Finite & Deterministic Discrete Event System Specification

From Wikipedia, the free encyclopedia

FD-DEVS (Finite & Deterministic Discrete Event System Specification) is a formalism for modeling and analyzing discrete event systems in both simulation and verification ways. FD-DEVS also provides modular and hierarchical modeling features which have been inherited from Classic DEVS.

Contents

[edit] History

FD-DEVS was originally named as ``Schedule-Controlable DEVS`` [Hwang05] and designed to support verification analysis of its networks which had been an open problem of DEVS formalism for 30 years. In addition, it was also designated to resolve the so-called ``OPNA`` problem of SP-DEVS. From the viewpoint of Classic DEVS, FD-DEVS has three restrictions

  1. finiteness of event sets and state set,
  2. the lifespan of a state can be scheduled by a rational number or infinity, and
  3. the internal schedule can be either preserved or updated by an input event.

The third restriction can be also seen as a relaxation from SP-DEVS where the schedule is always preserved by any input events. Due to this relaxation there is no longer OPNA problem, but there is also one limitation that a time-line abstraction which can be used for abstracting elapsed times of SP-DEVS networks is no longer useful for FD-DEVS network [Hwang05]. But another time abstraction method [Dill89] which was invented by Prof. D. Dill can be applicable to obtain a finite-vertex reachability graph for FD-DEVS networks.

[edit] Examples

Fig. 1. FD-DEVS Coupled Diagram for Ping-Pong Game
Fig. 1. FD-DEVS Coupled Diagram for Ping-Pong Game
Ping-Pong Game

Let's consider a single ping-pong match in which there are two players. Each player can be modeled by FD-DEVS such that the player model has an input event ``?receive`` and an output event ``!send``. And it has two states: ``Send`` and ``Wait``. Once the player gets into ``Send``, it will generates ``!send`` and backs to ``Wait`` after the sending time which is 0.1 time unit. When staying at ``Wait`` and if it gets ``?receive``, it changes into ``Send`` again. In other words, the player model stays at ``Wait`` forever unless it gets ``?receive``.

To make a complete ping-pong match, one players starts as an offender whose initial state is ``Send`` and the other starts as an defender whose initial state is ``Wait``. Thus in Fig. 1. Player A is the initial offender and Player B is the initial defender. In addition, to make the game continue, each player's ``?send`` event should be coupled to the other player's ``?receive`` as shown in Fig. 1.

Fig. 2. (a) Two-Slot Toaster  (b) FD-DEVS Coupled Diagram for Two-Slot Toaster
Fig. 2. (a) Two-Slot Toaster (b) FD-DEVS Coupled Diagram for Two-Slot Toaster
Two-Slot Toaster

Let's consider a toaster in which there are two slots that they have their own start knobs as shown in Fig. 2(a). Each slot has the identical functionality except their toasting time. Initially, the knob is not pushed, but if we push the knob, the associated slot starts toasting for its toasting time: 20 seconds for the left slot, 40 seconds for the right slot. After the toasting time, each slot and its knobs pop up. Notice that even though one tries to push a knob when its associated slot is toasting, nothing happens.

We can model it with FD-DEVS as shown in Fig. 2(b). Two slots are modeled as atomic FD-DEVS whose input event is ``?push`` and output event is ``!pop``, states are ``Idle`` (I) and ``Toast`` (T) with the initial state is ``idle``. When it is ``Idle`` and receives ``?push`` (because one pushes the knob), its state changes to ``Toast``. In other words, it stays at ``Idle`` forever unless it receives ``?push`` event. 20 (res. 40) seconds later the left (res. right) slot returns to ``Idle``.

[edit] Atomic FD-DEVS

[edit] Formal Definition

 M =  < X,Y,S,s0,τ,δxy > 

where

  • X is a finite set of input events;
  • Y is a finite set of output events;
  • S is a finite set of states;
  •  s_0 \in S is the initial state;
  •  \tau: S \rightarrow \mathbb{Q}_{[0,\infty]} is the time advanced function which defines the lifespan of a state where  \mathbb{Q}_{[0,\infty]} is the set of non-negative rational numbers plus infinity.
  •  \delta_x: S \times X \rightarrow \{0,1\} \times S is the external transition function which defines how an input event changes the schedule as well as a state of the system. The internal schedule of a state  s \in S is updated by τ(s') if δx(s) = (1,s'), otherwise(i.e., δx(s) = (0,s')), the schedule is preserved [1].
  •  \delta_y: S \rightarrow Y^\phi \times S is the output and internal transition function where  Y^\phi = Y \cup \{\phi\} and \phi \notin Y denotes the silent event. The output and internal transition function defines how a state generates an output event, at the same time, how the state changes internally[2].
Formal Representation of Ping-Pong Player

The formal representation of the player in the ping-pong example shown in Fig. 1 can be given as follows. M = < X,Y,S,s0,τ,δxy > where X={?receive}; Y={!send}; S={Send, Wait}; s0=Send for Player A, Wait for Player B; τ(Send)=0.1,τ(Wait)=\infty ; δx(Wait,?receive)=(1,Send), δx(Send,?receive)=(0,Send); δy(Send)=(!send, Wait), δy(Wait)=(φ, Wait).

