Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
TESIS DOCTORAL
Autor: Carlos Molinero Brizuela
Resumen
Los mtodos formales tienen su aplicacin fundamental en dos etapas del desarrollo de
los sistemas de software: en la fase de especicacin, para asegurar una consistencia de los
requerimientos, y en la fase de comprobacin de la correccin del sistema. Es en esta ltima
fase donde se encuadra el
conjunto de tests, derivados a partir de una especicacin descrita en algn lenguaje formal,
para comprobar que la implementacin se comporta conforme a lo que dicha especicacin
indica. Una de las subcategoras de los mtodos formales son los mtodos formales grcos.
Estos son formalismos matemticos que cuentan con algn tipo de representacin visual para
facilitar la comprensin del sistema especicado. El principal objetivo de esta tesis consiste
en estudiar algunas de las aplicaciones de los mtodos formales grcos. Especcamente, el
estudio se centra en una variante de las redes de Petri y su aplicacin para el desarrollo de
un sistema multi-agente y en la automatizacin del testing para mquinas de estados nitos
(FSM de sus siglas en ingls), tanto en su variante determinista como no determinista.
En lo que respecta a la especicacin de sistemas mediante el uso de formalismos grcos
se presenta una metodologa para la creacin de sistemas multi-agente. El formalismo
ha ido evolucionando, partiendo del uso de las FSMs como mtodo para representar los
comportamientos de los agentes, a una metodologa sustentada sobre las redes de Petri. Este
sistema utiliza dos tipos de agentes:
son los que ejecutan las tareas primitivas y los complejos son agentes planicadores que
regulan el funcionamiento del resto de los agentes. Los agentes se agrupan en una estructura,
llamada de
Para encontrar mtodos de testeo de mquinas de estados nitos se han usado los
algoritmos genticos como mtodo de optimizacin por un lado de los conjuntos de tests para
una FSM determinista, y por otro lado como mtodo para crear rboles que permiten llegar
a un estado de manera unvoca dentro de una FSM no determinista, lo cual es fundamental
para el proceso de testing de este tipo de mquinas.
iii
iv
Summary
Formal methods have their fundamental application in two phases of the development of
software systems: in the specication phase, to assure consistency of the requirements, and
in the phase of checking the correction of the system. It is in this last phase, where formal
testing takes place, which essentially consists in the application of a test suite, derived from
some formal specication, to check that the implementation behaves accordingly to the
specication. One of the sub-categories of formal methods are the graphical formal methods.
These mathematical formalisms are equipped with some kind of visual representation
methodology to facilitate the understanding of the system under specication. The main goal
of this thesis is to study some of the applications of graphical formal methods. Specically,
the study focus in a variant of the Petri nets and its application to the development of multiagent systems and in the automation of testing for nite state machines, in its deterministic
and non-deterministic aspects.
In respecto to the specication of systems by means of graphical formalisms we present a
methodology for the creation of multi-agent systems. The formalism has evolved expanding
from a rst use of nite state machines as a method to represent the behaviors of the agents
towards a methodology based in Petri nets. This system uses two types of agents:
simple and
complex. Simple agents are the ones in charge of executing the primitive tasks and complex
agents are planners that regulate the inner working of the rest of the agents. The agents are
held in a cell structure, in the form of a tree, that regulates the message ow.
We have used genetic algorithms to nd methods for testing nite state machines, using
them as an optimization method to nd a short test suite for deterministic nite state
machines and to create
vi
Agradecimientos
A la primera persona a la que quera dedicarle esta tesis es a Manuel Nez, mi director
de tesis, por su paciencia y sus gritos. De una manera especial, quiero tambin agradecer a
Robert M. Hierons toda la ayuda que me ha prestado durante el transcurso de mi estancia
en Brunel y su gua y apoyo en todos los artculos que hemos escrito en colaboracin durante
este ltimo ao. Agradecer tambin a mi compaero Csar Andrs su ayuda con los primeros
artculos y con toda la parafernalia burocrtica que rodea el entregar una tesis. Finalmente,
tambin quiero recordar a mis padres, a mi hermano, a mis amigos y a mi chica, simplemente
por estar ah y aguantarme.
vii
viii
ndice general
Summary
1. Introduccin
1.1.
2. Introduction
2.1.
11
12
21
3.1.
Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21
3.2.
. . . . . . . . . . . . . . . . . . . . . . . .
23
3.2.1.
23
3.2.2.
La r-equivalencia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23
3.2.3.
La s-equivalencia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
24
3.3.
. . . . . . . . . . . . . . . . . . . . . . . .
26
3.3.1.
El mtodo
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
26
3.3.2.
El mtodo
Wp
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
27
3.3.3.
27
3.3.4.
State counting
28
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
4.1.
Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
4.2.
32
4.2.1.
33
4.2.2.
Mutacin
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
34
4.2.3.
Cruce de la especie . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
34
4.2.4.
35
ix
. . . . . . . . . . . . . . . . . . . . .
ndice general
4.3.
4.4.
4.5.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
36
4.3.1.
. . . .
36
4.3.2.
Escalada (hillclimbing) . . . . . . . . . . . . . . . . . . . . . . . . . . .
39
4.3.3.
Enfriamiento simulado . . . . . . . . . . . . . . . . . . . . . . . . . . .
40
4.3.4.
41
4.3.5.
. . . . . . . . . . . . . . . . . . . . . . . .
42
43
4.4.1.
43
4.4.2.
. . . .
48
4.4.3.
49
4.4.4.
50
. . . . . . . . . . . . . . . . . .
. . . . . . .
50
53
5.1.
Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
53
5.2.
. . . . . . . . . . . . . . .
57
5.3.
. . . . . . . . . . . . . . . . . . . . . .
62
5.4.
. . . . . . . . . . . . . . . . . . . . . . . . .
67
69
75
A. Lenguajes formales
79
A.1. Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
79
80
80
. . . . . . . . . . . . . . . . . . .
81
. . . . . . . . . . . . . . . . . . . . . . . .
82
84
85
85
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
86
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
87
ndice de guras
4.1.
. . . . . . . . . . . . . . . . . . .
32
4.2.
34
4.3.
Cruce de dos individuos, con punto de cruce nico (arriba) y con puntos de
cruce mltiples (abajo).
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
36
4.4.
4.5.
xi
. . . . . . . . . .
40
87
xii
NDICE DE FIGURAS
Captulo 1
Introduccin
Al llegar a la Facultad de Informtica, con el trasfondo de mi formacin como arquitecto
y verme inmerso en un grupo cuyo inters primordial eran los mtodos formales, lo
primero que capt mi atencin fue la potencia de los mtodos formales para describir
sistemas capaces de aglomerar agentes con capacidades y respuestas muy diferenciadas.
En particular, cabe destacar los formalismos grcos, ya que su representacin permita
comprender ms rpidamente el funcionamiento de un sistema y obtener una visin global
del conjunto. Especcamente, resultaba natural representar conjuntos de agentes que fueran
capaces de auto-organizarse de una manera jerrquica. El resultado de esta primera toma
de contacto fueron los artculos que aparecieron ya como parte de mi trabajo de n de
Mster:
[Mol09].
Las mayores dicultades encontradas en este primer trabajo estaban relacionadas con la
eleccin del lenguaje formal que dena el comportamiento de los agentes. En un principio,
los comportamientos de los agentes se describan a travs de mquinas de estados nitos.
Esto no permita la aplicacin en paralelo de acciones y por tanto, el ujo del trabajo de los
agentes
fue subsanada en posteriores revisiones del marco hasta acabar considerando una variante,
de hecho una versin simplicada, de las redes de Petri. Este formalismo se usar para
representar los comportamientos de los agentes en juego. Otro de los aspectos que sufri una
evolucin mayor fue la forma en la que los agentes se agrupaban en categoras para permitir
de una manera conceptual un ujo ms claro en el paso de los mensajes y, por tanto, una
mejora en la eciencia del funcionamiento del sistema.
Tras la publicacin de estos primeros trabajos, con la idea de estudiar cmo poder
testear sistemas descritos a travs de formalismos grcos, partiendo de los conocimientos
1
eciencia a la hora de afrontar los problemas atacados. Dichos problemas varan al tener en
cuenta el tipo de lenguaje con el que se realiza la especicacin. En un primer momento
se investig la posibilidad de automatizar la tarea de la creacin de un conjunto de tests
para una mquina de estados nitos. Adems, se plante la necesidad de automatizar una
valoracin de la bondad de estos tests a partir del nmero de errores detectados en una
serie de mutantes creados a partir del modelo correcto. En una segunda aproximacin, la
posibilidad de testear mquinas no deterministas nos dirigi hacia el estudio de la creacin
de secuencias adaptativas para lograr alcanzar un estado de una manera semi-determinista
y poder reutilizar este tipo de secuencias para testear mquinas no deterministas.
inter pares,
correspondientes rigurosos procesos de seleccin. Los trabajos que no han sido publicados
todava se encuentran en la actualidad pasando dicho proceso de seleccin y esperamos
que cuando los trmites conducentes a la defensa de esta tesis doctoral concluyan, estn
1. Introduccin
denitivamente aceptados.
En primer lugar, realizaremos una discusin integradora y repasaremos los principales
objetivos de esta tesis doctoral.
amigable
nal, de forma que la automatizacin de la fase de planicacin de las tareas a realizar poda
reducir el tiempo de especicacin de los sistemas. Por otro lado, dentro del estudio del
testing de las mquinas de estados nitos deterministas, a pesar de existir mtodos capaces
de conseguir un conjunto de tests completo, debera ser posible conseguir una mejora en
la cantidad de tests necesarios para comprobar la FSM. Finalmente, como tercer problema
detectado, en lo concerniente al testing de mquinas de estados nitos no deterministas, no
existen mtodos para crear secuencias adaptativas de forma que se evite tener que desarrollar
todo el rbol completo de posibilidades.
El objetivo principal de esta tesis es mostrar la utilidad de usar mtodos formales grcos
en aquellas situaciones donde su uso resulta adecuado y, en concreto, paliar los problemas
detectados y expuestos en el prrafo anterior. Puesto que se trata de un campo muy amplio,
hemos focalizado nuestra atencin en estudiar cmo poder denir un sistema complejo a
travs de estas metodologas y en cmo poder comprobar la validez de dichos sistemas. Un
primer objetivo concreto consiste en utilizar un formalismo grco para denir en una manera
clara y sencilla sistemas multi-agente. Un segundo objetivo es estudiar cmo se pueden
testear sistemas descritos a partir de mtodos formales grcos, en este caso utilizando la
tcnica de los algoritmos genticos. Dado que podemos encontrarnos tanto con sistemas
deterministas como no deterministas, hemos tratado de buscar mtodos para automatizar
partes del proceso de testing para ambos tipos de sistemas.
Los mtodos formales grcos otorgan una serie de ventajas con respecto tanto a los
mtodos no formales como a los mtodos formales no grcos dado que, simultneamente,
son capaces de proveernos con una denicin intuitiva y visual al tiempo que, al representar
formalismos matemticos, nos permiten analizar rigurosamente propiedades de los sistemas
estudiados. Quizs los dos formalismos que renen a la par sencillez de manejo y potencia
expresiva sean las redes de Petri, utilizadas mayoritariamente para especicar sistemas
concurrentes por su capacidad para expresar la paralelizacin de las tareas, y las mquinas
de estados nitas (FSMs), por ser uno de los formalismos ms sencillos y con capacidad
expresiva suciente para modelar, por ejemplo, protocolos de comunicacin.
