SLIDE 1
On Synthesizing Controllers from Bounded-Response Properties 1 / 23
GoBack On Synthesizing Controllers from Bounded-Response Properties - - PowerPoint PPT Presentation
GoBack On Synthesizing Controllers from Bounded-Response Properties - - PowerPoint PPT Presentation
GoBack On Synthesizing Controllers from Bounded-Response Properties Dejan Ni ckovi Oded Maler c Amir Pnueli Verimag Verimag Weizmann Institute NYU On Synthesizing Controllers from Bounded-Response Properties 1 / 23 Overview
SLIDE 2
SLIDE 3
Overview
On Synthesizing Controllers from Bounded-Response Properties 2 / 23
- Introduction
- Property-based Synthesis
✦
Bounded-response Properties
- MTL-B
✦
Syntax and Semantics
✦
Non-Determinism
- From MTL-B to Deterministic Temporal Testers
✦
Pastification of MTL-B formulae
✦
Bounded-variability assumption
- Application to Synthesis: Arbiter Example
✦
Specification in MTL-B
✦
Experimental Results
- Conclusion
SLIDE 4
Introduction
On Synthesizing Controllers from Bounded-Response Properties 3 / 23
Controller
· · · · · · r1 r2 rm gn g2 g1 Environment variables Controller variables BAD r1 r2 r2 r1 g1 g2 g2 g1 l0 l1 l2 . . . . . . r3 g1
- Automatic controller synthesis from high-level specifications
✦
Problem posed in [Chu63]
✦
Theoretically solved in [BL69,TB73]
SLIDE 5
Introduction
On Synthesizing Controllers from Bounded-Response Properties 4 / 23
BAD r1 r2 r2 r1 g1 g2 g2 g1 l0 l1 l2 . . . . . . r3 g1
(r1 → r1Sg1) (g1 →
1[0,1] r1)
(g1 →
1[0,2] r1)
. . .
- Synthesizing controllers from temporal logic formulae [PR89]
✦
Recent improvements [PPS06,PP06]
- Property-based synthesis problem:
Given a temporal property ϕ defined over two distinct alphabets A and B, build a finite-state transducer (controller) from Aω to Bω such that all of its behaviors satisfy ϕ.
- We are interested in controller synthesis from real-time temporal logic specifications
SLIDE 6
Introduction
On Synthesizing Controllers from Bounded-Response Properties 4 / 23
BAD r1 r2 r2 r1 g1 g2 g2 g1 l0 l1 l2 . . . . . . r3 g1
(r1 → r1Sg1) (g1 →
1[0,1] r1)
(g1 →
1[0,2] r1)
. . .
- Synthesizing controllers from temporal logic formulae [PR89]
✦
Recent improvements [PPS06,PP06]
- Property-based synthesis problem:
Given a temporal property ϕ defined over two distinct alphabets A and B, build a finite-state transducer (controller) from Aω to Bω such that all of its behaviors satisfy ϕ.
- We are interested in controller synthesis from real-time temporal logic specifications
SLIDE 7
Introduction
On Synthesizing Controllers from Bounded-Response Properties 4 / 23
BAD r1 r2 r2 r1 g1 g2 g2 g1 l0 l1 l2 . . . . . . r3 g1
(r1 → r1Sg1) (g1 →
1[0,1] r1)
(g1 →
1[0,2] r1)
. . .
- Synthesizing controllers from temporal logic formulae [PR89]
✦
Recent improvements [PPS06,PP06]
- Property-based synthesis problem:
Given a temporal property ϕ defined over two distinct alphabets A and B, build a finite-state transducer (controller) from Aω to Bω such that all of its behaviors satisfy ϕ.
- We are interested in controller synthesis from real-time temporal logic specifications
SLIDE 8
Temporal Logic and Controller Synthesis
On Synthesizing Controllers from Bounded-Response Properties 5 / 23
Specification Temporal Logic Non−Deterministic Game Automaton Deterministic Game Automaton Controller translation determinization controller synthesis alg.
SLIDE 9
Temporal Logic and Controller Synthesis
On Synthesizing Controllers from Bounded-Response Properties 5 / 23
Specification Temporal Logic Non−Deterministic Game Automaton Deterministic Game Automaton Controller acceptance conditions non−determinism translation determinization controller synthesis alg. timed automata
SLIDE 10
Temporal Logic and Controller Synthesis
On Synthesizing Controllers from Bounded-Response Properties 5 / 23
Specification Temporal Logic Deterministic Game Automaton Controller safety deterministic controller synthesis alg. translation Non−Deterministic Game Automaton Past
SLIDE 11
Temporal Logic and Controller Synthesis
On Synthesizing Controllers from Bounded-Response Properties 5 / 23
Specification Temporal Logic Non−Deterministic Game Automaton Deterministic Game Automaton Controller translation determinization controller synthesis alg. timed automata Bounded Response non−determinism safety
SLIDE 12
Temporal Logic and Controller Synthesis
On Synthesizing Controllers from Bounded-Response Properties 5 / 23
Specification Temporal Logic Deterministic Game Automaton Controller safety deterministic Eliminate sources of non−determinism controller synthesis alg. translation Non−Deterministic Game Automaton Bounded Response
SLIDE 13
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 14
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 15
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 16
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 17
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 18
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 19
Motivation for Bounded-Response Properties
On Synthesizing Controllers from Bounded-Response Properties 6 / 23
- Bounded-response correspond to safety properties
✦
→ Limited scope wrt more general liveness properties
- Liveness properties abstract away the upper bound requirement of occurrence of
events
✦
But many applications require specifying explicitly such upper bound:
■
Hard real-time systems
■
Scheduling problems
■
. . .
