SLIDE 1 Theoretical Foundations of the UML
Lecture 5+6: Compositional Message Sequence Graphs Joost-Pieter Katoen
Lehrstuhl für Informatik 2 Software Modeling and Verification Group
moves.rwth-aachen.de/teaching/ss-20/fuml/
May 4, 2020
Joost-Pieter Katoen Theoretical Foundations of the UML 1/29 Be
BEE
SLIDE 2 Outline
1
A non-decomposable MSC
2
Compositional Message Sequence Charts
3
Compositional Message Sequence Graphs
4
Safe Compositional Message Sequence Graphs
5
Existence of Safe Paths
6
Universality of Safe Paths
Joost-Pieter Katoen Theoretical Foundations of the UML 2/29
}
two
decision
problem ,
Undecidable decidable
B•
SLIDE 3 Compositional MSCs
[Gunter, Muscholl, Peled 2001]
Solution: drop restriction that e and m(e) belong to the same MSC (= allow for incomplete message transfer)
Definition (Compositional MSC)
M = (P, E, C, l, m, ) is a compositional MSC (CMSC, for short) where P, E, C and l are defined as before, and m : E! ! E? is a partial, injective function such that (as before): m(e) = e0 ^ l(e) = !(p, q, a) implies l(e0) = ?(q, p, a) = S
p2P <p
[ {(e, m(e)) | e 2 dom(m) | {z }
domain of m
| {z }
“m(e) is defined”
} ⇤
Note:
An MSC is a CMSC where m is total and bijective.
Joost-Pieter Katoen Theoretical Foundations of the UML 6/29
.
SLIDE 4 CMSC example
m(e2) = e3 e1 / 2 dom(m) e4 / 2 rng(m)
Joost-Pieter Katoen Theoretical Foundations of the UML 7/29
÷i÷÷÷÷:÷÷÷
zydeco
SLIDE 5 Paths
Let G = (V, !, v0, F, λ) be a CMSG.
Definition (Path in a CMSG)
A path π of G is a finite sequence π = u0 u1 . . . un with ui 2 V (0 i n) and ui ! ui+1 (0 i < n)
Definition (Accepting path of a CMSG)
Path π = u0 . . . un is accepting if: u0 = v0 and un 2 F.
Definition (CMSC of a path)
The CMSC of a path π = u0 . . . un is: M(π) = (. . . (λ(u0) • λ(u1)) • λ(u2) . . .) • λ(un) where CMSC concatenation is left associative.
Joost-Pieter Katoen Theoretical Foundations of the UML 14/29
X
:
V
→
EM
SLIDE 6 The MSC language of a CMSG
Definition (Language of a CMSG)
The (MSC) language of CMSG G is defined by: L(G) = { M(π) 2 M | {z }
| π is an accepting path of G}.
Note: Accepting paths that give rise to an CMSC (which is not an MSC) are not part of L(G).
Joost-Pieter Katoen Theoretical Foundations of the UML 15/29 Egg
SLIDE 7 I 2
r
2
a
CMSG
a
→
f-
.
→
>
b→
8
Uo
✓
U
,
accepting
a 2
path
:
IT
,
MCT )
→
C-
IM
→
thus
Mct
)
E Lcg)
accepting
r
2
path
IT
'=
4044
,
MCIT
')
a-
→
¢
IM ⑦
MCT '7¢LCg )
.
SLIDE 8 Yannakakis’ example as compositional MSG
This MSC cannot be modeled for n > 1 by: M = M1 • M2 • . . . • Mn with Mi ∈ M Thus it cannot be modeled by a MSG. But it can be modeled as compositional MSG:
Joost-Pieter Katoen Theoretical Foundations of the UML 16/29 Egos
SLIDE 9 CMS G
g
: Pi
P2
Msc
M
, E
LCG )
a
Vo
In
. 2
j
.
. 2
safe
±
In
?
Evey
accepting
path
IT
for
G
i
MCT)isan_
rise
→
Mcm )
c- Llg ) C MSG
g
is
called
safe
SLIDE 10 Safe paths and CMSGs
Definition (Safe path)
Path π of CMSG G is safe whenever M(π) ∈ M.
Definition (Safe CMSG)
CMSG G is safe if for every accepting path π of G, M(π) is an MSC.
Joost-Pieter Katoen Theoretical Foundations of the UML 18/29
n•EBMiE"↳
SLIDE 11 Existence of a safe accepting path
Theorem: undecidability of existence of a safe path
The decision problem “does CMSG G have at least one safe, accepting path?” is undecidable.
Proof.