Formal Representation of One Slot Toaster

The formal representation of the slot of Two-slot Toaster Fig. 2(a) and (b) can be given as follows. M = < X,Y,S,s0,τ,δxy > where X={?push}; Y={!pop}; S={I, T}; s0=I; τ(T)=20 for the left slot, 40 for the right slot, τ(I)=\infty ; δx(I, ?push)=(1,T), δx(T,?push)=(0,T); δy(T)=(!pop, I), δy(I)=(φ, I).

Formal Representation of Crosswalk Light Controller

As mentioned above, FD-DEVS is an relaxation of SP-DEVS. That means, FD-DEVS is a supper class of SP-DEVS. We would give a model of FD-DEVS of a crosswalk light controller which is used for SP-DEVS in this wikipedia. M = < X,Y,S,s0,τ,δxy > where X={?p}; Y={!g:0, !g:1, !w:0, !w:1}; S={BG, BW, G, GR, R, W, D}; s0=BG, τ(BG)=0.5,τ(BW)=0.5, τ(G)=30, τ(GR)=30,τ(R)=2, τ(W)=26, τ(D)=2; δx(G,?p)=(0,GR), δx(s,?p)=(0,s) if s \neqG; δy(BG)=(!g:1, BW), δy(BW)=(!w:0, G),δy(G)=(φ, G), δy(GR)=(!g:0, R), δy(R)=(!w:1, W), δy(W)=(!w:0, D), δy(D)=(!g:1, G);

[edit] Total State Transition

Fig. 3. an Event Segment and a State Trajectory of Player A
Fig. 3. an Event Segment and a State Trajectory of Player A
Total State Transition of Ping-Pong Player A

Fig. 3. shows an event segment (top) and the associated state trajectory (bottom) of Player A who plays the ping-pong game introduced in Fig. 1. In Fig. 3. the status of Player A is described as (state, lifespan, elapsed time)=(s,ts,te) and the line segment of the bottom of Fig. 3. denotes the value of the elapsed time. Since the initial state of Player A is ``Send`` and its lifetime is 0.1 seconds, the height of (Send, 0.1, te) is 0.1 which is the value of ts. After changing into (Wait, inf [3], 0) when te is reset by 0, Player A doesn't know when te becomes 0 again. However, since Player B sends back the ball to Player A 0.1 second later, Player A gets back to (Send, 0.1 0) at time 0.2. From that time, 0.1 seconds later when Player A's status becomes (Send, 0.1, 0.1), Player A sends back the ball to Player B and gets into (Wait, inf, 0). Thus, this cyclic state transitions which move ``Send`` to ``Wait`` back and forth will go forever.

Fig. 4. an Event Segment and a State Trajectory of a Toaster
Fig. 4. an Event Segment and a State Trajectory of a Toaster
Total State Transition of a Toaster

Fig. 4. shows an event segment (top) and the associated state trajectory (bottom) of the left slot of the two-slot toaster introduced in Fig. 2. Like Fig.3, the status of the left slot is described as (state, lifespan, elapsed time)=(s,ts,te) in Fig. 4. Since the initial state of the toaster is ``I`` and its lifetime is infinity, the height of (Wait, inf, te) can be determined by when ?push occurs. Fig. 4. illustrates the case ?push happens at time 40 and the toaster changes into (T, 20, 0). From that time, 20 seconds later when its status becomes (T, 20, 20), the toaster gets back to (Wait, inf, 0) where we don't know when it gets back to ``Toast`` again. Fig. 4. shows the case that ?push occurs at time 90 so the toaster get into (T,20,0). Notice that even though there someone push again at time 97, that status (T, 20, 7) doesn't change at all because δx(T,?push)=(0,T).

Formal Definition of Total State Transition

As mentioned above, to described the timed behavior of SP-DEVS we need to introduced two variables of associated with time: the lifespan ts of a state and the elapsed time te since the last schedule update. As mentioned earlier, the output and internal state transition δy can be executed when the elapsed time becomes to be equal to the lifespan of a state, i.e. te = ts. That means, the execution of δy is impossible when  t_e \ne t_s .