Las redes de Petri han sido utilizadas para formalizar una gran variedad de modelos, desde
reacciones qumicas (la utilidad original del formalismo) hasta cadenas de montaje, pasando
por sistemas de agentes. Nuestro inters est dirigido a intentar desarrollar una modicacin
del formalismo que fuera capaz de representar un sistema de agentes jerarquizado, de forma
que pudiramos llevar a cabo uno de los objetivos que nos marcamos. Versiones iniciales
de ese sistema de agentes fueron formalizadas usando una modicacin de las mquinas de
estados nitos, pero la imposibilidad de representar adecuadamente el paralelismo inherente
a este tipo de sistemas hizo que tras varios cambios se optara por utilizar las redes de Petri
para modelizar los comportamientos de los agentes, siempre teniendo en mente la intencin
de mantener el sistema lo ms sencillo posible, para evitar errores de concepto.
Este sistema de agentes se desarrolla en distintas fases, creando un formalismo que
permite modelar sistemas sencillos jerarquizados de agentes. Este formalismo ha sido
extendido y revisado en varias ocasiones. Su versin denitiva se encuentra publicada en
la revista
Automation in Construction.
Teniendo en cuenta el hilo conductor de los objetivos que nos jamos para esta tesis
doctoral, el uso de los mtodos formales grcos, una lnea de trabajo que complementa
la descripcin formal de sistemas complejos consiste en estudiar propiedades de dichos
modelos y ms especcamente, en estudiar si una implementacin concreta es correcta
respecto a su especicacin formal. Esta lnea de trabajo corresponde a uno de los objetivos
de esta tesis. A este respecto se han estudiado dos tipos de FSMs: deterministas y no
deterministas. Inicialmente se trata de optimizar el conjunto de tests para comprobar el
correcto funcionamiento de mquinas de estados nitos deterministas para, posteriormente,
continuar con el problema de alcanzar un estado de manera unvoca en una mquina de
estados nitos no determinista.
Los resultados obtenidos durante el desarrollo de esta tesis han sido plasmados en
las siguientes publicaciones, presentadas en distintos foros internacionales, enumeradas a
continuacin en orden cronolgico:
1. Introduccin
Combining genetic algorithms and mutation testing to generate test sequences [MNA09].
Publicado en 10th Int. Conf. on Articial Neural Networks, IWANN'09. La conferencia
IWANN se encuentra en el puesto 55 de 701 conferencias del campo de la Inteligencia
Articial segn el
A hierarchical methodology to specify and simulate complex computational systems [AMN09b]. Publicado en International Conference on Computational Science,
ICCS'09. La conferencia ICCS est catalogada con la categora A en la lista CORE.
A formal methodology to specify hierarchical agent-based systems
[MAN10]. Una
pequea seleccin de los trabajos presentados en SITIS 2008 fue invitada a ser
el ao 2010.
(basado
Planning of work schedules through the use of a hierarchical multi-agent system [MN11].
Una modicacin y extensin de la metodologa est publicada en la revista Automation
in Construction, editada por Elsevier, que cuenta con un factor de impacto de 1.372
en el JCR.
Consideramos que estas publicaciones nos permiten armar que el objetivo principal
de esta tesis, estudiar si el uso de formalismos grcos aporta ventajas a la hora de
1. Introduccin
Como primer paso para estudiar la posibilidad de testear sistemas descritos a travs
de metodologas formales grcas se estudi el problema de denir un conjunto de tests
para una FSM determinista. Esto conlleva el problema de cmo equilibrar la calidad con
la cantidad de los tests requeridos para poder testear la mquina. El enfoque utilizado en
[MNA09] intenta obtener un conjunto de tests lo ms corto posible para que su aplicacin
no se dilate excesivamente en el tiempo, a la par que ese conjunto detecte el mayor nmero
posible de implementaciones errneas. As, este trabajo estudia cmo crear un conjunto de
tests asegurando su correccin si el algoritmo gentico no tiene ejemplos de aprendizaje. Para
solventar este problema se utiliza la
auspiciada por los lenguajes formales basados en modelos y consiste en aplicar una serie de
operadores de mutacin a la especicacin para simular una implementacin errnea. Nuestro
uso de esta metodologa es similar dado que utilizamos los mutantes de la especicacin para
dotar al algoritmo gentico con implementaciones errneas y as conseguir que el nmero de
mutantes distinguidos mida la vala de cada test producido. La idea subyacente consiste
en hacer evolucionar un test que sea capaz de localizar el mayor nmero de fallos con la
menor secuencia posible. Para ello, la heurstica tiene en cuenta tanto el nmero de mutantes
detectados por cada test como la longitud de la secuencia del test. El test se codica como una
cadena de inputs que componen el cromosoma de un individuo de la poblacin del algoritmo
gentico. Este cromosoma vara en su longitud y los operadores permiten modicar los genes
al tiempo que modican la longitud de la cadena del cromosoma. El algoritmo presentado en
este artculo contiene varias poblaciones evolucionando en paralelo y se subdivide en varias
fases. En una primera fase de
mutantes para as conseguir que se alcance el mayor numero de posibilidades, los mejores
individuos de esta fase son almacenados (uno por cada poblacin). En una fase posterior,
llamada de
que evolucione para detectar un tipo especco de error. Finalmente, se eligen y juntan los
mejores individuos de las fases de evolucin y especializacin eliminando a los que resultan
redundantes y los ADNs de los individuos que quedan componen el conjunto de tests a
aplicar.
Automation in Construction
clulas
trat
tambin
el
problema
de
la
alcanzabilidad
de
estados
dentro
de
una
FSM
no determinista. Los tres artculos restantes [MNH11a, MNH11b, MNH11c] tratan esta
problemtica. Dentro de una mquina no determinista existen un nmero de estados que
son alcanzables de manera determinista y que por tanto no plantean ningn problema. Sin
embargo, esta caracterstica no se da para la mayor parte de los estados. Es importante
contar con la posibilidad de llevar la mquina hasta un estado concreto porque ello permite
restringir el anlisis a un cierto componente especco de la mquina. Ello se consigue a
travs de las
1. Introduccin
proceso. El conjunto de todas las secuencias adaptativas para una mquina no determinista
permite construir un conjunto de estados alcanzables que se puede despus concatenar con
secuencias capaces de distinguir cada estado de la especicacin, o por lo menos los que no
sean
r-equivalentes,
state counting
[PYLD93].
10
Los anlisis realizados en este artculo se proyectan en dos vertientes. El primer tipo de
anlisis realizado trata de estudiar cmo funciona la tcnica planteada en relacin a otras
tcnicas como el puro random, el uso de un rbol formado con una adaptacin del algoritmo
del camino ms corto de Dijkstra o la escalada. Todos estos anlisis se encuadran dentro
de diversas complejidades de la mquina de estados nitos no determinista. El otro tipo
de anlisis realizado consiste en estudiar qu coecientes de aleatoriedad funcionaran mejor
para diferentes tipos de mquinas no deterministas. Para ello, se comparan varias poblaciones
en las que los rangos permitidos del coeciente de aleatoriedad son modicados y se estudia,
adems, si sera mejor que este coeciente fuera heredado o inicializado al azar dentro de un
rango.
En el trabajo [MNH11c], todava bajo proceso de revisin, se presenta una paralelizacin
del algoritmo gentico para incrementar su ecacia. Conviene decir al respecto de este ltimo
trabajo que la paralelizacin incluye segregacin de las poblaciones sin ser mezcladas entre
ellas y por tanto permite explorar una mayor parte del paisaje heurstico. Para llevar a cabo
la paralelizacin se utiliza una leve modicacin del modelo de islas, en las que existe una
evolucin en paralelo de varias poblaciones distintas (que se comportarn mejor dependiendo
del contexto) y una poblacin en la que se entremezclan los mejores individuos de cada una
de las poblaciones en cada generacin. En este ltimo artculo, se incluye un procedimiento
para testear mquinas no deterministas y resultados experimentales sobre su ecacia en
comparacin con otras tcnicas.
Captulo 2
Introduction
At my arrival at the School of Computer Science, with the background of my formation
as an architect and being involved in a group whose primordial interest were formal methods,
the rst thing that caught my attention was the possibilities that oered formal methods
to describe systems capable of conglomerating agents with very dierent capabilities. In
particular, I was interested in graphical formalisms since their representation allowed us
to understand faster the global functioning of a system and obtain a global vision of
the ensemble. Specically, it was natural to represent sets of agents that were capable of
auto-organizing themselves in a hierarchical manner. The result of this rst approach was
the papers that appeared as part of my Master's nal project:
12
problems of very dierent domains, I have redirected part of my work towards researching the
potential of the application of genetic algorithms to test systems specied through graphical
formalisms. It is also to note that in the scope of my scholarship I did a short stay in the
University of Brunel with Robert M. Hierons, which research interests coincide in these
matters. Through a strong experimentation and with dierent modications to what would
be considered a standard genetic algorithm, we arrived to a model that showed a probable
ecacy in confronting the problems we needed to solve. Those problems vary considering the
type of language with which the specication is created. In a rst attempt, we studied the
possibility of automating the task of the creation of a test suite for a deterministic nite state
machine. In addition, we confronted the necessity of automating the valuation of the goodness
of those tests taking in account the number of mutants killed. In a second approximation, the
possibility of testing non-deterministic nite state machines directed us towards researching
the creation of adaptive sequences to be able to reach a state in a univocal manner and
therefore, use these type of sequences to test non-deterministic machines.
The following doctoral thesis is presented in the publication format, following the point
4.4 of the agreement of the Government Counsel with date 14th of October of 2008, in
which it is approved the regulations for the development of the Regime relative to the
elaboration, counsel, defense and evaluation of the Doctoral Thesis by means of the Royal
Decree 1393/2007, with date 29th of October (BOE of the 30th of October), by which it is
established the rules for the university education of the University Complutense of Madrid. In
the mentioned article is contemplated that doctoral thesis may be published in paper format,
understanding by it the thesis constituted entirely by published scientic papers or accepted
for publication. In our case, most of the papers have been published in dierent international
congresses and in a journal indexed in the JCR index, being, therefore, supported by the
subsequent inter pares evaluation. The works that have not been published are still passing
the selection process and we hope that when the thesis is defended they will be accepted.
Next, we present the objectives and the integration discourse of this thesis.
friendlier use, in such a way that the automation of the planning phase of the tasks
2. Introduction
13
could reduce the specication time of the systems. On the other hand, in the study of testing
of deterministic nite state machines, even though there exists methods that are capable of
creating a complete test suite, it should be possible to achieve an improvement in the quantity
of tests that are needed to check the FSM. Finally, the third problem detected, concerning
the testing of non-deterministic nite state machines, is that there does not exist methods
to create adaptive sequences in such a way that it is not mandatory to develop the whole
tree of possibilities.
The main objective of this thesis is to show the utility of using graphical formal methods
in those situations where its use is adequate and, specically, alleviate the problems detected
and presented in the previous paragraph. Since it is a broad eld we have focused our
attention in studying how to be able to dene a complex system through these methodologies
and in how to be able to check the validity of those systems. A rst objective is to use a
graphical formalism to dene a multi-agent system. A second objective is to study how can
we test systems described through graphical formal methods, in this case using genetic
algorithms. Since we can encounter ourselves with deterministic and non-deterministic
systems, we have tried to search methods to automate the testing process for both types
of systems.
Graphical formal methods grant us with a series of advantages regarding both nonformal methods and non-graphical formal methods because they are simultaneously capable
of providing a intuitive and visual denition at the same time that they allow us to analyze
rigorously properties of those systems. Maybe the two formalisms that reunite at the same
time ease of use and expressive power are Petri nets, used mainly to specify concurrent
systems due to its capacity to express the parallelization of the tasks, and nite state
machines because they are one the simplest formalisms and with enough capacity to model
communication protocols.
