Absolute versus Relative Time in Process Algebras

Timed process algebras are useful tools for the specification and verification of real-time systems. We study the relationships between two of these algebras, I (closed interval process Algebra) and TCCS (temporal CCS), which deal with temporal aspects of concurrent systems by following very different interpretations: durational actions versus durationless actions, absolute time versus relative time, timed functional behavior versus time and functional behavior, local clocks versus global clocks. We show that these different choices are not irreconcilable by presenting simple mappings from I to TCCS which preserve the behavioral equivalences over the two timed calculi. These results hold whenever basic actions are interpreted as either eager or lazy, whenever the starting time of action execution is observed rather than their completion time. A study on the size of the labelled transition systems describing the transitional semantics of cIpa processes and those describing the transitional semantics of their translated versions is also presented.     

Reactive systems, (semi-)saturated semantics and coalgebras on presheaves

The semantics of process calculi has traditionally been specified by labelled transition systems (ltss), but, with the development of name calculi, it turned out that reaction rules (i.e., unlabelled transition rules) are often more natural. This leads to the question of how behavioral equivalences (bisimilarity, trace equivalence, etc.) defined for lts can be transferred to unlabelled transition systems. Recently, in order to answer this question, several proposals have been made with the aim of automatically deriving an lts from reaction rules in such a way that the resulting equivalences are congruences. Furthermore, these equivalences should agree with the standard semantics, whenever one exists.In this paper, we propose saturated semantics, based on a weaker notion of observation and orthogonal to all the previous proposals, and we demonstrate the appropriateness of our semantics by means of two examples: logic programming and open Petri nets. We also show that saturated semantics can be efficiently characterized through the so called semi-saturated games. Finally, we provide coalgebraic models relying on presheaves.     

Composition methods for constructing characteristic formulas for dense-time models

In verification of complex computing systems, the concept of testing equivalence is frequently used. One of the ways to solve the problem of recognizing timed testing equivalences in the framework of the model of timed event structures with internal actions is to reduce it to formula verification on a model (model-checking). To this end, logical formulas characterizing timed event structure up to test pre-orders are constructed. In the paper, composition methods for characteristic formulas that do not rely on region and class graphs are considered, which simplifies construction of the characteristic formulas.     

Compositional semantics of spiking neural P systems

The aim of the paper is to give a formal compositional semantics for spiking neural P systems (SNP systems) by following the Structural Operational Semantics (SOS) approach. A process algebra is introduced whose terms represent SNP systems. The algebra is equipped with a semantics, given as a labelled transition system. This semantics allows notions of behavioural equivalences over SNP systems to be studied. Some known equivalences are considered and their definition based on the given semantics is provided. Such equivalences are proved to be congruences.     

Timing and causality in process algebra

 There has been considerable controversy in concurrency theory between the ‘interleaving’ and ‘true concurrency’ schools. The former school advocates associating a transition system with a process which captures concurrent execution via the interleaving of occurrences; the latter adopts more complex semantic structures to avoid reducing concurrency to interleaving. In this paper we show that the two approaches are not irreconcilable. We define a timed process algebra where occurrences are associated with intervals of time, and give it a transition system semantics. This semantics has many of the advantages of the interleaving approach; the algebra admits an expansion theorem, and bisimulation semantics can be used as usual. Our transition systems, however, incorporate timing information, and this enables us to express concurrency: merely adding timing appropriately generalises transition systems to asynchronous transition systems, showing that time gives a link between true concurrency and interleaving. Moreover, we can provide a complete axiomatisation of bisimulation for our algebra; a result that is often problematic in a timed setting. Another advantage of incorporating timing information into the calculus is that it allows a particularly simple definition of action refinement; this we present. The paper concludes with a comparison of the equivalence we present with those in the literature, and an example system specification in our formalism. Received December 20, 1993/February 23, 1995     

‘Closed Interval Process Algebra’ versus ‘Interval Process Algebra’

