 (0 i < n)
Definition (Accepting path of a CMSG)Path ⇡ = u0 . . . un is accepting if: u0 = v0 and un 2 F .
Definition (CMSC of a path)The CMSC of a path ⇡ = u0 . . . un is:
M(⇡) = (. . . (�(u0) • �(u1)) • �(u2) . . .) • �(un)
where CMSC concatenation is left associative.
Joost-Pieter Katoen Theoretical Foundations of the UML 14/29
X : V → EM
- -
- un - -
ft
The MSC language of a CMSG
Definition (Language of a CMSG)The (MSC) language of CMSG G is defined by:
L(G) = { M(⇡) 2 M| {z }only “real” MSCs
| ⇡ is an accepting path of G}.
Note: Accepting paths that give rise to an CMSC (which is not an MSC) are
not part of L(G).
Joost-Pieter Katoen Theoretical Foundations of the UML 15/29Egg
I 2 r 2
aCMSG
a→
f- . → > b→ - D 8
Uo ✓ U,
accepting a 2
path : IT -- You ,MCT ) →
C- IM →thus Mct ) E Lcg)
acceptingr 2
pathIT '= 4044 ,
MCIT ') a-
→¢ IM
⑦MCT '7¢LCg ).
Yannakakis’ example as compositional MSG
This MSC cannot be modeled for n > 1 by:
M = M1 •M2 • . . . •Mn with Mi 2 M
Thus it cannot be modeled by a MSG.
But it can be modeled as compositional MSG:
Joost-Pieter Katoen Theoretical Foundations of the UML 16/29Egos
CMS G
g :
Pi P2Msc M
,E LCG ) -
t• .
a
-
} Vo
In .
2
j ..
2 safe
-
a
± In?Evey accepting path IT for G iMCT)isan_rise→ Mcm ) c- Llg )
C MSG g is called safe
Safe paths and CMSGs
Definition (Safe path)Path ⇡ of CMSG G is safe whenever M(⇡) 2 M.
Definition (Safe CMSG)CMSG G is safe if for every accepting path ⇡ of G, M(⇡) is an MSC.
So:CMSG G is safe if on any of its accepting paths there are no unmatched
sends and receipts, i.e., if any of its accepting paths is indeed an MSC.
Joost-Pieter Katoen Theoretical Foundations of the UML 18/29
n•EBMiE"↳
Existence of a safe accepting path
Theorem: undecidability of existence of a safe pathThe decision problem “does CMSG G have at least one safe, accepting
path?” is undecidable.
Proof.By a reduction from Post’s Correspondence Problem (PCP).
. . . black board . . .
The complement decision problem “does CMSG G have no safe, accepting
path?” is undecidable too.
Joost-Pieter Katoen Theoretical Foundations of the UML 20/29
Universality of safe accepting paths
Theorem: undecidability of existence of a safe pathThe decision problem “does CMSG G have at least one safe, accepting
path?” is undecidable.
Theorem: decidability of universality of safe pathsThe decision problem “are all accepting paths of CMSG G safe?” is
decidable in PTIME.
Proof.Polynomial reduction to reachability problem in (non-deterministic)
pushdown automata.
. . . see details on the next slides . . .
Joost-Pieter Katoen Theoretical Foundations of the UML 22/29
Universality of safe accepting paths
Theorem: undecidability of existence of a safe pathThe decision problem “does CMSG G have at least one safe, accepting
path?” is undecidable.
Theorem: decidability of universality of safe pathsThe decision problem “are all accepting paths of CMSG G safe?” is
decidable in PTIME.
Proof.Polynomial reduction to reachability problem in (non-deterministic)
pushdown automata.
. . . see details on the next slides . . .
Joost-Pieter Katoen Theoretical Foundations of the UML 22/29
Universality of safe accepting paths
Theorem: undecidability of existence of a safe pathThe decision problem “does CMSG G have at least one safe, accepting
path?” is undecidable.