By a reduction from Post’s Correspondence Problem (PCP). . . . black board . . .
The complement decision problem “does CMSG G have no safe, accepting path?” is undecidable too.
Joost-Pieter Katoen Theoretical Foundations of the UML 20/29
SLIDE 12 Universality of safe accepting paths
Theorem: undecidability of existence of a safe path
The decision problem “does CMSG G have at least one safe, accepting path?” is undecidable.
Joost-Pieter Katoen Theoretical Foundations of the UML 22/29
SLIDE 13 Universality of safe accepting paths
Theorem: undecidability of existence of a safe path
The decision problem “does CMSG G have at least one safe, accepting path?” is undecidable.
Theorem: decidability of universality of safe paths
The decision problem “are all accepting paths of CMSG G safe?” is decidable in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 22/29
SLIDE 14 Universality of safe accepting paths
Theorem: undecidability of existence of a safe path
The decision problem “does CMSG G have at least one safe, accepting path?” is undecidable.
Theorem: decidability of universality of safe paths
The decision problem “are all accepting paths of CMSG G safe?” is decidable in PTIME.
Proof.
Polynomial reduction to reachability problem in (non-deterministic) pushdown automata. . . . see details on the next slides . . .
Joost-Pieter Katoen Theoretical Foundations of the UML 22/29
SLIDE 15 Pushdown automata
Definition (Pushdown automaton)
A pushdown automaton (PDA, for short) K = (Q, q0, Γ, Σ, ∆) with Q, a finite set of control states q0 ∈ Q, the initial state Γ, a finite stack alphabet Σ, a finite input alphabet ∆ ⊆ Q × Σ × Γ × Q × Γ∗, the transition relation.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/29
#
which
symbols
can
be
put
the
stack
, b
,
C
I
next stack
I
I
next
stole
content
t
.
c-
ret I
next
ip.ee
(
at the
top )
stele
symbol
that
symbol
is
to
be
read
the
steak
SLIDE 16 Pushdown automata
Definition (Pushdown automaton)
A pushdown automaton (PDA, for short) K = (Q, q0, Γ, Σ, ∆) with Q, a finite set of control states q0 ∈ Q, the initial state Γ, a finite stack alphabet Σ, a finite input alphabet ∆ ⊆ Q × Σ × Γ × Q × Γ∗, the transition relation.
Transition relation
(q, a, γ, q0, pop) ∈ ∆ means: in state q, on reading input symbol a and top of stack is symbol γ, change to q0 and pop γ from the stack.
Joost-Pieter Katoen Theoretical Foundations of the UML 23/29
O
SLIDE 17 L
=
{
"
In
>
EL
Oona C-
L
Cfl
010
L
Construct
a
PDA
K
such
that K
accepts
the
language
L Intuition
K
starts in
initial control
state
Io
input
word
we
E
if
w
start
with
a
"
s " i reject
,
"
scan
"
all
Os
and
push
them
the stack
reading
the
first "
a
"
, move
to control stele
I
,
t
pop
O
from
the stack
6 6
9
, ,
reading
a
9
" a
we
pop
a
O
from
the stack
I
, i
reject
if
a "
O
"
is
read
,
if
input
word
is d
the
stack
is
not
.
Os
>
Is
S
, ;
accept
if
input
word
and
the stack
are
both
empty
.
SLIDE 18 ,
#
,
O
"
push
evokes
#
f)
"
bottom
stack
"
→
0 OF
.ae
①
a
(
"
pop
O
"
"pop
O
"
O
,
O
,
00
"
push
O
"
Q=
{
so
,
I
, )
transitions
:
Ceo
,
7
,
O
,
a
,
,
E ) C-
D
{
( So
,
0,0
,
so
,
00 )
EA
r
=
I
# )
(
,
1
,
O
,
, ,
E ) ←
A
go
=
9-
10 ,
#
,
So
,
C-
A
Example
configurations
:
⇐
' II
'
¥
.
c
a
. ¥
4k¥
Change
configuration
( a-
gon
,
# )
t
(
a-
,
0 )
I
,
11,00 )
1-
Can
,
r
,
1-
( oh
, e. e)
Is
( oh
,
E
,
E )
reachable
from
(
so
,
,
# ) ?
SLIDE 19 Reachability in pushdown automata
Definition
A configuration c is a triple (state q, stack content Z, rest input w).
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
'
f
Control
SLIDE 20 Reachability in pushdown automata
Definition
A configuration c is a triple (state q, stack content Z, rest input w).
