1 / 27

Translating from LTL to automata

Translating from LTL to automata. Why translating?. Want to write the specification in some logic. Want to check that an automaton (or a Kripke structure) satisfies this property.

kiefer
Download Presentation

Translating from LTL to automata

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Translating from LTL to automata

  2. Why translating? • Want to write the specification in some logic. • Want to check that an automaton (or a Kripke structure) satisfies this property. • The check (“model-checking”) will be based on automata operations – hence we need to translate the property to automata.

  3. T p T p p q p T T From formulas to Buchi automta Fp p U q GFp Gp Now try yourself: FGp, a U (b U c), X(p U (q Æ r))

  4. A translation algorithm • So now we need to show an algorithmic translation from LTL to Buchi • It will work in two stages: • Translate to Generalized Buchi • Degeneralization.

  5. Preprocessing • Convert into normal form, where negation only applies to propositional variables. • ¬G becomes F¬. • ¬F becomes G¬. • ¬( U )becomes(¬) R (¬), • ¬(  R )becomes(¬) U (¬).

  6. Preprocessing • Convert to Negation Normal Form • Push negations over propositional conenctives, and eliminate operators other thanÆ,Ç • Eliminate G • Replace G by (False R). • (in general we can stay withU, R, X)

  7. Example • Translate (GFP ) ! ( GFQ ) • Eliminate implication ¬(GF P ) Ç (GF Q ) • Eliminate G, F:¬( False R ( True U P ) ) Ç ( False R ( True U Q ) ) • Push negation inwards:(True U (False R¬P ) ) Ç ( False R ( True U Q ) )

  8. And now... • We need to build an automaton that accepts exactly those words that satisfy .

  9. Content • The construction continues as follows: • Build the Local Automaton • This automaton guarantees that the word satisfies all conditions imposed by the formula • Build the Eventuality Automaton • Eventualities : formulas of the form Fφand φ1U φ2 • The problem is that nothing prevents us from postponing forever the time at which (eventuality) formula will be true • Compose them

  10. The Local Automaton • Closure of : all the subformulas ofand their negations. • Formally: cl() is the smallest set of formulas satisfying the following conditions • φ ∈ cl(φ) • φ1∈ cl(φ) ⇒ ¬φ1 ∈ cl(φ) • φ1∧ φ2∈ cl(φ) ⇒ φ1 , φ2∈ cl(φ) • φ1∨ φ2∈ cl(φ) ⇒ φ1 , φ2∈ cl(φ) • Xφ1∈ cl(φ) ⇒ φ1 ∈ cl(φ) • Fφ1∈ cl(φ) ⇒ φ1 ∈ cl(φ) • φ1U φ2∈ cl(φ) ⇒ φ1 , φ2∈ cl(φ) • φ1R φ2∈ cl(φ) ⇒ φ1 , φ2∈ cl(φ)

  11. The Local Automaton / Alphabet, states • The local automaton is L = (∑, SL, ρL, IL, FL) • The alphabet ∑ • ∑ µ 2cl(φ) • ∑ elements are consistent: for s2∑ and f ∈ cl(φ): f ∈ s ¬f ∉ s • The states SL • All propositionally consistent subsets s of cl(φ): • φ1 ∈ s¬φ1 ∉ s

  12. The Local Automaton / Transition relation The edges: • ρL(s, a) must check the next state is compatible with the semantics of the temporal operators. • Let t ∈ ρL(s, a). Then: • Xφ1∈ sφ1∈ t • Fφ1∈ sφ1 ∈ sor Fφ1∈ t • φ1U φ2∈ s (φ2∈ s) or (φ1∈ sand φ1U φ2∈ t) • φ1R φ2∈ s (φ1 ⋀φ2∈ s) or (φ2∈ sand φ1R φ2∈ t) The labeling on the edges: • For a state s;, s is the label on all the outgoing edges from s.

