Results 1 
7 of
7
DenseTimed Pushdown Automata
"... Abstract—We propose a model that captures the behavior of realtime recursive systems. To that end, we introduce densetimed pushdown automata that extend the classical models of pushdown automata and timed automata, in the sense that the automaton operates on a finite set of realvalued clocks, and ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
Abstract—We propose a model that captures the behavior of realtime recursive systems. To that end, we introduce densetimed pushdown automata that extend the classical models of pushdown automata and timed automata, in the sense that the automaton operates on a finite set of realvalued clocks, and each symbol in the stack is equipped with a realvalued clock representing its “age”. The model induces a transition system that is infinite in two dimensions, namely it gives rise to a stack with an unbounded number of symbols each of which with a realvalued clock. The main contribution of the paper is an EXPTIMEcomplete algorithm for solving the reachability problem for densetimed pushdown automata. I.
Timed lossy channel systems
 In: Proc. FSTTCS ’05, 32nd Conf. on Foundations of Software Technology and Theoretical Computer Science
, 2012
"... Abstract Lossy channel systems are a classical model with applications ranging from the modeling of communication protocols to programs running on weak memory models. All existing work assume that messages traveling inside the channels are picked from a finite alphabet. In this paper, we extend the ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Abstract Lossy channel systems are a classical model with applications ranging from the modeling of communication protocols to programs running on weak memory models. All existing work assume that messages traveling inside the channels are picked from a finite alphabet. In this paper, we extend the model by assuming that each message is equipped with a clock representing the age of the message, thus obtaining the model of Timed Lossy Channel Systems (TLCS). The main contribution of the paper is to show that the control state reachability problem is decidable for TLCS. ACM Subject Classification D.2.4 Keywords and phrases Lossy channel systems, timed automata, model checking Introduction During the last two decades there has been a large amount of work devoted to the verification of discrete program models that have infinite state spaces such as Petri nets, pushdown systems, counter automata, and channel machines. In particular lossy channel systems have been studied extensively as a model of communication protocols. Such protocols are designed to work correctly even in the case where the underlying medium is unreliable in the sense that it can lose messages In this paper, we show decidability of the control state reachability problem for TLCS. We show the decidability result through a novel reduction formulated in two steps. First, we introduce a new model called Dynamic Lossy Channel Systems (DLCS) which is a generalization of (untimed) LCS. More precisely, a DLCS contains, in addition to a (fixed) finite set of lossy channels, a dynamic part that contains an a priori unbounded number of channels. The dynamic part behaves as a secondorder lossy channel, i.e., a "lossy channel of lossy channels". We show that each DLCS induces a transition system that is well quasiordered in the sense of The complexity of the reachability problem for TLCS is not primitive recursive as it is not primitive recursive already for untimed LCS Preliminaries Notation We use N and R ≥0 to denote the sets of natural numbers resp. nonnegative reals. For a real number r ∈ R ≥0 , we define Int(r) as the greatest n ∈ N such that n ≤ r, and Frac(r) as r − Int(r). We call Int(r) the integer part and Frac(r) the fractional part of r respectively. An open interval is written as (i, j) where i ∈ N and j ∈ N ∪ {∞}. Intervals can also be closed in one or both directions, e.g. We use (A → B) to denote the set of total functions from A to B. We say that a function f : N → N is strictly increasing if whenever i < j we also have f (i) < f (j). We use A * to denote the set of finite words over A. For words w 1 , w 2 ∈ A * , we use w 1 · w 2 to denote the concatenation of w 1 and w 2 . We use to denote the empty word. For a word w = a 1 · · · a n , we use w[i] to denote the ith symbol a i in w, and we will write a ∈ w if a = w[i] for some i : 1 ≤ i ≤ n. We will use a similar notation for tuples. We recall the classical subword ordering on the set A * of words, where a 1 . . . a m a 1 · · · a n if there is a strictly increasing injection g : . To simplify the notation, we write ω ∈ (A * ) * as w 1 · · · w n where w 1 , · · · , w n are words in A * . We extend the ordering to (A * ) * in such a way that Transition Systems A transition system is a pair S = Γ, −→ where Γ is the set of configurations, and −→⊆ Γ×Γ is a binary relation on the set of configurations. As usual, we write γ 1 −→ γ 2 instead of γ 1 , γ 2 ∈−→. We use * −→ to denote the reflexive transitive closure of −→. For a set Γ ⊆ Γ of configurations, we define the set P re (Γ ) := {γ ∃γ ∈ Γ . γ −→ γ }. Sometimes, we equip Parosh Aziz Abdulla, Mohamed Faouzi Atig, and Jonathan Cederberg 3 the set Γ with an ordering and write the transition system as a triple Γ, −→, . We say that S is monotone (wrt. ) if whenever γ 1 −→ γ 2 and γ 1 γ 3 then γ 2 * −→ γ 4 for some γ 4 with γ 3 γ 4 . We say that is a well quasiordering (wqo for short), if, for all sequences γ 0 , γ 1 , γ 2 , . . ., there are i < j with γ i γ j . A set U ⊆ Γ is upward closed if whenever γ 1 ∈ U and γ 1 γ 2 then γ 2 ∈ U . The upward closure of a set Γ ⊆ Γ is defined by Γ ↑:= {γ ∈ Γ ∃d ∈ Γ . d γ}. For sets Γ 1 ⊆ Γ 2 ⊆ Γ, we say that Γ 1 is a minor of Γ 2 if (i) for each γ 2 ∈ Γ 2 there is a γ 1 ∈ Γ 1 such that γ 1 γ 2 , and (ii) γ 1 γ 2 implies γ 1 = γ 2 for all γ 1 , γ 2 ∈ Γ 1 . If is a wqo, then each minor is finite. However, in general, a set may have several different minors. In the applications of this paper, each set Γ has a unique minor, denoted min(Γ ). An instance of the coverability problem consists of two configurations γ 1 and γ 2 . The task is to check whether γ 1 * −→ γ 2 ↑. A transition system Γ, −→, is said to be well quasiordered if the following conditions are satisfied: (i) is computable, i.e., for given configurations γ, γ , we can check whether γ 1 γ , (ii) is a wqo, (iii) −→ is monotone wrt. , (iv) for a configuration γ, we can compute the (finite) set min (P re ({γ}↑)). Notice that, since the transition relation is monotone with respect to , it follows that the set P re ({γ}↑) is upward closed. The classical framework of well quasiordered transition systems Theorem 1. The coverability problem is decidable for well quasiordered transition systems. Timed Lossy Channel Systems In this section, we introduce TLCS, define their operational semantics, and present the reachability problem. Furthermore, we show that it is sufficient to consider a class of "normalized" TLCS where initial ages of messages and new values assigned to clocks are always 0. A TLCS has three parts, a control part, a finite set of clocks, and a finite set of channels. The control part is a finitestate labeled transition system, where the labels are either clock operations or channel operations. The control part can be used to model the total behavior of a number of processes that communicate through the channels. The clocks assume real values, while the channels are unbounded lossy FIFO buffers. Model A Timed Lossy Channel System (TLCS for short) is a tuple T = S, s init , C, M, X, ∆ , where S is a finite set of (control) states, s init ∈ S is the initial control state, C is a finite set of channels, M is a finite set of messages, X is a finite set of clocks, and ∆ is a finite set of transitions. A transition t ∈ ∆ is a triple s 1 , op, s 2 where s 1 , s 2 ∈ S are states and op is an operation of one of the following forms: 1. nop is an empty operation that does not check or update the clock values or the channel contents. 2. c!(m ∈ I) appends a new message m ∈ M to the end of the channel c ∈ C. The initial age of the new message is selected nondeterministically from I ∈ I. 3. c?