Theorem: decidability of universality of safe pathsThe decision problem “are all accepting paths of CMSG G safe?” is
decidable in PTIME.
Proof.Polynomial reduction to reachability problem in (non-deterministic)
pushdown automata.
. . . see details on the next slides . . .
Joost-Pieter Katoen Theoretical Foundations of the UML 22/29
Pushdown automata
Definition (Pushdown automaton)A pushdown automaton (PDA, for short) K = (Q, q0,�,⌃,�) with
Q, a finite set of control states
q0 2 Q, the initial state
�, a finite stack alphabet
⌃, a finite input alphabet
� ✓ Q⇥ ⌃⇥ �⇥Q⇥ �⇤, the transition relation.
Transition relation(q, a, �, q0, pop) 2 � means: in state q, on reading input symbol a and
top of stack is symbol �, change to q0 and pop � from the stack.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/29
#which symbols can be put
on the stack
- a,
b,
C
Inext stackI I
next stolecontentt
.c- ret
Inext ip.ee ( at the top )
stele
symbol that symbolis to be read of the
steak
Pushdown automata
Definition (Pushdown automaton)A pushdown automaton (PDA, for short) K = (Q, q0,�,⌃,�) with
Q, a finite set of control states
q0 2 Q, the initial state
�, a finite stack alphabet
⌃, a finite input alphabet
� ✓ Q⇥ ⌃⇥ �⇥Q⇥ �⇤, the transition relation.
Transition relation(q, a, �, q0, pop) 2 � means: in state q, on reading input symbol a and
top of stack is symbol �, change to q0 and pop � from the stack.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/29
O
L = { oh"
In > o } on EL
Oona C- L
on Cfl010 of L
Construct a PDA K such that K accepts the language L
Intuition-
• PDA K starts in initial control state Io
• if input word we E or if w start with a"
s"
i reject
• otherwise,
"
scan
"
all Os and push them on the stack
•
on reading the first "a "
,move to control stele I ,
t
pop O from the stack
6 6• in 9
, ,on reading a 9 "
awe pop a O from the stack
• in I,
i reject if a
"
O"
is read,
or if input word is d-
but the stack is not-
hr .
of Os > Is• in S
, ;
acceptif input word and
the stack are both empty .
0, #
,O
"
push o" evokes
#
f) " bottom of stack"
→ 0 OF.ae①a (
"
pop O" "
pop O"
O,
O,
00-
( "
push O"
Q= { so,
I, ) transitions : Ceo
,7
,O
,a
, ,E ) C- D
-
Z= { on )( So ,
0,0 , so,
00 ) EA
r = I o,
# )( oh ,
1,
O, oh
, ,E ) ← A
go = 9- o
( So 10 , #, So
,o ) C- A
Example configurations :
⇐' II '¥ . c a. ¥
4k¥
Change of configuration
( a- o , gon,
# ) t ( a- o ,
on,
0 ) I - Cao, 11,00 ) 1-
Can,
r,
o ) 1- ( oh , e. e)Is ( oh
,E
,E ) reachable
from ( so,
ooh,
# ) ?
Reachability in pushdown automata
DefinitionA configuration c is a triple (state q, stack content Z, rest input w).
DefinitionGiven a transition in �, a (direct) successor configuration c0 of c is
obtained: c ` c0.
Reachability problemFor configuration c, and initial configuration c0: c0 `⇤ c?
Theorem: [Esparza et al. 2000]
The reachability problem for PDA is decidable in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
'
fControl
Reachability in pushdown automata
DefinitionA configuration c is a triple (state q, stack content Z, rest input w).
DefinitionGiven a transition in �, a (direct) successor configuration c0 of c is
obtained: c ` c0.
Reachability problemFor configuration c, and initial configuration c0: c0 `⇤ c?
Theorem: [Esparza et al. 2000]
The reachability problem for PDA is decidable in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
0
Reachability in pushdown automata
DefinitionA configuration c is a triple (state q, stack content Z, rest input w).