Definition
Given a transition in ∆, a (direct) successor configuration c0 of c is
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
SLIDE 21 Reachability in pushdown automata
Definition
A configuration c is a triple (state q, stack content Z, rest input w).
Definition
Given a transition in ∆, a (direct) successor configuration c0 of c is
Reachability problem
For configuration c, and initial configuration c0: c0 `⇤ c?
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
SLIDE 22 Reachability in pushdown automata
Definition
A configuration c is a triple (state q, stack content Z, rest input w).
Definition
Given a transition in ∆, a (direct) successor configuration c0 of c is
Reachability problem
For configuration c, and initial configuration c0: c0 `⇤ c?
Theorem:
[Esparza et al. 2000]
The reachability problem for PDA is decidable in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 24/29
SLIDE 23 . Reek
:
Dyck language
E
=
{
E
,
] )
square
brackets
" receive "
Dyck
language
y
"
send
"
y
{
we 2*1
all
prefixes
u
contain
no
more
"
I
"
"
E
" ,
and
the
number
linearization
" E
"
egads
the member
" T
"
in
u
}
=
Exercise construct
a
PDA that
accepts the
language
.
SLIDE 24 Ceo
,
00in
,
# )
1-
Ceo
,
,
L 1-
(
So
,
,
00 )
1-
(
so
,
an
,
1-
(
a
, ,
r
,
00 )
1-
Ce
, ,
E
,
"
reject
"
Sometimes
"
reject
"
is
modeled
explicitly
by
a
separate
control
stele I
err
;
similarly
" accept "
by
a
control state
If
In
example
this
means
that
there
are
transitions
:
(
a-
1
,
#
,
9-
err , # )
(
a
,
,
,
#
,
9-
err
,
# )
( at
,
O
,
O
,
9-
em
,
# )
etcetera
.
SLIDE 25 Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
is
every
accepting
path
G
safe ?
I 2 3
4
m2 )
(
as )
(
ah )
(
za )
( 3,1 )
C 4. D
(
2,3 )
(
3,2 )
(
3G )
(
a.
2 )
I
SLIDE 26 Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G Proof idea: construct a PDA Ki,j = (Q, q0, Γ, Σ, ∆) such that CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
in
fact
"
not closed
"
kij
is
going
check for possible violations
SLIDE 27 Definition C
left
CMSC
)
CMSC
is
left
if
it
does
not
contain
receive
events
,
any
send events
that
are
rot
yet
matched
and
precede
matched
send
events
( of
the
same
type )
.
Exaptes
7
2
7 2
7
2 I 2
a a a a
→
→
→
→
It
.
#
H
→
is not not
left
closed closed closed
(
unsafe )
(
unsafe ,
(
and
safe )
(
not
accept
accept
reject
reject
SLIDE 28 Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G Proof idea: construct a PDA Ki,j = (Q, q0, Γ, Σ, ∆) such that CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts For accepting path u0 . . . uk in G, feed Ki,j with the word ⇢0 . . . ⇢k where ⇢i 2 Lin((ui))
such that unmatched sends (of some type) precede all unmatched receipts (of the same type)
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
rake
=
BE
s
assume
that
↳
not
a
restriction
,
because
such
matched events
are
linearis
atoms do
away
s
exist
indicated
explicitly
! ?
l p
,
I
,
a )
SLIDE 29 Checking whether a CMSG is safe is decidable
Consider any ordered pair (pi, pj) of processes in CMSG G Proof idea: construct a PDA Ki,j = (Q, q0, Γ, Σ, ∆) such that CMSG G is not safe wrt. (pi, pj) iff PDA Ki,j accepts For accepting path u0 . . . uk in G, feed Ki,j with the word ⇢0 . . . ⇢k where ⇢i 2 Lin((ui))
such that unmatched sends (of some type) precede all unmatched receipts (of the same type)
Possible violations that Ki,j may encounter:
1
- nr. of unmatched !(pi, pj, ·) > nr. of unmatched ?(pj, pi, ·)
2
type of k-th unmatched send 6= type of k-th unmatched receive
3
non-FIFO communication
Joost-Pieter Katoen Theoretical Foundations of the UML 25/29
Bea Beat
s
✓
←
I
→ J
b
at j
✓
from i
SLIDE 30 The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj).
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
O
message
in
CMSG
g
send
from
i to
j
,
received
at
j
from
i
.