- We choose Bounded Response Metric Temporal Logic - MTL-B as the specification
formalism
✦
MTL [Koy90] without unbounded until
✦
Punctual operators (unlike MITL [AFH96])
✦
Allows specifying non-trivial properties
✦
Can be interpreted both in discrete and dense time
✦
We consider specifications of type ϕ where ϕ is an MTL-B formula
SLIDE 20
MTL-B: Syntax and Semantics
On Synthesizing Controllers from Bounded-Response Properties 7 / 23
- Syntax:
ϕ := p | ¬ϕ | ϕ1 ∨ ϕ2 | ϕ1U[a,b]ϕ2 | ϕ1S[a,b]ϕ2 | ϕ1Sϕ2 | ϕ1P[a,b]ϕ2
- Semantics:
. . . (ξ, t) | = ϕ1 U[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊕ [a, b] (ξ, t′) | = ϕ2 and ∀t′′[t, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 P[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [0, b − a] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t − b, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 S[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [a, b] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t, t′], (ξ, t′′) | = ϕ1 . . .
SLIDE 21
MTL-B: Syntax and Semantics
On Synthesizing Controllers from Bounded-Response Properties 7 / 23
- Syntax:
ϕ := p | ¬ϕ | ϕ1 ∨ ϕ2 | ϕ1U[a,b]ϕ2 | ϕ1S[a,b]ϕ2 | ϕ1Sϕ2 | ϕ1P[a,b]ϕ2
- Semantics:
. . . (ξ, t) | = ϕ1 U[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊕ [a, b] (ξ, t′) | = ϕ2 and ∀t′′[t, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 P[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [0, b − a] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t − b, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 S[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [a, b] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t, t′], (ξ, t′′) | = ϕ1 . . .
ϕ2 ϕ1 ϕ1P[a,b]ϕ2 ϕ2 ϕ1 ϕ1S[a,b]ϕ2 ϕ2 ϕ1 ϕ1U[a,b]ϕ2
t t + a t + b t − a t − b t − (b − a)
SLIDE 22
MTL-B: Syntax and Semantics
On Synthesizing Controllers from Bounded-Response Properties 7 / 23
- Syntax:
ϕ := p | ¬ϕ | ϕ1 ∨ ϕ2 | ϕ1U[a,b]ϕ2 | ϕ1S[a,b]ϕ2 | ϕ1Sϕ2 | ϕ1P[a,b]ϕ2
- Semantics:
. . . (ξ, t) | = ϕ1 U[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊕ [a, b] (ξ, t′) | = ϕ2 and ∀t′′[t, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 P[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [0, b − a] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t − b, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 S[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [a, b] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t, t′], (ξ, t′′) | = ϕ1 . . .
- Notes:
✦
“Handshake” semantics of bounded until
✦
Precedes operator ∼ past equivalent of bounded until
- Derived operators:
[a,b],
`[a,b],
1[a,b], [a,b]
SLIDE 23
MTL-B: Syntax and Semantics
On Synthesizing Controllers from Bounded-Response Properties 7 / 23
- Syntax:
ϕ := p | ¬ϕ | ϕ1 ∨ ϕ2 | ϕ1U[a,b]ϕ2 | ϕ1S[a,b]ϕ2 | ϕ1Sϕ2 | ϕ1P[a,b]ϕ2
- Semantics:
. . . (ξ, t) | = ϕ1 U[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊕ [a, b] (ξ, t′) | = ϕ2 and ∀t′′[t, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 P[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [0, b − a] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t − b, t′], (ξ, t′′) | = ϕ1 (ξ, t) | = ϕ1 S[a,b] ϕ2 ↔ ∃ t′ ∈ t ⊖ [a, b] (ξ, t′) | = ϕ2 and ∀t′′ ∈ [t, t′], (ξ, t′′) | = ϕ1 . . .