(m ∈ I) removes (receives) the message at the head of the channel c ∈ C provided that this message is m ∈ M and that its age lies in I ∈ I. 4. x ∈ I checks whether the value of x ∈ X belongs to the interval I ∈ I. 5. x ← I assigns nondeterministically a value to x ∈ X from I ∈ I. Timed Lossy Channel Systems Configurations A configuration γ of T is a triple s, X, ν , where s ∈ S is a control state, X ∈ X → R ≥0 defines the clock values (assigns a real number to each clock), and ν ∈ C → (M × R ≥0 ) * defines the content of each channel (the content of a channel is represented by a word, where each message is represented by a pair containing its name and its age). Transition Relation We define a transition relation on configurations 1. op = nop, X 2 = X 1 , and ν 2 = ν 1 . The empty operation does not affect the clock values or the channel contents. , and δ ∈ I. The transition appends a new message to the end of the channel c with name m, and with an age that belongs to the interval I. , and δ ∈ I. The transition removes the message at the head of the channel c provided that its name is m, and that its age is in the interval I. 4. op = x ∈ I, X 1 (x) ∈ I, X 2 = X 1 , and ν 2 = ν 1 . The transition is enabled only if the value of x belongs to I. The clock values and the channel contents are not affected. Notice that in all five cases the control state changes from s 1 to s 2 . The timed transition relation models the passage of time, in the sense that the values of all clocks and the ages of all messages inside the channels are uniformly increased by (the same) real number. For configurations γ 1 = s, X 1 , ν 1 , γ 2 = s, X 2 , ν 2 , and a real number δ ∈ R ≥0 , the relation γ 1 δ −→ T γ 2 holds if the following two conditions hold: (i) X 2 (x) = X 1 (x) + δ for all x ∈ X, and (ii) for every c ∈ C, if ν 1 (c) is of the form ( . Finally the lossy transition relation allows messages to be lost from the channels at any time. Formally, if γ 1 = s, X, ν 1 and γ 2 = s, X, ν 2 , the relation γ 1 Reachability The initial configuration of a TLCS T is defined by γ init := s init , X init , ν init where X init (x) = 0 for all x ∈ X, and ν init (c) = for all c ∈ C. In other words, T is initiated from a configuration where it is in its initial control state, where all the clocks have a value equal to 0, and where all the channels are empty. A control state s ∈ S is said to be reachable if γ init * −→ T s, X, ν for some X and ν. An instance of the reachability problem consists of an Parosh Aziz Abdulla, Mohamed Faouzi Atig, and Jonathan Cederberg 5 TLCS T = S, s init , C, M, X, ∆ and a control state s ∈ S. The task is to check whether s is reachable. Normalization A TLCS T = S, s init , C, M, X, ∆ such that I = [0, 0] for all s 1 , c!(m ∈ I), s 2 ∈ ∆ is said to be messagenormalized. We say that T is clocknormalized if whenever s 1 , x ← I, s 2 ∈ ∆ then I = [0, 0]. Finally, T is normalized if it is both clockand messagenormalized. The following two lemmas show that the reachability problem for general TLCS can be reduced to that for normalized TLCS. Therefore, in the rest of the paper, we assume that all TLCS are normalized. Lemma 2. The reachability problem for TLCS can be reduced to that for messagenormalized TLCS. Lemma 3. The reachability problem for TLCS can be reduced to that for clocknormalized TLCS. Dynamic Lossy Channel Systems In this section, we introduce the model of Dynamic Lossy Channel Systems (DLCS for short). The model is a generalization of lossy channel systems Model A DLCS is a tuple D = S, s init , C, Σ, ∆ where S is a finite set of (control) states, s init ∈ S is the initial control state, C is a finite set of channels names, Σ is the channel alphabet, and ∆ is a finite set of transitions. A transition t ∈ ∆ is a triple s 1 , op, s 2 where s 1 , s 2 ∈ S are states and op is an operation of one of the following forms: 1. nop is an empty operation that does not check or update the channels, 2. c!m appends the message m ∈ Σ to the end of the static channel c ∈ C, 3. c?m removes the message m ∈ Σ from the head of the static channel c ∈ C, 6 Timed Lossy Channel Systems 4. send_channel(c) makes a copy of the content of the static channel c to a new dynamic channel, and appends the new channel to the end of the sequence of dynamic channels. 5. receive_channel(c) copies the content of the rightmost dynamic channel to the static channel c ∈ C and then removes this dynamic channel from the sequence of channels. Configurations A configuration d of D is a triple s, ν, ω , where s ∈ S is a control state, ν ∈ (C → Σ * ) is a function that represents the content of the set of static channels C, and ω ∈ (Σ * ) * is the content of the sequence of dynamic channels, also called the dynamic part of D. For configurations d 1 = s 1 , ν 1 , ω 1 , d 2 = s 2 , ν 2 , ω 2 , we say that d 1 d 2 if s 1 = s 2 , ν 1 (c) ν 2 (c) for all c ∈ C, and ω 1 ω 2 (recall the definition of from Section 2). Intuitively, we derive d 1 from d 2 by deleting messages from the channels (both static and dynamic) and by removing dynamic channels.
