Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Slides:

Advertisements

Présentations similaires

Direct and Indirect Object Pronouns in French

Advertisements

Les verbes –ER Et Le partitif

Les pronoms compléments

Primary French Presentation 2 Saying How You Are.

French 1, Semester 1 concepts to know by

Le Passé Composé J'ai fini Elle a dansé Il a voyagé

2 Linterrogation La norme: Communication 1.2 –Understanding the spoken and written language Les questions essentielles: -How many ways are there to ask.

Talking about your House How to say where things are, what they are like, and to whom they belong.

Quand, lorsque, aussitôt que, dès que, et après que

‘Les Verbes au Présent’

Les Verbes au Présent (The Present Tense) What is the Present Tense ? In English and in French the present tense is used to talk about things which are.

Talking about yourself

Le subjonctif This tense is good for showing off! You will need to understand how and when use it as it is a useful tense for your expression of ideas/doubts.

Questions II How do you Form Questions in French??

Questions WHAT????. Quick review: we know how to make a sentence negative: Je vais ----> Je ne vais pas Personne ne va Rien ne va (theoretically)

Les verbes en -er. chanter – to singtelephoner – to call danser – to dancetravailler – to work diner – to have dinnervoyager –to travel ecouter – to listen.

So what are Garfield and Odie saying?

Direct and Indirect Object Pronouns in French

Le livre de français – pg 107 David: Jen ai marre! Jai une heure de chimie le lundi, deux heures de physique le mardi et deux heures de biologie le samedi.

A. Le subjonctif: formation irrégulière p. 86

Reading an analog clock

L ES ADJECTIFS SPÉCIAUX - BAGS Français 1 In French, most adjectives follow the noun that they modify. Par exemple – Elle est une élève intelligente.

un crayon un ordinateur un stylo un taille-crayon.

and a justification for level 4

Y and en Two little words with a lot of meaning. y.

Role-play C On the first page, you will see a sample of the preparation material you will be given 10 minutes before your exam. On the second page, you.

WALT: how to use the time when talking about your timetable WILF: to identify the correct time in French when reading & listening (level 3) DAYS OF THE.

Savoir and connaître both mean to know. They are both irregular verbs. Je ne sais pas!

Français 3 Chapitre 1 Grammaire 1. To conjugate –er, -ir and –re verbs in the present tense (to say that something is happening or happens), drop the.

____________________ Pourquoi? L/O: To be able to justify your opinion about school subjects STARTER: Trouve les paires Match the French to the English:

Quest-ce que tu fais à lécole? Buts: Using regular verbs to say what we do at school.

Assessment and the new secondary curriculum S. Barfoot.

Starter Fill in the gaps with the right words from the bottom:

Pour mieux écrire. Do not use on-line translators (except as a dictionary for a single word) Be very careful using a dictionary (be sure youre finding.

Les Questions dInformation. Information Questions Information questions are open-ended. They request new information and cannot be answered with a simple.

Mardi 20 Novembre 2012 Recap I can

Talking about the things you do

TortoiseSVN N°. Subversion : pour quoi faire ? Avoir un espace de stockage commun – Tous les étudiants du SIGLIS ont un espace svn commun Partager vos.

B.A.N.G.S! Adjectives.

Les choses que j aime Learning Objective: To know how to use j aime to talk about things I like to do.

Laboratoire de Bioinformatique des Génomes et des Réseaux Université Libre de Bruxelles, Belgique Introduction Statistics.

Un chat deux chats deux chiens Un chien deux chevaux Un cheval

A Le pronom y p. 282 Note the use of the pronoun y (there) in the answers to the following questions. Tu vas souvent à la plage? Oui, j’y vais souvent.

Jeudi, le 22 Mars Pass LATE Grammar tutor packet (50) & p.131 Workbook (50) Pass Puzzle Packet (100)

QU’EST-CE QUE TU FAIS?.

Chez moi! In this unit you will learn:

Imparfait v. Passé Composé

Imparfait v. Passé Composé

Donnez l’heure “Time”… it’s a ticking!.

OHT 44 Starter 5, page 79 House vocabulary eée e a o auii e eueau aaàae esc. aaeeais a ae aoue acae eaae aa eeeu eai.

Français II H – Leçon 1B Structures

A Les questions d’information p. 106 The questions below ask for specific information and are called INFORMATION QUESTIONS. The INTERROGATIVE EXPRESSIONS.

BIOS – – SADI Semantic Automated Discovery and Integration Sébastien Carrere.

Français I. Une fille française Gabrielle est française. Elle est blonde. Elle est belle. Elle est de Paris.

3 Minutes Sprinter exercise: Write sentences in the

The Conditional Duh duh DUUUUUHHHHH!. What is the conditional? The French conditional is very similar to the English conditional mood. It describes events.