DefinitionGiven a transition in �, a (direct) successor configuration c0 of c is
obtained: c ` c0.
Reachability problemFor configuration c, and initial configuration c0: c0 `⇤ c?
Theorem: [Esparza et al. 2000]
The reachability problem for PDA is decidable in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
0
Reachability in pushdown automata
DefinitionA configuration c is a triple (state q, stack content Z, rest input w).
DefinitionGiven a transition in �, a (direct) successor configuration c0 of c is
obtained: c ` c0.
Reachability problemFor configuration c, and initial configuration c0: c0 `⇤ c?
Theorem: [Esparza et al. 2000]
The reachability problem for PDA is decidable in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
. Reek : Dyck language
E = { E,
] ) square brackets
"receive
"
Dyck language
y"
send"
y{ we 2*1 all prefixes of u contain no more
"I
"
- than"
E"
,and the number of
linearization "E
"
egads the member of " T"
in u }=
Exercise construct a PDA that accepts the-
Dyck language .
Ceo,
00in,
# ) 1- Ceo,
ooh,
o )-
¥ L 1- ( So,
on,
00 )
1- ( so ,an
,ooo )
1- ( a, ,
r,
00 )
1- Ce, ,
E,
o )"
reject"
Sometimes"
reject"
is modeled explicitly by a
separate control stele Ierr ; similarly
"accept "
by a
control state If
In our example this means that there are transitions :
( a-o ,
1, #
, 9-err ,
# )
( a, ,
0, #
,9-
err ,# )
( at ,O
,O
, 9- em ,# )
etcetera .
Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G
Proof idea: construct a PDA Ki,j = (Q, q0,�,⌃,�) such that
CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts
For accepting path u0 . . . uk in G, feed Ki,j with the word
⇢0 . . . ⇢k where ⇢i 2 Lin(�(ui))
such that unmatched sends (of some type) precede all unmatched
receipts (of the same type)
Possible violations that Ki,j may encounter:
1 nr. of unmatched !(pi, pj , ·) > nr. of unmatched ?(pj , pi, ·)2 type of k-th unmatched send 6= type of k-th unmatched receive
3 non-FIFO communication
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
-(is every accepting path of G safe ?
I 2 3 4- - - - ( m2 ) ( as ) ( ah )
( za ) ( 3,1 ) C 4. D
( 2,3 ) ( 3,2 ) ( 3G )- - -
- ⇐h ) ( a. 2 ) I 4. d)
Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G
Proof idea: construct a PDA Ki,j = (Q, q0,�,⌃,�) such that
CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts
For accepting path u0 . . . uk in G, feed Ki,j with the word
⇢0 . . . ⇢k where ⇢i 2 Lin(�(ui))
such that unmatched sends (of some type) precede all unmatched
receipts (of the same type)
Possible violations that Ki,j may encounter:
1 nr. of unmatched !(pi, pj , ·) > nr. of unmatched ?(pj , pi, ·)2 type of k-th unmatched send 6= type of k-th unmatched receive
3 non-FIFO communication
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
-
(in fact
"
not closed"
kij is going check
for possible violations
ofbeingsafe
Definition C left - closed CMSC )-
A CMSC is left - closed if it does not contain-
unmatched receive events,
or any send events that
are rot yet matched and precede other matched
send events ( of the same type ) .
