View
221
Download
1
Category
Preview:
Citation preview
1
Translating from LTL to automata
2
Why translating?
Want to write the specification in some logic. Want to check that an automaton (or a Kripke structure)
satisfies this property. The check (“model-checking”) will be based on automata
operations – hence we need to translate the property to automata.
3
From formulas to Buchi automta
Gp Fp p U q GFp
p p
T
T
q
p
T
p
T
Now try yourself: FGp, a U (b U c), X(p U (q Æ r))
4
A translation algorithm
So now we need to show an algorithmic translation from LTL to Buchi
It will work in two stages: Translate to Generalized Buchi Degeneralization.
5
Preprocessing
Convert into normal form, where negation only applies to propositional variables.
¬G becomes F¬. ¬F becomes G¬. ¬( U ) becomes (¬) R (¬), ¬( R ) becomes (¬) U (¬).
6
Convert to Negation Normal Form Push negations over propositional conenctives, and
eliminate operators other than Æ, Ç
Eliminate G Replace G by (False R ).
(in general we can stay with U, R, X)
Preprocessing
7
Example
Translate (GF P ) ! ( GF Q )
Eliminate implication ¬( GF P ) Ç ( GF Q )
Eliminate G, F :¬( False R ( True U P ) ) Ç ( False R ( True U Q ) )
Push negation inwards:(True U (False R ¬P ) ) Ç ( False R ( True U Q ) )
8
And now...
We need to build an automaton that accepts exactly those words that satisfy .
9
Content
The construction continues as follows:
1. Build the Local Automaton This automaton guarantees that the word satisfies
all conditions imposed by the formula
2. Build the Eventuality Automaton Eventualities : formulas of the form Fφ and φ1 U
φ2 The problem is that nothing prevents us from
postponing forever the time at which (eventuality) formula will be true
3. Compose them
10
The Local Automaton
Closure of all the subformulas of and their negations.
Formally: cl() is the smallest set of formulas satisfying the following conditions
φ ∈ cl(φ) φ1 ∈ cl(φ) ⇒ ¬φ1 ∈ cl(φ) φ1 ∧ φ2∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ) φ1 ∨ φ2 ∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ)
X φ1 ∈ cl(φ) ⇒ φ1 ∈ cl(φ) F φ1 ∈ cl(φ) ⇒ φ1 ∈ cl(φ) φ1 U φ2 ∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ) φ1 R φ2 ∈ cl(φ) ⇒ φ1 , φ2 ∈ cl(φ)
11
The Local Automaton / Alphabet, states
The local automaton is L = (∑, SL, ρL, IL, FL)
The alphabet ∑ ∑ µ 2cl(φ)
∑ elements are consistent: for s 2 ∑ and f ∈ cl(φ): f ∈ s ¬f ∉ s
The states SL All propositionally consistent subsets s of cl(φ):
φ1 ∈ s ¬φ1 ∉ s
12
The Local Automaton / Transition relation
The edges: ρL(s, a) must check the next state is compatible with the semantics of
the temporal operators.
Let t ∈ ρL(s, a). Then:
Xφ1 ∈ s φ1 ∈ t
Fφ1 ∈ s φ1 ∈ s or Fφ1 ∈ t
φ1 U φ2 ∈ s (φ2 ∈ s) or (φ1 ∈ s and φ1 U φ2 ∈ t)
φ1 R φ2 ∈ s (φ1 ⋀ φ2 ∈ s) or (φ2 ∈ s and φ1 R φ2
∈ t)
The labeling on the edges: For a state s ;, s is the label on all the outgoing edges from s.
13
The initial states IL
... is the set of states that include the formula
The accepting states FL
... is the set of all states
The Local Automaton / Initial + final states
14
Example: Local Automaton for Fp
Closure of Fp cl(Fp) = {Fp, p, ¬Fp, ¬p}
SL= {{Fp, p}, {¬Fp, p}, {Fp, ¬p}, {¬Fp, ¬p}}
15
Local Automaton for Fp
{¬Fp, p}
{Fp, ¬p}
{¬Fp, ¬p}
Recall the defnition: (Fp ∈ s) (p ∈ s or Fp ∈ t) (t is the target state)
Top-right: Since p s then t can only be such that Fp 2 t.
