COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND …acts/2015/Slides/aiswarya.pdfC. Aiswarya, and P....
131
C. Aiswarya Uppsala University, Sweden Paul Gastin LSV, ENS Cachan, France K. Narayan Kumar Chennai Mathematical Institute, India Joint work with ACTS 09/02/2015, Chennai COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND SPLIT-WIDTH INFORMEL Indo-French Formal Methods Lab
Transcript of COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND …acts/2015/Slides/aiswarya.pdfC. Aiswarya, and P....
C. Aiswarya Uppsala University, Sweden
Paul Gastin LSV, ENS Cachan, France
K. Narayan Kumar Chennai Mathematical Institute, India
Joint work with
ACTS!09/02/2015, Chennai
COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND SPLIT-WIDTH
INFORMEL Indo-French Formal Methods Lab
VERIFICATIONModel Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
Undecidable in many cases
VERIFICATION
UNDER-APPROXIMATE VERIFICATION
UNDER-APPROXIMATE VERIFICATION
UNDER-APPROXIMATE VERIFICATIONParametrised
UNDER-APPROXIMATE VERIFICATIONParametrised
UNDER-APPROXIMATE VERIFICATIONParametrised
UNDER-APPROXIMATE VERIFICATION
…
Parametrised
UNDER-APPROXIMATE VERIFICATION
…
Parametrised
Exhaustive
UNDER-APPROXIMATE VERIFICATION
…
Parametrised
Exhaustive
UNDER-APPROXIMATE VERIFICATION
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
k
Decidable
UNDER-APPROXIMATE VERIFICATION
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
k
Decidable
UNDER-APPROXIMATE VERIFICATION
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
k
Decidable
UNDER-APPROXIMATE VERIFICATION
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
k
Decidable
UNDER-APPROXIMATE VERIFICATION
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
k
Decidable
COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND SPLIT-WIDTH
COMMUNICATING DISTRIBUTED SYSTEMS
Process 1 Process 2
Process 3Process 4
Network
BEHAVIOURS :! MESSAGE SEQUENCE CHARTS
time
Proc 1
Proc 2
Proc 3
Emptiness or Reachability!
Inclusion or Universality!
Satisfiability φ!
Model Checking: S ⊨ φ!
Temporal logics!
Propositional dynamic logics!
Monadic second order logic
VERIFICATION PROBLEMS
COMMUNICATING RECURSIVE PROGRAMS:
• Turing powerful: verification undecidable!• Under-upproximations!
• Decidable!• Controllable
• Turing powerful: verification undecidable!• Under-upproximations!
• Decidable!• Controllable
COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND SPLIT-WIDTH
CONTROLLERS FOR VERIFICATION
OF COMMUNICATING SYSTEMS
Process 2 Process 3
Network
Process 1
From ToCOMMUNICATING
DISTRIBUTED SYSTEMS
CONTROLLERS FOR DISTRIBUTED SYSTEMS
Process 2 Process 3
Network
Process 1
From To
Controller 1 Controller 2 Controller 3
Process 2 Process 3
Network
Process 1
From To
Controller 1 Controller 2 Controller 3From To
Heavy
Fragile
CONTROLLERS FOR DISTRIBUTED SYSTEMS
Process 2 Process 3Process 1
Controller 1 Controller 2 Controller 3
Network
Process 2 Process 3Process 1
Controller 1 Controller 2 Controller 3
Network
CONTROLLERS FOR DISTRIBUTED SYSTEMS
Collection of local controllers!Communication via piggy-backing!Privacy: Do NOT read states/messages
UNDER-APPROXIMATION: BOUNDED (K) PHASE
LET’S DESIGN A CONTROLLER
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
1. At most k phases on each process!2. No cycles
k-BOUNDED PHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
1. At most k phases on each process!2. No cycles
k-BOUNDED PHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
1. At most k phases on each process!2. No cycles
k-BOUNDED PHASE
time
Proc 1
Proc 2
Proc 3
Receive from one process, send to all processesPHASE
1. At most k phases on each process!2. No cycles
k-BOUNDED PHASE
DISTRIBUTED CONTROLLER FOR K-BOUNDED PHASE U-A
A local controller for each process
Has a Phase Counter
Remembers current sender
Different sender?
Detect Cycle?Increment counter,
Update sender
State
Transitions
Detect Cycle?
