SYRF Project
Task 3.1: "Symbolic abstraction of automata"
Abstract of deliverable 3.1.3
The deliverable contains contributions from two distinct INRIA sites
(INRIA Meije and INRIA Ep-Atr).
Work at INRIA Meije concentrated
on important techniques for compositional reductions
of Boolean Equation Systems.
Work at INRIA Ep-Atr dealt
with two issues: the design of abstraction
methods on Implicit Labeled Transition Systems on one hand;
controller synthesis and the Supervisory
Control Problem on the other hand.
INRIA Meije contribution:
Compositional reductions of Boolean
Equation Systems
This task was considered as the major activity at INRIA Meije
for this third year, and a lot of manpower was devoted to it.
Achieved Results
We conducted extensive research on Compositional reduction of Boolean
Equation Systems, in accordance with the original milestones of the
project description. The practical software developments include:
-
translators from our proprietary SC format to the Blif format,
used as an entry point for netlist descriptions by logic synthesis tools
-
translators back from Blif to SC (to be applied on optimised
subcomponents).
-
SC linkers to reassenble a single program from optimised subcomponents
and a surroundind context.
Defining these translations prompted some research work for the following
reason:
In the case of Esterel, the netlist part encoding behaviour
at the initial instant has to be kept apart from the code for the rest
of the behaviour, in the compositional approach. This is so because the
code for the first instant may be duplicated several times due to the various
preemptions applicable by a reactive context. Thus the two parts of the
code have to be split apart and optimized separately. But importantly one
main role of the initial instant code is to provide admissible (or reachable)
configurations of state registers after initialization phase. Optimizing
the rest of the behaviour without this information proved deceiving, specially
in comparison with independant optimization of subcomponents in isolation.
We thus had to figure out technical ways to introduce the initial code
part as a constraint ("care set" in hardware synthesis jargon) on the rest
of the code to improve reduction in optimizations. Our solutions now provide
optimizations comparable in size of registers to the "isolation" ones,
with combinational logic augmented by a factor of roughly 2 only.
We conducted several large-scale experiments of compositional reduction
of Boolean Equation Systems, on case studies provided
by
development teams at Texas Instruments or Dassault Aviation (unfortunately
not on case studies provided by industrial partners in Syrf).
A more detailed presentation of all activities this year of INRIA Meije
on compositional reduction of Boolean Equation Systems,
with its relevance to symbolic abstraction of Finite State
Machines,
is to be found as an annex
to
the deliverable.
INRIA Ep-Atr contributions:
Abstractions
The proposed approach
Last year, we presented Implicit Labeled Transition Systems (ILTS)
as intermediate models for discrete event systems. We have studied operations
of parallel composition and event hiding, as well as an equivalence criterion
based on strong bisimulation semantics, namely the equivalence called
symbolic
bisimulation. We also proposed an algorithm that provides the reduced
system according to a bisimulation equivalence relation. The aim of the
work is to rely on intensional descriptions of the systems for symbolic
abstractions purposes, based on behavioral equivalences. The intensional
approach we propose has the main advantage to remain at an interesting
level of abstraction to handle sets (of states, of events) in which algorithms
and properties can entirely be expressed, thus providing us with a high
level of expressiveness. This abstract level avoids us to bother with a
particular choice of sets implementation, such as Binary Decision Diagrams
(BDDs), even if all operations are actually based on this representation
for sets. Moreover, the intensional formalism is completely compatible
with the symbolic techniques, since intensionally described sets can afterwards
be implemented by any kind of methods, e.g. decision diagrams. However,
other tools with various implementations for sets might be considered using
the same high level framework (e.g. Mathematica, Maple).
Achieved Results
This year, we achieved the design of abstraction methods based on symbolic
techniques: classical abstraction by state fusion has been considered
(with associated equivalence relation computation). We also introduced
other kinds of abstraction, falling into the category of abstraction
by restriction: in particular, we studied the use of the controller
synthesis methodology to achieve the restriction synthesis[6].
-
Abstraction by state fusion
The principles of abstraction by state fusion is classical : super
states are obtained by fusionning concrete states and transitions are naturally
lifted to super states. For this kind of abstraction, compositionality
is trivial. In this setting, we propose a family of algorithms to build
the abstracted system, in the symbolic/intensional philosophy. More precisely,
we present a general method to abstract automata on the basis of a state
fusion criterion, derived from e.g. equivalence relations (such as
bisimulation), partitions, ...
The approach has the advantage to deliver the abstracted model still
in an intensional style, whereas in classical approaches symbolic models
might become explicit when submitted to reduction. However, the state fusion
computation might still have some explicit features when derived from equivalence
relations : we cannot yet avoid the equivalence classes enumeration, during
which the reduced model is built ``on the fly''. Our choice of equivalence
relations mainly focuses on the computation of greatest bisimulations (strong,
but also weak/delay/branching), to ensure behavioral properties preservation.