WE’RE ALMOST DONE – CONGRATULATIONS! LE PRONOM « Y »

Reprise Rappel 3, Part A Revised 9/10/12.

The Passé Composé Objective: to talk about things we have done on a visit to explain what events happened to speak and write about events in the past.

ANSWERS. What is Verb Conjugation? For one thing, conjugating a verb is simply putting a verb in an orderly arrangement. We will use a chart. To create.

1. choose a pen pal from advertisement page 2. follow directions for writing a letter to that person.

Welcome to French Live Lessons! 3.01 & 3.02.

Ministère de l’Éducation, du Loisir et du Sport Responsables des programmes FLS et ELA: Diane Alain et Michele Luchs Animateurs: Diane Alain et Michael.

3 Les Verbes -ER Talking about people’s activities Les normes: –Communication 1.2: Understanding the written and spoken language –Comparisons 4.1: Understanding.

THE ADJECTIVES: BEAU, NOUVEAU AND VIEUX 1.

Sémantique des Systèmes Distribués et Embarqués -- UNSA Temporal Logics Temporal Logics (CTL, ACTL) Logic patterns SSDE Eric Madelaine -- vendredi.

WALT: how to tell the time in French WILF: to be able to understand ¼ past, ½ past, ¼ to and o’clock (level 2) to be able to understand all times in French.

F RIENDS AND FRIENDSHIP Project by: POPA BIANCA IONELA.

What’s the weather like?

Transcription de la présentation:

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Temporal Logics Temporal Logics (CTL, ACTL) Logic patterns SSDE Eric Madelaine -- mardi 23 mars 2010 Note: Ce cours comprendra des exercices comptant pour la note de contrôle continu Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Reasoning about Executions [L3, (mt3, vr3), ….] Explored State-Space (computation tree) Conceptual View [L1, (mt1, vr1), ….] [L2, (mt2, vr2), ….] [L5, (mt5, vr5), ….] L1 L4 L2 L3 L5 ?b1 ?err ?b0 !a1 ?a1 !a0 We want to reason about execution trees tree node = snap shot of the program’s state Reasoning consists of two layers defining predicates on the program states (control points, variable values) expressing temporal relationships between those predicates Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computational Tree Logic (CTL) Relations to process algebras ? Temporal Logics are used to express (user) requirements, in the early stages of the development cycle. Absence of errors, absence of deadlocks, reachability, progress, termination, liveness, … Different logics relate to different equivalence relations: LTL  Trace equivalence CTL, ACTL  Bisimulations Model-checking = Satisfiability of a Logic Formula within a specific model (transition system, program, …) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computational Tree Logic (CTL) Clarke & Emerson (early 1980’s) F ::= P …primitive propositions | !F | F && F | F || F | F -> F …propositional connectives | AG F | EG F | AF F | EF F …temporal operators | AX F | EX F | A[F U F] | E[F U F] Syntax Semantic Intuition path quantifier AG p …along All paths p holds Globally temporal operator EG p …there Exists a path where p holds Globally AF p …along All paths p holds at some state in the Future EF p …there Exists a path where p holds at some state in the Future Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computational Tree Logic (CTL) F ::= P …primitive propositions | !F | F && F | F || F | F -> F …propositional connectives | AG F | EG F | AF F | EF F …path/temporal operators | AX F | EX F | A[F U F] | E[F U F] Syntax Semantic Intuition AX p …along All paths, p holds in the neXt state EX p …there Exists a path where p holds in the neXt state A[p U q] …along All paths, p holds Until q holds E[p U q] …there Exists a path where p holds Until q holds Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic AG p p Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic EG p p Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic AF p p Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic EF p p Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic AX p p Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic EX p p Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic A[p U q] p q Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Computation Tree Logic E[p U q] p q Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Example CTL Specifications For any state, a request (for some resource) will eventually be acknowledged AG(requested -> AF acknowledged) From any state, it is possible to get to a restart state AG(EF restart) An upwards travelling elevator at the second floor does not changes its direction when it has passengers waiting to go to the fifth floor AG((floor=2 && direction=up && button5pressed) -> A[direction=up U floor=5]) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exercices Ecrire en CTL: P est vrai après Q P devient vrai après Q P répond à Q On ne peut pas aller plus de 2 fois dans un état vérifiant P Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Exercices --- Corrections --- Ecrire en CTL: P est vrai après Q AG(Q -> AG(P)) P devient vrai après Q AG (!P U (Q & AF(P))) P répond à Q AG(Q -> AF(P)) On ne peut pas aller plus de 2 fois dans un état vérifiant P !EF (!P & EX(P & EF(!P & EX(P & EF(!P & EX(P)))))) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exercice: Minimality It is sufficient to define CTL syntax as: ::= P | !F | F && F | AX F | EX F | A[F U F] | E[F U F] Express the other operators as derivatives: f || g = AF g = EF g = AG f = EG f = Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Exercice: Minimality --- Corrections --- It is sufficient to define CTL syntax as: ::= P | !F | F && F | AX F | EX F | A[F U F] | E[F U F] Express the other operators as derivatives: f || g = ! (!f && !g) AF g = A[true U g] EF g = E[true U g] AG f = ! E[true U !f] EG f = ! A[true U !f] Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exercice (CC) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Semantics: interpretation on Kripke structures Kripke structure K = (S,R,L) S set of states R transition relation L valuation function L()(s) -> True/False Path = infinite sequence (s0,s1, s2, …) such that i (si,si+1)  R Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Semantics: interpretation on Kripke structures Formalisation of the semantics : s ⊨ p iff L(s)(p) where p atomic proposition s ⊨ !f iff s ⊭ f s0 ⊨ AX f iff for all paths (s0,s1, s2, …), s1 ⊨ f s0 ⊨ A(f U g) iff for all paths (s0,s1, …), for some i, si ⊨ f and for all j<i sj ⊨ g Exercice: give the formal definition of these operators: s0 ⊨ AG f iff s0 ⊨ EF f iff Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Interpretation on Kripke structures --- Corrections --- Formalisation of the semantics : s ⊨ p iff L(s)(p) where p atomic proposition s ⊨ !f iff s ⊭ f s0 ⊨ AX f iff for all paths (s0,s1, s2, …), s1 ⊨ f s0 ⊨ A(f U g) iff for all paths (s0,s1, …), for some i, si ⊨ f and for all j<i sj ⊨ g Exercice: s0 ⊨ AG f iff for all paths (s0,s1, s2, …), for all i, si ⊨ f s0 ⊨ EF f iff there exists a path (s0,s1, s2, …), and an i, with si ⊨ f Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Modal Logics Temporal logics for Labelled Transition Systems (= action-based) HML (Hennessy-Milner, 85) ACTL (DeNicola-Vandrager, 90) Modal -calculus (Kozen 83) Regular -calculus (Madescu 03) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