Phase Vectors best info about phase number of other processes
Sends: tag with phase vector
Receives: update phase vector by taking MAX
DISTRIBUTED CONTROLLER FOR K-BOUNDED PHASE U-A
CONTROLLERS FOR BOUNDED PHASE
DISTRIBUTED SYSTEMS
Collection of local controllers!Communication via piggy-backing!Privacy: Do NOT read states/messages
System independent!Generic!Deterministic!Finite state
DECIDABILITY OF K BOUNDED PHASE
Polynomial SPLIT-WIDTH
PSPACE
PDLTemporal Logics
Reachability
Decidable MSO
Polynomial SPLIT-WIDTH
Refine phases to tree-like
bound split-width
ACYCLIC PHASE DECOMPOSITION
time
Proc2
Proc1
Proc3
INDUCED GRAPH ON PHASE
INDUCED GRAPH ON PHASE
PHASE DECOMPOSITION
time
Proc2
Proc1
Proc3
PHASE DECOMPOSITION
time
Proc2
Proc1
Proc3
Tree-like
Polynomial SPLIT-WIDTH
Split-width
a a b c d
b a c d c
Split-width
a a b c d
b a c d c
BUDGET
b c d
a
a a
b c d c
a a b c d
b a c d c
b c d
a
a a
b c d c
b c d
a
a a
b c d c
b c d
a
a a
b c d c
b c d
a
b c d
a
b dc
a
b dc
a
b dc
a
b c d
a
a a
b c d c
a a
b c d c
a
b c d
a
c
a a
b c d c
a
b c d
a
c
a
b c d
a
c
a
b c d
a
c
a
b c d
b d
a
c
a
b c d
b d
a
c
b d
a
c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
SPLIT TREE !OF THE FULL DECOMPOSITION
Split-width
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
TREE INTERPRETATION
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Vertices TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Vertices TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Vertices TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Vertices TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Vertices TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Data edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Data edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
1
Data edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
b d
b d
a ca c
a c
C. Aiswarya, and P. Gastin 13
M
p
q
a a b c d
b a c d c
M′
p
q
a a b c d
b a c d c
M1
p
q
a a
b c d c
M′
1
p
q
a a
b c d c
M3
a
b c d
M′
3
a
b c d
a
c b d
a
c
M2
b c d
a
M′
2
b c d
a
c
a
b d
Figure 4 A split decomposition of width 3.
split-!
div-ÛÛ
split-!
div-ÛÛ
split-!
div-ÛÛ
Bd2
a c
Bd3
b d
Bd2
a c
split-!
div-ÛÛ
Bd4
a c
Bd1
b d
(n) split-!(m, mm)
(nÕ) div-ÛÛ(¸r, ¸r¸)
(n1) split-!(m, im)
(nÕ1) div-ÛÛ
(¸r, ¸¸r)
(n3) split-!(Á, im)
(nÕ3) div-ÛÛ
(¸, r¸r)
Bd2
(¸, r)
(n4) a, p c, q
Bd3
(Á, ¸r)
b, q d, q
Bd2
(¸, r)
(n5) a, p c, q
(n2) split-!(mm, Á)
(nÕ2) div-ÛÛ
(r¸r, ¸)
Bd4
(r, ¸)
a, q c, p
Bd1
(¸r, Á)
b, p d, p
Figure 5 A split term s (left) and a labelled term t (right) corresponding to Figure 4.
Process edges TREE INTERPRETATION
Split-widthC. Aiswarya, and P. Gastin 17
ProblemComplexity
bound on split-widthpart of the input (inunary)
bound on split-widthfixed
CPDS emptiness ExpTime-Complete PTime-CompleteCPDS inclusion or universality 2ExpTime ExpTime-CompleteLTL / CPDL satisfiability or model checking ExpTime-CompleteICPDL satisfiability or model checking 2ExpTime -CompleteMSO satisfiability or model checking Non-elementaryTable 2 Summary of the complexities for bounded split-width verification.
Now, let Ï be a sentence in MSO(A, �). Using the MSO interpretation (�valid
, �vertex
,
(�a)aœ�
, (�p)pœProcs
, (�d)dœDS
, �æ) for k-bounded split-width, we can construct a formula Ï
k
from Ï such that for all trees t œ STkvalid
, we have t |= Ï
k if and only if cbm(t) |= Ï. By [31],from the MSO formula Ï
k we can construct an equivalent tree automaton AkÏ. Therefore, the
satisfiability problem for the MSO formula Ï restricted to CBMksplit
reduces to the emptinessproblem of the tree automaton Ak
valid
fl AkÏ.