- Notes:
✦
“Handshake” semantics of bounded until
✦
Precedes operator ∼ past equivalent of bounded until
- Derived operators:
[a,b],
`[a,b],
1[a,b], [a,b]
SLIDE 24
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 25
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 26
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
✸[a,b]p p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 27
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 28
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 29
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 30
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 31
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 32
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
SLIDE 33
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
p
Q1 p
t t − 1
SLIDE 34
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
p
Q1 p
t
x0 := 0
t − 1
SLIDE 35
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
p
Q1 p
t t − 1
x0 := 0 x1 := 0
SLIDE 36
MTL-B and Non-Determinism
On Synthesizing Controllers from Bounded-Response Properties 8 / 23
- Two sources of non-determinism
- Acausality
✦
Semantics
- f
future temporal logics acausal
■
Satisfiability
- f
ϕ at time t depends on the input signal value at time t′ ≥ t
t t + a t + b p ✸[a,b]p
✦
Past fragments of temporal logics have causal semantics
- Unbounded Variability
✦
No bound on the variability of input signals
✦
→ remember unbounded number
- f events
■
Example:
Q1 p - perfect shift
register for p
p
Q1 p
t t − 1
x0 := 0 · · · x2 := 0 x1 := 0
SLIDE 37
From MTL-B to Deterministic Timed Automata: Overview
On Synthesizing Controllers from Bounded-Response Properties 9 / 23
MTL-B Property
SLIDE 38
From MTL-B to Deterministic Timed Automata: Overview
On Synthesizing Controllers from Bounded-Response Properties 9 / 23
non−determinism Eliminates acausality−based Pastification MTL-B Property MTL-B Property Past
SLIDE 39
From MTL-B to Deterministic Timed Automata: Overview
On Synthesizing Controllers from Bounded-Response Properties 9 / 23
non−determinism Eliminates acausality−based Assumption Bounded−variability
Input−deterministic Timed Game Automaton
Pastification Eliminates unbounded variability−based non−determinism Translation to DTA [MNP05] MTL-B Property MTL-B Property Past
SLIDE 40
From MTL-B to Deterministic Timed Automata: Overview
On Synthesizing Controllers from Bounded-Response Properties 9 / 23
non−determinism Eliminates acausality−based Assumption Bounded−variability
Input−deterministic Timed Game Automaton
Pastification Controller Synthesis Algorithm Eliminates unbounded variability−based non−determinism Translation to DTA [MNP05] [AMP95]
Real−time Controller
[CDF+05] MTL-B Property MTL-B Property Past
SLIDE 41
From MTL-B to Deterministic Timed Automata: Overview
On Synthesizing Controllers from Bounded-Response Properties 9 / 23
non−determinism Eliminates acausality−based Assumption Bounded−variability
Input−deterministic Timed Game Automaton
Pastification Controller Synthesis Algorithm Eliminates unbounded variability−based non−determinism Translation to DTA [MNP05] [AMP95]
Real−time Controller
[CDF+05] MTL-B Property MTL-B Property Past
SLIDE 42
Pastification of MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 10 / 23
- Key idea: Change the time direction from future to past
✦
MTL-B formula fully determined withing a bounded horizon
✦
→ Eliminate the “predictive” aspect of the semantics
- Example: ϕ = p →
[1,2] [0,2] q
- What would be the “equivalent” past formula ψ that describes the same pattern from
t + 4?
✦
ψ =
Q4 p →
Q[0,1]
`[0,2] q
SLIDE 43
Pastification of MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 10 / 23
- Key idea: Change the time direction from future to past
✦
MTL-B formula fully determined withing a bounded horizon
✦
→ Eliminate the “predictive” aspect of the semantics
- Example: ϕ = p →
[1,2] [0,2] q
- What would be the “equivalent” past formula ψ that describes the same pattern from
t + 4?
✦
ψ =
Q4 p →
Q[0,1]
`[0,2] q
SLIDE 44
Pastification of MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 10 / 23
- Key idea: Change the time direction from future to past
✦
MTL-B formula fully determined withing a bounded horizon
✦
→ Eliminate the “predictive” aspect of the semantics
- Example: ϕ = p →
[1,2] [0,2] q
→ t t + 1 t + 2 t + 3 t + 4 → p∗ ∗∗ ∗∗ ∗∗ ∗∗ . . . p∗ ∗q ∗q ∗q ∗∗ . . . p∗ ∗∗ ∗q ∗q ∗q
- What would be the “equivalent” past formula ψ that describes the same pattern from
t + 4?
✦
ψ =
Q4 p →
Q[0,1]
`[0,2] q
SLIDE 45
Pastification of MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 10 / 23
- Key idea: Change the time direction from future to past
✦
MTL-B formula fully determined withing a bounded horizon
✦
→ Eliminate the “predictive” aspect of the semantics
- Example: ϕ = p →
[1,2] [0,2] q
→ t t + 1 t + 2 t + 3 t + 4 → p∗ ∗∗ ∗∗ ∗∗ ∗∗ . . . p∗ ∗q ∗q ∗q ∗∗ . . . p∗ ∗∗ ∗q ∗q ∗q
- What would be the “equivalent” past formula ψ that describes the same pattern from
t + 4?