Top left: Since p 2 s then all states can be t.
{Fp, p}
Bottom left: contradictory, hence no point in this state (can be removed)
Bottom right: since the condition above is iff relation, then we need that (:p 2 s) and (:Fp 2 t).
16
Local Automaton for Fp (labels)
{¬Fp, p}
{Fp, ¬p}
{¬Fp, ¬p}
{Fp, p}
{Fp, p}
{Fp, p} {¬Fp, ¬p}
{Fp, ¬p}
{Fp, ¬p}
{Fp, p}
Recall: the edge labels are equivalent to the source state names.
17
Eventuality automaton is supposed to check that the eventualities are realized
Check formulas of the form φ1 U φ2
Fφ // special case of U
The Eventuality Automaton
18
The Eventuality Automaton/ Alphabet, states
Ev = (∑, 2ev(φ), ρF, {{}}, F)
The alphabet ∑ µ 2cl(φ)
∑ elements are consistent: for s 2 ∑ and f ∈ cl(φ): f ∈ s ¬f ∉ s
The states 2ev(φ)
The set of subsets of the eventualities of the formula φ
A state {e1, …, ek} means that the eventualities e1, …, ek still have to be realized
19
The Eventuality Automaton/ Transition relation, initial state
The transition ρF
Let t ∈ ρF(s,a)
For Fφ : Fφ ∈ t φ ∉ a
For φ1 U φ2 : φ1 U φ2 ∈ t φ2 ∉ a
The initial state : {}
20
The Eventuality Automaton/ accepting states
The acceptance condition F is complicated... When can we accept a state s?
if s has an eventuality, it satisfies it.
Examples: s is accepting: s = {pUq,:p, q}
s = {:pUq,:p, :q}
s is not accepting: s = {pUq, p, :q} s = {pUq, :p, :q}
21
The Eventuality Automaton/ accepting states
The acceptance condition, formaly: Let ei be an eventuality condition i’ U i
Suppose we have the eventuality conditions e1,...,em. Then F is a generalized Buchi condition:
F = {Á1,...,Ám} where Ái = {s 2 S | ei 2 s ! i 2 s}
In our example: We have two states: {} and {Fp} Thus, F contains the single state {}
22
ExampleEventuality automaton
{Fp}
{}
{Fp, p}
{¬Fp, p}
{¬Fp, ¬p}
{Fp, ¬p}
{Fp, p}{¬Fp, p}
{¬Fp, ¬p}
{Fp, ¬p}
We can begin with all edges and all labels and then remove those that are incompatible with the condition we saw in the previous slide:
The condition is: Fp ∈ t p ∉ a
Q: When is this automaton satisfied? A: When all eventualities are satisfied.
23
M = (∑, SM, ρM ,NM0, FM)
∑ µ 2cl()
SM = SL x 2ev(φ) (Cartesian Product)
(p, q) ∈ ρM((s, t), a) p ∈ ρL(s, a) and q ∈ ρF(t, a)
NM0 = Nφ x {}
FM = NL x {}
Composing the two automata
24
Example Composing the two automata
({Fp, p}, Fp)
({Fp, ¬p} , Fp)
({¬Fp, ¬p} , Fp)
({Fp, p}, {})({Fp, ¬p} , {})
({¬Fp, ¬p} , {})
The propositions are the ‘real’ labels.
p
p
:p
:p
:p
25
Example Composing the two automata
({Fp, p}, Fp)
({Fp, ¬p} , Fp)
({Fp, p}, {})
({¬Fp, ¬p} , {})
p :p
:p
:p
Equivalently: labels move to outgoing edges.
p
p :pp
:p
p
p
({Fp, ¬p} , {})
26
Optimizations...
There are optimizations that make the automaton much smaller:
p
:p
:p
:p pp
If we define the alphabet ∑ as formulas over AP we can do better:
p
:p truep Ç :p
27
Conclusion
The number of States Local Automaton : 2cl(φ) = O(22|φ|) Eventuality Automaton : 2ev(φ) = O(2|φ|) Composed Automata : 2cl(φ) X 2ev(φ) = O(23|φ|)
|φ| is length of formula φ
Recommended