Floating Time Transition System: More Efficient Analysis of Timed Actors

Abstract

The actor model is a concurrent object-based computational model in which event-driven and asynchronously communicating actors are units of concurrency. Actors are widely used in modeling real-time and distributed systems. Floating-Time Transition System (FTTS) is proposed as an alternative semantics for timed actors, and schedulability and deadlock-freedom analysis techniques have been developed for it. The absence of shared variables and blocking send or receive, and the presence of single-threaded actors along with non-preemptive execution of each message server, ensure that the execution of message servers do not interfere with each other. The Floating-Time Transition System semantics exploits this by executing message servers in isolation, and by relaxing the synchronization of progress of time among actors, and thereby has fewer states in the transition system. Considering an actor-based language, we prove a weak bisimulation relation between FTTS and Timed Transition System, which is generally the standard semantic framework for discrete-time systems. Thus, the FTTS semantics preserves event-based branching-time properties. Our experimental results show a significant reduction in the state space for most of the examples we have studied.

A Proof of Theorem 1

To prove that the first condition of action-based weak bismulation holds for \(\mathcal {R}\), based on the type of tmsg the following two cases are possible.

• \(\mathbf {s \mathop {\rightarrow }\limits ^{tmsg} t}\): Based on the definition of relation \(\mathcal {R}\), in this case projection function for all the rebecs in s and t return the same value except for the sender and receiver of tmsg. For the sender rebec (assume that it is \(r_i\)) the difference is in the bag of sent messages, results in \(sent_{t,i}=sent_{s,i}-tmsg\). On the other hand, projection function in \(s'\) and \(t'\) have the same value for all the rebecs except the sender and receiver of tmsg. For the sender rebec (assume that it is \(r_i\)) the difference is in the bag of sent messages, results in \(sent_{t',i}=sent_{s',i}-tmsg\). For the receiver rebec (assume that it is \(r_j\)), there is a completing trace \(CT_{t,j}\) such that Proj(t, j) returns valuation of state variables of \(r_j\) from the target state of \(CT_{t,j}\) and messages which are sent by \(r_j\) in t in union with messages which are sent during \(CT_{t,j}\). In FTTS state \(t'\), projection function returns valuation of state variables and the sent messages of \(r_j\) after the execution of all the statements of tmsg (i.e. doing transition tmsg in FTTS) which is the same as what projection function returns in t. Therefore, there is \(t~\mathcal {R}~t'\) as the results of projection function in t and \(t'\) are the same for all the rebecs.

• \(\mathbf {s \mathop {\rightarrow }\limits ^{\tau } t}\): As transition from s to t is not observable, we have to show that there is relation \(\mathcal {R}\) between t and \(s'\). This way, doing a \(\tau \) transition from s results in stuttering in \(s'\) as one of the properties of action-based weak bisimulation relations.

  Assume that \(\tau \) transition belongs to rebec \(r_i\). Doing \(\tau \) transition by \(r_i\) makes projection function return the same result in s and t for all the rebecs except \(r_i\). It is because of the fact that only \(r_i\) has progress which may result in changing the valuation of its state variables or sending a message to other rebec. For \(r_i\) in state s one of the completing traces is a trace which contains \(\tau \) transition from s to t as its first transition. Therefore, completing traces of \(r_i\) which are started from s and t are ended in the same target state, results in \(Proj(s,i)=Proj(t,i)\). Therefore, result of projection function for all the rebecs in TTS and FTTS are the same and t is in relation \(\mathcal {R}\) with \(s'\).

To prove the second condition, as all the transitions in FTTS are taking-event transitions, tmsg must be taking-event transition. On the other hand, transition tmsg is enabled in s as we discussed in Proposition 2. Now we can prove that t and \(t'\) are in relation \(\mathcal {R}\) with the argument the same as what we did in case \(s \mathop {\rightarrow }\limits ^{tmsg} t\) of condition one.

Finally, we have to show that the initial states of the transitions systems are in relation \(\mathcal {R}\). As the program counter of all of the rebecs in \(s_0\) is set to null, the completing traces started from \(s_0\) are \(\epsilon \). So, for any given rebec \(r_i\), \(state_i(CT_{s,i})=state(s,i)=state(s',i)\), \(sent(CT_{s,i}) = \emptyset \rightarrow sent(s_0, i) = sent(s'_0, i)\), and \(now(CT_{s,i}) = now(s) = now(s',i) = 0\), results in \(s_0~\mathcal {R}~s'_0\).    \(\square \)