Team VerTeCs

Overall Objectives
Scientific Foundations
Application Domains
New Results
Contracts and Grants with Industry
Other Grants and Activities

Section: Scientific Foundations

Keywords : labeled transition systems, symbolic, input/output events, controllable/uncontrollable events (uncontrollable events, controllable events), implicit transition relation.

Underlying Models.

The formal models we use are mainly automata-like structures such as labelled transition systems (LTS) and some of their extensions: an LTS is a tuple M = (Q, $ \upper_lambda$, $ \rightarrow$, qo) where Q is a non-empty set of states; qo$ \in$Q is the initial state; A is the alphabet of actions, Im1 ${\#8594 \#8838 Q×\#923 ×Q}$ is the transition relation. These models are adapted to testing and controller synthesis.

To model reactive systems in the testing context, we use Input/Output labeled transition systems (IOLTS for short). In this setting, the interactions between the system and its environment (where the tester lies) must be partitioned into inputs (controlled by the environment), outputs (observed by the environment), and internal (non observable) events modeling the internal behavior of the system. The alphabet $ \upper_lambda$ is then partitioned into Im2 ${\#923 _!\#8746 \#923 _?\#8746 \#119983 }$ where $ \upper_lambda$! is the alphabet of outputs, $ \upper_lambda$? the alphabet of inputs, and Im3 $\#119983 $ the alphabet of internal actions.

In the controller synthesis theory, we also distinguish between controllable and uncontrollable events ($ \upper_lambda$ = $ \upper_lambda$c$ \cup$$ \upper_lambda$uc ), observable and unobservable events (Im4 ${\#923 =\#923 _O\#8746 \#119983 }$ ).

In order to cope with more realistic models, closer to real specification languages, we also need higher level models that consider both control and data aspects. We defined (input-output) symbolic transition systems ((IO)STS), which are extensions of (IO)LTS that operate on data (i.e., program variables, communication parameters, symbolic constants) through message passing, guards, and assignments. Formally, an IOSTS is a tuple (V, $ \upper_theta$, $ \upper_sigma$, T) , where V is a set of variables (including a counter variable encoding the control structure), $ \upper_theta$ is the initial condition defined by a predicate on V, $ \upper_sigma$ is the finite alphabet of actions, where each action has a signature (just like in IOLTS, $ \upper_sigma$ can be partitioned as e.g. Im5 ${\#931 _?\#8746 \#931 _!\#8746 \#931 _\#964 }$ ), T is a finite set of symbolic transitions of the form t = (a, p, G, A) where a is an action (possibly with a polarity reflecting its input/output/internal nature), p is a tuple of communication parameters, G is a guard defined by a predicate on p and V, and A is an assignment of variables. The semantics of IOSTS is defined in terms of (IO)LTS where states are vectors of values of variables, and transitions between them are labelled with instantiated actions (action with valued communication parameter). This (IO)LTS semantics allows us to perform syntactical transformations at the (IO)STS level while ensuring semantical properties at the (IO)LTS level. We also consider extensions of these models with added features such as recursion, fifo channels, etc. An alternative to IOSTS to specify systems with data variables is the model of synchronous dataflow equations.

Our research is based on well established theories: conformance testing, supervisory control, abstract interpretation, and theorem proving. Most of the algorithms that we employ take their origins in these theories:


Logo Inria