However, any kind of relations larger than the bisimulations can
be considered (in particular, partitions, general relations,..., provided
the user takes care of the correction of its abstraction).
-
Abstraction by restriction
This abstraction aims to simplify the model by disallowing some behaviors.
A naive approach would consist in modifying the structure of the automata
by removing either a set of states or a set of events. The corresponding
set of states could possibly be induced by a property (e.g. invariant property,...).
Also, observing automata can be composed with the original one in order
to get more subtle restrictions of the behaviors. Both techniques have
been considered, and for the latter one, we have explored particular kind
of restrictions : as in the control theory world (see control
section), the status of events is twofold . Some events, called uncontrollable,
cannot be prevented from occurring (e.g. think of an open system in an
environment), whereas the others, though
controllable can be disabled.
In this new framework, the abstraction by restriction needs being refined,
and falls into the controller synthesis issues by adding constraints to
the initial system (by means of new boolean/polynomial equations), called
the controller.
The prototyped functionalities enabling the above mentioned approaches
are available in the Sigali tool box, the formal calculus system of the
Signal environment [6,2]. These new functionalities of Sigali are
still under improvement process but have already been experimented for
the case of significant Signal programs. In particular, some experiments
have been conducted on EdF partner case study : the power transformer
station controller. Unfortunately the Syrf Steam Boiler
case, although designed in Signal and studied in our group in the Task
3.4 , turns out to be far too much numerical to be relevant for boolean
automata issues.
Supervisory Control Problem
The proposed approach
Control theory of discrete event systems allows to use constructive
methods, that ensure, a priori, required properties of the system
behavior. Therefore, the validation phase reduces to properties not guaranteed
by the control.
Achieved Results
There exist different theories for the control of discrete event systems
since the 80's [ramadge89], [holloway97]. Usually, the starting
point of these theories is: given a model for the system and the control
objectives, a controller must be derived by various means such that the
resulting behavior of the closed loop system meets the control objectives.
-
This year, we have been interested in the controller synthesis problem
within the Ramadge and Wohnam Approach. Symbolic bisimulation techniques
(inherited from previous section) have been
considered for solving the Supervisory Control Problem, in the same spirit
as [Barett98]. They solve the Supervisory Control Problem by exploiting
the link between a given bisimulation and the controllability of languages.
We improved this work by providing symbolic version of the algorithms.
See [5,6] for more details ( [5] is a submission version
of Section 5 in [6]).
-
Meanwhile, many efforts for dissemination of the Supervisory Control
Problem using polynomial methods, in the Signal Environment have been
done [1,2,3,4]. For a theoretical point of view, see [3]
and its corresponding paper [2]. For an applicative point of view,
see [1,4]. In [1], we relate the experience of the controller
synthesis methodology applied to the incremental specification of a power
transformer station Controller (See Task 1 for more details).
Publications:
-
[1] H. Marchand, M. Samaan. On the Incremental Design of a Power
Transformer Station Controller using Controller Synthesis Methodology.
World Congress on Formal Methods (FM'99), Volume 1709 of LNCS, pages 1605-1624,
Toulouse, France, September 1999. Postscript
-
[2]
H. Marchand, M. Le Borgne. The Supervisory Control Problem of Discrete
Event Systems using polynomial Methods. Research report Irisa, No1271,
October 1999. Postscript
-
[3]
H. Marchand, M. Le Borgne. - Supervisory Control Problem within the
Polynomial Dynamical System Framework. - submitted to Special Issue
of the IEEE Transactions on Systems, Man and Cybernetics: ``Discrete Systems
and Control''.
-
[4]
H. Marchand, P. Bournai, M. Le Borgne, P. Le Guernic. - Incremental
Design ofAutomatic Discrete-Event Controllers in the Signal Environment.
- submitted to Journal of Discrete Event Dynamical Systems. Short
Version (SMC'98)
-
[5]
H. Marchand., S. Pinchinat - Supervisory Control Problem using Symbolic
Bisimulation Techniques. - submitted to 2000 American Control Conference.
-
[6]
S. Pinchinat, H. Marchand, M. Le Borgne. Symbolic Abstractions of Automata
and their application to the Supervisory Control Problem Research report
Irisa, No 1279, November 1999.
Related references:
-
[barret98]
- G.Barret, S. Lafortune. Bisimulation, the Supervisory Control Problem
and Strong Model Matching for Finite State Machines. Journal of Discrete
Event Dynamic Systems (8)4, pp 337-429, December 1998
-
[holloway94]
- L.E.Holloway, B.H. Krog, A. Giua. A survey of Petri Net Methods for
controlled Discrete EventSystems, Discrete Event Dynamic Systems: Theory
and Application, Vol. 7, pp 151-190, 1997
-
[ramadge89]
- P. J. Ramadge and W. M. Wonham. The Control of Discrete Event Systems.
Proceedings of the IEEE; Special