Lecture 10: DC Properties IIb 2014-06-26 Dr. Bernd Westphal 10 - PowerPoint PPT Presentation

Real-Time Systems Lecture 10: DC Properties IIb 2014-06-26 Dr. Bernd Westphal – 10 – 2014-06-26 – main – Albert-Ludwigs-Universit¨ at Freiburg, Germany

Contents & Goals Last Lecture: • Satisfiability and realisability from 0 is decidable for RDC in discrete time • Undecidable problems of DC in continuous time This Lecture: • Educational Objectives: Capabilities for following tasks/questions. • Facts: (un)decidability properties of DC in discrete/continuous time. • What’s the idea of the considered (un)decidability proofs? • Content: • Undecidable problems of DC in continuous time cont’d – 10 – 2014-06-26 – Sprelim – 2 /24

(Variants of) RDC in Continuous Time – 10 – 2014-06-26 – main – 3 /24

Sketch: Proof of Theorem 3.10 Reduce divergence of two-counter machines to realisability from 0: • Given a two-counter machine M with final state q fin , • construct a DC formula F ( M ) := encoding ( M ) • such that M diverges if and only if the DC formula F ( M ) ∧ ¬ ♦ ⌈ q fin ⌉ is realisable from 0 . • If realisability from 0 was (semi-)decidable, divergence of two-counter machines would be (which it isn’t). – 10 – 2014-06-26 – Scont – 6 /24

Reducing Divergence to DC realisability: Idea • A single configuration K of M can be encoded in an interval of length 4 ; being an encoding interval can be characterised by a DC formula. • An interpretation on ‘Time’ encodes the computation of M if • each interval [4 n, 4( n + 1)] , n ∈ N 0 , encodes a configuration K n , • each two subsequent intervals [4 n, 4( n + 1)] and [4( n + 1) , 4( n + 2)] , n ∈ N 0 , encode configurations K n ⊢ K n +1 in transition relation . • Being encoding of the run can be characterised by DC formula F ( M ) . • Then M diverges if and only if F ( M ) ∧ ¬ ♦ ⌈ q fin ⌉ is realisable from 0. – 10 – 2014-06-26 – Scont – 11 /24

Construction of F ( M ) In the following, we give DC formulae describing • the initial configuration, • the general form of configurations, • the transitions between configurations, • the handling of the final state. F ( M ) is the conjunction of all these formulae. – 10 – 2014-06-26 – Scont – 13 /24

Initial and General Configurations ⇒ ⌈ q 0 ⌉ 1 ; ⌈ B ⌉ 1 ; ⌈ X ⌉ 1 ; ⌈ B ⌉ 1 ; true ) init : ⇐ ⇒ ( ℓ ≥ 4 = ⇒ � ( ⌈ Q ⌉ 1 ; ⌈ B ∨ C 1 ⌉ 1 ; ⌈ X ⌉ 1 ; ⌈ B ∨ C 2 ⌉ 1 ; ℓ = 4 keep : ⇐ ⇒ ℓ = 4 ; ⌈ Q ⌉ 1 ; ⌈ B ∨ C 1 ⌉ 1 ; ⌈ X ⌉ 1 ; ⌈ B ∨ C 2 ⌉ 1 ) = where Q := ¬ ( X ∨ C 1 ∨ C 2 ∨ B ) . – 10 – 2014-06-26 – Scont – 14 /24

Auxiliary Formula Pattern copy copy ( F, { P 1 , . . . , P n } ) : ⇐ ⇒ ∀ c, d • � (( F ∧ ℓ = c ) ; ( ⌈ P 1 ∨ · · · ∨ P n ⌉ ∧ ℓ = d ) ; ⌈ P 1 ⌉ ; ℓ = 4 = ⇒ ℓ = c + d + 4 ; ⌈ P 1 ⌉ . . . ∀ c, d • � (( F ∧ ℓ = c ) ; ( ⌈ P 1 ∨ · · · ∨ P n ⌉ ∧ ℓ = d ) ; ⌈ P n ⌉ ; ℓ = 4 = ⇒ ℓ = c + d + 4 ; ⌈ P n ⌉ – 10 – 2014-06-26 – Scont – 15 /24

q : inc 1 : q ′ (Increment) (i) Change state � ( ⌈ q ⌉ 1 ; ⌈ B ∨ C 1 ⌉ 1 ; ⌈ X ⌉ 1 ; ⌈ B ∨ C 2 ⌉ 1 ; ℓ = 4 = ⇒ ℓ = 4 ; ⌈ q ′ ⌉ 1 ; true ) (ii) Increment counter ∀ d • � ( ⌈ q ⌉ 1 ; ⌈ B ⌉ d ; ( ℓ = 0 ∨ ⌈ C 1 ⌉ ; ⌈¬ X ⌉ ) ; ⌈ X ⌉ 1 ; ⌈ B ∨ C 2 ⌉ 1 ; ℓ = 4 ⇒ ℓ = 4 ; ⌈ q ′ ⌉ 1 ; ( ⌈ B ⌉ ; ⌈ C 1 ⌉ ; ⌈ B ⌉ ∧ ℓ = d ) ; true = – 10 – 2014-06-26 – Scont – 16 /24

