294 DESIGN AND ANALYSIS OF PROPOSITIONAL-LOGIC RULE-BASED SYSTEMS
[]v63a28 := true IF ((v63a22 = false) AND
(v63a12 = true) OR ((v63a12 = false) AND (v63a13 = true)) AND (v63a12 = true) AND (v63a11 = false) AND (v63a8 = false) AND (v63a5 = false) AND (v63a3 = false) AND (v63a1c = true)) OR ((v63a26 = true) AND (((v63a23 = true) AND (v63a1b = true)) OR (v63b7 = true)))
[]v63a30 := true IF (((v63a1b = true) AND (v63a23 = true)) OR (v63b7 = true)) AND (v63a26 = false) AND (v63a29 = true)
[]v63a33 := true IF (v63a32 = false) AND (v63a31 = true) AND (v63a29 = false) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true)
[]v63a35 := true IF (v63a32 = true) AND (v63a31 = true) AND (v63a29 = true) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true)
[]v63a36 := true IF (v63a34b = true) AND (v63a31 = false) AND
(v63a29 = false) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true)
[]v63a37 := true IF ((((v63a1b = true) AND (v63a23 = true)) OR (v63b7 = true)) AND (v63a26 = false) AND (v63a29 = true)) AND
((v63a32 = false) AND (v63a31 = true) AND (v63a29 = false) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true)) AND ((v63a32 = true) AND (v63a31 = true) AND (v63a29 = true) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true)) AND ((v63a34a = true) AND (v63a31 = false) AND (v63a29 = false) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true))
[]v63a38 := true IF ((v63a34a = true) AND (v63a31 = false) AND
(v63a29 = false) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true))
[]v63a39 := true IF (v63a34b = true) AND (v63a31 = false) AND
(v63a29 = false) AND (v63a26 = false) AND (v63a23 = true) AND (v63a1b = true)
TRACE
v63a2, v63a4, v63a6, v63a7, v63a9, v63a10, v63a14, v63a15, v63a18, v63a19, v63a20, v63a21, v63a24, v63a25, v63a27, v63a28, v63a30, v63a33, v63a35, v63a36, v63a37, v63a38, v63a39
v63a2, v63a4, v63a6, v63a7, v63a9, v63a10, v63a14, v63a15, v63a18, v63a19, v63a20, v63a21, v63a24, v63a25, v63a27, v63a28, v63a30, v63a33, v63a35, v63a36, v63a37, v63a38, v63a39
END.
10.8 THE SYNTHESIS PROBLEM
The following definition is needed to formalize the synthesis problem. We say that an equational rule-based program P2 is an extension of a program P1 iff the following conditions hold: (1) The variables of P1 are a subset of those of P2; (2) P1 has the same launch states as the projection of the state space of P2 onto that of P1; that is, if P2 has more variables than P1, we consider only those variables in P2 that are
THE SYNTHESIS PROBLEM |
295 |
also in P1; (3) The launch states of P1 and the corresponding ones in P2 have the same end points. Notice that we do not require the state-space graph of P1 to be the same as the corresponding graph of P2; for example, the paths from launch states to their end points may be shorter in P2. The synthesis problem is: Given an equational rule-based program P that always reaches a safe fixed point in finite time but is not fast enough to meet the timing constraints under a fair scheduler, determine whether an extension of P exists that meets both the timing and integrity constraints under some scheduler.
For programs in which all variables have finite domains, we can in principle compute all the end points for each launch state since the state-space graph is finite. We can create a new program from the given program as follows. The new program has the same variables as the given program. Suppose s is a launch state and s is an end point of s. We create a rule r that is enabled iff the program is in s and firing r will result in the program being in s ; i.e., the enabling condition of r is to match the values of the variables in s, and the multiple assignment statement of r assigns to the variables the corresponding values of those in s . By this construction, the new program will always reach a fixed point in one iteration. Thus in theory, a solution always exists for the synthesis problem in the case of finite variables. This solution is very expensive in terms of memory since there are at least as many rules as there are launch states, even though some optimization can be performed to minimize the number of rules by exploiting techniques similar to those used in programmable logic array optimization. However, we still have to compute the end points for each launch state, and this can be computationally expensive.
We would like to find solutions to the synthesis problem without having to check the entire state space of a program. Two general approaches have been identified:
1.transforming the given equational rule-based program by adding, deleting, and/or modifying rules, and
2.optimizing the scheduler to select the rules to fire such that a fixed point is always reached within the response-time constraint. This assumes that at least one sufficiently short path exists from a launch state to every one of its end points.
We shall illustrate both approaches with the program in example 1, which is reproduced below.
Example 7
initially: object detected = false, sensor a status, sensor b status = good input: read(sensor a, sensor b, sensor c)
1.object detected := true IF sensor a = 1 AND sensor a status = good
2.[] object detected := true IF sensor b = 1 AND sensor b status = good
3.[] object detected := false IF sensor a = 0 AND sensor a status = good
4.[] object detected := false IF sensor b = 0 AND sensor b status = good
THE SYNTHESIS PROBLEM |
297 |
In approach (2), we customize an optimal scheduler that always selects the shortest path to any end point from a launch state. For the program in the example, this can be achieved by a fixed-priority scheduler which assigns a higher priority to rules 5 and 6; that is, if rule 5 or rule 6 is enabled, it is always fired before rules 1–4.
It should be emphasized that the two approaches for solving the synthesis problem are not in general polynomial time. Determining whether a scheduler exists that meets a response-time constraint is NP-hard, as we shall show in the next section.
10.8.1Time Complexity of Scheduling Equational Rule-Based Programs
Consider the following equational rule-based program:
initially: R = 0, t1 = t2 = · · · = tn = 0
input: read (C)
1.R := R + q1(t¯)!t1 := t1 + 1 IF R < C
2.[] R := R + q2(t¯)!t2 := t2 + 1 IF R < C
.
.
.
n. [] R := R + qn (t¯)!tn := tn + 1 IF R < C
In the above program, t¯ is the vector t1, t2, . . . , tn . We can think of the variable R, which is initially 0, as the accumulated reward for firing the rules, and ti as the number of times rule i has been fired, which is initially 0 for all n rules. The function qi (t¯) gives the additional reward that can be obtained by firing rule i one more time. All the qi (t¯)s are monotonically nondecreasing functions of t¯, so the program may reach a fixed point in finite time, assuming that some qi s return positive values.
The time-budgeting problem is to decide whether the above program can increase R from 0 to ≥ C in T iterations, for some given T . The time-budgeting problem arises when an output must be computed within a response-time constraint of T by a real-time decision system that is composed of n subsystems. To compute the output, the decision system must invoke a number of subsystems Si , i = 1, . . . , n, each of which computes a partial output. The quality qi of each partial output is dependent on the time ti allocated to the subsystem Si , and the overall quality of the output depends on some function of the quality of the partial outputs. Given a fixed time period T , the objective of the time-budgeting problem is to maximize the overall quality R = q1 + · · · + qn by determining an optimal partition of T into n time slices, where each time slice ti , i = 1, . . . , n corresponds to the time allocated to subsystem Si .
Referring to the EQL program above, it is obvious that the time-budgeting problem is in NP since a nondeterministic algorithm can guess the number of times each