ACTL: Action Computation Tree Logic Atomic propositions (on actions) + boolean connectors Paths formulas: Next Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

ACTL: Action Computation Tree Logic Paths formulas: Until Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

ACTL: Action Computation Tree Logic State formulas: Note the recursive def of path/state formulas. Define derived operators as usual: Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exemple: Scheduler_2 start1 start2 end1 end2 i,j in {1,0} i≠j : AG tt [start_i] AG !end_i [start_j] ff !EF tt [start_i] EF !end_i [start_j] tt Or equivalently : Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 27

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exemple: Scheduler_2 start1 start2 end1 end2 Que signifie ? AG tt (EF tt <end_i> tt ∧ EF tt <start_i> tt) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 28

--- Corrections --- Exemple: Scheduler_2 start1 start2 end1 end2 Que signifie ? AG tt (EF tt <end_i> tt ∧ EF tt <start_i> tt) Vivacité : ttes les actions visibles sont toujours atteignables Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 29

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exemple: Scheduler_2 start1 start2 end1 end2 Que signifie ? AG tt [end_i] A (tt tt U start_i tt) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 30

--- Corrections --- Exemple: Scheduler_2 start1 start2 end1 end2 Que signifie ? AG tt [end_i] A (tt tt U start_i tt) Inévitabilité / absence de famine : pour chaque i, start_i est inévitable en un nombre fini de transition à partir de n’importe quel end_i Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 31

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exercice: (CC) start1 start2 end1 end2 Que signifie ? Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 32

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Temporal Logics Temporal Logic : CTL Modal logic: ACTL Logic patterns Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Motivation for Specification Patterns Temporal properties are not always easy to write Clearly many specifications can be captured in both CTL and ACTL (or LTL*) * left for personal research Example: action Q must respond to action P CTL: AG(P -> AF Q) LTL: [](P -> <>Q) You can use specification patterns to: Capture the experience base of expert designers Transfer that experience between practitioners. Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Pattern Hierarchy Property Patterns Occurrence Order Absence Bounded Existence Chain Response Precedence Universality Existence Chain Precedence Response Classification Occurrence Patterns: require states/events to occur or not to occur Order Patterns constrain the order of states/events Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Occurrence Patterns Absence: A given state/event does not occur within a scope Existence: A given state/event must occur within a scope Bounded Existence: A given state/event must occur k times within a scope variants: at least k times in scope, at most k times in scope Universality: A given state/event must occur throughout a scope Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Order Patterns Precedence: A state/event P must always be preceded by a state/event Q within a scope Response: A state/event P must always be followed a state/event Q within a scope Chain Precedence: A sequence of state/events P1, …, Pn must always be preceded by a sequence of states/events Q1, …, Qm within a scope Chain Response: A sequence of state/events P1, …, Pn must always be followed by a sequence of states/events Q1, …, Qm within a scope Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Pattern Scopes Global Before Q After Q Between Q and R After Q and R State sequence Q R Q Q R Q Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