Petri nets have been used to formalize a broad variety of models, from chemical reactions
(the original use of the formalism) to assembly lines and multi-agent systems. Our interest
is directed towards developing a modication of the formalism that allows to represent a
hierarchical multi-agent system, in such a way that it allows us to achieve one the objectives
proposed in this thesis. Initial versions of the formalism were made using a modication of
nite state machines, but the impossibility to represent adequately the inherent parallelism
of those systems forced us to use Petri nets to model the behavior of the agents of the
system, always keeping in mind to maintain as simple as possible the system, to avoid
concept mistakes.
14
This multi-agent system is developed in several phases, creating a formalism that allows
to model simple hierarchical multi-agent systems. This formalism have been extended and
revised in several occasions. Its denitive version is published in the journal Automation in
Construction.
Taking in account the objectives that we stated for this thesis, the use of graphical formal
methods, a line of work that complements the formal description of complex systems consists
in studying properties of those models and more specically, in studying if an implementation
is correct with respect to its formal specication. This line of work corresponds to one of the
objectives of this thesis. In this respect, we try to optimize the test suite to check the correct
functioning of deterministic nite state machines to continue with the problem of reaching
univocally a state in a non-deterministic nite state machine.
The results obtained during the development of this thesis have been presented in
the following publications, presented in dierent international meetings, enunciated in
chronological order:
Combining genetic algorithms and mutation testing to generate test sequences [MNA09].
Published in 10th Int. Conf. on Articial Neural Networks, IWANN'09. IWANN
appears in the post 55 of 701 conferences of the eld of Articial Intelligence following
2. Introduction
15
Conference, EIC, 2009) and appears also under the B category in the CORE list.
Planning of work schedules through the use of a hierarchical multi-agent system [MN11].
Published in Automation in Construction, edited by Elsevier, with an impact factor of
1.372 in the JCR index.
We consider that these publications allow us to state that the main objective of this
thesis, that is, to study if the use of graphical formalism brings advantages when developing
software system and how can the process of testing be planned for these types of systems,
has been fullled. Specically the publications [AMN08b, AMN09a, MAN10, MN11] show
the achievement of the rst objective, that is, the formal development of a complex system,
while the publications [MNA09, MNH11a, MNH11b, MNH11c] correspond to the second
objective, aiding the creation of test suites for FSMs.
Next, we briey describe the contents of each of the papers that constitute this doctoral
thesis.
The rst article [AMN08c] corresponds to the initial denition of the multi-agent system.
In this case the behavior of each of the agents was modeled through nite state machines. The
idea emerged trying to approximate the world of architecture and formal methods and its
intention was to create a computational method that simulated the organizational structure
of work teams where there exists some agents in charge of executing the tasks and other
agents that organize and plan the tasks of the rst. In this work, it is distinguished between
atomic agents (the ones in charge of executing the tasks) and complex agents that plan the
activities of the atomic agents. The agents withhold a set of resources and a function that
values each of those resources. Agents also include an input buer and an output buer to
allow the passing of the messages and an utility function that assigns a goodness to the
valuation of resources. Those agents are inscribed in a cell structure. Those cells also contain
input and output buers to handle the message ow. Finally, it is described how the cell
structure is formed (in this case, linearly from an initial cell) and then moves to present the
16
mutation
of specications [CS94]. This technique appeared in the context of formal languages based in
models and consists in the application of a series of mutation operators to the specication to
obtain a simulation of an erroneous implementation. Our use of this methodology is similar,
considering that we use the mutants to grant the genetic algorithm with enough erroneous
implementations and this way, we can use the number of mutants distinguished to measure
the quality of each test produced. The underlying idea consists in evolving a test to be able
to locate the highest number of errors with the shortest sequence possible. To do so, the
heuristics considers the number of mutants detected and the length of the test. The test
is codied as a sequence of inputs that constitutes the chromosome of an individual of the
population of the genetic algorithm. This chromosome varies in its length and the operator
allows to simultaneously modify the genes and the length of the chromosome. The algorithm
herewith presented contains several populations evolving in parallel and it is subdivided in
several phases. In a rst phase, called
2. Introduction
17
mutant to achieve the highest possibility of detecting all the errors. In a second phase, called
specialization, each population is confronted with one single mutant, to be able to best detect
a single type of error. Finally, the best specimens from each phase and each population are
checked for redundancies and together compose the test suite.
The rst important modication applied to the formalism for dening multi-agent
systems was presented in [AMN09a]. This revision represents a simplication in the passing
of the messages between agents and in the general framework. In this version it is still not
achieved the parallelization of the tasks and it ended up being just an intermediate step
towards the nal formalism, therefore, we will not extend any longer in its description.
In its last version, that was presented as my nal project for my Master's degree [Mol09]
and that is published in the journal Automation in Construction [MN11], the formalism
used to represent agents consists in a system of hierarchical Petri nets, to be able to simulate
concurrency and the parallelization of the tasks. This paper presents a wide variety of related
work in multi-agent systems as well as in computerized approaches to project management.
In this paper agents are presented as the conjunction of a Petri net, that denes de resource
transformations and an input buer for the reception of the messages. In the formalism, a
cell is dened through its position in the cell tree (the father and its children) and the set of
agents that are contained in it. Utility functions are moved to the petition system, allowing
the user to formalize its preferences when dening the set of resources to be obtained. Also,
the representation of the system is transformed into a tree structure that is automatically
created to optimize the ow of the messages and to keep this structure as compact as possible,
allowing the user to forget of having to manually actualize it.
In the line of nding methods to test systems that are formally described, we have treated
the problem of reaching univocally a state in a non-deterministic nite state machine. The
remaining three papers [MNH11a, MNH11b, MNH11c] treat this problematic. In a nondeterministic nite state machine there exist a number of states that are deterministically
reachable and that therefore, do not create any problem. But, this is not the case for the
majority of the states. It is important to provide the tester with a way to move the machine to
a specic state because that allows him to restrict the analysis to an specic component of the
system. This is achieved through
trees based in the LTS formalism that contain an input that branches in the dierent outputs
that the machine returns. Then, in each of the leaves that do not represent the searched state
an input is applied and the process continues. The set of all the adaptive sequences for a
non-deterministic machine allows to construct a set of reachable states that afterwards may
18
be concatenated with sequences able to distinguish every state of the specication or at least,
those that are not
In the work [MNH11a] it is proposed a general methodology for the creation of adaptive
sequences. In this paper we dene an adaptation of a genetic algorithm to solve this type
of problems. The rst modication made to the genetic algorithm is that the DNA of the
individuals is a tree (that represents the adaptive sequence) and due to this modication
the mutation and reproduction operators had to be redened. Also, every individual has
a coecient that denotes its tendency to search random solutions or to base the search in
the distances between nodes precalculated using Dijkstra's algorithm. The mutation operator
chooses at random between adding a subtree or removing a subtree from the DNA, afterwards
it does a lineal traversal of the DNA until it nds a node without children. In the case that
a subtree is added, the random coecient will be used to to advance a step towards the
searched node. In the opposite case, it will obtain the father of the chosen node and remove
it and all of its children. The crossing operator makes a traversal in one of the DNAs and
for each node traverses the other DNA. The nodes from both trees that represent the same
state of the non-deterministic machine will be added to a list of common nodes. From this
list of common nodes, one is randomly extracted that will be the crossing point, and from
this point both trees will be inter-exchanged creating two children that will be added to the
genetic pool. For the selection of the individuals we use
elitism
in the pool for the next generation and for the rest of the population the roullete wheel
approach is used. To value the goodness of the individuals we used a sampling method,
analyzing how many times the target node is reached out of 100 attempts, the distance at
which it stays is also taken into account in the event that the target node is not reached.
In the paper we do several experimental comparisons with other techniques that might be
applied for the construction of adaptive sequences, like a hillclimbing approach, obtaining
systematically better results with the genetic algorithm.
In the following paper from the series [MNH11b] it is experimentally analyzed the
eciency of the algorithm and which coecients are better when creating adaptive sequences.
The analysis undertook in this paper follows two paths. The rst type of analysis tries
to study how the proposed technique works in relationship with others like random, or a
tree created using Dijkstra's shortest path algorithm or a hillclimbing approach in dierent
contexts of dierent complexities. The other type of analysis consists in studying which
random coecients will work better also for dierent types of non-deterministic machines.
To do so, several populations in which the allowed range for the random coecient varies
2. Introduction
19
are used to create an adaptive sequence. It is also studied if it would be better that this
coecient is hereditary or randomly initiated.
In the work [MNH11c], still undergoing a revision process, it is presented a parallelization
of the genetic algorithm to increment its eciency. Note, that the parallelization of the
populations include its segregation to be able to explore a wider range of the heuristic
landscape. To do so, we use an island model, in which the parallel evolution of the dierent
populations (each of which will behave better depending on which type of non-deterministic
machine we are confronted with) is coupled with a population that takes the best specimens
from each of the others. In this last paper, it is included a procedure to test non-deterministic
machines and experimental results about its eciency in comparison with other techniques.
20
Captulo 3
uso de mtodos formales para aumentar la abilidad de los sistemas ha crecido enormemente.
El porcentaje, tanto en tiempo como en recursos, dedicado a la comprobacin y vericacin
de sistemas y de sus requerimientos es cada vez mayor.
El
la abilidad de los sistema, esto es, la ausencia de errores en la implementacin con respecto
a los requerimientos. Brevemente, las tcnicas de testing se pueden denir como la aplicacin
(sistemtica) de un conjunto de inputs a un sistema para comprobar que los outputs que
produce corresponden a los resultados esperados.
Podemos distinguir varios tipos de testing dependiendo del conocimiento existente sobre
la implementacin del sistema o del acceso que tengamos a esta. Si este conocimiento es total
se habla de
testing de caja blanca. Este es el caso, por ejemplo, del testing de software cuando
se tiene acceso al cdigo fuente. En el caso de no poder tener acceso al funcionamiento interno
de la implementacin se habla de
se tiene acceso a las
se le proporcionan. Por tanto, en este marco la mayora de los criterios de correccin son
relaciones de conformidad entre las trazas de la implementacin y el conjunto de trazas del
que disponemos en la especicacin, de forma que la estructura interna de la implementacin
no se tiene en cuenta.
Uno de los problemas a los que nos enfrentamos en el testing de caja negra es la
posibilidad de que los fallos del sistema queden enmascarados por no haber alcanzado una
21
3.1. Introduccin
22
traza sucientemente larga como para revelar estos fallos. Al no tener conocimiento sobre
la composicin exacta de la implementacin a la que se van a aplicar los tests, la persona a
cargo de la creacin del conjunto de tests habr de realizar una serie de hiptesis sobre el
sistema, tales como un limite superior en el nmero de estados. Otros tipos de hiptesis a
realizar sobre el sistema comprenden suponer que la mquina de estados que tericamente
representar al sistema es mnima, que es fuertemente conexa, que tiene los mismos inputs y
outputs que el sistema especicado, que tiene un estado inial, la existencia de un reset, etc.
Este tipo de hiptesis son necesarias para intentar conseguir un conjunto de tests que sea
considerado como completo y correcto.
Para poder decidir que la implementacin se comporta correctamente respecto a la
especicacin se ha de establecer un criterio de correccin. Este criterio de correccin
depender del tipo de sistema al que nos enfrentemos y de la informacin de la que
dispongamos de la implementacin. Algunos de los criterios de correccin utilizados en testing
son IOCO [Tre96],
dependiendo del tipo de sistema al que vayan a aplicarse los tests, se establecer el criterio
de adecuacin ms idneo a discrecin de la persona a cargo de crear el conjunto de tests.
