the program to ensure program termination. Note that this modification is performed off-line, prior to the execution of the expert system, and the modified version must still satisfy the logical correctness constraints. On the other hand, if the termination of an OPS5 program is guaranteed, we proceed to determine an upper bound on its execution time. Instead of using static analysis, we build a tool to aid timing analysis of OPS5 expert systems. This tool generates a set of working memory elements (WMEs) which cause the program to consume maximum time. We take this set of WMEs as the initial working memory (WM) and test the program to determine the maximum execution time. In real applications, the initial WM is usually restricted to a certain domain. The OPS5 programs can execute only normally with this restriction. So, we also take this information into consideration. Users can then provide their requirements of the initial WM to our tool, making it possible to reduce the size of the WMEs we generate and thus produce more accurate analysis results.

We briefly introduce the OPS5 language in the next section. Then we describe the Cheng–Tsai analysis methodology, partially based on the graphical representation of the control paths of OPS5 programs. Next we present the Cheng–Chen analysis methodology, based on a different set of quantitative algorithms.

11.1 THE OPS5 LANGUAGE

This section provides an overview of the OPS5 language, with examples, and describes the Rete matching network for determining instantiations of rules.

11.1.1 Overview

An OPS5 rule-based program [Forgy, 1981; Brownston et al., 1986; Cooper and Wogrin, 1988] consists of a finite set of rules, each of which is of the form

(p rule-name (condition-element-1) (condition-element-2)

:

(condition-element-m) -->

(action-1)

:

(action-n))

and a database of assertions, each of which is of the form

The symbol “^” means there is an attribute name following it. The set of rules is called the production memory (PM) and the database of assertions is called the

370 TIMING ANALYSIS OF PREDICATE-LOGIC RULE-BASED SYSTEMS

working memory (WM). Each assertion is called a working memory element (WME). A rule has three parts:

•the name of the rule, rule-name;

•the left-hand-side (LHS), that is, a conjunction of the condition elements, each of which can be either a positive condition element or negative condition element; and

•the right-hand-side (RHS), that is, the actions, each of which may make, modify, or delete a WME, perform I/O, or halt.

All atoms are literals unless put in variable brackets <>. The scope of variables is a single rule. A WME is an instance of an element class. An element class defines a WME structure in the same way a C data type defines the structure of entities in a C program. An element class is the template from which instances are made. It is identified by and by a collection of attributes describing characteristics relevant to the entity. The following is an OPS5 rule for processing sensor information from a radar system:

{<Uninitialized-configuration> ; positive condition element (configuration ^object-detected 0) }

If both radars, (region-scan1) and (region-scan2), detect an object, the status of the radar system is normal, there is no interrupt, and the attribute

in the element class configuration is 0, then assign 1 to object-detected. The notation is used to name the matching WME for use in this action. Hence, <Uninitialized-configuration> refers to the “configuration” WME matched in the LHS. Otherwise, the number of the matching conditions in the LHS may be used in modify and delete commands. Comments are given following the semicolon. When the working memory contains the WMEs

(region-scan1 ^sensor object) (region-scan2 ^sensor object) (status-check ^status normal)

(configuration ^object-detected 0)

but does not contain the WME (interrupt ^status on), the above rule is said to have a successful matching. More precisely, a rule is enabled if each of its positive condition elements is matched with a WME in the working memory and each of its negative condition elements is not matched by any WME in the working memory. A rule firing is the execution of the RHS actions in the order they appear in the rule. The above rule fires by modifying the attribute in the element class configuration to have the value 1.

A condition element can consist of value tests, other than equality, that a matching WME value must satisfy. These tests may be specified using the following components. Consider the WME

(airport ^airport-terminals 3 ^vacancies 3),

which is an instance of the element class airport.

•Variables: variables are specified in brackets and are used for matching values in the WMEs, or for defining a relationship between two values. Variables are implicitly existentially quantified over the rule LHS and RHS. Note that the following example requires the same value for the attributes airport-terminals and vacancies.

^airport-terminals <terminals-available> ^vacancies <terminals-available>

• Predicate operators: for restricting the range of values that can match.

^airport-terminals > 0

•Disjunctions: for specifying a list of values, one of which must be equal to the value in the WME.

^airport-terminals << 1 2 3 >>

•Conjunctions: for specifying a group of value tests that must be satisfied by one WME value.

^airport-terminals { > 1 <> nil }

•Variable semantic restrictions: any variable may be further qualified using these predicates by inclusion in the braces, as in

(airport ^airport-terminals { <terminals-available> > 0 }).

The execution of the OPS5 program is known as the MRA cycle [Brownston et al., 1986] and is executed by the inference engine. The MRA cycle consists of three phases:

•Match: for each rule, determine all sets of WMEs that match the condition elements of the rule. Note that a rule may have more than one matching. The result of a successful match is called an instantiation. The set of all satisfied rule instantiations is called the conflict set.

•Resolve (Select): a single rule instantiation is selected from the conflict set according to some conflict-resolution strategies. Two common strategies are LEX (lexicographic ordering) and MEA (means-end analysis).

•Act: the selected rule instantiation is executed in the act phase. The actions in the selected rule are executed sequentially in the order they appear in the rule.