✦
ψ =
Q4 p →
Q[0,1]
`[0,2] q
SLIDE 46
Pastification of MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 10 / 23
- Key idea: Change the time direction from future to past
✦
MTL-B formula fully determined withing a bounded horizon
✦
→ Eliminate the “predictive” aspect of the semantics
- Example: ϕ = p →
[1,2] [0,2] q
→ t t + 1 t + 2 t + 3 t + 4 → p∗ ∗∗ ∗∗ ∗∗ ∗∗ . . . p∗ ∗q ∗q ∗q ∗∗ . . . p∗ ∗∗ ∗q ∗q ∗q ← t − 4 t − 3 t − 2 t − 1 t ←
- What would be the “equivalent” past formula ψ that describes the same pattern from
t + 4?
✦
ψ =
Q4 p →
Q[0,1]
`[0,2] q
SLIDE 47
Temporal Depth of an MTL-B formula
On Synthesizing Controllers from Bounded-Response Properties 11 / 23
- Each future MTL-B formula admits a number D(ϕ) indicating its temporal depth
✦
The satisfaction of ϕ by a signal ξ from any position t is fully determined within the interval [t, t + D(ϕ)] D(p) = D(¬ϕ) = D(ϕ) D(ϕ1 ∨ ϕ2) = max{D(ϕ1), D(ϕ2)} D(ϕ1U[a,b]ϕ2) = b + max{D(ϕ1), D(ϕ2)}
- Syntax-dependent upper-bound on the actual depth
✦
Example: D(✷[a,b]T) = b
SLIDE 48
Temporal Depth of an MTL-B formula
On Synthesizing Controllers from Bounded-Response Properties 11 / 23
- Each future MTL-B formula admits a number D(ϕ) indicating its temporal depth
✦
The satisfaction of ϕ by a signal ξ from any position t is fully determined within the interval [t, t + D(ϕ)] D(p) = D(¬ϕ) = D(ϕ) D(ϕ1 ∨ ϕ2) = max{D(ϕ1), D(ϕ2)} D(ϕ1U[a,b]ϕ2) = b + max{D(ϕ1), D(ϕ2)}
- Syntax-dependent upper-bound on the actual depth
✦
Example: D(✷[a,b]T) = b
SLIDE 49
Pastify Operator
On Synthesizing Controllers from Bounded-Response Properties 12 / 23
- Relation between ϕ and ψ = Π(ϕ, d):
(ξ, t) | = ϕ ↔ (ξ, t + d) | = ψ
- Definition: The operator Π on future MTL-B formulae ϕ and a displacement d ≥ D(ϕ)
is defined recursively as: Π(p, d) =
Qd p
Π(¬ϕ, d) = ¬Π(ϕ, d) Π(ϕ1 ∨ ϕ2, d) = Π(ϕ1, d) ∨ Π(ϕ2, d) Π(ϕ1U[a,b]ϕ2, d) = Π(ϕ1, d − b)P[a,b]Π(ϕ2, d − b) Π(1
[a,b] ϕ, d)
=
Q[0,b−a] Π(ϕ, d − b)
- Equisatisfaction of
ϕ and ψ: ξ | = ϕ ↔ ξ | = ψ
SLIDE 50
Pastify Operator
On Synthesizing Controllers from Bounded-Response Properties 12 / 23
- Relation between ϕ and ψ = Π(ϕ, d):
(ξ, t) | = ϕ ↔ (ξ, t + d) | = ψ
- Definition: The operator Π on future MTL-B formulae ϕ and a displacement d ≥ D(ϕ)
is defined recursively as: Π(p, d) =
Qd p
Π(¬ϕ, d) = ¬Π(ϕ, d) Π(ϕ1 ∨ ϕ2, d) = Π(ϕ1, d) ∨ Π(ϕ2, d) Π(ϕ1U[a,b]ϕ2, d) = Π(ϕ1, d − b)P[a,b]Π(ϕ2, d − b) Π(1
[a,b] ϕ, d)
=
Q[0,b−a] Π(ϕ, d − b)
- Equisatisfaction of
ϕ and ψ: ξ | = ϕ ↔ ξ | = ψ
SLIDE 51
Pastify Operator
On Synthesizing Controllers from Bounded-Response Properties 12 / 23
- Relation between ϕ and ψ = Π(ϕ, d):
(ξ, t) | = ϕ ↔ (ξ, t + d) | = ψ
- Definition: The operator Π on future MTL-B formulae ϕ and a displacement d ≥ D(ϕ)
is defined recursively as: Π(p, d) =
Qd p
Π(¬ϕ, d) = ¬Π(ϕ, d) Π(ϕ1 ∨ ϕ2, d) = Π(ϕ1, d) ∨ Π(ϕ2, d) Π(ϕ1U[a,b]ϕ2, d) = Π(ϕ1, d − b)P[a,b]Π(ϕ2, d − b) Π(1
[a,b] ϕ, d)
=
Q[0,b−a] Π(ϕ, d − b)
- Equisatisfaction of
ϕ and ψ: ξ | = ϕ ↔ ξ | = ψ
SLIDE 52
Bounded Variability of Input Signals
On Synthesizing Controllers from Bounded-Response Properties 13 / 23
- Definition:
- A signal ξ is of (∆, k)-bounded variability if for every interval of the form [t, t + ∆] the
number of changes in the value of ξ is at most k
1 2 3 4 5 6 k k−2 k−1 t t + ∆ ξ
- The bounded variability is preserved by MTL-B operators
SLIDE 53
Bounded Variability of Input Signals
On Synthesizing Controllers from Bounded-Response Properties 13 / 23
- Definition:
- A signal ξ is of (∆, k)-bounded variability if for every interval of the form [t, t + ∆] the
number of changes in the value of ξ is at most k
1 2 3 4 5 6 k k−2 k−1 t t + ∆ ξ
- The bounded variability is preserved by MTL-B operators
SLIDE 54
Temporal testers for MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 14 / 23
- Temporal testers for LTL proposed in [KP05]
✦
Compositional basis for automata construction corresponding to LTL formulae
✦
Extension to real-time temporal logics
■
Past-MITL [MNP05]
■
MITL [MNP06]
- Temporal testers for Past-MITL are deterministic
✦
Under the bounded variability assumption, deterministic temporal tester construction naturally extends to past MTL-B operators such as
Qd or Sd
- How to build a deterministic temporal tester for P[a,b] operator?
