# Extended finite-state machines (EFSMs) ... Extended ﬁnite state machines: Formal speciﬁcation An...

date post

12-Jul-2020Category

## Documents

view

6download

0

Embed Size (px)

### Transcript of Extended finite-state machines (EFSMs) ... Extended ﬁnite state machines: Formal speciﬁcation An...

Extended finite-state machines (EFSMs)

Dr. C. Constantinides

Department of Computer Science and Software Engineering Concordia University Montreal, Canada

January 10, 2017

1 / 92

Extended finite state machines: Formal specification

An extended finite state machine (EFSM) is defined as follows:

(Q,Σ1,Σ2, q0,V ,Λ)

where

1. Q is a finite, non-empty set of states. A state can be atomic (or simple) or composite (see later).

2. Σ1 is a finite, non-empty set of events.

3. Σ2 is a finite set of actions.

4. q0 ∈ Q is the initial state (or start state). Further, every composite state has its own initial state.

5. V is the set of state variables. Every state variable v ∈ V is a global variable and can be accessed at every state q ∈ Q.

6. Λ is a finite set of transitions.

2 / 92

Extended finite state machines: Formal specification /cont.

◮ A transition λ ∈ Λ is q e [g] / a −−−−−→ q′,

where q, q′ ∈ Q, e ∈ Σ1, g is a condition called a guard, and a ∈ Σ2 is an action.

◮ A variable affected in the transition is denoted as x ′ in state q′.

◮ A transition is a relationship between two states: It indicates that when an event occurs (perhaps under a transition guard), the entity changes from the prior (source) state to the subsequent (target) state.

◮ Additionally, upon a state transition an action (also: activity, or effect) may execute. All parts of a transition label are optional.

3 / 92

Extended finite state machines: State diagrams

◮ An EFSM can be illustrated by a directed graph, where the nodes represent the states and where the edges represent the transitions.

◮ The underlying behavior is modeled as a traversal of this graph.

◮ In software development, an EFSM can be deployed to model an object at a high level of abstraction such as the entire system, or a use case, or at a low level of abstraction, such as a software object.

4 / 92

States, events and transitions

◮ The simplest EFSM is one that contains only states, events and transitions.

5 / 92

Example: Gate - Description

◮ Consider a gate at the entrance of some facility which can be either open or closed.

◮ Upon a car approaching the gate, a sensor would produce a signal, lift gate, to command the gate to open.

◮ Upon leaving the gate, another sensor would produce a signal, lower gate, to command the gate to close.

6 / 92

Example: Gate - Formal specification

◮ We can model this system with the tuple S = (Q,Σ1,Σ2, q0,V ,Λ), where Q = {open, closed} Σ1 = {lift gate, lower gate} Σ2 = {} q0 : closed V = {} Λ: Transition specifications 1. → closed 2. closed

lift gate −−−−−→ open

3. open lower gate −−−−−−−→ closed

◮ Note that empty sets such as Σ2 and V can be omitted.

7 / 92

Example: Gate - State diagram

closed open

lower gate

lift gate

gate

8 / 92

Example: Gate - State diagram /cont.

◮ Note that in this simple example, Σ2 and V are both empty sets.

◮ In the future, empty sets will be omitted from the specification.

◮ The EFSM of the gate system is modeled as a state diagram where states are represented as rectangles with rounded corners.

◮ The little black circle represents a pseudostate that automatically causes a transition to the initial state closed.

9 / 92

Event types

◮ There are four types of events that can trigger a transition:

◮ Call event: An external request to invoke an operation.

◮ Change event: A transition is triggered when its value becomes true.

◮ Signal event: Is triggered by an internal or external clock. A time event makes use of the keyword at.

◮ Time event: When the source state has been active over the specified length of time, the guard (if present) is evaluated and a transition occurs if the guard is true. If no guard is present, then a transition occurs. A time event makes use of the keyword after.

10 / 92

Orthogonal states

◮ A state can include independent (or parallel) regions.

◮ Such a state is called orthogonal.

11 / 92

Example: Heater system - Top-level state diagram

off on

heater

12 / 92

Example: Heater system - State diagram of orthogonal state on

on

low high

warm hot

13 / 92

Orthogonal states /cont.