Exaptes7 2 7 2 7 2 I 2
a a a a
→ → →
→ It . # H→
is not not left - left - left -
left - closed closed closed closed
( unsafe ) ( unsafe ,( and safe ) ( not - safe )
accept accept reject reject
Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G
Proof idea: construct a PDA Ki,j = (Q, q0,�,⌃,�) such that
CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts
For accepting path u0 . . . uk in G, feed Ki,j with the word
⇢0 . . . ⇢k where ⇢i 2 Lin(�(ui))
such that unmatched sends (of some type) precede all unmatched
receipts (of the same type)
Possible violations that Ki,j may encounter:
1 nr. of unmatched !(pi, pj , ·) > nr. of unmatched ?(pj , pi, ·)2 type of k-th unmatched send 6= type of k-th unmatched receive
3 non-FIFO communication
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
rake=
BE s
--
- -
+ assume that↳ not a restriction
, because such
matched events arelinearis atoms do away s exist
indicated explicitly! ? l p , I ,
a )
Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G
Proof idea: construct a PDA Ki,j = (Q, q0,�,⌃,�) such that
CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts
For accepting path u0 . . . uk in G, feed Ki,j with the word
⇢0 . . . ⇢k where ⇢i 2 Lin(�(ui))
such that unmatched sends (of some type) precede all unmatched
receipts (of the same type)
Possible violations that Ki,j may encounter:
1 nr. of unmatched !(pi, pj , ·) > nr. of unmatched ?(pj , pi, ·)2 type of k-th unmatched send 6= type of k-th unmatched receive
3 non-FIFO communication
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
Bea
Beat s
✓← I → J
b at j
✓ from i
The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj).
Nondeterministic PDA Ki,j = (Q, q0,�,⌃,�) where:
Control states Q = {q0, qa1 , . . . , qak , qerr , qF }
Stack alphabet � = {1,#}
1 counts nr. of unmatched !(pi, pj , am), and # is bottom of stack
Input alphabet
⌃ =
8<
:
unmatched action !(pi, pj , am)unmatched action ?(pj , pi, am)matched actions !?(pi, pj , am), ?!(pj , pi, am)
Transition function � is described on next slide
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
O
-
all message in CMSG gsend from i to j ,
or
received at j from i.
The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj).
Nondeterministic PDA Ki,j = (Q, q0,�,⌃,�) where:
Control states Q = {q0, qa1 , . . . , qak , qerr , qF }
Stack alphabet � = {1,#}
1 counts nr. of unmatched !(pi, pj , am), and # is bottom of stack
Input alphabet
⌃ =
8<
:
unmatched action !(pi, pj , am)unmatched action ?(pj , pi, am)matched actions !?(pi, pj , am), ?!(pj , pi, am)
Transition function � is described on next slide
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
/-
I \initial reject
accept
The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj).
Nondeterministic PDA Ki,j = (Q, q0,�,⌃,�) where:
Control states Q = {q0, qa1 , . . . , qak , qerr , qF }
Stack alphabet � = {1,#}
1 counts nr. of unmatched !(pi, pj , am), and # is bottom of stack
Input alphabet
⌃ =
8<
:
unmatched action !(pi, pj , am)unmatched action ?(pj , pi, am)matched actions !?(pi, pj , am), ?!(pj , pi, am)
Transition function � is described on next slide
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
-
The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj).
Nondeterministic PDA Ki,j = (Q, q0,�,⌃,�) where:
Control states Q = {q0, qa1 , . . . , qak , qerr , qF }
Stack alphabet � = {1,#}
1 counts nr. of unmatched !(pi, pj , am), and # is bottom of stack
Input alphabet
⌃ =
8<
:
unmatched action !(pi, pj , am)unmatched action ?(pj , pi, am)matched actions !?(pi, pj , am), ?!(pj , pi, am)
Transition function � is described on next slide
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
- possible symbols inthe linearis atoms
BEEBE
The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj).