SLIDE 55
Temporal testers for MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 14 / 23
- Temporal testers for LTL proposed in [KP05]
✦
Compositional basis for automata construction corresponding to LTL formulae
✦
Extension to real-time temporal logics
■
Past-MITL [MNP05]
■
MITL [MNP06]
- Temporal testers for Past-MITL are deterministic
✦
Under the bounded variability assumption, deterministic temporal tester construction naturally extends to past MTL-B operators such as
Qd or Sd
- How to build a deterministic temporal tester for P[a,b] operator?
SLIDE 56
Temporal testers for MTL-B formulae
On Synthesizing Controllers from Bounded-Response Properties 14 / 23
- Temporal testers for LTL proposed in [KP05]
✦
Compositional basis for automata construction corresponding to LTL formulae
✦
Extension to real-time temporal logics
■
Past-MITL [MNP05]
■
MITL [MNP06]
- Temporal testers for Past-MITL are deterministic
✦
Under the bounded variability assumption, deterministic temporal tester construction naturally extends to past MTL-B operators such as
Qd or Sd
- How to build a deterministic temporal tester for P[a,b] operator?
SLIDE 57
Deterministic Temporal Tester for
Q[a,b] ϕ
On Synthesizing Controllers from Bounded-Response Properties 15 / 23
- Event recorder [MNP05]
✦
The core
- f
the tester-based translation from Past MITL to timed automata
✦
Takes ϕ as input and
Q[a,b] ϕ as
- utput
✦
The automaton
- utputs
1 whenever x1 ≥ a
- Trivial extension for
b ϕ with the
bounded variability assumption
y1 ≤ b ϕ 010101 y1 ≤ b 01010 ¬ϕ y1 ≥ b/s ϕ y1 ≤ b y1 ≤ b ¬ϕ ¬ϕ ϕ 01 010 0101 y1 ≥ b/s y1 ≥ b/s y1 ≥ b/s ¬ϕ/y1 := 0 ¬ϕ/y2 := 0 ¬ϕ y1 ≤ b (01)m0 . . . ϕ/x1 := 0 ϕ/x2 := 0 ϕ/x3 := 0
SLIDE 58
Deterministic Temporal Tester for
Q[a,b] ϕ
On Synthesizing Controllers from Bounded-Response Properties 15 / 23
- Event recorder [MNP05]
✦
The core
- f
the tester-based translation from Past MITL to timed automata
✦
Takes ϕ as input and
Q[a,b] ϕ as
- utput
✦
The automaton
- utputs
1 whenever x1 ≥ a
- Trivial extension for
b ϕ with the
bounded variability assumption
y1 ≤ b ϕ 010101 y1 ≤ b 01010 ¬ϕ y1 ≥ b/s ϕ y1 ≤ b y1 ≤ b ¬ϕ ¬ϕ ϕ 01 010 0101 y1 ≥ b/s y1 ≥ b/s y1 ≥ b/s ¬ϕ/y1 := 0 ¬ϕ/y2 := 0 ¬ϕ y1 ≤ b (01)m0 . . . ϕ/x1 := 0 ϕ/x2 := 0 ϕ/x3 := 0
SLIDE 59
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 16 / 23
- Observation [MN04]: If p is a signal of (b, 1)-bounded variability, then
✦
(ξ, t) | = p U[a,b]q iff (ξ, t) | = p ∧
1[a,b](p ∧ q)
✦
(ξ, t) | = p P[a,b]q iff (ξ, t) | =