Let  Q_p=\{(s, t_s, t_e)| s \in S, t_s \in \mathbb{Q}_{[0, \infty]}, t_e \in [0, t_s] \} be the legal state set while  Q_{imp}=\{(imp, \infty, t_e)| imp \not\in S, t_e \in [0, \infty) \} be the the illegal state set. Let  Q = Q_p \cup Q_{imp} denote the total state set. and  Z = X \cup Y^\phi denote the total event set.

Then the total state transition is defined as a function  \delta: Q \times Z \rightarrow Q such that for  q=(s, t_s, t_e) \in Q and  z \in Z ,
 \delta(q, z) =
\begin{cases}
 (s', t_s, t_e) & \textrm{if } s \in S, z \in X, \delta_x (s, z) = (0,s') \\
 (s', \tau(s), 0) & \textrm{if } s \in S, z \in X, \delta_x (s, z) = (1,s') \\
 (s', \tau(s), 0) & \textrm{if } s \in S, z \in Y^\phi, t_e = t_s, \delta_y (s) = (z, s') \\
 (imp, \infty, t_s) & \textrm{otherwise }
\end{cases}

[edit] Advantages

  • Applicability of Time-Zone Abstraction

The property of non-negative rational-valued lifespans which can be preserved or changed by input events along with finite numbers of states and events guarantees that the behavior of FD-DEVS networks can be abstracted as an equivalent finite-vertex reachability graph by abstracting the infinitely-many values of the elapsed times using the time abstracting technique introduced by Prof. D. Dill [Dill89]. An algorithm generating a finite-vertex reachability graph (RG)has been introduced in [HZ06a], [HZ07].

  • Decidablility of Safety

As a qualitative property, safety of a FD-DEVS network is decidable by (1) generating RG of the given network and (2) checking whether some bad states are reachable or not [HZ06b].

  • Decidablility of Liveness

As a qualitative property, liveness of a FD-DEVS network is decidable by (1) generating RG of the given network, (2) from RG, generating kernel directed acyclic graph (KDAG) in which a vertex is strongly-connected component [Sedgewick02], and (3) checking if a vertex of KDAG contains a state transition cycle which contains a set of liveness states[HZ06b].

[edit] Disadvantages

  • Weak Expressiveness for describing nondeterminism

The features that all characteristic functions,τ,δxy of FD-DEVS are deterministic can be seen as somehow a limitation to model the system that has non-deterministic behaviors. For example, if a player of the ping-pong game shown in Fig. 1. has a stochastic lifespan at ``Send`` state, FD-DEVS doesn't capture the non-determinism effectively.

[edit] Tool

There is an open source library, called DEVS# at http://xsy-csharp.sourceforge.net/DEVSsharp/, that supports some reachability graph-based verification algorithms for finding safyness and liveness.

[edit] Footnotes

  1. ^ δx can be divided into two functions: \rho: S \times X \rightarrow \{0,1\} and \delta_{ext}:S \times X \rightarrow S as in [Hwang05].
  2. ^ δy can be divided into two functions:  \lambda:  S \rightarrow Y^\phi and \delta_{int}:S \rightarrow S as in [ZKP00].
  3. ^ inf in Fig 3. means  \infty.

[edit] References

  • [Dill89] D.L. Dill, ``Timing Assumptions and Verification of Finite-State Concurrent Systems``, In Proceedings of the Workshop on Computer Aided Verification Methods for Finite State Systems, pp 197-212, Grenoble, France, 1989
  • [Hwang05] M.H. Hwang, ``Generating Finite-State Global Behavior of Reconfigurable Automation Systems: DEVS Approach``, Proceedings of 2005 IEEE-CASE, Edmonton, Canada, Aug. 1-2, 2005(Available at http://moonho.hwang.googlepages.com/publications)
  • [HZ06a] M. H. Hwang and B. P. Zeigler, ``A Modular Verification Framework using Finite and Deterministic DEVS``, Proceedings of 2006 DEVS Symposium, pp57-65, Huntsville, Alabama, USA, (Available at http://www.acims.arizona.edu)
  • [HZ06b] M. H. Hwang and B. P. Zeigler, ``A Reachable Graph of Finite and Deterministic DEVS Networks``, Proceedings of 2006 DEVS Symposium, pp48-56, Huntsville, Alabama, USA, (Available at http://www.acims.arizona.edu)
  • [HZ07] M.H. Hwang and B.P. Zeigler, ``Reachability Graph of Finite & Deterministic DEVS``, IEEE Transactions on Automation Science and Engineering, accepted (Draft available at http://www.acims.arizona.edu)
  • [ZKP00] Bernard Zeigler, Tag Gon Kim, Herbert Praehofer (2000). Theory of Modeling and Simulation, second, Academic Press, New York. ISBN 978-0127784557.