De manera general, se puede denir formalmente una relacin entre mquinas a travs
de denir una relacin entre sus estados. Por tanto, si somos capaces de distinguir
unvocamente un estado de otro dentro de una mquina, podemos decir que dos mquinas
sern distinguibles si se pueden distinguir sus estados iniciales. Si no somos capaces de
distinguir dichos estados iniciales para el criterio de correccin elegido, entonces consideramos
que las mquinas estn relacionadas. Para la distincin entre estados, una de las tcnicas que
existen consiste en la creacin de
indica, son las secuencias de inputs y outputs de longitud mnima que logran distinguir un
estado de cualquier otro dentro de una mquina. Otros mtodos comnmente usados son el
Wp .
problema de explosin de estados. En estos casos, otras metodologas como realizar el test
al vuelo
Si la especicacin viene dada en forma de una mquina de estados nitos, esto es, si
estamos comprobando el ujo de control de un sistema, los tipos de errores que pueden
aparecer son
errores de operacin:
errores de transferencia:
cuando
extra (falta de) estados: cuando para hacer iguales la implementacin y la especicacin sera
23
IOT S
IOT Ss.
est subdividido en inputs y outputs. En este marco, un estado que no puede hacer una
estable y un
llama quiescente.
interna o un output se
L=I O
aumentado con
que
Denicin 3.1 Sea (S, I, O, T r, s0 ) una IOTS. Denimos los siguientes conceptos:
Dado s S , s after = {s0 S|s == s0 }
Dado s S , out(s) = {o O|s0 S : s o s0 } {|s0 S : s s0 }
Dado S 0 S , out(S 0 ) = {out(s)|s S 0 }
S
Sean I , S dos IOT S . Se dice que I es conforme a S , y se denota por I ioco S , si para
toda traza Straces(S) se cumple out(I after ) out(S after ).
3.2.2. La r-equivalencia
La r-equivalencia [PYLD93] es una relacin de equivalencia que podemos establecer entre
mquinas de estados nitos no deterministas. Esta relacin se dene de manera negativa,
es decir, se dice que dos estados son
se denotar por
24
r-equivalencia
Denicin 3.2 Sea (S, I, O, T r, s0 ) una mquina de estados nitos no determinista. Sean
i/o
i/o
s S y i I . Denimos (s, i) = {s0 S|s s0 T r} y (s, i) = {o O|s0 : s s0
T r}. Esta segunda nocin se puede extender a secuencias de inputs en la forma usual. Sean
/o
s S y I . Denimos (s, .) = {o.((s, ), )|s0 : s
s0 T r}.
La relacin binaria entre estados de r-distinguibilidad se dene como:
s
(s, i) (s0 , i) =
M1 M2
3.2.3. La s-equivalencia
La
que no se permite el paso de mensajes entre los distintos componentes. En las deniciones
que siguen a continuacin introduciremos una serie de notaciones y funciones preliminares
para poder entender la denicin de s-equivalencia.
Una secuencia
un smbolo
x,
denotado por
x .
tenemos que
0,
denotado por
[]lk
0 ,
o con
se denota por
||.
k -simo
elemento y termina en el
l
otro caso, []k
||
[]1 = .
l-simo
25
y que para un
1, []k0
l k;
=
en cualquier
Denicin 3.3 Sea (S, I, O, , , s0 ) una mquina de estados nitos distribuida. Dado un
elemento (oU , oL ) O denotamos por o|U (resp. o|L ) la componente U (resp. la componente
L) del par.
Dado j {U, L}, denimos la funcin j : (I O) (Ij {} Oj {}) como
sigue:
j () =
j (i/o ) =
/ j ()
si i 6 Ij o|j =
i/ j ()
si i Ij o|j =
/oj j ()
si i 6 Ij o|j = oj 6=
i/oj j ()
si i Ij o|j = oj 6=
Denimos otra funcin auxiliar para quitar de la secuencia producida por las
apariciones del par /:
(
r() =
r(i/o ) =
r()
si i = o =
sincronizable.
secuencia
sS
desde
s.
26
Denicin 3.4 Sea (S, I, O, , , s0 ) una mquina de estados nitos distribuida. Una
secuencia de inputs I es sincronizable para s S si para todo 2 k || tenemos que
k1
[]kk Ij implica j (h((s, []k2
0 ), []k1 )) 6= (, ). Denotaremos el conjunto de secuencias
sincronizables para un estado s por Synch(s).
Finalmente la nocin de
M1 M2
r-distinguibilidad,
la eleccin
es irrelevante.
3.3.1. El mtodo W
Esta tcnica, presentada en [Cho78], se utiliza para especicaciones dadas como mquinas
de estados nitos y usa el
27
k-equivalentes
k -equivalente
si no existe
k-equivalentes.
Se dice
(s1 , ) 6= (s2 , ).
Una
k -equivalentes.
I k tal que
k -equivalentes
Posteriormente el conjunto W constar de las secuencias mnimas que distinguen los estados
dos a dos. Por lo tanto, para construir este conjunto se cogern las particiones
se buscar la ltima
k -equivalentes,
esa secuencia concatenada con el input que los divide en la siguiente particin.
Para
construir
el
conjunto
P,
de transiciones, llamado
de
tests
nal
se
utilizara
un
conjunto
Z=
cobertura
estados
de
(I 0 .W ) (I 1 .W ) . . . (I mn .W ). El conjunto denitivo de
T = P.Z .
3.3.2. El mtodo Wp
El mtodo
Wp
Cada subconjunto de
distingue al estado
El conjunto
si
el estado
Pi
Wi
T =
es una particin de
iIS
Pi .Wi ,
donde
IS
si .
input/output tal que al aplicar sus inputs, los outputs obtenidos son distintos de los que se
28
Denicin 3.7 Dada una F SM = (S, I, O, , , s0 ), una secuencia se dice que es una
U IO para un estado s S si para todo estado t S, t 6= s se cumple que (s, in()) 6=
(t, in()), tal que in() denota la secuencia de inputs que forma parte de .
De manera similar al mtodo W, para calcular los tests en este mtodo se empieza por
construir el conjunto de cobertura de transiciones
P,
Wp
pero permite su
29
T =
T (j , Fi (sj ))W
sj Sd
donde
sj Sd
Fi (sj )
es
r-distinguibles.
30
Captulo 4
dado que el espacio de soluciones es demasiado grande para ser explorado al completo.
Existen ciertos problemas a la hora de utilizar cualquiera de las tcnicas heursticas
disponibles. Quizs el mayor de estos problemas sea la denicin de una funcin heurstica
correcta, ya que simultneamente necesitamos conseguir que sea
sencilla de calcular,
para
acortar el tiempo entre dos generaciones y que podamos alcanzar el mayor nmero de
generaciones posibles para un intervalo de tiempo, y que sea lo
ms correcta posible,
para
que al juzgar las soluciones candidatas logremos discernir cules son aquellas ms cercanas a
ofrecernos el mximo. La denicin de esta funcin heurstica crear un
Una funcin heurstica correcta debera evitar que se produjeran planicies en ese paisaje, ya
que eso provocara que el algoritmo no lograra distinguir cul es la direccin que debe tomar
la evolucin para alcanzar el mximo. Por tanto, una funcin heurstica adecuada para un
problema debera poder eliminar estas mesetas. En la Figura 4.1 aparecen varias guras
extradas de [McM04] donde se muestran los paisajes que pueden crear diferentes funciones
heursticas para alcanzar un mismo objetivo y cmo una correcta denicin de las mismas
31
32
teora de la evolucin de las especies de Darwin. Estos algoritmos codican una solucin a
un problema en forma de una cadena de ADN perteneciente a un individuo de la poblacin.
Cada una de los individuos representa, por tanto, una posible solucin al problema. La
poblacin evoluciona a travs de una serie de operadores para adaptarse al paisaje heurstico
del problema. Los operadores que se encuentran en un algoritmo gentico son
mutacin,
33
a su vala, para posteriormente extraer al azar dos elementos de ese multiconjunto. El tercer
operador, seleccin de la especie, se implementa mediante la asignacin de un valor a cada
individuo utilizando una funcin heurstica. Se eliminan las soluciones menos vlidas para
mantener constante el nmero de individuos de la poblacin. Con ello se intenta conseguir
que el tiempo de cmputo de cada generacin sea constante y fomentar adems que sean
las soluciones ms correctas las que se mantengan. Dentro de la seleccin de la especie se
suele aplicar el
soluciones sin haberles aplicado ningn tipo de modicacin (ni a travs de mutaciones ni a
travs de la reproduccin).
Una extensin que permite a la tcnica aumentar en gran medida su efectividad es su
paralelizacin. Existen diversas maneras de paralelizar un algoritmo gentico [NP99, CP98,
Kon04]. De manera general, la ganancia en calidad de la solucin viene dada por dos factores.
Uno es intrnseco a la paralelizacin: la mejora en los tiempos de cmputo al utilizar mayor
nmero de procesadores. Sin embargo la otra fuente de ganancia pertenece a la idiosincrasia
del algoritmo gentico, y consiste en que en la mayora de los patrones de paralelizacin
se establece que los movimientos inter-poblacionales (las migraciones) sean restringidos.
De hecho, lo ms usual es que las migraciones se restrinjan a las poblaciones cercanas.
Ello permite que el algoritmo explore una mayor parte del paisaje heurstico de manera
independiente en cada poblacin y, por tanto, se evitan problemas de mximos locales. El
modelo ms comn de paralelizacin de un algoritmo gentico es el
Durante el resto de la seccin procederemos a establecer con mayor claridad los conceptos
con la ayuda de un ejemplo sencillo que nos permita visualizar la codicacin del ADN as
como su modicacin a travs de los operadores.
34
se conoce algn tipo de solucin base podra usarse como ADN inicial de los individuos. Una
inicializacin aleatoria tiene como objetivo explorar de manera uniforme el paisaje heurstico
de la solucin al problema y comenzar a evolucionar las soluciones candidatas a partir de
diversos puntos.
4.2.2. Mutacin
La mutacin modica un gen especco de la cadena de ADN. En el caso de que la
cadena sea binaria, la mutacin consistira en elegir uno de los genes al azar y si es un 0
cambiarlo por un 1 y viceversa. En cualquier otra situacin es conveniente especicar los
valores permitidos para cada tipo de gen, para saber los que puede tomar la mutacin. Es
preferible realizar un nmero bajo de mutaciones por cada individuo y por cada generacin,
ya que en caso contrario, el individuo originario y el mutado seran tan diferentes que juzgar
si ha habido una mejora en su valor heurstico sera relativamente poco til, para ello se
utiliza lo que se llama la probabilidad de mutacin. En la Figura 4.2 podemos visualizar un
ejemplo de la mutacin de un gen de una cadena binaria.
35
que se elige un punto de la cadena de los progenitores y se producen dos hijos, el primero
con la primera mitad del ADN de la madre y la segunda mitad con el ADN del padre, y el
otro hijo con la combinacin opuesta. El segundo tipo sera el del
en el que se realiza un proceso similar pero con dos o ms puntos de cruce. Finalmente, el
tercero sera un cruce en el que cada gen pertenece a uno de los progenitores (el primero a
la madre, el segundo al padre y as sucesivamente). En la Figura 4.3 podemos visualizar un
ejemplo grco de los dos primeros tipos de cruce.
mtodo de
torneo. En este mtodo se eligen al azar dos individuos y se enfrentan, resultando vencedor
el individuo con mejor valor heurstico, el perdedor se elimina de la poblacin hasta reducir
sucientemente el nmero de especmenes de la poblacin.
Otro mtodo que podra utilizarse sera una tcnica similar a la
ruleta
explicada en el
cruce, pero en vez de insertar a los individuos un nmero de veces proporcional a su vala se
les insertara un numero de veces inversamente proporcional a su vala.
El
elitismo
al individuo (o los individuos) mejor adaptado de esta generacin sin aplicarle ninguna
mutacin. De esta manera se evita perder las mejores soluciones al realizar las mutaciones y
los cruces.
36
Figura 4.3: Cruce de dos individuos, con punto de cruce nico (arriba) y con puntos de cruce
mltiples (abajo).
colonias de hormigas
37
en su interaccin. Ello se pone de maniesto sobre todo en la manera que logran encontrar
los caminos ms cortos entre la fuente de comida y la colonia.