◮ The state can be present in a number of substates, e.g. low, warm, or low, hot, etc.

14 / 92

Introducing guards

◮ Guards provide conditions under which transitions can take place.

◮ Guards are evaluated by the system.

15 / 92

Introducing actions

◮ Transitions can be associated with actions.

◮ Such actions can be denoted by a slash after the event, or within a rectangle.

◮ Actions are performed by the system.

16 / 92

Example: Bounded buffer - Description

◮ Consider a bounded buffer of capacity greater than one.

◮ The buffer has three states: it can be empty, it can be partially full, or it can be full.

◮ One may place an item in the buffer provided it is not full.

◮ One may also retrieve an item from the buffer provided it is not empty.

◮ We will use the events put and get to correspond to their respective operations.

17 / 92

Example: Bounded buffer - Formal specification

◮ The EFSM is the tuple S = (Q,Σ1,Σ2, q0,V ,Λ), where Q = {empty , partial , full} Σ1 = {put, get} Σ2 = {size ++, size −−} q0 : empty V : size : N0; capacity : N is a constant. Λ: Transition specifications 1. → empty

2. empty put / size++ −−−−−−−−→ partial

3. partial put [size < capacity - 1] / size++ −−−−−−−−−−−−−−−−−−−−→ partial

4. partial put [size = capacity - 1] / size++ −−−−−−−−−−−−−−−−−−−−→ full

5. partial get [size > 1] / size– −−−−−−−−−−−−−→ partial

6. partial get [size = 1] / size– −−−−−−−−−−−−−→ empty

7. full get / size– −−−−−−−→ partial

18 / 92

Example: Bounded buffer - State diagram

empty

partial

put / size++

full

put [size = capacity 1] / size++ get / size--

get [size = 1] / size--

put [size < capacity 1] / size++ get [size > 1] / size--

bounded buffer

19 / 92

Example: Metro passageway - Description

◮ Consider a metro passageway.

◮ The passageway has only two states: It can be locked, or it can be unlocked.

◮ When the passageway is locked, a person can enter a (valid) ticket.

◮ This will cause the passageway to perform a transition to the unlocked state while at the same time performing two actions: 1) it will unlock the gate and 2) it will beep to indicate that the person may pass through.

◮ Once a person passes through the gate, a sensor or some physical device will cause the passageway to perform a transition back to the locked state while at the same time performing a lock action.

◮ We will use the events request entry and pass to correspond to their respective operations.

20 / 92

Example: Metro passageway - Formal specification

◮ The EFSM of the metro passageway is the tuple S = (Q,Σ1,Σ2, q0,V ,Λ), where Q = {locked , unlocked} Σ1 = {request entry , pass} Σ2 = {lock , unlock , beep} q0 : locked V : ticket = {valid , invalid} Λ: Transition specifications 1. → locked

2. locked request entry [ticket is valid] / (unlock ; beep) −−−−−−−−−−−−−−−−−−−−−−−−−−−→ unlocked

3. unlocked pass / lock −−−−−−−→ locked

21 / 92

Example: Metro passageway - State diagram

◮ Recall that a transition λ ∈ Λ is

q e [g] / a −−−−−→ q′

where q, q′ ∈ Q, e ∈ Σ1, g is a condition called a guard and a ∈ Σ2 is an action.

◮ If the label on a transition is e/a, then g is assumed to be true and the transition occurs whenever e occurs.

◮ If the label on a transition is [g ]/a, then the transition occurs whenever g holds at the source state q.

◮ If the label of a transition is e, then the transition occurs whenever an event e occurs at the source state q.

22 / 92

Example: Metro passageway - State diagram /cont.

locked unlocked

pass / lock

request entry [ticket is valid] / (unlock ; beep)

metro passageway

23 / 92

Hierarchically nested states

◮ Modern (UML-based) EFSMs have introduced the notion of hierarchically nested states.

◮ This means that a state can itself be modeled as an EFSM and contain its own states called substates (or nested states).

◮ States that contain other states are called composite states (as opposed to simple states).

◮ W

*View more*