Summary. In this paper we extend the theory of processes with durational actions that has been proposed in [1,2] to describe and reason about the performance of systems. We associate basic actions with lower and upper time bounds, that specify their possible different durations. Depending on how the lower and upper time bounds are fixed, eager actions (those which happen as soon as they can), lazy actions (those which can wait arbitrarily long before firing) as well as patient actions (those which can be delayed for a while) can be modelled. Processes are equipped with a (soft) operational semantics which is consistent with the original one and is well-timed (observation traces are ordered with respect to time). The bisimulation-based equivalence defined on top of the new operational semantics, timed equivalence, turns out to be a congruence and, within the lazy fragment of the algebra, refines untimed equivalences. Decidability and automatic checking of timed equivalence are also stated by resorting to a finite alternative characterization which is amenable to an automatic treatment by using standard algorithms. The relationships with other timed calculi and equivalences proposed in the literature are also established. Received: 22 May 1998 / 8 November 2000     

Testing equivalence as a bisimulation equivalence

In this paper we show how the testing equivalences and preorders on transition systems may be interpreted as instances of generalized bisimulation equivalences and prebisimulation preorders. The characterization relies on defining transformations on the transition systems in such a way that the testing relations on the original systems correspond to (pre)bisimulation relations on the altered systems. On the basis of these results, it is possible to use algorithms for determining the (pre)bisimulation relations in the case of finite-state transition systems to compute the testing relations.     

Predicate diagrams for the verification of real-time systems

This article discusses a new format of predicate diagrams for the verification of real-time systems. We consider systems that are defined as extended timed graphs, a format that combines timed automata and constructs for modelling data, possibly over infinite domains. Predicate diagrams are succinct and intuitive representations of Boolean abstractions. They also represent an interface between deductive tools used to establish the correctness of an abstraction, and model checking tools that can verify behavioral properties of finite-state models. The contribution of this article is to extend the format of predicate diagrams to timed systems. We establish a set of verification conditions that are sufficient to prove that a given predicate diagram is a correct abstraction of an extended timed graph; these verification conditions can often be discharged with SMT solvers such as CVC-lite. Additionally, we describe how this approach extends naturally to the verification of parameterized systems. The formalism is supported by a toolkit, and we demonstrate its use at the hand of Fischer’s real-time mutual-exclusion protocol.     

Extensional equivalences for transition systems

Summary Various notions of systems equivalence based on the reactions of systems to stimuli from the outside world are presented and compared. These notions have been proposed in the literature to allow abstraction from unwanted details in models of concurrent and communicating systems. The equivalences, already defined for different theories of concurrency, will be compared by adapting their definitions to labelled transition systems, a model which underlies many others. In the presentation of each equivalence, the aspects of system behaviours which are ignored and the identifications which are forced will be stressed. It will be shown that many equivalences, although defined very differently by following different intuitions about systems behaviour, turn out to be the same or to differ only in minor detail for a large class of transition systems.     

Network invariants for real-time systems

We extend the approach of model checking parameterized networks of processes by means of network invariants to the setting of real-time systems. We introduce timed transition structures (which are similar in spirit to timed automata) and define a notion of abstraction that is safe with respect to linear temporal properties. We strengthen the notion of abstraction to allow a finite system, then called network invariant, to be an abstraction of networks of real-time systems. In general the problem of checking abstraction of real-time systems is undecidable. Hence, we provide sufficient criteria, which can be checked automatically, to conclude that one system is an abstraction of a concrete one. Our method is based on timed superposition and discretization of timed systems. We exemplify our approach by proving mutual exclusion of a simple protocol inspired by Fischer’s protocol, using the model checker TLV. Part of this work was done during O. Grinchtein’s stay at Weizmann Institute. This author was supported by the European Research Training Network “Games”.     

Trace Machines for Observing Continuous-Time Markov Chains

In this paper, we study several linear-time equivalences (Markovian trace equivalence, failure and ready trace equivalence) for continuous-time Markov chains that refer to the probabilities for timed execution paths. Our focus is on testing scenarios by means of push-button experiments with appropriate trace machines and a discussion of the connections between the equivalences. For Markovian trace equivalence, we provide alternative characterizations, including one that abstracts away from the time instances where actions are observed, but just reports on the average sojourn times in the states. This result is used for a reduction of the question whether two finite-state continuous-time Markov chains are Markovian trace equivalent to the probabilistic trace equivalence problem for discrete-time Markov chains (and the latter is known to be solvable in polynomial time).     