Finally, we deduce easily that Lcbm
(S) fl CBMksplit
™ Lcbm
(Ï) if and only if for all trees t
accepted by AkS we have t |= Ï
k. Therefore, the model checking problem S |= Ï restricted toCBMk
split
reduces to the emptiness problem for the tree automaton Akvalid
fl AkS fl Ak
¬Ï.We have described above uniform decision procedures for an array of verification problems.
We refer to [2, 15,16] for more details and we summarise the computational complexities ofthese procedures in Table 2.
Verification procedures for other under-approximation classes. Our approach is generic inyet another sense. Under-approximation classes which admit a bound on split-width alsomay benefit from the uniform decision procedures described above, provided these classescorrespond to regular sets of split-terms.
More precisely, let Cm be an under-approximation class with Cm ™ CBMksplit
. For instance,we have seen that existentially m-bounded CBMs have split-width at most k = m + 1 (Ex. 6)and m-bounded phase MNWs have split-width at most k = 2m (Ex. 7). Assume that we canconstruct3 a tree automaton Ak
Cmwhich accepts a tree t œ STk
valid
if and only if cbm(t) œ Cm.Then, the decision procedures can be restricted to the class Cm with a further intersectionwith the tree automaton Ak
Cm. For instance, the emptiness problem for S restricted to Cm
reduces to the emptiness problem of Akvalid
fl AkCm
fl AkS . The model checking problem S |= Ï
restricted to Cm reduces to the emptiness problem of Akvalid
fl AkCm
fl AkS fl Ak
¬Ï.Clearly, the bound k on split-width in terms of m as well as the size of Ak
Cmwill impact
on the complexity of the decision procedures. We give below several examples.First, nested words have split-width bounded by a constant 2, and the set of nested words
can be recognised by a trivial 1-state CPDS. Hence the complexities of various problemsfollow the right-most column of Table 2. Notice that already for this simple case, thecomplexities match the corresponding lower bounds for all problems.
3 One way to obtain AkCm
is to provide a CPDS Sm which accepts the class Cm, then the automaton AkSm
serves as AkCm
. Similarly, if there is a formula Ïm in MSO(A, �) characterising the under-approximationthen the automaton Ak
Ïmserves as Ak
Cm.
SPLIT-WIDTH
Proc2
Proc1
Proc3
SPLIT-WIDTH
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
SPLIT-WIDTH 3
Proc2
Proc1
Proc3
Polynomial SPLIT-WIDTH
PSPACE
PDLTemporal Logics
Reachability
Decidable MSO
UNDER-APPROXIMATE VERIFICATION
Model Checking
S ⊨ φ?✗
✓System S!
Specification φ
Refine S !(Fix bugs)
k
Decidable
OTHER UNDER-APPROXIMATIONS
Bounded channel size!
Existentially bounded [Genest et al.]!
Acyclic Architectures [La Torre et al., Heußner et al. Clemente et al.]!
Bounded context switching [Qadeer, Rehof], [LaTorre et al.], …!
Bounded phase [LaTorre et al.]!
Bounded scope [LaTorre et al.]!
Priority ordering [Atig et al., Saivasan et al.]
OTHER UNDER-APPROXIMATIONS
Bounded channel size!
Existentially bounded [Genest et al.]!
Acyclic Architectures [La Torre et al., Heußner et al. Clemente et al.]!
Bounded context switching [Qadeer, Rehof], [LaTorre et al.], …!
Bounded phase [LaTorre et al.]!
Bounded scope [LaTorre et al.]!
Priority ordering [Atig et al., Saivasan et al.]
Tree-width
OTHER UNDER-APPROXIMATIONS
Bounded channel size!
Existentially bounded [Genest et al.]!
Acyclic Architectures [La Torre et al., Heußner et al. Clemente et al.]!
Bounded context switching [Qadeer, Rehof], [LaTorre et al.], …!
Bounded phase [LaTorre et al.]!
Bounded scope [LaTorre et al.]!
Priority ordering [Atig et al., Saivasan et al.]
Tree-widthMany of the above classes have bounded tree-width [Parlato, Madhusudhan]
Split-width!
