Efficient Hybrid Reachability Analysis for Asynchronous Concurrent Systems - PowerPoint PPT Presentation

1 / 45
About This Presentation
Title:

Efficient Hybrid Reachability Analysis for Asynchronous Concurrent Systems

Description:

Efficient Hybrid Reachability Analysis for Asynchronous Concurrent Systems ... Initial state transition relation reachable states. Iterate until fix-point. Outline ... – PowerPoint PPT presentation

Number of Views:46
Avg rating:3.0/5.0
Slides: 46
Provided by: enricp
Category:

less

Transcript and Presenter's Notes

Title: Efficient Hybrid Reachability Analysis for Asynchronous Concurrent Systems


1
Efficient Hybrid Reachability Analysis for
Asynchronous Concurrent Systems
  • E. Pastor and M.A. Peña
  • Department of Computer Architecture
  • Technical University of Catalonia (UPC)
  • Barcelona, Spain

2
Context and Goals
  • Hybrid Strategy for Reachability Analysis
  • oriented to
  • Asynchronous Concurrent Systems
  • Why hybrid state exploration?
  • The system is too large
  • An early counter-example is required with low
    computation cost
  • Why special focus on concurrent systems?
  • Performance of classical state exploration is low
  • Structure of the state space can be partially
    analyzed

3
Context and Goals
  • Simple example
  • Initial State
  • a 1, b c d 0
  • a is ready to fall

4
Context and Goals
  • Transition Systems FSM-like model
  • States, transitions and events
  • State generation
  • Initial state transition relation ? reachable
    states
  • Iterate until fix-point

5
Outline
  • Background
  • Overview of the hybrid strategy
  • Causality analysis
  • State space exploration by simulation
  • Guided-traversal
  • Experimental results
  • Conclusions

6
Background Transition Systems
7
Background Transition Systems
Disjunctive TR Each event TR Tr(e) is
manipulated separately
8
Background Transition Systems
  • Breadth First Search (BFS) state exploration does
    not exploit the peculiarities of concurrent
    systems
  • Much efficient results are obtained by using a
    mixed (BFS/DFS) called chaining firing order is
    crucial

BFS
chained BFS
s0
s0
s0
s0
a
b
a
b
s1
s2
s1
s2
b
a
b
a
s3
s3
9
Background Transition Systems
  • Breadth First Search (BFS) state exploration does
    not exploit the peculiarities of concurrent
    systems
  • Much efficient results are obtained by using a
    mixed (BFS/DFS) called chaining firing order is
    crucial

BFS
chained BFS
s0
s0
s0
s0
b
a
b
a
s1
s2
s1
s2
b
a
b
a
s3
s3
10
Background Transition Systems
  • Breadth First Search (BFS) state exploration does
    not exploit the peculiarities of concurrent
    systems
  • Much efficient results are obtained by using a
    mixed (BFS/DFS) called chaining firing order is
    crucial

BFS
chained BFS
s0
s0
s0
s0
a
b
a
b
s1
s2
s1
s2
b
a
b
a
s3
s3
11
Background Transition Systems
  • Breadth First Search (BFS) state exploration does
    not exploit the peculiarities of concurrent
    systems
  • Much efficient results are obtained by using a
    mixed (BFS/DFS) called chaining firing order is
    crucial

BFS
chained BFS
s0
s0
s0
s0
a
b
a
b
s1
s2
s1
s2
b
a
b
a
s3
s3
12
Background Transition Systems
  • Breadth First Search (BFS) state exploration does
    not exploit the peculiarities of concurrent
    systems
  • Much efficient results are obtained by using a
    mixed (BFS/DFS) called chaining firing order is
    crucial

