|
|
| (One intermediate revision by one other user not shown) |
| Line 1: |
Line 1: |
| In [[computer science]], '''partial order reduction''' is a technique for reducing the size of the [[State transition system|state-space]] to be searched by a [[model checking]] algorithm. It exploits the commutativity of concurrently executed transitions, which result in the same state when executed in different orders.
| | Wilber Berryhill is what his spouse enjoys to call him and he completely loves this name. It's not a common factor but what I like doing is to climb but I don't have the time recently. Mississippi is the only place I've been residing in but I will have to transfer in a yr or two. Invoicing is my profession.<br><br>My website ... free psychic ([http://fashionlinked.com/index.php?do=/profile-13453/info/ link webpage]) |
| | |
| In explicit state space exploration, partial order reduction usually refers to the specific technique of expanding a representative subset of
| |
| all enabled transitions. This technique has also been described as model checking with representatives {{harv|Peled|1993}}.
| |
| There are various versions of the method, the so-called stubborn set method {{harv|Valmari|1990}}, ample set method {{harv|Peled|1993}}, and
| |
| persistent set method {{harv|Godefroid|1994}}.
| |
| | |
| == Ample sets ==
| |
| Ample sets are an example of model checking with representatives. Their formulation relies on a separate notion of ''dependency''. Two transitions are considered '''independent''' only if whenever they are mutually enabled, they cannot disable another
| |
| and the execution of both results in a unique state regardless of the order in which they are executed. | |
| Transitions that are not independent, are dependent.
| |
| In practice dependency is approximated using static analysis.
| |
| | |
| Ample sets for different purposes can be defined by giving conditions as to when a set
| |
| of transitions is "ample" in a given state.
| |
| | |
| '''C0''' <math> {ample(s)=\empty} \iff {enabled(s)=\empty} </math>
| |
| | |
| '''C1''' If a transition <math> \alpha </math> depends on some transition relation in ample(s), this transition cannot be invoked until some transition in the ample set executed.
| |
| | |
| Conditions C0 and C1 are sufficient for preserving all the deadlocks in the state space.
| |
| Further restrictions are needed in order to preserve more nuanced properties. For instance,
| |
| in order to preserve properties of linear temporal logic, the following two conditions are needed:
| |
| | |
| '''C2''' If <math> enabled(s) \neq ample(s) </math>, each transition in the ample set is invisible | |
| | |
| '''C3''' A cycle is not allowed if it contains a state in which some transition <math>\alpha</math> is enabled, but is never included in ample(s) for any states s on the cycle.
| |
| | |
| These conditions are sufficient for an ample set, but not necessary conditions {{harv|Clarke|1999}}.
| |
| | |
| == Stubborn sets ==
| |
| Stubborn sets make no use of an explicit independence relation. Instead they are defined solely through commutativity over
| |
| sequences of actions. A set <math>T(s)</math> is (weakly) stubborn at s, if the following hold.
| |
| | |
| '''D0''' <math>\forall a \in T(s) \forall b_1,...,b_n \notin T(s) </math>, if execution of the sequence <math>b_1,...,b_n,a</math> is possible and leads to the state <math>s'</math>, then execution of the sequence <math>a, b_1,...,b_n</math> is possible and will lead to state <math>s'</math> | |
| | |
| '''D1''' Either <math>s</math> is a deadlock, or <math>\exists a \in T(s)</math> such that <math>\forall b_1,...,b_n \notin T(s) </math>, the execution of <math>b_1,...,b_n,a</math> is possible.
| |
| | |
| These conditions are sufficient for preserving all deadlocks, just like C0 and C1 are in the ample set method.
| |
| They are, however, somewhat weaker, and as such may lead to smaller sets. The conditions C2 and C3 can also be
| |
| further weakened from what they are in the ample set method, but the stubborn set method is compatible with C2 and C3.
| |
| == Others ==
| |
| | |
| There are also other notations for partial order reduction. One of the commonly used is the persistent set/sleep set algorithm.
| |
| Detailed information can be found in Patrice Godefroid's thesis {{harv|Godefroid|1994}}.
| |
| | |
| In symbolic model checking, partial order reduction can be achieved by adding more constraints (guard strengthening).
| |
| | |
| == References ==
| |
| * {{Cite book | first=Antti |last=Valmari |chapter=Stubborn sets for reduced state space generation | title=Advances in Petri Nets 1990, LNCS 483, Springer 1991 |year=1990| pages=491–515|ref=harv}}
| |
| * {{Cite book |first=Doron A. |last=Peled |chapter=All from One, One for All: Model Checking Using Representatives |title=Proceedings of CAV'93, LNCS 697, Springer 1993 |year=1993 |pages=409–423 |ref=harv}}
| |
| * {{cite book |first=Edmund M |last=Clarke |coauthors=Orna Grumberg and Doron A. Peled |title=Model Checking |publisher=MIT Press |year=1999 |ref=harv}}
| |
| * {{cite journal |first=Patrice |last=Godefroid |title=Partial-Order Methods for the Verification of Concurrent Systems -- An Approach to the State-Explosion Problem |type=PhD. thesis |publisher=University of Liege, Computer Science Department |year=1994 |url=http://cm.bell-labs.com/who/god/public_psfiles/thesis.ps |format=PostScript |ref=harv}}
| |
| * {{cite book |url=http://spinroot.com/spin/Doc/Book_extras/ |title=The Spin Model Checker: Primer and Reference Manual |first=Gerard J |last=Holzmann |author-link=Gerard J. Holzmann |year=1993 |publisher=Addison-Wesley |isbn=0-321-22862-6}}
| |
| | |
| [[Category:Model checking]]
| |
Wilber Berryhill is what his spouse enjoys to call him and he completely loves this name. It's not a common factor but what I like doing is to climb but I don't have the time recently. Mississippi is the only place I've been residing in but I will have to transfer in a yr or two. Invoicing is my profession.
My website ... free psychic (link webpage)