SLIDE 31 The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj). Nondeterministic PDA Ki,j = (Q, q0, Γ, Σ, ∆) where: Control states Q = {q0, qa1, . . . , qak, qerr, qF }
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
/
\
initial
reject
accept
SLIDE 32 The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj). Nondeterministic PDA Ki,j = (Q, q0, Γ, Σ, ∆) where: Control states Q = {q0, qa1, . . . , qak, qerr, qF } Stack alphabet Γ = {1, #}
1 counts nr. of unmatched !(pi, pj, am), and # is bottom of stack
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
SLIDE 33 The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj). Nondeterministic PDA Ki,j = (Q, q0, Γ, Σ, ∆) where: Control states Q = {q0, qa1, . . . , qak, qerr, qF } Stack alphabet Γ = {1, #}
1 counts nr. of unmatched !(pi, pj, am), and # is bottom of stack
Input alphabet Σ = unmatched action !(pi, pj, am) unmatched action ?(pj, pi, am) matched actions !?(pi, pj, am), ?!(pj, pi, am)
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
symbols
inthe linearis
atoms
BEEBE
SLIDE 34 The nondeterministic PDA Ki,j
Let {a1, . . . , ak} be the message contents in CMSG G for (pi, pj). Nondeterministic PDA Ki,j = (Q, q0, Γ, Σ, ∆) where: Control states Q = {q0, qa1, . . . , qak, qerr, qF } Stack alphabet Γ = {1, #}
1 counts nr. of unmatched !(pi, pj, am), and # is bottom of stack
Input alphabet Σ = unmatched action !(pi, pj, am) unmatched action ?(pj, pi, am) matched actions !?(pi, pj, am), ?!(pj, pi, am) Transition function ∆ is described on next slide
Joost-Pieter Katoen Theoretical Foundations of the UML 26/29
SLIDE 35 Safeness of CMSGs (2)
Initial configuration is (q0, #, w)
w is linearization of actions at pi and pj on an accepting path of G
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
SLIDE 36 Safeness of CMSGs (2)
Initial configuration is (q0, #, w)
w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj, am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
" sees
an
unmatched
send
from
pi to
pj
with content
am
"
SLIDE 37 Safeness of CMSGs (2)
Initial configuration is (q0, #, w)
w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj, am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj, pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
- therwise, i.e., if stack is empty, accept (i.e., move to qF )
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
I
pending
unmatched send p ;
→
pj
✓
not left
SLIDE 38 Safeness of CMSGs (2)
Initial configuration is (q0, #, w)
w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj, am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj, pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
- therwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj, ak) in q0
stack empty (i.e., equal to #)? ignore input; otherwise, accept
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
not left
SLIDE 39 Safeness of CMSGs (2)
Initial configuration is (q0, #, w)
w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj, am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj, pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
- therwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj, ak) in q0
stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:
matched send events !?(pj, pi, ak), and unmatched sends or receipts not related to pi and pj
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
SLIDE 40 Safeness of CMSGs (2)
Initial configuration is (q0, #, w)
w is linearization of actions at pi and pj on an accepting path of G
On reading !(pi, pj, am) in q0, push 1 on stack
nondeterministically move to state qam or stay in q0
On reading ?(pj, pi, am) in q0, proceed as follows:
if 1 is on stack, pop it
- therwise, i.e., if stack is empty, accept (i.e., move to qF )
On reading matched send !?(pi, pj, ak) in q0
stack empty (i.e., equal to #)? ignore input; otherwise, accept
Ignore the following inputs in state q0:
matched send events !?(pj, pi, ak), and unmatched sends or receipts not related to pi and pj
Remaining input w empty? Accept, if stack non-empty; else reject
Joost-Pieter Katoen Theoretical Foundations of the UML 27/29
O
O
.
×
SLIDE 41 Safeness of CMSGs (3)
The behaviour in state qam for 0 < m 6 k: Ignore all actions except ?(pj, pi, a`) for all 0 < ` 6 k
Joost-Pieter Katoen Theoretical Foundations of the UML 28/29
E-
SLIDE 42 Safeness of CMSGs (3)
The behaviour in state qam for 0 < m 6 k: Ignore all actions except ?(pj, pi, a`) for all 0 < ` 6 k On reading ?(pj, pi, a`) (for some 0 < ` 6 k) in state qam do:
if 1 is on top of stack, pop it
Joost-Pieter Katoen Theoretical Foundations of the UML 28/29
SLIDE 43 Safeness of CMSGs (3)
The behaviour in state qam for 0 < m 6 k: Ignore all actions except ?(pj, pi, a`) for all 0 < ` 6 k On reading ?(pj, pi, a`) (for some 0 < ` 6 k) in state qam do:
if 1 is on top of stack, pop it
If stack is empty:
if last receive differs from am, accept
- therwise reject, while ignoring the rest (if any) of the input
Joost-Pieter Katoen Theoretical Foundations of the UML 28/29
#
not
left
→
(
left
SLIDE 44 Example
I
.