Nondeterministic PDA Ki,j = (Q, q0,�,⌃,�) where:
Control states Q = {q0, qa1 , . . . , qak , qerr , qF }
Stack alphabet � = {1,#}
1 counts nr. of unmatched !(pi, pj , am), and # is bottom of stack
Input alphabet
⌃ =
8<
:
unmatched action !(pi, pj , am)unmatched action ?(pj , pi, am)matched actions !?(pi, pj , am), ?!(pj , pi, am)
Transition function � is described on next slide
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
Safeness of CMSGs (2)
Initial configuration is (q0,#, w)w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj , am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj , pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
otherwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj , ak) in q0stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:matched send events !?(pj , pi, ak), and
unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
Safeness of CMSGs (2)
Initial configuration is (q0,#, w)w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj , am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj , pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
otherwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj , ak) in q0stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:matched send events !?(pj , pi, ak), and
unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
- - -
- -("
sees an unmatched send
from pi to pj with
content am"
Safeness of CMSGs (2)
Initial configuration is (q0,#, w)w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj , am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj , pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
otherwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj , ak) in q0stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:matched send events !?(pj , pi, ak), and
unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
Ipending unmatched send p ; → pj
-
I✓
not left - closed
Safeness of CMSGs (2)
Initial configuration is (q0,#, w)w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj , am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj , pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
otherwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj , ak) in q0stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:matched send events !?(pj , pi, ak), and
unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
-
-
- - -
tnot left - closed
Safeness of CMSGs (2)
Initial configuration is (q0,#, w)w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj , am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj , pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
otherwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj , ak) in q0stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:matched send events !?(pj , pi, ak), and
unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
-
Safeness of CMSGs (2)
Initial configuration is (q0,#, w)w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj , am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj , pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
otherwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj , ak) in q0stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:matched send events !?(pj , pi, ak), and
unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
0 OO -
left -
closed.
×
Safeness of CMSGs (3)
The behaviour in state qam for 0 < m 6 k:
Ignore all actions except ?(pj , pi, a`) for all 0 < ` 6 k
On reading ?(pj , pi, a`) (for some 0 < ` 6 k) in state qam do:
if 1 is on top of stack, pop it
If stack is empty:
if last receive differs from am, accept
otherwise reject, while ignoring the rest (if any) of the input
Joost-Pieter Katoen Theoretical Foundations of the UML 28/29
E- -
Safeness of CMSGs (3)
The behaviour in state qam for 0 < m 6 k:
Ignore all actions except ?(pj , pi, a`) for all 0 < ` 6 k
On reading ?(pj , pi, a`) (for some 0 < ` 6 k) in state qam do:
if 1 is on top of stack, pop it
If stack is empty:
if last receive differs from am, accept
otherwise reject, while ignoring the rest (if any) of the input
Joost-Pieter Katoen Theoretical Foundations of the UML 28/29
-
Safeness of CMSGs (3)
The behaviour in state qam for 0 < m 6 k:
Ignore all actions except ?(pj , pi, a`) for all 0 < ` 6 k
On reading ?(pj , pi, a`) (for some 0 < ` 6 k) in state qam do:
if 1 is on top of stack, pop it
If stack is empty:
if last receive differs from am, accept
otherwise reject, while ignoring the rest (if any) of the input
Joost-Pieter Katoen Theoretical Foundations of the UML 28/29
#not left - closed
→
( left - closed
Example I.
C MSG G , y z n 2
>
a
D- . . →
Uo Up
Ceo,
#,
!a?a?a ) 1- ( Ea ,a
,?a?a )
-
initial configuration T
T ( Ea,
#,
?a )
Ceo,
r ,?a?a ) reject
T
( so ,#
, Ia ) accept
Thus the PDA Ky ,zaccepts the
input word ⇒ g ,is not
left - closed
Eionplez CMSG gz :
2 2 n 2 safe.
aa
→ →
D- be ,
→± ts
7 2
HotPDA kn ,z
b
( so ,#
,! a !b?a?b ) 1- ( aah ,
t.to?a?b )
T T
( so,
n,
lb ?a?b ) ( a-a ,
r,
? a ?b )
T T t
( a- a,
If,
?b )Ceo ,
rn,
?a?b ) ( ab ,n ,
?a?b )p
T T
( 8,1 ,?b ) Cab
,,
,?b )
( a-as #
,E )rejectT T
( so ,#
,e ) Cats
,# se )
reject reject-
-
PDA kn ,zhas no accepting run on t.cn?b?a?b
and thus CMSG Gz is left - closed-
Example-
Crisco g ,
7 2 7 2
→ a
D- →→ - A
Uo U>
PDA Kaz
Ceo, # ,
t.at?b?a) 1- leo
,n
,! ?b?a )
T accept
I ea,
n,
! ?b?a ) → violation of
T Fro property .