Cmo logran las hormigas localizar los caminos ms cortos si no existe comunicacin ni
una visin global del conjunto?, la realidad es que s existe un tipo de
comunicacin, se realiza
a travs de depositar feromonas en el camino que cada hormiga recorre. Cada hormiga tiene
un comportamiento simple: se mueve de manera azarosa en busca de comida, pero al alcanzar
una fuente de comida, vuelve a la colonia a traerla y vuelve a ir hacia la comida para buscar
ms. En este proceso deposita feromona, que se ve reforzada cuantas ms veces repita este
camino. Decir que una hormiga se mueve al azar, tiene por tanto, una parte de verdad pero
hay que tener en cuenta que en el caso de que una hormiga detecte un ujo de feromona lo
sucientemente fuerte, seguir su rastro esperando encontrar una fuente de comida localizada
por otra hormiga, y as contribuir en la aportacin de comida a la colonia. Una pregunta
lcita consiste en cuestionarse si este mtodo tambin sirve para encontrar los caminos ms
cortos. En la Figura 4.4 podemos observar cmo funciona el mtodo y cmo caminos largos se
abandonan cuando se encuentran otros ms cortos. Al comienzo las hormigas al enfrentarse
al obstculo toman al azar un camino u otro. Si hubiera un nmero muy alto de hormigas
la mitad iran por un camino y la otra mitad por el otro. Pero las hormigas que eligen el
camino B tardarn ms tiempo en recorrerlo, por lo que el ujo de hormigas es mayor en el
camino A. Puesto que, adems, la feromona se evapora con el tiempo, el rastro de feromonas
dejado en el camino A despus de un intervalo de tiempo ser mucho mayor que el rastro
del camino B. Ello llevar a que ms hormigas elijan el camino A, reforzando este camino
hasta que prcticamente todas las hormigas tomen el camino ms corto desde el nido hasta
la fuente de comida.
La aplicacin de estos principios con hormigas virtuales, permite resolver problemas de
caminos mnimos en un grafo, tales como el problema del viajante de comercio y a travs de
transformaciones, se puede aplicar esta tcnica para hallar buenas soluciones para una gran
variedad de problemas.
ACO (del ingls Ant Colony Optimization) funciona de la siguiente manera. Se inicializan
todas las transiciones del grafo a un valor de feromonas constante. Una vez nalizada esta
inicializacin, el algoritmo constar de los siguientes pasos.
pkij = P
ij ij
hNi (ih
ih
)
elegir
38
donde
Ni
dij
i al j
ij
i, ij
es la bondad de la transicin
ij . Normalmente, ij = 1/dij ,
ij (1 ) ij +
en la transicin desde
k,ij
hasta
j.
ij
es la
i al j , (0, 1) es un coeciente
(
k,ij =
donde
es una constante y
39
generaciones).
system
MAX-MIN ant
se limitan los valores de feromona en las transiciones entre unos mximos y unos mnimos
(para evitar que la mejor solucin domine a todas las dems) y en el caso de que la solucin
no haya variado despus de un tiempo se suavizan las diferencias en los niveles de feromona
entre las transiciones para que se puedan buscar nuevas soluciones.
mxima pendiente
del espacio de bsqueda, y elegir el que devuelva el mayor valor, y mover el estado actual
hasta ese punto. La segunda variante es
escalada simple
y su funcionamiento se basa en
ir aplicando operadores hasta que la aplicacin de un operador haya mejorado la vala del
estado actual. En ese momento se modica el estado actual y se pasa al transformado por el
operador encontrado. La escala simple suele aplicarse solo en los casos en los que por haber
demasiados operadores o tardar mucho en aplicar cada uno de ellos, encontrar el mximo de
entre los operadores disponibles conllevara demasiado tiempo para cada interaccin.
La tcnica de escalada funciona muy bien para paisajes heursticos con un solo mximo
o con pocos mximos locales. Por contra, funcionar muy mal en el caso de que existan
muchos mximos locales, ya que esta tcnica se estanca en dichos valores. En la Figura 4.5
podemos observar cmo en el paisaje de la izquierda, la inicializacin del algoritmo en el
punto
se quedar estancado en
d.
problemas se han optado por varias modicaciones del algoritmo original. Una consiste en
llevar en paralelo varias escaladas desde distintos puntos del paisaje heurstico. Otra consiste
en evaluar si puede mejorar pasando a algn vecino y en caso contrario, elegir el siguiente
punto al azar. En esta lnea, una alternativa consiste en analizar puntos al azar y escoger
aquel que permita una mejora.
40
Figura 4.5: Diversas inicializaciones del algoritmo de escalada simple en dos paisajes distintos.
una
temperatura
manera
T0
ms
formal
este
mtodo
comienza
la
bsqueda
inicializando
la
Si el vecino ms proximo tiene una vala menor que la del estado en el que nos
encontramos, se aceptar en el caso de que
umbral de aceptacin al azar entre 0 y 1,
valor heurstico) y
E(s0 )
U (0, 1) < e
E(s)
E(s)E(s0 )
T
,
siendo
U (0, 1)
un
41
Una vez aceptado un vecino nuevo (si ningn vecino nuevo es aceptado paramos), la
temperatura se actualizar bajando. Esta actualizacin de la temperatura puede ser
T T ,
lineal
donde
[0.8, 0.99],
T0
1+log(k) , siendo
T T,
T0
1+k .
El algoritmo parar dependiendo de varios criterios, como puede ser que la temperatura
sea sucientemente baja, se hayan alcanzado un numero de iteraciones mximo, no se
acepte ningn vecino en una iteracin, se haya alcanzado un valor heurstico suciente,
etc.
Adems, la partcula
Tambin se tiene en
representa el
componente cognitivo
el
componente social,
equilibrando entre
U (0, 1)
es
42
inercia
es la inercia en la iteracin
y se actualiza como
k+1 = k ,
con
(0, 1).
K=
|2(1 +2 )
2
.
(1 +2 )2 4(1 +2 )|
P (d) =
1
notClimbingF actor . El
en
0.01 en cada iteracin, pero cada n iteraciones (a determinar por el usuario) se incrementa
en
0.5 para realizar un proceso similar a el enfriamiento simulado. Si U (0, 1) > P (d) entonces
Pd (i, j) =
P (i,j)
lN (i,l)
0
donde
(i, j) =
U (0, 1) P (d)
altitud(j)altitud(i)
y
distancia(i,j)
entonces
si j Ni
i.
Por contra, si
Pd (i, j) =
43
(i,j)
total
/|(i,j)|
total
total
si j Fi
si j Di
si j Ui
donde
Ni = Di Ui Fi , Di
son los vecinos a la misma altura que i. Estos ltimos solo aparecern al comienzo del
Fi
Ui
algoritmo, permitiendo una bsqueda de alguna manera aleatoria en las primeras iteraciones.
bajada y
[0, 1]
[0, 1]
erosion(i, j) =
paramErosiontamGota
costeSolucion
(i, j).
donde
cuando una gota no puede moverse a ningn nodo vecino y aumenta la altitud
altitud(i) =
mtodos
de
bsqueda
heursticos
han
sido
ampliamente
aplicados
resolver
44
el que a partir del cdigo del programa se estudian los ujos de control y se denen los
caminos a ser testeados, buscando a la par los valores que satisfagan las condiciones de cada
rama. Los trabajos dentro del rea pueden clasicarse en dos grandes grupos atendiendo
a sus objetivos, como se muestra en la revisin del estado del arte de la aplicacin de los
algoritmos genticos al testing de sistemas [MA05], o en [AGET10] donde se realiza una
revisin de las limitaciones de la aplicacin de los algoritmos genticos al testing. Un grupo
se centrara en satisfacer las restricciones impuestas para ejecutar una determinada rama del
ujo de control del programa, atendiendo a una preseleccin de los caminos en los que es ms
comn o crtico encontrar un error [PGGZ94, BJ01]. Otro grupo buscara conseguir encontrar
tests para cubrir el mayor nmero de ramas posibles [RMB 95, JSE96, PHP99, MMS01].
El trabajo [PGGZ94] presenta una aplicacin sencilla de un algoritmo gentico para
encontrar valores que satisfagan las restricciones impuestas a lo largo de un camino dentro
del ujo de control de un programa. Mientras que en el trabajo [BJ01] se realiza un primer
anlisis del sistema bajo test, para crear un conjunto de tests inicial. Una posible tcnica para
crear este conjunto de tests consiste en utilizar un conjunto de inputs aleatorios inicialmente.
En este conjunto se busca el camino ejecutado con mayor nmero de nodos en comn con el
camino del cual se desea obtener el conjunto de datos para realizar el test. Estos valores se
usarn para caracterizar a la poblacin inicial del algoritmo. Durante la bsqueda tambin
se utilizar esta medida de similitud como parte de la mtrica. Esta mtrica tambin tendr
en cuenta los valores de las
distancias de rama
de ramas posibles, el trabajo presentado en [RMB 95] utiliza los algoritmos genticos para
crear un conjunto de test que cubra la mayor parte de cdigo posible. Para realizar esta
tarea se considera una poblacin en la que se van insertando individuos que cubren partes
individuales del cdigo pero que en su conjunto son capaces de ejecutar casi completamente
todas las ramas del ujo de control del programa. As, cada individuo maneja un conjunto
de valores para las variables y ejecuta una parte del programa y entre toda la poblacin
se crea el conjunto de tests. En el trabajo [JSE96] se usa una aproximacin similar pero
con la especicidad de intentar producir tests en las fronteras de las restricciones, dado que
es en estos valores donde se encuentran errores de manera ms frecuente. El enfoque de
[PHP99] utiliza el
45
funcionales). A partir de esta base, los test se priorizan para que se ejecuten en primer lugar
los tests con mayor capacidad para desenmascarar errores. El algoritmo gentico codica
un caso de test en un cromosoma y la funcin de adecuacin asigna un valor positivo a
cada test que ha sido capaz de detectar un error y cero a los que no lo han detectado. La
asignacin de edades a la poblacin es una manera de restringir la poblacin sin utilizar
una medida expeditiva del control de esta. Segn este mtodo, a cada individuo se le
asigna una edad basada en su vala heurstica y el individuo desaparece cuando su edad
46
control de velocidad
control de distancia
de un
47
segunda medida establece la distancia de los valores asignados a las variables para cumplir
una cierta condicin (aquella que nos desvi del camino deseado dentro del ujo de control).
En los trabajos [KHS09, DHHG10] se estudia el problema de encontrar caminos factibles
dentro de una mquina de estados nitos extendida (EFSM de sus siglas en ingls), esto
es, buscar un conjunto de transiciones cuyas guardas pueden ser activadas a partir de una
serie de valores dados al conjunto de variables. Para lograr asignar una heurstica que pueda
usar el algoritmo gentico, el algoritmo subdivide las guardas de las transiciones en varias
categoras, dependiendo del comparador usado (=, <, >, , , 6=) y de los tipos de valores que
se comparan (variable con parmetro jo, variable con variable, constante con expresiones de
variables, etc.). Adems, se tienen en cuenta otras caractersticas como si dentro del camino
vuelve a aparecer la variable comparada, considerando tambin la existencia de guardas
compuestas a travs de AND o OR. De este modo, se le asignan a las transiciones una serie
de penalizaciones dependiendo de la complejidad para ser resuelta (un OR es ms fcil de
cumplir que un AND, un
6=
ms fcil que un
=,
48
que sucede cuando una transicin desplaza al sistema hasta un estado distinto del esperado.