Acyclic Architectures
Bounded channel size
Existentially bounded
Bounded context switching
Bounded scope
Bounded phase
Priority ordering
Bounded Tree-width
Constant
Bound + 2
2Bound
Linear
OTHER UNDER-APPROXIMATIONS
Width: split vs tree vs clique
Let C be a class of bounded degree MSO definable graphs.!TFAE!1. C has a decidable MSO theory!2. C can be interpreted in binary trees!3. C has bounded tree-width!4. C has bounded clique-width!5. C has bounded split-width (for concurrent recursive behaviors)
Split-Width k
Tree-Width t Clique-Width c
Width: split vs tree vs cliqueSplit-Width k
Tree-Width t Clique-Width c
t ≤ 2(k + |Procs|) - 1 c ≤ 2(k + |Procs|) + 1
Let C be a class of bounded degree MSO definable graphs.!TFAE!1. C has a decidable MSO theory!2. C can be interpreted in binary trees!3. C has bounded tree-width!4. C has bounded clique-width!5. C has bounded split-width (for concurrent recursive behaviors)
Split-Width k
Tree-Width t Clique-Width c
k ≤ 120(t + 1) k ≤ 2c - 3
Width: split vs tree vs clique
Let C be a class of bounded degree MSO definable graphs.!TFAE!1. C has a decidable MSO theory!2. C can be interpreted in binary trees!3. C has bounded tree-width!4. C has bounded clique-width!5. C has bounded split-width (for concurrent recursive behaviors)
COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND SPLIT-WIDTH
AUTONOMOUS COMPUTATIONS
• Recursive computations which does not read from other stacks/queues.!
• A stretch of computation in which all incoming edges are on a single stack
AUTONOMOUS COMPUTATIONS
• Recursive computations which does not read from other stacks/queues.!
• A stretch of computation in which all incoming edges are on a single stack
PHASE
PHASE
• A stretch of computation which reads from at most one stack/queue
PHASE
• A stretch of computation which reads from at most one stack/queue
• free (unlimited) autonomous computations
PHASE
• A stretch of computation which reads from at most one stack/queue
• free (unlimited) autonomous computations• no loops
K-BOUNDED PHASE
K-BOUNDED PHASE
Phase 1 Phase 2 Phase 3
IDENTIFYING AUTONOMOUS POPS
• Possible by tagging the values on stacks!
• Deterministic controller for each stack !
• The phase controller simulates one such automaton for each stack.
0 1
s?0
s?1
s̄?
else
s?0
s!0
else
s!1
s?1
s̄?
C. A., Paul Gastin, and K. Narayan Kumar. Controllers for the verification of communicating multi-pushdown systems. In CONCUR 2014.
A. C. Verification of Communicating Recursive Programs via Split-width. PhD thesis, ENS Cachan, 2014.
C. A., Paul Gastin, and K. Narayan Kumar. Verifying communicating multi pushdown systems via Split-width. In ATVA 2014.
A. C., Paul Gastin, and K. Narayan Kumar. MSO decidability of multi-pushdown systems via Split-width. In CONCUR 2012.
COMMUNICATING RECURSIVE PROGRAMS: CONTROL AND SPLIT-WIDTH
![with: r) . ofstad - staff.uni-mainz.de fileof rm s ˆτ n (k = X x ∈ Z d τ n (x) e ik · x k ∈ [− π] d. r p c, ˆτ n (0) is small. r p c, ˆτ n (0) s n d. r p = p c, iour](https://static.fdocument.org/doc/165x107/5d4bbf8688c993237a8b922d/with-r-ofstad-staffuni-mainzde-rm-s-n-k-x-x-z-d-n-x-e-ik.jpg)
![k‑p‑t‑c {‑µ³ F‑ ‑g‑p ‑]‑p¶](https://static.fdocument.org/doc/165x107/61718417c41ca10cb91c5710/kptc-.jpg)
![acd 3-1 MID-1 [ ]](https://static.fdocument.org/doc/165x107/568bf2331a28ab893395ce42/acd-3-1-mid-1-wwwuandistarorg.jpg)
![Pauta de correcció PAU juny 2013. Química · trencats - Σ n p E formats [0,3 p] En els reactius cal trencar: 1 enllaç C=C ... cel·la galvànica (pila) perquè la reacció redox](https://static.fdocument.org/doc/165x107/5bb2811b09d3f2622d8cc423/pauta-de-correccio-pau-juny-2013-qui-trencats-n-p-e-formats-03-p.jpg)
![Heat Integration Chapt. 10. Costs Heat Exchanger Purchase Cost – C P =K(Area) 0.6 Annual Cost –C A =i m [ΣC p,i + ΣC P,A,j ]+sF s +(cw)F cw i m =return.](https://static.fdocument.org/doc/165x107/56649f165503460f94c2b934/heat-integration-chapt-10-costs-heat-exchanger-purchase-cost-c-p-karea.jpg)