Timed substitutions for regular signal-event languages

In the classical framework of formal languages, a refinement operation is modeled by a substitution and an abstraction by an inverse substitution. These mechanisms have been widely studied, because they describe a change in the specification level, from an abstract view to a more concrete one, or conversely. For timed systems, there is up to now no uniform notion of substitution. In this paper, we study timed substitutions in the general framework of signal-event languages, where both signals and events are taken into account. We prove that regular signal-event languages are closed under substitution and inverse substitution. To obtain these results, we use in a crucial way a “well known” result: regular signal-event languages are closed under intersection. In fact, while this result is indeed easy for languages defined by Alur and Dill’s timed automata, it turns out that the construction is much more tricky when considering the most involved model of signal-event automata. We give here a construction working on finite and infinite signal-event words and taking into account signal stuttering, unobservability of zero-duration τ-signals and Zeno runs. Note that if several constructions have been proposed in particular cases, it is the first time that a general construction is provided.     

Conformance Tests for Real-Time Systems with Timed Automata Specifications

A method is introduced for testing the conformance of implemented real-time systems to timed automata specifications. Uppaal timed automata are transformed into testable timed transition systems (TTTSs) using a test view. Fault hypotheses and a test generation algorithm for TTTSs are defined. Results of applying the method are presented. Received October 1999 / Accepted in revised form November 2000     

On a general solution to the problem of equivalent transformations of program schemes

Schemes of programs without procedures are considered, and a rich family of scheme equivalences is studied. The structure of equivalent schemes is analyzed in order to build transformation systems that are complete with respect to equivalences from this family. The first result of the research is reported, which is that all equivalences from the family in question are solvable.     

A theory of bisimulation for the π-calculus

 We study a new formulation of bisimulation for the π-calculus [MPW92], which we have called open bisimulation (∼). In contrast with the previously known bisimilarity equivalences, ∼ is preserved by allπ-calculus operators, including input prefix. The differences among all these equivalences already appear in the sublanguage without name restrictions: Here the definition of ∼ can be factorised into a “standard” part which, modulo the different syntax of actions, is the CCS bisimulation, and a part specific to the π-calculus, which requires name instantiation. Attractive features of ∼ are: A simple axiomatisation (of the finite terms), with a completeness proof which leads to the construction of minimal canonical representatives for the equivalence classes of ∼; an “efficient” characterisation, based on a modified transition system. This characterisation seems promising for the development of automated-verification tools and also shows the call-by-need flavour of ∼. Although in the paper we stick to the π-calculus, the issues developed may be relevant to value-passing calculi in general. Received: June 11, 1993/November 28, 1994     

基于SMT的PTACTL限界模型检测方法

概率时间自动机是在时间自动机的基础上加上各个状态迁移的概率以后形成的一种扩展的时间自动机,能用来对基于时间的随机协议、容错系统等进行建模,具有很强的实用性。本文针对概率时间自动机给出一种基于SMT的限界模型检测方法来验证该模型下的PTACTL性质,该方法由基于SMT的限界模型检测算法演变而来,通过将迁移时间和迁移概率融入ACTL性质中,改变模型的编码以及待验证性质的编码方式来实现对性质的验证。通过2个实例说明检测过程的有效性和高效性。     

A Semantics for Timed MSC

Message Sequence Charts (MSC) is a graphical and textual specification language developed by ITU-T. It is widely used in telecommunication software engineering for specifying behavioral scenarios. Recently, the time concept has been introduced into MSC'2000. To support the specification and verification of real-time systems using timed MSC, we need to define its formal semantics. In this paper, we use timed lposet as a semantic model and give a formal semantics for timed MSC. We first define an event in a timed MSC as a timed lposet, then give a formal semantics for timed basic MSCs, timed MSCs with structures and high-level MSCs. In this paper, we also discuss some important issues related to timed MSC.     

Axiomatising timed automata

Timed automata has been developed as a basic semantic model for real time systems. Its algorithmic aspects for automated analysis have been well studied. But so far there is still no satisfactory algebraic theory to allow the derivation of semantical equivalence of automata by purely syntactical manipulation. The aim of this paper is to provide such a theory. We present an inference system of timed bisimulation equivalence for timed automata based on a CCS-style regular language for describing timed automata. It consists of the standard monoid laws for bisimulation and a set of inference rules. The judgments of the proof system are conditional equations of the form where is a clock constraint and t,u are terms denoting timed automata. The inference system is shown to be sound and complete for timed bisimulation. The proof of the completeness result relies on the notion of symbolic timed bisimulation, adapted from the work on value–passing processes. Received: 10 May 2001 / 22 October 2001