En el caso de las mquinas de estados extendidas, realizar una comprobacin a travs de
todas las transiciones conlleva el problema de ser capaz de ejecutar todas las guardas que
existen en las transiciones. Aadido a este problema, si nos encontramos, como es el caso,
comprobando mquinas de estados extendidas con restricciones temporales, puede aparecer
un tercer tipo de error relacionado con la ejecucin de las transiciones fuera de los intervalos
de tiempo especicados. Los autores usan como punto de partida la tesis [Der06] en la que se
desarrollan ideas para encontrar las transiciones factibles dentro de una mquina de estados
nitos extendida.
armacin,
implementacin se evalan a falso. Para detectar los errores de deadlock, la heurstica suma
el nmero de transiciones de salida desde cada estado recorrido por el camino representado
49
en el cromosoma. Para detectar los errores de armacin se bonica a los cromosomas que
modican el control del ujo del programa para producir el mayor nmero de comprobaciones
booleanas (que se encuentran localizadas en ciertos puntos del cdigo).
Los autores del trabajo [AC07] proponen una metodologa heurstica basada en la
aplicacin de una transformacin de la metodologa de optimizacin de la colonia de hormigas
para encontrar errores en grandes sistemas concurrentes. La exploracin de los sistemas
de este tipo se lleva a cabo de manera exhaustiva a travs de la tcnica de
comprobacin
sistemas puesto que produce una explosin del conjunto de estados. Los autores reutilizan
una heurstica aplicada a cada estado basada en la proposicin lgica a satisfacer [ELL01].
Los autores modican la metodologa de la colonia de hormigas, dado que la cantidad
de estados puede hacer que el tiempo que transcurre entre cada iteracin sea demasiado
grande y por tanto limitan el camino mximo de una hormiga a una serie de pasos. El
problema con esta tcnica es que la solucin puede encontrarse a una profundidad mayor
que la proporcionada por el nmero de estados. En este caso, los autores proponen utilizar
la
testing de mutantes
que
cabe mencionar que las tcnicas de testing de mutantes estn bien asentadas y consisten
esencialmente en crear una serie de mutaciones a partir de la especicacin o, si esta no
existe, del sistema bajo estudio, para funcionar como implementaciones errneas con las que
contrastar el conjunto de tests creados.
El algoritmo bacteriolgico simplica los individuos de la poblacin hasta constituirlos
de un solo gen formado por los tests ms prometedores. Esto es, cuando un test ha logrado
matar a un nmero elevado de mutantes, esta secuencia se reproduce y muta al mismo
tiempo. El marco se aplica al testeo de componentes .NET.
50
sntoma
a la aparicin de un
fallo y las transiciones que podran usarse para explicar por qu se ha producido ese sntoma
se llaman
candidatas al diagnstico.
una secuencia de longitud mnima que sea capaz de mostrar el mismo sntoma. Ello permite
reducir el coste de comprobar a posteriori manualmente la secuencia para localizar el error
real.
Se llama
conjunto de conicto
51
52
Captulo 5
agente
en el mundo de la
informtica. Puesto que son esencialmente piezas de software autnomas, esta denicin
puede ser adscrita a una gran cantidad de sistemas. Hay, por tanto, diferentes aproximaciones
a la denicin del trmino
sistemas multi-agente.
De manera general se puede decir que un sistema de agentes es un conjunto de piezas
autnomas de software que trabajan en cooperacin para resolver algn tipo de tarea. La
cooperacin se puede entender como cooperacin
implcita
explcita.
En el caso de la
cooperacin implcita, esta se realiza entre diferentes agentes que no tienen conocimiento
unos de los otros, realizan tareas restringidas a un dominio que es complementario al de
otros agentes, y en el conjunto de sus dominios se resuelve el problema. En un tipo de
cooperacin explcita, los agentes se comunican a travs del paso de mensajes de algn tipo.
Otra forma de ver a los agentes es considerndolos como formados por expresiones que
se activan cuando los parmetros del ambiente en el que estn inmersos satisfacen sus
condiciones, produciendo una transformacin en su entorno. Con esta consideracin en mente,
se podra decir que los agentes representan un tipo de sistema que est siempre en marcha,
aunque pase por fases de aletargamiento debido a que el entorno no satisface las condiciones
para la puesta en operacin de los agentes del sistema.
En el trabajo [FG96], los autores intentan enfocar el problema de denir el signicado
del trmino
agente,
dado que puede ser aplicado a una gran variedad de sistemas y usos.
Los autores intentan denir las lneas generales para una taxonoma de agentes autnomos.
53
5.1. Introduccin
54
Para ello, comienzan con un breve resumen de diferentes casos aceptados por la comunidad
cientca a los que se puede aplicar la palabra
agente autnomo, ms que en dar una denicin de lo que sera la cualidad de ser agente y
despus construir el concepto de autonoma. Su denicin es:
clasicacin biolgica.
subdivididos en agentes
Otra denicin que podemos encontrar en la literatura sobre el trmino agente es la propuesta
en el trabajo [Sho93]. Para el autor un agente se dene como:
55
autnomos son sistemas capaces de llevar a cabo acciones autnomas y con propsito en
un mundo. Por lo tanto, tienen que ser reactivos. Ello lleva al problema de que los agentes
tienen que reaccionar sucientemente rpido a los cambios hechos en su ambiente. Por ello,
poner demasiado nfasis en la capacidad computacional del sistema suele llevar a un sistema
de agentes que es inutilizable en la prctica.
Para caracterizar el comportamiento dirigido hacia una meta que se espera de un agente
autnomo, el autor propone un
tienen. Los intentos para conseguir realizar estos impulsos es lo que motiva a un agente
a tomar una u otra accin. Desde su punto de vista, las acciones y las metas deben ser
jerrquicas.
Cabe
destacar
que
para
alcanzar
alguna
meta,
un
agente
tiene
que
tener
un
estructural
simblica.
Existe una jerarqua para relacionar todos estos comportamientos y tipos de agentes. Los
agentes reguladores se relacionan con los comportamientos instintivos. Los agentes basados
en casos se relacionan con comportamientos habituales para los que ya existe una gua
sobre cmo llevarlos a cabo. Los agentes que resuelven problemas serviran para tipos de
necesidades menos frecuentes. Los agentes aleatorios se equipararan a jugar, en la que nuevas
maneras de ensamblar acciones primitivas apareceran. Finalmente, los agentes adaptativos
crearan teora para casos muy pocos frecuentes.
El trabajo [Kis91] enfoca el problema de tener que decidir entre crear un sistema multiagente ms general o con mayor potencia.
Generalidad
tiempo (efectividad del sistema). Existen otros requerimientos en el diseo de estos sistemas
como son racionalidad, autonoma y reexin. En este contexto,
racionalidad
signica que
las acciones de los agentes son apropiadas con respecto a su propsito, exibles y efectivas.
En un sistema con arquitectura
esta caracterstica puede describirse como que un agente no cree que algo y su contrario sean
5.1. Introduccin
56
simultneamente verdad y que este agente acta para satisfacer sus deseos.
Autonoma es la
capacidad de que un agente, pensado como un proceso continuo que percibe su ambiente,
reaccione a cambios en su ambiente de una manera autnoma. Por ltimo,
reexin signica
que los agentes tienen que ser conscientes de sus capacidades y de sus creencias.
Siempre existir una disyuntiva entre dar mayor exibilidad y capacidad general a un
agente o asignarle la mayor potencia de ejecucin posible. El autor de este trabajo piensa
que una solucin podra ser una arquitectura en capas para conseguir un equilibrio entre
estas dos propiedades.
El mismo trabajo tambin presenta varios mecanismos que pueden mejorar la potencia
de clculo de un sistema.
Especializacin en modalidades, tanto para los sensores como inputs (dependiendo del
tipo de percepcin que producen) como para los outputs.
57
A partir del trabajo [DFL 97] podemos identicar varias propiedades que seran
deseables aparecieran en un formalismo para sistemas multi-agente:
Dotar de un lenguaje preciso y sin ambigedades para la especicacin de los
componentes del sistema y su comportamiento.
Tomar en consideracin las necesidades de aplicacin prctica de los agentes, siendo
capaz de expresar algunos o todos de los siguientes comportamientos: percepcin,
58
los agentes como los roles, semnticas de mensajes extendidas, protocolos parametrizados y
lneas de vida multi-hilo.
En CASL los autores combinan una teora de accin [Rei91] y estados mentales basados en
el
clculo situacional (situation calculus) [MH87] con ConGolog [dGLL00] que es un lenguaje
59
Dentro de el trabajo [DFL 97] tambin se presentan varios formalismos que han
sido utilizados comnmente para denir sistemas multi-agente. Entre estos formalismos se
encuentra el lenguaje de especicacin Z [Smi00] utilizado para especicar sistemas multiagente en [dL96]. Este lenguaje ha sido criticado por ser inapropiado para modelar las
interacciones entre agentes, lo cual puede ser solventado utilizando CSP [Ros98] para modelar
las estructuras de los protocolos de comunicacin.
Un enfoque similar es el adoptado en [HKGM00] donde se utiliza una variacin de Z
llamado Object-Z, que es una extensin de este lenguaje para soportar objetos y aqu
es utilizado para especicar los comportamientos de los agentes. Object-Z se combina
con statecharts [Har87] utilizado para especicar los aspectos reactivos del sistema. Este
trabajo propone un sistema basado en tres conceptos interrelacionados: rol, interaccin y
organizacin. Un rol es un comportamiento genrico, estos roles pueden relacionarse a travs
de patrones de interaccin y el conjunto de esos patrones de interaccin constituye una
organizacin.
Dentro tambin del trabajo [DFL 97] se pueden encontrar otros mtodos de especicacin como son las lgicas temporales, utilizadas para representar los aspectos dinmicos
de los agentes, combinadas con otros formalismos para especicar el estado cognitivo de los
agentes. Este es el enfoque de [FW97] en el que se describe el uso del lenguaje Concurrent METATEM. Este lenguaje esta basado en una lgica de primer orden aumentada con
operadores temporales, que gobierna el comportamiento reactivo de los agentes.
Uno de los mtodos ms utilizados a la hora de especicar los comportamientos de los
agentes es hacerlo a partir de algn tipo de lgica, bien modal o temporal. A continuacin
repasaremos algunos de estos trabajos.
En el trabajo [Sho93] se propone un marco computacional que promueve una visin
sociolgica de la computacin, en la que los agentes se combinan para realizar algn tipo de
clculo. Los agentes quedan denidos por su estado mental, el cual puede descomponerse en
creencias, decisiones, capacidades y obligaciones.
En este trabajo se adopta la lgica modal S5 [LL32] la cual tiene propiedades que incluyen
tanto su cierre tautolgico como la introspeccin positiva y negativa. La semntica adoptada
es la de los mundos posibles.
Se considera que las decisiones estn lgicamente restringidas, aunque no determinadas,
por las creencias del agente. Estas creencias se reeren al estado del mundo, al estado mental
de otros agentes y a las capacidades que le son propias y de otros agentes. Esta perspectiva
60
estas
construcciones
mantienen
un
cierto
conjunto
de
propiedades,
como
consistencia interna entre creencias y obligaciones, buena fe (un agente solo se propondr
hacer lo que se crea capaz de hacer), introspeccin (los agentes son conscientes de sus
obligaciones) y la persistencia del estado mental (los agentes tienen una memoria perfecta de
sus creencias y obligaciones, y solo dejan de creer algo si aprenden un hecho contradictorio
con ese algo).
El autor tambin analiza AGENT0, que es un lenguaje para denir sistemas multi-agente,
denir las categoras mentales de los agentes, y el tipo de comunicaciones entre agentes.
Otro enfoque que ha utilizado una formalizacin a partir de lgicas temporales es el
presentado en [RG91]. La arquitectura de
situacin.