Qb p ∧
Q[0,b−a](p ∧ q)
p q
SLIDE 60
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 16 / 23
- Observation [MN04]: If p is a signal of (b, 1)-bounded variability, then
✦
(ξ, t) | = p U[a,b]q iff (ξ, t) | = p ∧
1[a,b](p ∧ q)
✦
(ξ, t) | = p P[a,b]q iff (ξ, t) | =
Qb p ∧
Q[0,b−a](p ∧ q)
p q t t + a t + b t′
SLIDE 61
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 16 / 23
- Observation [MN04]: If p is a signal of (b, 1)-bounded variability, then
✦
(ξ, t) | = p U[a,b]q iff (ξ, t) | = p ∧
1[a,b](p ∧ q)
✦
(ξ, t) | = p P[a,b]q iff (ξ, t) | =
Qb p ∧
Q[0,b−a](p ∧ q)
p q t t + a t + b t′ p p ∧ q
SLIDE 62
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 16 / 23
- Observation [MN04]: If p is a signal of (b, 1)-bounded variability, then
✦
(ξ, t) | = p U[a,b]q iff (ξ, t) | = p ∧
1[a,b](p ∧ q)
✦
(ξ, t) | = p P[a,b]q iff (ξ, t) | =
Qb p ∧
Q[0,b−a](p ∧ q)
- p
q t t + a t + b t′ p p ∧ q p
SLIDE 63
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 17 / 23
- Any signal p of (b, k) variability (k > 1), can be decomposed into k signals
p1, p2, . . . , pk, such that:
✦
p = p1 ∨ p2 ∨ . . . ∨ pk
✦
pi ∧ pj always false for every i = j
✦
pi is of (b, 1)-variability
p1 p3 p2 p
- For such pi’s we have:
(ξ, t) | = p U[a,b]q ↔ (ξ, t) | = Wk
i=1 pi U[a,b]q
(ξ, t) | = p P[a,b]q ↔ (ξ, t) | = Wk
i=1 pi P[a,b]q
- The splitting of p can be achieved trivially using an automaton realizing a counter
modulo k.
SLIDE 64
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 17 / 23
- Any signal p of (b, k) variability (k > 1), can be decomposed into k signals
p1, p2, . . . , pk, such that:
✦
p = p1 ∨ p2 ∨ . . . ∨ pk
✦
pi ∧ pj always false for every i = j
✦
pi is of (b, 1)-variability
p1 p3 p2 p
- For such pi’s we have:
(ξ, t) | = p U[a,b]q ↔ (ξ, t) | = Wk
i=1 pi U[a,b]q
(ξ, t) | = p P[a,b]q ↔ (ξ, t) | = Wk
i=1 pi P[a,b]q
- The splitting of p can be achieved trivially using an automaton realizing a counter
modulo k.
SLIDE 65
Deterministic Temporal Tester for ϕ1Pϕ2
On Synthesizing Controllers from Bounded-Response Properties 17 / 23
- Any signal p of (b, k) variability (k > 1), can be decomposed into k signals
p1, p2, . . . , pk, such that:
✦
p = p1 ∨ p2 ∨ . . . ∨ pk
✦
pi ∧ pj always false for every i = j
✦
pi is of (b, 1)-variability
p1 p3 p2 p
- For such pi’s we have:
(ξ, t) | = p U[a,b]q ↔ (ξ, t) | = Wk
i=1 pi U[a,b]q
(ξ, t) | = p P[a,b]q ↔ (ξ, t) | = Wk
i=1 pi P[a,b]q
- The splitting of p can be achieved trivially using an automaton realizing a counter
modulo k.