BFS
chained BFS
s0
s0
s0
s0
a
b
a
b
s1
s2
s1
s2
b
a
b
a
s3
s3
13
(No Transcript)
14
BFS
chained BFS
chained BFS
a,b,c,d,e,f,g
e,a,g,c,b,f,d
a,b,c,d,e,f,g
15
BFS
chained BFS
chained BFS
s0
s0
s0
b
b
b
a
a
a
s1
s2
s1
s2
s1
s2
a
b
a
b
a
b
c
c
c
b
b
b
s3
s4
s5
s3
s4
s5
s3
s4
s5
e
d
e
d
e
d
c
c
c
e
e
e
d
d
d
s6
s7
s8
s6
s7
s8
s6
s7
s8
b
a
b
a
b
a
e
e
e
b
f
b
f
b
f
d
f
d
f
d
f
s9
s10
s11
s9
s10
s11
s9
s10
s11
a
g
a
g
a
g
s12
s12
s12
a,b,c,d,e,f,g
a,b,c,d,e,f,g
e,a,g,c,b,f,d
16
BFS
chained BFS
chained BFS
s0
s0
s0
b
b
b
a
a
a
s1
s2
s1
s2
s1
s2
a
b
a
b
a
b
c
c
c
b
b
b
s3
s4
s5
s3
s4
s5
s3
s4
s5
e
d
e
d
e
d
c
c
c
e
e
e
d
d
d
s6
s7
s8
s6
s7
s8
s6
s7
s8
b
a
b
a
b
a
e
e
e
b
f
b
f
b
f
d
f
d
f
d
f
s9
s10
s11
s9
s10
s11
s9
s10
s11
a
g
a
g
a
g
s12
s12
s12
a,b,c,d,e,f,g
a,b,c,d,e,f,g
e,a,g,c,b,f,d
17
BFS
chained BFS
chained BFS
s0
s0
s0
b
b
b
a
a
a
s1
s2
s1
s2
s1
s2
a
b
a
b
a
b
c
c
c
b
b
b
s3
s4
s5
s3
s4
s5
s3
s4
s5
e
d
e
d
e
d
c
c
c
e
e
e
d
d
d
s6
s7
s8
s6
s7
s8
s6
s7
s8
b
a
b
a
b
a
e
e
e
b
f
b
f
b
f
d
f
d
f
d
f
s9
s10
s11
s9
s10
s11
s9
s10
s11
a
g
a
g
a
g
s12
s12
s12
a,b,c,d,e,f,g
a,b,c,d,e,f,g
e,a,g,c,b,f,d
18
BFS
chained BFS
chained BFS
s0
s0
s0
b
b
b
a
a
a
s1
s2
s1
s2
s1
s2
a
b
a
b
a
b
c
c
c
b
b
b
s3
s4
s5
s3
s4
s5
s3
s4
s5
e
d
e
d
e
d
c
c
c
e
e
e
d
d
d
s6
s7
s8
s6
s7
s8
s6
s7
s8
b
a
b
a
b
a
e
e
e
b
f
b
f
b
f
d
f
d
f
d
f
s9
s10
s11
s9
s10
s11
s9
s10
s11
a
g
a
g
a
g
s12
s12
s12
a,b,c,d,e,f,g
a,b,c,d,e,f,g
e,a,g,c,b,f,d
19
BFS
chained BFS
chained BFS
s0
s0
s0
b
b
b
a
a
a
s1
s2
s1
s2
s1
s2
a
b
a
b
a
b
c
c
c
b
b
b
s3
s4
s5
s3
s4
s5
s3
s4
s5
e
d
e
d
e
d
c
c
c
e
e
e
d
d
d
s6
s7
s8
s6
s7
s8
s6
s7
s8
b
a
b
a
b
a
e
e
e
b
f
b
f
b
f
d
f
d
f
d
f
s9
s10
s11
s9
s10
s11
s9
s10
s11
a
g
a
g
a
g
s12
s12
s12
a,b,c,d,e,f,g
a,b,c,d,e,f,g
e,a,g,c,b,f,d
20
BFS
chained BFS
chained BFS
s0
s0
s0
b
b
b
a
a
a
s1
s2
s1
s2
s1
s2
a
b
a
b
a
b
c
c
c
b
b
b
s3
s4
s5
s3
s4
s5
s3
s4
s5
e
d
e
d
e
d
c
c
c
e
e
e
d
d
d
s6
s7
s8
s6
s7
s8
s6
s7
s8
b
a
b
a
b
a
e
e
e
b
f
b
f
b
f
d
f
d
f
d
f
s9
s10
s11
s9
s10
s11
s9
s10
s11
a
g
a
g
a
g
s12
s12
s12
a,b,c,d,e,f,g
a,b,c,d,e,f,g
e,a,g,c,b,f,d
21
Overview of the hybrid strategy
  • First phase
  • Simulation strategy using an automatic
  • branching exploration of the state space.
  • Classical simulation algorithm, but
  • Separate choice from concurrency
  • Causality analysis is used to identify branching
    states
  • Concurrency alternatives are avoided to be
    explored later