( Ea,
a,
? a)ppa K
, ,z acceptsT
( Ea,
#,
e ) ⇒ CMSG g ,is not
rejectleft - closed
⇒ is not safe.
Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj)
=) CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is
reachable.
=) reachability of a configuration in a PDA is in PTIME, hence
checking safeness wrt. (pi, pj) is in PTIME.
Time complexityThe worst-case time complexity of checking whether CMSG G is safe is
in O(k2·N2·L·|E|
2) where k = |P|, N = |V |, and L = |C|.
Proof.Checking reachability in PDA Ki,j is in O(L·|E|
2). The number of
PDAs is k2, as we consider ordered pairs in P. The number of paths in
the CMSG G for each pair that need to be checked is in O(N2), as a
single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
delleALI-
accept
Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj)
=) CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is
reachable.
=) reachability of a configuration in a PDA is in PTIME, hence
checking safeness wrt. (pi, pj) is in PTIME.
Time complexityThe worst-case time complexity of checking whether CMSG G is safe is
in O(k2·N2·L·|E|
2) where k = |P|, N = |V |, and L = |C|.
Proof.Checking reachability in PDA Ki,j is in O(L·|E|
2). The number of
PDAs is k2, as we consider ordered pairs in P. The number of paths in
the CMSG G for each pair that need to be checked is in O(N2), as a
single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
GoBa
\Esparza et at
.
Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj)
=) CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is
reachable.
=) reachability of a configuration in a PDA is in PTIME, hence
checking safeness wrt. (pi, pj) is in PTIME.
Time complexityThe worst-case time complexity of checking whether CMSG G is safe is
in O(k2·N2·L·|E|
2) where k = |P|, N = |V |, and L = |C|.
Proof.Checking reachability in PDA Ki,j is in O(L·|E|
2). The number of
PDAs is k2, as we consider ordered pairs in P. The number of paths in
the CMSG G for each pair that need to be checked is in O(N2), as a
single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
BEEBE
- - - - Ila
Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj)
=) CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is
reachable.
=) reachability of a configuration in a PDA is in PTIME, hence
checking safeness wrt. (pi, pj) is in PTIME.
Time complexityThe worst-case time complexity of checking whether CMSG G is safe is
in O(k2·N2·L·|E|
2) where k = |P|, N = |V |, and L = |C|.
Proof.Checking reachability in PDA Ki,j is in O(L·|E|
2).
The number of
PDAs is k2, as we consider ordered pairs in P. The number of paths in
the CMSG G for each pair that need to be checked is in O(N2), as a
single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
I
Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj)
=) CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is
reachable.
=) reachability of a configuration in a PDA is in PTIME, hence
checking safeness wrt. (pi, pj) is in PTIME.
Time complexityThe worst-case time complexity of checking whether CMSG G is safe is
in O(k2·N2·L·|E|
2) where k = |P|, N = |V |, and L = |C|.
Proof.Checking reachability in PDA Ki,j is in O(L·|E|
2). The number of
PDAs is k2, as we consider ordered pairs in P.
The number of paths in
the CMSG G for each pair that need to be checked is in O(N2), as a
single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
I
Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj)
=) CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is
reachable.
=) reachability of a configuration in a PDA is in PTIME, hence
checking safeness wrt. (pi, pj) is in PTIME.
Time complexityThe worst-case time complexity of checking whether CMSG G is safe is
in O(k2·N2·L·|E|
2) where k = |P|, N = |V |, and L = |C|.
Proof.Checking reachability in PDA Ki,j is in O(L·|E|
2). The number of
PDAs is k2, as we consider ordered pairs in P. The number of paths in
the CMSG G for each pair that need to be checked is in O(N2), as a
single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
-
Lo
-