SLIDE 66
Synthesis of an Arbiter
On Synthesizing Controllers from Bounded-Response Properties 18 / 23
- Architecture of an arbiter
Arbiter
r1 rn gn g1 · · · · · ·
- Typical timed interaction between the
arbiter an a client i
- Communication protocol between the
arbiter an a client i
SLIDE 67
Synthesis of an Arbiter
On Synthesizing Controllers from Bounded-Response Properties 18 / 23
- Architecture of an arbiter
Arbiter
r1 rn gn g1 · · · · · ·
- Typical timed interaction between the
arbiter an a client i
- Communication protocol between the
arbiter an a client i
rigi rigi rigi rigi
SLIDE 68
Synthesis of an Arbiter
On Synthesizing Controllers from Bounded-Response Properties 18 / 23
- Architecture of an arbiter
Arbiter
r1 rn gn g1 · · · · · ·
- Typical timed interaction between the
arbiter an a client i
gi ri d2 d1 d3
- Communication protocol between the
arbiter an a client i
rigi rigi rigi rigi
SLIDE 69
Synthesis of an Arbiter: MTL-B Specification
On Synthesizing Controllers from Bounded-Response Properties 19 / 23
- Initial conditions
✦
IE : V
i ri
✦
IC : V
i gi
- Safety requirements
✦
SE : V
i ri → riS (ri ∧ gi) ∧ V i(ri → riB(ri ∧ gi)
✦
SC : V
i(gi → giS(ri ∧ gi)) ∧ V i(gi → giB(ri ∧ gi))
- Bounded liveness requirements
✦
LE : V
i(gi →
1[0,d1] ri)
✦
LC : V
i(ri →
1[0,d2] gi) ∧ V i(ri →
1[0,d3] gi)
- Main formula
✦
(IE → IC) ∧ ( ` (Π(SE) ∧ Π(LE)) → (Π(SE) ∧ Π(LC)))
SLIDE 70
Synthesis of an Arbiter: MTL-B Specification
On Synthesizing Controllers from Bounded-Response Properties 19 / 23
- Initial conditions
✦
IE : V
i ri
✦
IC : V
i gi
- Safety requirements
✦
SE : V
i ri → riS (ri ∧ gi) ∧ V i(ri → riB(ri ∧ gi)
✦
SC : V
i(gi → giS(ri ∧ gi)) ∧ V i(gi → giB(ri ∧ gi))
- Bounded liveness requirements
✦
LE : V
i(gi →
1[0,d1] ri)
✦
LC : V
i(ri →
1[0,d2] gi) ∧ V i(ri →
1[0,d3] gi)
- Main formula
✦
(IE → IC) ∧ ( ` (Π(SE) ∧ Π(LE)) → (Π(SE) ∧ Π(LC)))
SLIDE 71
Synthesis of an Arbiter: MTL-B Specification
On Synthesizing Controllers from Bounded-Response Properties 19 / 23
- Initial conditions
✦
IE : V
i ri
✦
IC : V
i gi
- Safety requirements
✦
SE : V
i ri → riS (ri ∧ gi) ∧ V i(ri → riB(ri ∧ gi)
✦
SC : V
i(gi → giS(ri ∧ gi)) ∧ V i(gi → giB(ri ∧ gi))
- Bounded liveness requirements
✦
LE : V
i(gi →
1[0,d1] ri)
✦
LC : V
i(ri →
1[0,d2] gi) ∧ V i(ri →
1[0,d3] gi)
- Main formula
✦
(IE → IC) ∧ ( ` (Π(SE) ∧ Π(LE)) → (Π(SE) ∧ Π(LC)))
SLIDE 72
Synthesis of an Arbiter: MTL-B Specification
On Synthesizing Controllers from Bounded-Response Properties 19 / 23
- Initial conditions
✦
IE : V
i ri
✦
IC : V
i gi
- Safety requirements
✦
SE : V
i ri → riS (ri ∧ gi) ∧ V i(ri → riB(ri ∧ gi)
✦
SC : V
i(gi → giS(ri ∧ gi)) ∧ V i(gi → giB(ri ∧ gi))
- Bounded liveness requirements
✦
LE : V
i(gi →
1[0,d1] ri)
✦
LC : V
i(ri →
1[0,d2] gi) ∧ V i(ri →
1[0,d3] gi)
- Main formula
✦
(IE → IC) ∧ ( ` (Π(SE) ∧ Π(LE)) → (Π(SE) ∧ Π(LC)))
SLIDE 73
Synthesis of an Arbiter: MTL-B Specification
On Synthesizing Controllers from Bounded-Response Properties 19 / 23
- Initial conditions
✦
IE : V
i ri
✦
IC : V
i gi
- Safety requirements
✦
SE : V
i ri → riS (ri ∧ gi) ∧ V i(ri → riB(ri ∧ gi)
✦
SC : V
i(gi → giS(ri ∧ gi)) ∧ V i(gi → giB(ri ∧ gi))
- Bounded liveness requirements
✦
LE : V
i(gi →
1[0,d1] ri)
✦
LC : V
i(ri →
1[0,d2] gi) ∧ V i(ri →
1[0,d3] gi)
- Main formula
✦
(IE → IC) ∧ ( ` (Π(SE) ∧ Π(LE)) → (Π(SE) ∧ Π(LC)))
SLIDE 74
Synthesis of an Arbiter: Experimental Results
On Synthesizing Controllers from Bounded-Response Properties 20 / 23
- Discrete time synthesis
- d3 = 1
N d1 d2 Size Time d1 d2 Size Time d1 d2 Size Time 2 2 4 466 0.00 3 5 654 0.01 4 6 946 0.02 3 2 8 1382 0.14 3 10 2432 0.34 4 12 4166 0.51 4 2 12 4323 0.63 3 15 7402 1.12 4 18 16469 2.33 5 2 16 13505 1.93 3 20 26801 4.77 4 24 50674 10.50 6 2 20 43366 8.16 3 25 84027 22.55 4 30 168944 64.38 7 2 24 138937 44.38 3 30 297524 204.56 4 36 700126 1897.56
- Exponential growth of BDD nodes in N and d2
✦
Expected using discrete time
SLIDE 75
Synthesis of an Arbiter: Experimental Results
On Synthesizing Controllers from Bounded-Response Properties 20 / 23