q : inc 1 : q ′ (Increment) (i) Keep rest of first counter copy ( ⌈ q ⌉ 1 ; ⌈ B ∨ C 1 ⌉ ; ⌈ C 1 ⌉ , { B, C 1 } ) (ii) Leave second counter unchanged copy ( ⌈ q ⌉ 1 ; ⌈ B ∨ C 1 ⌉ ; ⌈ X ⌉ 1 , { B, C 2 } ) – 10 – 2014-06-26 – Scont – 17 /24

q : dec 1 : q ′ , q ′′ (Decrement) (i) If zero � ( ⌈ q ⌉ 1 ; ⌈ B ⌉ 1 ; ⌈ X ⌉ 1 ; ⌈ B ∨ C 2 ⌉ 1 ; ℓ = 4 = ⇒ ℓ = 4 ; ⌈ q ′ ⌉ 1 ; ⌈ B ⌉ 1 ; true ) (ii) Decrement counter ∀ d • � ( ⌈ q ⌉ 1 ; ( ⌈ B ⌉ ; ⌈ C 1 ⌉ ∧ ℓ = d ) ; ⌈ B ⌉ ; ⌈ B ∨ C 1 ⌉ ; ⌈ X ⌉ 1 ; ⌈ B ∨ C 2 ⌉ 1 ; ℓ = ⇒ ℓ = 4 ; ⌈ q ′′ ⌉ 1 ; ⌈ B ⌉ d ; true ) = – 10 – 2014-06-26 – Scont – (iii) Keep rest of first counter copy ( ⌈ q ⌉ 1 ; ⌈ B ⌉ ; ⌈ C 1 ⌉ ; ⌈ B 1 ⌉ , { B, C 1 } ) 18 /24

Final State copy ( ⌈ q fin ⌉ 1 ; ⌈ B ∨ C 1 ⌉ 1 ; ⌈ X ⌉ ; ⌈ B ∨ C 2 ⌉ 1 , { q fin , B, X, C 1 , C 2 } ) – 10 – 2014-06-26 – Scont – 19 /24

Satisfiability • Following [Chaochen and Hansen, 2004] we can observe that M halts if and only if the DC formula F ( M ) ∧ ♦ ⌈ q fin ⌉ is satisfiable . This yields The satisfiability problem for DC with continuous Theorem 3.11. time is undecidable. (It is semi-decidable.) • Furthermore, by taking the contraposition, we see – 10 – 2014-06-26 – Scont – M diverges M does not halt if and only if F ( M ) ∧ ¬ ♦ ⌈ q fin ⌉ is not satisfiable. if and only if • Thus whether a DC formula is not satisfiable is not decidable, not even semi-decidable. 20 /24

Validity • By Remark 2.13, F is valid iff ¬ F is not satisfiable, so Corollary 3.12. The validity problem for DC with continuous time is undecidable, not even semi-decidable. – 10 – 2014-06-26 – Scont – 21 /24

Discussion • Note: the DC fragment defined by the following grammar is sufficient for the reduction F ::= ⌈ P ⌉ | ¬ F 1 | F 1 ∨ F 2 | F 1 ; F 2 | ℓ = 1 | ℓ = x | ∀ x • F 1 , P a state assertion, x a global variable. • Formulae used in the reduction are abbreviations: ℓ = 4 ⇐ ⇒ ℓ = 1 ; ℓ = 1 ; ℓ = 1 ; ℓ = 1 ℓ ≥ 4 ⇐ ⇒ ℓ = 4 ; true ℓ = x + y + 4 ⇐ ⇒ ℓ = x ; ℓ = y ; ℓ = 4 – 10 – 2014-06-26 – Scont – • Length 1 is not necessary — we can use ℓ = z instead, with fresh z . • This is RDC augmented by “ ℓ = x ” and “ ∀ x ”, which we denote by RDC + ℓ = x, ∀ x . 22 /24

– 10 – 2014-06-26 – main – References 23 /24

[Chaochen and Hansen, 2004] Chaochen, Z. and Hansen, M. R. (2004). Duration Calculus: A Formal Approach to Real-Time Systems . Monographs in Theoretical Computer Science. Springer-Verlag. An EATCS Series. [Olderog and Dierks, 2008] Olderog, E.-R. and Dierks, H. (2008). Real-Time Systems - Formal Specification and Automatic Verification . Cambridge University Press. – 10 – 2014-06-26 – main – 24 /24