Nested timed automata
 FORMATS 2013. LNCS
, 2013
"... This paper proposes a new timed model named nested timed automata (NeTAs). An NeTA is a pushdown system whose stack symbols are timed automata (TAs). It either behaves as the top TA in the stack, or switches from one TA to another by pushing, popping, or changing the top TA of the stack. Different ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
This paper proposes a new timed model named nested timed automata (NeTAs). An NeTA is a pushdown system whose stack symbols are timed automata (TAs). It either behaves as the top TA in the stack, or switches from one TA to another by pushing, popping, or changing the top TA of the stack. Different from existing componentbased contextswitch models such as recursive timed automata and timed recursive state machines, when time passage happens, all clocks of TAs in the stack elapse uniformly. We show that the safety property of NeTAs is decidable by encoding NeTAs to the dense timed pushdown automata. NeTAs provide a natural way to analyze the recursive behaviors of componentbased timed systems with structure retained. We illustrate this advantage by the deadline analysis of nested interrupts.
Pushdown Systems with Stack Manipulation
"... Abstract. Pushdown systems are a model of computation equipped with one stack where only the top of the stack is inspected and modified in each step of transitions. Although this is a natural restriction, some extensions of pushdown systems require more general operations on stack: conditional pushd ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Pushdown systems are a model of computation equipped with one stack where only the top of the stack is inspected and modified in each step of transitions. Although this is a natural restriction, some extensions of pushdown systems require more general operations on stack: conditional pushdown systems inspect the whole stack contents and discrete timed pushdown systems increment the ages of the whole stack contents. In this paper, we present a general framework called pushdown systems with transductions (TrPDS) for extending pushdown systems with transitions that modify the whole stack contents with a transducer. Although TrPDS is Turing complete, it is shown that if the closure of transductions appearing in the transitions of a TrPDS is finite, it can be simulated by an ordinary pushdown system and thus the reachability problem is decidable. Both of conditional and discrete timed pushdown systems can be considered as such subclasses of TrPDS. 1
PushDown Automata with GapOrder Constraints
"... Abstract. We consider pushdown automata with data (PDAD) that operate on variables ranging over the set of natural numbers. The conditions on variables are defined via gaporder constraint. Gaporder constraints allow to compare variables for equality, or to check that the gap between the values o ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We consider pushdown automata with data (PDAD) that operate on variables ranging over the set of natural numbers. The conditions on variables are defined via gaporder constraint. Gaporder constraints allow to compare variables for equality, or to check that the gap between the values of two variables exceeds a given natural number. The messages inside the stack are equipped with values that are natural numbers reflecting their “values”. When a message is pushed to the stack, its value may be defined by a variable in the program. When a message is popped, its value may be copied to a variable. Thus, we obtain a system that is infinite in two dimensions, namely we have a stack that may contain an unbounded number of messages each of which is equipped with a natural number. We present an algorithm for solving the control state reachability problem for PDAD based on two steps. We first provide a translation to the corresponding problem for contextfree grammars with data (CFGD). Then, we use ideas from the framework of well quasiorderings in order to obtain an algorithm for solving the reachability problem for CFGDs. 1
Computing Optimal Reachability Costs in Priced DenseTimed Pushdown Automata
"... Abstract. We study priced densetimed pushdown automata that are a generalization of the classic model of pushdown automata, in the sense that they operate on realvalued clocks, and that the stack symbols have realvalued ages. Furthermore, the model allows a cost function that assigns transition c ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We study priced densetimed pushdown automata that are a generalization of the classic model of pushdown automata, in the sense that they operate on realvalued clocks, and that the stack symbols have realvalued ages. Furthermore, the model allows a cost function that assigns transition costs to transitions and storage costs to stack symbols. We show that the optimal cost, i.e., the infimum of the costs of the set of runs reaching a given control state, is computable. 1
Creative Commons Attribution License. Adding Time to Pushdown Automata (Tutorial)
, 2012
"... c © Abdulla et al. This work is licensed under the ..."
(Show Context)