22
Overview of the hybrid strategy
  • Second phase
  • Traversal of a subset of the state-space driven
    by the causality obtained from the simulation.
  • Alternative sequences are used to drive a
    pseudo-traversal algorithm
  • This traversal algorithm generates additional
    sequences equivalent to the original modulo
    concurrency
  • States are generated in a single pass. No
    fix-point iteration is necessary

23
Causality analysis
  • Causality analysis is key to identify alternative
    branching sequences and differentiate them from
    interleaving due to concurrency.
  • Types of causality to be encountered
  • Concurrency
  • Symmetric conflict
  • Asymmetric conflict

24
Causality analysis
  • Concurrency between a and b
  • both events can be executed interleaved

s0
s0
a
b
s1
s2
b
a
s3
25
Causality analysis
  • Symmetric conflict between a and b
  • each branch is mutually exclusive

s0
s0
a
b
s1
s2
26
Causality analysis
  • Asymmetric conflict between a and b
  • one branch disables the other

s0
s0
a
b
s1
s2
b
s3
27
State space exploration
  • Simulation algorithm
  • Keep a list of active state sequences to be
    explored
  • Take a sequence and analyze the bottom state
  • Select an enabled event
  • If concurrent to all other successors then extend
    the sequence
  • If in conflict, duplicate the sequence and force
    the exploration the selected event in one, and
    disable the event in the other
  • Keep both sequences active
  • Exploration of a sequence stops (and stored)
    when
  • Some state is already reached
  • Maximum exploration depth reached
  • Error condition identified

28
State space exploration
  • First phase simulation

Initial State
branching states
alternative sequences
State Space
29
Guided traversal
  • Second phase expansion
  • Sequence selection
  • Causality extraction
  • Traversal guided by causality

Initial State
State Space
30
Guided traversal
  • Second phase expansion
  • Sequence selection
  • Causality extraction
  • Traversal guided by causality

Initial State
State Space
31
Guided traversal
  • A single sequence is a snapshot of the causality
    in the system.
  • Local causality can be extracted from a sequence
    by checking the enabling and firings of events at
    each state.

32
Guided traversal
33
Guided traversal
  • The actual causality between events is determined
    by
  • Comparing the live-span of events
  • A Causal Event Structure (CES) can by extracted.

34
Guided traversal
35
Guided traversal
Equivalent sequences modulo concurrency
36
Guided traversal
37
Guided traversal
38
Guided traversal
39
Guided traversal
40
Guided traversal
41
Guided traversal
42
Guided traversal
All alternatives reached in a single pass
43
Experiments reachability analysis
  • Examples get as much states as possible

Simulation
Traversal
Fixpoint
BDD
States
CPU
BDD
States
CPU
States
CPU
GALS-C
13485
381
0.5
16208
1.2e3
0.8
1.2e3
0.2
PCC-C
9120
306
0.5
21185
9.8e5
3.7
9.8e5
2.7
RGA-A
10493
142
0.5
33355
1.0e9
2.7
3.3e9
6.1
RGA-C
17480
221
1.2
148711
9.1e12
17.4
5.4e13
46.0
IPCMOS-C 4
8088
179
0.3
99799
8.05e9
21.6
8.15e9
44.1
IPCMOS-C 6
15191
263
0.6
278575
1.75e14
14.9
1.78e14
19.1
IPCMOS-C 4
13727
133
0.3
151493
1.16e7
25.6
1.16e7
48.4
IPCMOS-C 6
28481
241
0.9
179577
9.15e9
32.9
9.15e9
27.3
STARI-C 8
141299
5646
16.9
283725
9.73e11
126.0
1.07e12
73.0
44
Experiments timed verification
45
Conclusions
  • Concurrent systems require traversal strategies
    that differ from classical used in synchronous
    systems
  • Incremental analysis of the state space
    exploiting structural information from the system
    is possible
  • We suggest a two-step hybrid traversal
    methodology
  • Simulation provides information from the
    structure of the state space (alternative
    branches and event causality)
  • Traversal exploits that information to speed-up
    the generation of additional states
  • However, traversal is too heavy due to extensive
    use of chaining (must find a trade-off)
Write a Comment
User Comments (0)
About PowerShow.com