Embed Size (px)
Citation preview
1
Academia Europaea 18th Annual Conference events Grand Challenges of Informatics and Computer Mathematics
Budapest, September 20, 2006
From Computable Functions to Definable Systems
Wolfgang Reisig
Theory of Programming
2
The scope of concern
future
systems engineeringelevator systemaccident preventing carautomatic business processes
programming
theoretical
basiscomputablefunctions
“definable systems”formal models of discrete real world systems
so far
focus of
informatics
3
This talk picks three aspects of a theory of “definable systems”:
1. A model should be trustworthy !
2. A model should be compositional !
3. A model should solicit invariants !
4
1. A model should be trustworthy!• Each elementary item to be modeled
is an elementary item of the model.
• Each elementary operation to be modeled
is an elementary operation of the model .
• Each state to be modeled is a state of the model.
• Each step to be modeled is a step of the model.
• … and vice versa!
5
D
… certainly an algorithm.
but not computable
by a Turing Machine!
How write this
algorithm down?s
r
Given: A circle C with center p,
and a point q outside C.
The problem:
Construct a tangent at C through q
The solution:
s‘
1. 1 Example: a geometrical algorithm
C
pql
6
D s
r
s‘
C
pql
Fix a signature (alphabet), .
Write down P, using –terms.
Some –structure, S0 , is the initial state:
pS0 = p, CS0 = C, etc.
Construct steps S S’ of P as obvious.
E.g. r := halfway(p,q); applied to a state S
yields rS’ = halfwayS(pS,qS).
Pseudocode P
This algorithm defines
a sequence of states.
Each state
is a – structure.
with a formal meaninginput(p, C, q);
r := halfway(p,q);
D := circle(r,p);
M := intersect(C,D);
s := pick(M);
l := makeline(q,s);
output(l);
7
1.2 Example: pebble gameGiven: an urn, contanig a finite set of pebbles.Each pebble is either white or black.
Step: Take 2 pebbles out of the urn. If their colors are different: put a white pebble back. If colors are equal: put a black pebble back (You may have to blacken a white one)
How model this?
conventionally: a nondeterministic program, including e.g. if white > 2 then white := white – 2; black := black + 1calculating numbers of black and white pebbles.initial numbers of pebbles must be known before starting
8
more adequate: a Petri net
a distributed run
9
more adequate: a Petri net
a distributed run
10
Resources are finite !
Clocks are by no means precise !
There is no global time scale to order independent events !
Reading may prevent writing !
(This reveals the myth of mutex algorithms)
1.3 No hidden idealization!
11
Frege, 1892: Essential properties of a composed system are derivable from properties of its components.
Sequential composition of sequential programs:
A;B terminates iff both A and B terminate.
Problem:
reactive and distributed systems are usually not compositional
CCS, parallel programs, …
2. A model should be compositional!
12
How gain compositionality?guideline:“a specification is a logical expression”“Composition is conjunction”
equally important: “Implementation (refinement) is implication”
Techniques in this line:TLA, FOCUSstuttering sequences,streamsdistributed runs
13
How formulate steps ?guideline:
“a specification is a logical expression”
Replace program variables by logical variables,
and assignment statements by mathematical equations.
Replace x := x+1 by x’ = x+1.
Good for verification: x’ –1 = x.
14
3. A model should solicit invariants!Chemistry: A chemical process: A chemist calculates its “balance of material” .
Physics:A physical process: A physicist calculates its “balance of energy” .
Banking: A banking process: A banker calculates its “balance of money” .
Good science has deep invariants.Scientific notions are designed with the intent for deep
invariants.
15
Informatics constructs its objects of interest itself; hence, informatics has much freedom to fix its basic notions.… a particularly good chance for deep invariants!
Informatics: An information transforming process: An information scientist calculates its “balance of
information” … ? …
Our problem: We don’t know what to balance. What really is “information” ?
Invariants in informatics
16
• Elementary actions should be reversible:
Let P a S be a step. Classical observation: One can compute S from P and a.
Def.: a is reversible iff one also can compute P from S and a.
Petri Net transitions are reversible;x := 1 is not reversible.
• “Information is what you need to decide alternatives”
What might help
17
Final remark: all this is not entirely new
Carl Adam Petri, 1966: formal pragmatics, communication disciplines
Don Knuth, 1968: “[the next state function f of a transition system] might involve operations that mortal man can not always perform.”
Edsger W. Dijkstra: “Progress is possible only if we train ourselves to think about programs without thinking of them as pieces of executable code.”
Yuri Gurevich, 1985 “[Compared to Turing Machies,] we define a more general kind of abstract computational device …”
Robin Milner, 2006: “ … we should have achieved a mathematical model of computation, perhaps highly abstract in contrast with the concrete nature of paper and register machines, but such that programming languages are merely executable fragments of the theory …”
18
Academia Europaea 18th Annual Conference events Grand Challenges of Informatics and Computer Mathematics
Budapest, September 20, 2006
From Computable Functions to Definable Systems
Wolfgang Reisig
Theory of Programming
The end
