1 / 27

LTL to Büchi Automata

LTL to Büchi Automata. Flavio Lerda. LTL Formulas. Subset of CTL* Distinct from CTL AFG p  LTL  f  CTL . f ≠ AFG p Contains a single universal quantifier The path formula f holds for every path Commonly: A is omitted G is replaced by  (box or always)

paiva
Download Presentation

LTL to Büchi Automata

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LTL to Büchi Automata Flavio Lerda

  2. LTL Formulas • Subset of CTL* • Distinct from CTL • AFG p  LTL •  f  CTL . f ≠ AFG p • Contains a single universal quantifier • The path formula f holds for every path • Commonly: • A is omitted • G is replaced by  (box or always) • F is replaced by  (diamond or eventually)

  3. Examples of LTL formulas • Always eventually p: •   p • AGF p or AG AF p • Always after p eventually q •  ( p  q) • AG (p -> F q) or AG (p -> AF q) • Fairness • (   p )   • A ((GF p)  ) Not a CTL formula

  4. LTL Semantics • Derived from the CTL* semantics • Given an infinite execution trace=s0s1… ╞ p  p(s0) ╞ ¬   ¬( ╞  ) ╞ 1  2 ╞ 1  ╞ 2 ╞ 1  2 ╞ 1  ╞ 2 ╞  i 0 i╞  ╞  i 0 i╞  ╞ 1 U 2i 0 i╞ 2  0  j< i j╞ 1 i is the suffix of  starting at si

  5. Büchi Automata • Automaton which accepts infinite traces • A Büchi automaton is 4-tupleS, I,, F • S is a finite set of states • I S is a set of initial states •   S S is a transition relation • F S is a set of accepting states • An infinite sequence of states is accepted iff it contains accepting states infinitely often

  6. Example S0 S1 S2 1=S0S1S2S2S2S2… ACCEPTED 2=S0S1S2S1S2S1… ACCEPTED 3=S0S1S2S1S1S1… REJECTED

  7. LTL and Büchi Automata • LTL formula • Represents a set of infinite traces which satisfy such formula • Büchi Automaton • Accepts a set of infinite traces • We can build an automaton which accepts all and only the infinite traces represented by an LTL formula

  8. Labeled Büchi Automata • Given a set of atomic proposition P • Define a labeling function : S  2P • Each state is assigned a set of propositions that must be true • Similar to the labeling for the model M

  9. Generating Büchi Automata • We need a procedure to generate a Büchi automaton given an LTL formula • Efficiently • Formulas are usually small • Büchi automaton exponential in the size of the formula • The cost of model checking is proportional to the size of the automaton • Non-deterministic Büchi automata are not equivalent to deterministic Büchi automata • Cannot use automata minimization algorithms • Finding the minimal automata is exponential

  10. Approach • Formula rewriting • Rewrite the formula in negated normal form • Apply rewriting rules • Core translation • Turns an LTL formula into a generalized Büchi automaton • Degeneralization • Turns a generalized Büchi automaton into a Büchi automaton

  11. Rewriting • Negated normal form • Negation appears only in front of literals • Use the following identities • ¬¬ =  • ¬G  = F ¬ • ¬F  = G ¬ • ¬( U ) = (¬) V (¬) • ¬( V ) = (¬) U (¬) • V (sometimes R) is the Release operator • Dual of Until

  12. Rewriting • Additional rewriting rules • They are not guaranteed to yield smaller automata • The size of the automaton is exponential in the size of the formula • Examples • (X ) U (X ) X ( U ) • (X )  (X ) X (  ) • GF   GF   GF (  )

  13. Rewriting • The core algorithm only handles • , , V, U • Use the following: • F   T U  • G   ¬F ¬  ¬(T U ¬) = F V 

  14. Core Translation Idea • Make use of the following  U    (  X( U ))  V    (  X( V ))

  15. Example F p T p p Old:{} New:{TU p} Next:{} (TU p) Old:{TU p} New:{T} Next:{TU p} Old:{TU p} New:{} Next:{TU p} Old:{TU p} New:{p} Next:{} Old:{TU p, p} New:{} Next:{} Old:{} New:{} Next:{} Old:{TU p} Next:{TU p} Old:{TU p, p} Next:{} Old:{} Next:{}

  16. Core Translation • Node • Represent a sub-formula • Contain information about the past, the present and the future • State • Represents a state in the final automaton • They are the nodes that have fully expanded

  17. Core Translation • Expansion • Select a formula from the New field • If it is a literal, add it to the Oldfield • Otherwise •     (New{},Next{}) and (New{},Next{}) •  U   (New{},New{ U }) and (New{},Next{}) •  V   (New{},New{ V }) and (New{,},Next{}) •  U    (  X( U )) •  V    (  X( V ))

  18. Core Translation • Nodes to states • If a node has no New formulas • Create a new node with all the Nextformulas • Create an edge between the two nodes • Check if there is any equivalent state • With the same Next field • With the same Old field

  19. Core Translation • Accepting states • Generalized Büchi automaton • Multiple accepting sets • One for each Until sub-formula ( U ) • Such that • The Oldfield doesn’t contain  U  or • The Oldfield does contain 

  20. Degeneralization • Turn a generalized Büchi automaton into a Büchi automaton • Consider as many copies of the automaton as the number of accepting sets • Replace incoming edges from accepting states with edges to the next copy • Each cycle must go through every copy • Each cycle must contains accepting states from each accepting set

  21. Example F a  F b T a b a b 2 1 T T 1,2

  22. Example T T a b a b a b T T T T

  23. Example T T a b a b a b T T T T

  24. Example T T a b a b a T T T

  25. Example T a b a T T T

  26. T a b a T T T Example

  27. Optimizations • Can be done at each stage • Try to minimize • The number of states and transitions • The number of accepting states • Involve • Strongly connected components • Fair (bi)simulation • Expensive but • The Büchi automaton is usually small • The saving during verification can be very high

More Related