  13. The Local Automaton / Initial + final states • The initial states IL • ... is the set of states that include the formula • The accepting states FL • ... is the set of all states

  14. Example: Local Automaton for Fp • Closure of Fp • cl(Fp) = {Fp, p, ¬Fp, ¬p} • SL= {{Fp, p}, {¬Fp, p}, {Fp, ¬p}, {¬Fp, ¬p}}

  15. Local Automaton forFp {Fp, p} {Fp, ¬p} {¬Fp, p} {¬Fp, ¬p} • Recall the defnition: (Fp∈ s)  (p∈ s or Fp∈ t)(t is the target state) Top-right: Since p s then t can only be such thatFp 2 t. Top left: Since p 2 s then all states can be t. Bottom left: contradictory, hence no point in this state (can be removed) Bottom right: since the condition above is iff relation, then we need that (:p 2 s) and (:Fp 2 t).

  16. Local Automaton forFp (labels) {Fp, ¬p} {Fp, p} {Fp, p} {Fp, p} {Fp, ¬p} {Fp, ¬p} {Fp, p} {¬Fp, ¬p} {¬Fp, p} {¬Fp, ¬p} Recall: the edge labels are equivalent to the source state names.

  17. The Eventuality Automaton • Eventuality automaton is supposed to check that the eventualities are realized • Check formulas of the form • φ1U φ2 • Fφ // special case of U

  18. The Eventuality Automaton/ Alphabet, states • Ev = (∑, 2ev(φ), ρF, {{}}, F) • The alphabet • ∑ µ2cl(φ) • ∑ elements are consistent: for s2∑ and f ∈ cl(φ): f ∈ s ¬f ∉ s • The states 2ev(φ) • The set of subsets of the eventualities of the formula φ • A state {e1, …, ek} means that the eventualities e1, …, ekstill have to be realized

  19. The Eventuality Automaton/ Transition relation, initial state • The transition ρF • Lett ∈ ρF(s,a) • ForFφ :Fφ ∈ t φ ∉ a • For φ1U φ2: φ1U φ2∈ t  φ2∉ a • The initial state : {}

  20. The Eventuality Automaton/ accepting states • The acceptance condition F is complicated...  • When can we accept a state s? • if s has an eventuality, it satisfies it. • Examples: • s is accepting: s ={pUq,:p, q} s = {:pUq,:p, :q} • s is not accepting: s ={pUq, p, :q} s = {pUq, :p, :q}

  21. The Eventuality Automaton/ accepting states • The acceptance condition, formaly: • Let ei be an eventuality condition i’ Ui • Suppose we have the eventuality conditions e1,...,em. • Then F is a generalized Buchi condition:F = {Á1,...,Ám} whereÁi = {s 2 S | ei2 s !i2 s} • In our example: • We have two states: {} and {Fp} • Thus,Fcontains the single state {}

  22. ExampleEventuality automaton {Fp, p} {¬Fp, ¬p} {¬Fp, p} {Fp, ¬p} {Fp, ¬p} {} {Fp} {¬Fp, ¬p} {¬Fp, p} {Fp, p} We can begin with all edges and all labels and then remove those that are incompatible with the condition we saw in the previous slide: The condition is: Fp∈ t p∉ a • Q: When is this automaton satisfied? • A: When all eventualities are satisfied.

  23. Composing the two automata • M = (∑, SM, ρM ,NM0, FM) • ∑ µ 2cl() • SM = SL x 2ev(φ)(Cartesian Product) • (p, q) ∈ ρM((s, t), a)  p ∈ ρL(s, a) and q ∈ ρF(t, a) • NM0 = Nφ x {} • FM = NL x {}

  24. Example Composing the two automata The propositions are the ‘real’ labels. ({¬Fp, ¬p} ,Fp) ({Fp, ¬p} ,Fp) p :p ({Fp, p},Fp) p :p ({Fp, ¬p} ,{}) ({Fp, p},{}) ({¬Fp, ¬p} ,{}) :p

  25. Example Composing the two automata Equivalently: labels move to outgoing edges. p ({Fp, ¬p} ,Fp) :p ({Fp, p},Fp) p p :p p :p p ({Fp, ¬p} ,{}) ({Fp, p},{}) :p p ({¬Fp, ¬p} ,{}) :p

  26. Optimizations... p :p :p p p :p p Ç:p true :p p There are optimizations that make the automaton much smaller: If we define the alphabet ∑ as formulas over AP we can do better:

  27. Conclusion • The number of States • Local Automaton : 2cl(φ) = O(22|φ|) • Eventuality Automaton : 2ev(φ) = O(2|φ|) • Composed Automata : 2cl(φ) X 2ev(φ) = O(23|φ|) • |φ| is length of formula φ

More Related