The Response Pattern Intent To describe cause-effect relationships between a pair of events/states. An occurrence of the first, the cause, must be followed by an occurrence of the second, the effect. Also known as Follows and Leads-to. Mappings: In these mappings, P is the cause and S is the effect Globally: [](P -> <>S) LTL: Before R: <>R -> (P -> (!R U (S & !R))) U R After Q: [](Q -> [](P -> <>S)) Between Q and R: []((Q & !R & <>R) -> (P -> (!R U (S & !R))) U R) After Q until R: [](Q & !R -> ((P -> (!R U (S & !R))) W R) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

The Response Pattern (continued) Mappings: In these mappings, P is the cause and S is the effect Globally: AG(P -> AF(S)) CTL: Before R: A[((P -> A[!R U (S & !R)]) | AG(!R)) W R] After Q: A[!Q W (Q & AG(P -> AF(S))] Between Q and R: AG(Q & !R -> A[((P -> A[!R U (S & !R)]) | AG(!R)) W R]) After Q until R: AG(Q & !R -> A[(P -> A[!R U (S & !R)]) W R]) Examples and Known Uses: Response properties occur quite commonly in specifications of concurrent systems. Perhaps the most common example is in describing a requirement that a resource must be granted after it is requested. Relationships Note that a Response property is like a converse of a Precedence property. Precedence says that some cause precedes each effect, and... Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Specify Patterns in Bandera The Bandera Pattern Library is populated by writing pattern macros: pattern { name = “Response” scope = “Globally” parameters = {P, S} format = “{P} leads to {S} globally” ltl = “[]({P} –> <>{S})” ctl = “AG({P} –> AF({S}))” } Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Exercice (CC) En utilisant les définitions de la bibliothèque CADP, que vous trouverez ici: http://www-sop.inria.fr/members/Eric.Madelaine/Teaching/SSDE-2010/actl.html écrivez en ACTL les propriétés suivantes: 1) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Evaluation (Kansas University, ) 555 TL specs collected from at least 35 different sources 511 (92%) matched one of the patterns Of the matches... Response: 245 (48%) Universality: 119 (23%) Absence: 85 (17%) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Questions Do patterns facilitate the learning of specification formalisms like CTL and LTL? Do patterns allow specifications to be written more quickly? Are the specifications generated from patterns more likely to be correct? Does the use of the pattern system lead people to write more expressive specifications? Based on anecdotal evidence, we believe the answer to each of these questions is “yes” Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Beyond LTL/CTL/ACTL: Logics with data MCL : Model Checking Language (Matescu 2008) = regular modal -calculus + data 1 2 1: receive a value (with a condition) 2: data quantification 3: regular expressions, modalities, infinite loops, etc. (reduces the need for writing explicit fix-points) Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Vocabulary: back on important notions Safety / Liveness What does it means What kind of diagnostics ? Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Safety Properties Informally, a safety property states that nothing bad ever happens Examples Invariants: “x is always less than 10” Deadlock freedom: “the system never reaches a state where no moves are possible” Mutual exclusion: “the system never reaches a state where two processes are in the critical section” As soon as you see the “bad thing”, you know the property is false Safety properties can be falsified by a finite-prefix of an execution trace Practically speaking, an error trace for a safety property is a finite list of states beginning with the initial state Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Liveness Properties Informally, a liveness property states that something good will eventually happen Examples Termination: “the system eventually terminates” Response properties: “if action X occurs then eventually action Y will occur” Need to keep looking for the “good thing” forever Liveness properties can be falsified by an infinite-suffix of an execution trace Practically speaking, an error trace for a liveness property is a finite list of states beginning with the initial state followed by a cycle showing you a loop that can cause you to get stuck and never reach the “good thing” Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Safety vs Liveness Practically, it is important to know the difference because… It impacts how we design verification algorithms and tools Some tools only check safety properties (e.g., based on reachability algorithms) It impacts how we run tools Different command line options are used for Spin It impacts how we form abstractions Liveness properties often require forms of abstraction that differ from those used in safety properties Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Assessment Safety vs Liveness is an important distinction However, it is very coarse Lots of variations within safety and liveness A finer classification might be more useful Liveness is more useful when used with “fairness” conditions. Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009

Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009 Summary Computational Tree Logic : CTL Properties of executions in non-deterministic state-based models Modal logic: ACTL Idem, for action-based models Logic patterns User friendly / natural language like constructs With a formal definition ! Sémantique des Systèmes Distribués et Embarqués -- UNSA 2009