Los eventos transforman una situacin en otra. Existe una distincin entre eventos primitivos,
que transforman el mundo a un punto adyacente en el rbol temporal, y eventos noprimitivos, compuestos de varios eventos primitivos, que pueden verse como una planicacin
y que transforman el mundo a un punto no-adyacente. Las ramas del rbol representan
diferentes opciones.
El formalismo distingue entre frmulas de estado (evaluadas a cada punto temporal en el
rbol) y frmulas de camino (evaluadas a lo largo del camino). Los autores usan CTL [ES89]
para representar las frmulas.
Un enfoque que mezcla el lenguaje Z con una lgica temporal es ForMAAD [HKRJ07].
En este trabajo se utiliza Z para denir las caractersticas funcionales y estructurales de
los agentes, mientras que la lgica temporal es utilizada para denir el carcter reactivo de
los mismos. Esta eleccin est motivada porque ambos mtodos cuentan con sistemas para
la vericacin de sus propiedades, tambin intentan con ello denir una metodologa para
la especicacin de los sistemas de agentes que permita ser derivada desde requerimientos
61
-calculus
[ER01] y el
-calculus
-calculus,
[Kin05].
calculus es una evolucin de CCS [Mil80, Mil89] a la que se le ha aadido capacidades que
permiten modelar la movilidad de los procesos. La mayor de estas modicaciones es el uso
de
nombres en vez de acciones simples, en los nombres se pueden codicar tanto mensajes,
-calculus.
Este lenguaje
conocimiento y en un conjunto de hechos, que podrn ser incluidos o desestimados por cada
agente. Tambin incorpora la nocin de
milieu y que sirve para agrupar procesos u otros milieu para alcanzar un objetivo
-calculus
creencia e intencin,
Agent oriented
programming [Sho93] (comentado en ms detalle en este captulo) para crear lo que llaman
Agent-oriented Coloured Petri nets.
En el trabajo [Cha04] se propone un formalismo que permite la modelizacin de sistemas
62
de propiedades como la de
En el trabajo [BM10]
para
disear sistemas multi-agentes. Este nuevo formalismo es una modicacin de las redes de
Petri en la que se incluyen los conceptos de agente, ambiente y restricciones para la ejecucin
de transiciones dependiendo de los agentes.
El trabajo [Lom00] propone un sistema de redes de Petri, en el que cada token puede
ser a su vez otra red de Petri. Esto permite tener cualquier nmero de niveles de redes de
Petri, en la que los objetos pueden tener su propia estructura y jerarqua, pudiendo aparecer,
evolucionar y desaparecer durante la ejecucin del sistema.
En el trabajo [HKW05] se propone la denicin de los agentes a travs del formalismo
de autmatas nitos temporales, de esta manera se pueden utilizar la herramienta UPPAAL
que permite realizar model checking y simulaciones. A partir de la denicin de agentes
en modelos temporales de autmatas, construyen un autmata de manera automtica
compuesto de todos los sub-autmatas para la derivacin automtica del cdigo.
En el trabajo [GP08] se utiliza el formalismo de los
autores reivindican que los diagramas de redes de inuencia proveen una representacin clara
y compacta con la que razonar sobre las creencias y los procesos de toma de decisiones de los
agentes. El formalismo de los
inuencia multi-agente propuesto en [KM01], el cual a su vez deriva de las redes bayesianas.
patrones de organizacin.
leyes de
introducen un formalismo basado en una lgica temporal para la especicacin de las leyes
de organizacin. Este enfoque utiliza trabajos anteriores, notablemente Gaia [WJK00], para
denir sistemas multi-agente en trminos de un modelo de roles. Se otorga un rol especco
63
a los agentes que ayuda a denir una estructura. La asignacin de un modelo de roles es til
para ciertas situaciones en las que se coopera entre agentes, pero para alcanzar un mayor
nivel de generalidad es ms til el uso de estructuras de organizacin (de una manera similar
a la de los catlogos de patrones que son ampliamente explotados en el diseo de sistemas
orientados a objetos [GHJV93]).
Puesto que los agentes normalmente trabajan en sistemas multi-agente con otros agentes
en conjunto, o unos contra otros para cumplir un objetivo, actan en una sociedad de agentes.
Por lo tanto, exhiben un comportamiento social, interactuando entre ellos. Si tenemos un
sistema abierto donde las metas de los agentes pueden entrar en conicto, necesitamos denir
una estructura social que permita que la meta global se alcanzace.
El uso de una metfora organizativa, puede mejorar tres aspectos de un sistema multiagente:
1. Ayudan a caracterizar el modelo de roles para un MAS.
2. Hacen al sistema menos complejo a la hora de manejarlo y disearlo.
3. Cuando se procura que un MAS funcione ayudando a una organizacin del mundo real,
reduce la brecha conceptual entre el sistema de software y la organizacin para la que
funciona.
El uso de estructuras organizativas sirve para agrupar a los agentes que forman un
elemento unicado y reutilizarlos en una estructura ms compleja en la que las organizaciones
y los agentes interactan a travs del intercambio de conocimiento o coordinando sus tareas
con otros agentes.
Las leyes organizativas ayudan a denir cuando un nuevo agente debera ser aceptado en
la organizacin, qu rol debera tener, qu comportamientos deberan ser permitidos dentro
de la organizacin y cules deberan ser prevenidos. Las estructuras organizativas funcionan
como una topologa de los posibles patrones de interaccin y el rgimen de control de las
actividades de la organizacin. Por ello, las estructuras organizativas deberan ser denidas en
primer lugar, dado que permiten denir los modelos de los roles. Los patrones organizativos
permitiran la reutilizacin de varios tipos de estructuras organizativas. Ello simplicara y
acelerara el trabajo de los diseadores y de los implementadores. La idea consiste en crear
un catlogo con las estructuras ms repetidas y ms tiles.
Las leyes organizativas especican relaciones y las posibles interacciones entre los
diferentes roles. Los autores utilizan una lgica temporal para denir estas leyes, ya que
dichas leyes son intrnsecamente temporales.
64
Finalmente, los autores denen las fases que requerira la completa denicin de un MAS
siguiendo un esquema organizativo. Estas fases son:
1. La denicin de la estructura organizativa, mediante la eleccin de la topologa
y
el
rgimen
de
control.
Ello
conlleva
considerar
la
eciencia
organizativa,
la
los
roles
preliminares
los
modelos
de
interaccin.
Para
ello
ser
65
inconveniente subyacente a estas tcnicas est relacionado con que la estrategia para la
resolucin de problemas que usan ha de ser predeterminada.
Como se deriva del trabajo [HL05] la jerarquizacin de los sistemas multi-agente es una
manera sencilla de organizar la toma de decisiones dentro de una sociedad de agentes, es
un sistema comn en todo tipo de sociedades y sirve para poder estructurar el sistema. Los
agentes se agrupan conceptualmente en una estructura de rbol, en la que los agentes ms
altos en la jerarqua tienen una interpretacin ms global del sistema. En algunos casos, como
en el trabajo [WDPK09], esta jerarquizacin proviene de la necesidad de tomar decisiones
globales en casos en los que los agentes son capaces de conocer solo parcialmente el sistema.
As, agentes con condicionantes similares son reunidos en grupos y en estos grupos la decisin
de los agentes de sntesis para alcanzar una decisin global. En otros casos la jerarquizacin
responde ms a un patrn de capacidades, en las que existen agentes que consumen menos
recursos, pero cuya capacidad para realizar tareas es limitada, y otros agentes ms generales
pero cuyo coste de activacin es mayor. En este ltimo tipo de esquemas se intenta activar
los agentes ms altos en la jerarqua el menor nmero de veces posibles, y solo usarlos cuando
las capacidades de otros agentes no alcancen para ejecutar la tarea requerida por el usuario
del sistema. El impacto de este tipo de arquitecturas se estudia en [OSS08]. En este trabajo
los autores observan que este tipo de estructura al pasar por varios niveles de competencia
incrementa el tiempo usado en completar algunas de las tareas debido a la latencia producida
por el necesario pase de mensajes para asignar las tareas a los agentes, pero mientras el
nmero de capas se mantenga por debajo de tres niveles sigue siendo beneciosa para el
desarrollo general del sistema.
Otro trabajo que propone un sistema para la jerarquizacin de agentes es [NVHV07]. En
l, los autores usan la
66
actividad situacionada, basado en la hiptesis de base fsica. Esta direccin establece que la
inteligencia emerge de la combinacin de una serie de agentes reactivos y situados (lo que
signica que solo funciona en agentes situados en el mundo real) que manejan diferentes
partes del comportamiento general de un macro-agente (en el caso de los experimentos
presentados en el trabajo, este macro-agente se corresponde con un robot).
Su tesis contra los enfoques simblicos es que estos dependen demasiado del campo
de aplicacin y no son capaces de adaptarse al ruido que existe en el mundo real. De igual
manera, este tipo de acercamientos han de enfrentarse al problema de que el equipamiento de
sensores es incapaz de proveer descripciones simblicas exactas de los objetos que constituyen
el mundo real. Tambin, el nmero de clculos necesarios para encontrar soluciones en
el espacio de bsqueda constituye un inconveniente para los planteamientos basados en
aproximaciones simblicas.
La hiptesis de base fsica se basa en la suposicin de que cada sistema necesita tener su
representacin en el mundo fsico. De esta forma, la conexin del sistema con sus sensores
y accionadores sobre el mundo real es el inters primordial de estos enfoques. Este tipo de
metodologa fuerza la construccin del sistema desde abajo hacia arriba, de forma que todo
tiene que ser respuestas concretas al ambiente.
Otro punto importante de este trabajo es la explicacin de las arquitecturas subsumidas.
Estas son una manera de programar al macro-agente basado en incrementos de capas,
donde cada capa conecta la percepcin a la accin, basadas en mquinas de estados nitos
aumentadas (AFSM).
67
macro-
agentes tienen como propsito ser una agrupacin funcional de uno o mas ordenadores interconectados a travs de una red local y dedicados a manejar los recursos locales. Entre estos
agentes se pueden distinguir: expedidores, jefes, supervisores, personal, maquinaria, manager
del stock, manager de los materiales de soporte y manager de adquisiciones. Tambin es
necesario disponer de un agente planicador y protocolos de negociacin que consideren los
costes de depreciacin, costes de operacin y benecios. Finalmente, los distintos agentes
sern capaces de formar coaliciones.
El mtodo ABSM (modelizacin y simulacin basada en agentes) se aplica a la
construccin
de
forma
independiente
en
combinacin
con
mtodos
de
simulacin
68
negociacin recursiva,
especcos.
En el trabajo [RAU03] se propone un uso de un sistema multi-agente para la negociacin
de reclamaciones dentro de la construccin. Los autores desarrollan el modelo MASCOT.
En este modelo se usa un protocolo de negociacin basado en el protocolo de concesin
monotonica (MCP de sus siglas en ingls
En cuanto a
las estrategias negociadoras los agentes toman decisiones basadas en el principio de que
maximicen simultneamente la utilidad personal y la del grupo.
Los autores del trabajo [RA04] realizan un recorrido por las aplicaciones que han tenido
los sistemas multi-agente en la construccin. En el se analizan diversas categoras a las que
han sido aplicados los MAS como parte del proceso de construccin tales como al diseo o a
la negociacin. El autor explica que el uso de MAS en la construccin puede ser el ms til
para esta industria dado que un MAS provee de un enfoque descentralizado para modelar los
problemas fragmentados que aparecen en la ingeniera o en la gerencia de la construccin.
Los sistemas multi-agente han sido utilizados para mejorar el ujo de trco en un solar
de construccion [KK10]. Los autores reivindican que dado el carcter dinmico del ujo de
camiones en un solar, el uso de un sistema multi-agente es el ms adecuado, puesto que
puede modicarse para ajustarse a la variabilidad del sistema. Los autores usan el sistema
multi-agente como un sistema de simulacin para predecir posibles problemas y desarrollar
un proceso constructivo eciente en trminos de coste y tiempo.