C MSG
G ,
y
z
n 2
> a
D-
.
.
→
Uo
Up
Ceo
,
#
,
!a?a?a
)
1-
(
Ea
,
a
,
?a?a )
configuration
T
T
(
Ea
,
#
,
?a )
Ceo
,
r
,
?a?a
)
reject
T
(
so
,
#
,
Ia )
accept
Thus
the
PDA
Ky ,z
accepts
the
input
word
⇒
g
,
is
not
left
SLIDE 45 Eionplez
CMSG
gz
: 2
2
n
2
safe
.
a
a
→ →
D- be ,
→
±
ts
7 2
Hot
PDA
kn
,z
b
(
so
, #
,
!
a
!b?a?b
)
1-
(
aah
,
t.to?a?b
) T
T
( so
,
n
,
lb ?a?b
)
(
a-
a
,
r ,
?
a
?b )
T
T
t
(
a-
a ,
If
,
?b )
Ceo
, rn
,
?a?b )
( ab
,n
,
?a?b )
p T T (
8,1
,
?b )
Cab
,
,
, ?b )
(
a- as
#
,
E )
reject
T
T
(
so
, # , e )
Cats
,
#
se )
reject
reject
kn
,z
has
no
accepting
run
t.cn?b?a?b
and
thus
CMSG
Gz
is
left
SLIDE 46 Example
g
,
7 2 7 2
→
a
D-
→
→
Uo
U
>
PDA
Kaz
Ceo
,
#
, t.at?b?a
)
1-
leo
,
n
,
!
?b?a
)
T
accept
I
ea
,
n
,
! ?b?a )
→
violation
T
Fro
property
.
(
Ea
,
a
,
?
a)
ppa
K
,
,z
accepts T
(
Ea
,
#
,
e )
⇒
CMSG
g
, is
not
reject
left
⇒
is
not
safe
.
SLIDE 47 Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj) = ⇒ CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is reachable.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
delle
ALI
SLIDE 48 Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj) = ⇒ CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is reachable. = ⇒ reachability of a configuration in a PDA is in PTIME, hence checking safeness wrt. (pi, pj) is in PTIME.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
Go Ba
\ Esparza
et
at
.
SLIDE 49 Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj) = ⇒ CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is reachable. = ⇒ reachability of a configuration in a PDA is in PTIME, hence checking safeness wrt. (pi, pj) is in PTIME.
Time complexity
The worst-case time complexity of checking whether CMSG G is safe is in O(k2·N2·L·|E|2) where k = |P|, N = |V |, and L = |C|.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
BEE BE
la
SLIDE 50 Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj) = ⇒ CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is reachable. = ⇒ reachability of a configuration in a PDA is in PTIME, hence checking safeness wrt. (pi, pj) is in PTIME.
Time complexity
The worst-case time complexity of checking whether CMSG G is safe is in O(k2·N2·L·|E|2) where k = |P|, N = |V |, and L = |C|.
Proof.
Checking reachability in PDA Ki,j is in O(L·|E|2).
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
I
SLIDE 51 Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj) = ⇒ CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is reachable. = ⇒ reachability of a configuration in a PDA is in PTIME, hence checking safeness wrt. (pi, pj) is in PTIME.
Time complexity
The worst-case time complexity of checking whether CMSG G is safe is in O(k2·N2·L·|E|2) where k = |P|, N = |V |, and L = |C|.
Proof.
Checking reachability in PDA Ki,j is in O(L·|E|2). The number of PDAs is k2, as we consider ordered pairs in P.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
I
SLIDE 52 Safeness of CMSGs (4)
It follows: PDA Ki,j accepts iff CMSG G is not safe wrt. (pi, pj) = ⇒ CMSG G is not safe wrt. (pi, pj) iff configuration (qF , ·, ·) is reachable. = ⇒ reachability of a configuration in a PDA is in PTIME, hence checking safeness wrt. (pi, pj) is in PTIME.
Time complexity
The worst-case time complexity of checking whether CMSG G is safe is in O(k2·N2·L·|E|2) where k = |P|, N = |V |, and L = |C|.
Proof.
Checking reachability in PDA Ki,j is in O(L·|E|2). The number of PDAs is k2, as we consider ordered pairs in P. The number of paths in the CMSG G for each pair that need to be checked is in O(N2), as a single traversal for each loop in G suffices.
Joost-Pieter Katoen Theoretical Foundations of the UML 29/29