- Discrete time synthesis
- d3 = 1
N d1 d2 Size Time d1 d2 Size Time d1 d2 Size Time 2 2 4 466 0.00 3 5 654 0.01 4 6 946 0.02 3 2 8 1382 0.14 3 10 2432 0.34 4 12 4166 0.51 4 2 12 4323 0.63 3 15 7402 1.12 4 18 16469 2.33 5 2 16 13505 1.93 3 20 26801 4.77 4 24 50674 10.50 6 2 20 43366 8.16 3 25 84027 22.55 4 30 168944 64.38 7 2 24 138937 44.38 3 30 297524 204.56 4 36 700126 1897.56
- Exponential growth of BDD nodes in N and d2
✦
Expected using discrete time
SLIDE 76
Conclusion
On Synthesizing Controllers from Bounded-Response Properties 21 / 23
- Complete chain that allows to synthesize controllers automatically from real-time
bounded-response temporal specifications
✦
Bounded-response temporal property → deterministic timed automaton
■
Pastification of MTL-B formulae
■
Bounded-variability assumption
- Future work
✦
Focus on efficient symbolic algorithms in the spirit of [CDF+05]
✦
Apply the synthesis algorithm to more complex specifications of real-time scheduling problems
SLIDE 77
Conclusion
On Synthesizing Controllers from Bounded-Response Properties 21 / 23
- Complete chain that allows to synthesize controllers automatically from real-time
bounded-response temporal specifications
✦
Bounded-response temporal property → deterministic timed automaton
■
Pastification of MTL-B formulae
■
Bounded-variability assumption
- Future work
✦
Focus on efficient symbolic algorithms in the spirit of [CDF+05]
✦
Apply the synthesis algorithm to more complex specifications of real-time scheduling problems
SLIDE 78
Conclusion
On Synthesizing Controllers from Bounded-Response Properties 21 / 23
- Complete chain that allows to synthesize controllers automatically from real-time
bounded-response temporal specifications
✦
Bounded-response temporal property → deterministic timed automaton
■
Pastification of MTL-B formulae
■
Bounded-variability assumption
- Future work
✦
Focus on efficient symbolic algorithms in the spirit of [CDF+05]
✦
Apply the synthesis algorithm to more complex specifications of real-time scheduling problems
SLIDE 79
References
On Synthesizing Controllers from Bounded-Response Properties 22 / 23
[AFH96]
- R. Alur, T. Feder, and T.A. Henzinger, The Benefits of Relaxing Punctuality,
Journal of the ACM 43, 116–146, 1996 (first published in PODC’91). [AMP95] E. Asarin, O. Maler and A. Pnueli, Symbolic Controller Synthesis for Discrete and Timed Systems, Hybrid Systems II, 1–20, LNCS 999, 1995. [BL69] J.R. B¨ uchi and L.H. Landweber, Solving Sequential Conditions by Finite-state Operators, Trans. of the AMS 138, 295–311, 1969. [CDF+05] F. Cassez, A. David, E. Fleury, K.G. Larsen and D. Lime, Efficient On-the-Fly Algorithms for the Analysis of Timed Games, CONCUR’05, 66–80, 2005. [Chu63]
- A. Church, Logic, Arithmetic and Automata, in Proc. of the Int. Cong. of
Mathematicians 1962, 23–35, 1963. [KP05]
- Y. Kesten and A. Pnueli, A Compositional Approach to CTL∗ Verification,
Theoretical Computer Science 331, 397–428, 2005. [Koy90]
- R. Koymans, Specifying Real-time Properties with Metric Temporal Logic,
Real-time Systems 2, 255–299, 1990.
SLIDE 80
References
On Synthesizing Controllers from Bounded-Response Properties 23 / 23
[MN04]
- O. Maler and D. Nickovic, Monitoring Temporal Properties of Continuous
Signals, FORMATS/FTRTFT’04, 152–166, LNCS 3253, 2004. [MNP05] O. Maler, D. Nickovic and A. Pnueli, Real Time Temporal Logic: Past, Present, Future, FORMATS’05, 2–16, LNCS 3829, 2005. [MNP06] O. Maler, D. Nickovic and A. Pnueli, From MITL to Timed Automata, FORMATS’06, 274–289, LNCS 4202, 2006. [MPS95] O. Maler, A. Pnueli and J. Sifakis, On the Synthesis of Discrete Controllers for Timed Systems, STACS’95, 229–242, LNCS 900, 1995. [PPS06]
- N. Piterman, A. Pnueli and Y. Sa’ar, Synthesis of Reactive(1) Designs,
VMCAI’06, 364–380, 2006. [PP06]
- N. Piterman and A. Pnueli, Faster Solutions of Rabin and Streett Games,
LICS’06, 275–284, 2006. [RW89] P .J. Ramadge and W.M. Wonham, The Control of Discrete Event Systems,
- Proc. of the IEEE 77, 81–98, 1989.