Captulo 6
edad
seleccionados para morir sino que tienen rangos de edad y una edad mxima y adems,
solo se permite el cruce de los habitantes que tengan una edad media. La idea sera ver si
69
70
esto permite al algoritmo no saltarse el mximo durante las primeras etapas de la bsqueda,
ya que la mezcla de los individuos produce saltos en su posicin dentro del paisaje heurstico
y eliminar este cruce en las primeras etapas de la bsqueda permitira obtener cromosomas
ms sencillos y coherentes. Otra de las ventajas de esta ampliacin podra ser una vez ms
reforzar el hecho de que se evite caer en mximos locales ya que los individuos viejos no
tendran la posibilidad de reproducirse. Esta modicacin ha sido estudiada en [LEK05].
Una modicacin ms que podra estudiarse, consiste en utilizar que se hayan denido
edades en los individuos para permitir implementar algn tipo de aprendizaje transmitido
desde los individuos de mayor edad a los jvenes. Para realizar esta modicacin, la idea
sera que los individuos demasiado mayores como para reproducirse estudiaran la secuencia
adaptativa que han creado y marcaran en el grafo de la mquina los caminos que les han
llevado un mayor nmero de veces a alcanzar el estado objetivo, de esta manera (similar a lo
que hace ACO al depositar la feromona) los individuos ms jvenes mutaran eligiendo con
una cierta probabilidad las ramas que han resultado ms efectivas en pocas anteriores. Al
ser el grafo marcado por todos los individuos, se conseguira de manera estadstica calibrar la
bondad de cada transicin del grafo. Por supuesto, para evitar que toda la poblacin examine
las mismas transiciones, habra que fomentar algn elemento de rebelda en una buena parte
de la poblacin joven, de manera que exploraran sin escuchar a los mayores y buscaran por
nuevas zonas del grafo, tambin ser necesario que el aprendizaje se olvide, para evitar que
una solucin gobierne a las dems durante demasiadas generaciones.
En la segunda parte de esta tesis hemos podido observar cmo la denicin de un sistema
de agentes a partir de un enfoque formal facilita el desarrollo del mismo, a la par que
constituye el ncleo de su funcionamiento. El lenguaje formal de las redes de Petri ha sido
usado para describir el funcionamiento de un agente, permitiendo la paralelizazin de sus
tareas. El formalismo original de las redes de Petri fue en este caso extendido para permitir
manejar tiempo, se aadi una estructura similar a las de las redes jerrquicas (en la cul
algunos arcos representan a su vez otras redes de Petri) y adems las transiciones realizan
tareas de manera similar a lo que hacen las funciones en el formalismo de las Stream-XMachines. La manera automatizada en la que se construyen las redes de Petri, asegura que
la paralelizacin de las tareas no produce problemas a la hora de sincronizar esas tareas
para realizar una nueva transicin que necesita que todas las tareas paralelizadas hayan
terminado.
Puesto que entendemos que los usuarios de nuestra metodologa no necesitan comprender
el formalismo que la dirige, hemos implementado una herramienta que permite una sencilla
71
comparacin
con
otras
herramientas
similares
como
Stroboscope
Simulation
Environment (
ventaja principal dado que el propio sistema se encarga de planicar la activacin de los
agentes, eliminando la necesidad de insertar manualmente agentes de gran complejidad para
la realizacin de tareas complejas. En nuestra metodologa esto se realiza a travs del anlisis
de la transformacin de los recursos que cada agente efecta, utilizando estos como pre/post
condiciones que permiten el encadenamiento o paralelizacin de los mismos.
Nuestro enfoque permite modelar sistemas que se expandirn con cada uso. Para realizar
esto basta con reincorporar al sistema actual agentes que ya fueron diseados para su reutilizacin.
Hemos presentado este formalismo en dos conferencias [AMN08d, AMN09a], un captulo
de un libro [MAN10], y una revista indexada en JCR [MN11]. Ha sido el trabajo en
los primeros artculos lo que nos permiti darnos cuenta de ciertos detalles que de ser
resueltos permitiran una metodologa mas completa y exible. Ello llev a la sustitucin
de un formalismo inicial basado en mquinas de estados nitos por redes de Petri, y a la
automatizacin de la creacin del rbol de clulas. El uso de las redes de Petri ha sido
un gran avance en relacin con los trabajos iniciales, dado que ha aadido la posibilidad
de paralelizar las tareas. Esto no solo permite acortar los tiempos de ejecucin, sino que
incluso, en algunos casos, permite que aoren nuevos comportamientos. Adems, la creacin
automtica del rbol de clulas permite mantener un orden, una estructura conceptual a
travs de las clulas, que hace ms sencillo comprender el sistema a la persona que lo esta
deniendo y que a su vez permite que la transmisin de los mensajes pueda realizarse por
sub-rboles en lugar de mediante el recorrido del rbol completo.
Conviene repasar en estas conclusiones cmo se posiciona el trabajo realizado en esta
tesis con respecto al trabajo relacionado presentado en los captulos 3, 4 y 5. Uno de
los referentes ms claros de este trabajo en su parte del formalismo para la denicin
de sistemas multi-agentes es [Lom00]. El formalismo presentado en este artculo combina
generalidad con potencia de clculo pero es, en cambio, farragoso y complejo de utilizar
por la complejidad para entender los distintos niveles de redes anidadas, el formalismo en
s y porque su utilizacin conlleva la necesidad de denir de manera extensiva todos los
72
detalles de los agentes. En cambio, nuestro sistema automatiza la creacin de los agentes
planicadores construyndose a base de primitivas, lo que disminuye notablemente el tiempo
de especicacin. Otra mejora con respecto a este formalismo es de ndole prctica ya que, al
proporcionar una implementacin para la especicacin de sistemas, un usuario no experto
en formalismos matemticos puede acceder a su uso. Por tanto, y a pesar de que quizs
el formalismo propuesto adolece de una menor capacidad expresiva que el de Lomozova,
nuestro marco de trabajo proporciona una serie de ventajas para su uso. Quizs sea el
enfoque pragmtico lo que pueda atraer a un usuario a la hora de utilizar esta metodologa,
ya que el mismo sistema de especicacin, al estar implementado y ser ejecutable, se convierte
en un pequeo lenguaje de programacin permitiendo ejecutar los agentes y comprobar la
modicacin de los recursos. Este lenguaje de programacin, al ser de un nivel alto, no
puede competir ni en exibilidad ni en velocidad con un cdigo desarrollado ex-profeso
en otros lenguajes, pero permite a los usuarios inexpertos calcular de una manera simple
transformaciones de recursos. Ello es, por tanto, una ventaja y una desventaja respecto
a mtodos de especicacin basados, por ejemplo, en el lenguaje Z ya que estos mtodos
permiten denir muy claramente y con una gran exibilidad agentes que realizan tareas
complejas, pero no permiten su ejecucin, conllevando el trabajo aadido de implementarlo
en un lenguaje de programacin al uso.
En el estudio de cmo poder crear conjuntos de tests para mquinas de estados nitos,
no son muchos los trabajos relacionados existentes, puesto que el testing de caja negra ha
recibido poca atencin por parte de la comunidad que trabaja con mtodos evolutivos. De
de rama, mientras que nuestro enfoque, al utilizar mutantes, deriva en que el sistema en
vez de intentar asegurar cobertura de todas las ramas se focalice all donde los errores son
ms comunes. Tambin es destacable la modicacin de las fases del algoritmo gentico que
nos permite simultneamente buscar la generalidad y la especializacin en el anlisis de los
errores del sistema.
En relacin a la creacin de secuencias adaptativas, al tratarse de un tema indito es
imposible establecer relacin alguna en el contexto del estado del arte.
Existen varias limitaciones a nuestra metodologa que habrn de ser solventadas como
trabajo futuro. Una de las posibles modicaciones consiste en conseguir que los agentes sean
73
En conclusin, pensamos que se ha dado respuesta a los problemas planteados como punto
de partida de esta tesis, mencionados en la discusin integradora. A saber, la intencin de
proveer de un formalismo ms amigable para el usuario nal para la creacin de sistemas
multi-agentes queda solventada en los artculos [AMN08d, AMN09a, MAN10, MN11] en
donde se dene dicho formalismo, acompaado de una herramienta para la creacin de
sistemas multi-agentes, que tanto por la automatizacin de ciertas tareas como por la propia
existencia de una herramienta grca para la denicin de los agentes, facilita la utilizacin
por parte del usuario nal. Otro problema planteado, el de conseguir reducir la cantidad de
test necesarios para para comprobar una mquina de estados nitos, se trata en el artculo
[MNA09], donde se presenta un planteamiento basado en el uso de algoritmos genticos
y testing de mutantes para comprobar la ecacia, y por tanto la utilidad de los tests,
seleccionando aquellos que ms mutantes distinguen. El tercer problema planteado que trata
sobre la forma de crear secuencias adaptativas para alcanzar un estado en una mquina
de estados nitos no determinista se trata en [MNH11a, MNH11b, MNH11c] en los que se
aplican los algoritmos genticos para la creacin de dichas secuencias.
74
Captulo 7
age
extension of the genetic algorithm, in which the individuals are not selected
to die but instead they have age ranges and a maximal age, and also it is only allowed
the reproduction of the middle-aged individuals. The idea is that this allows the algorithm
to not skip the maximum during the rst steps of the search, since the crossing of the
individuals produces jumps in its position in the heuristic landscape and, therefore, removing
75
76
the reproduction operator during the rst stages of the search allows the algorithm to obtain
simpler chromosomes. Another advantage could be to avoid falling into local maxima since
older individuals do not have the possibility of reproducing. This modication has been
studied in [LEK05].
Another possible modication is derived from the fact that individuals have age to allow
us to implement some type of learning algorithm. To achieve this modication, the older
individuals will analyze the paths that led them with a greater success to the searched state
and they will mark those paths in the graph (similarly to what ants do when depositing
its pheromone), the younger individuals will mutate choosing with a certain probability the
branches that were more successful in earlier stages. Since the graph will be marked by
every individual, it will statistically equilibrate the goodness of each transition in the graph.
Nevertheless, to avoid that the whole population examines the same transitions, we will
need to add a rebelliousness component in some of the younger individuals in order for them
to explore other parts of the graph. It will also be important to forget the accumulated
knowledge over time in order to avoid that a solution rules over the rest during too much
generations.
In this thesis we were able to observe how the denition of a multi-agent system with
a graphical formal language facilitates its development at the same time that it constitutes
the core of its behavior. The formal language of Petri nets have been used to describe
the functioning of an agent allowing the parallelization of its tasks. The original formalism
of Petri nets has been extended to manage time and we also added a structure similar to
hierarchical networks (in which some arcs represent other Petri nets) and also the transitions
work in a similar way to functions in Stream-X-machines. The automated manner in which
Petri nets are constructed assures that the parallelization of the tasks does not produce
problems when synchronizing those tasks in a new transition that needs other tasks to be
nished.
Since we understand that a user of our methodology does not need to understand the
formalism beneath it, we have implemented a tool that allows a simple denition of the
agents from the transformation of resources that they accomplish. Therefore, a user of our
methodology does not have to worry about the formal details and can concentrate in dening
the agents that form the system.
In comparison with other implemented tools like Stroboscope Simulation Environment
it is that the system is in charge of planning the activation of the agents, removing the need
77
to manually insert agents of great complexity. In our methodology this is achieved through
the analysis of the transformation of resources that each agent accomplishes, using those as
pre/post conditions that allow the chaining or parallelization of the tasks.
Our approach allows to model systems that will be expanded with each use. To achieve
this it suces to reincorporate agents that were designed in a previous system.
We have presented this formalism in two conferences [AMN08c, AMN09b] a chapter of
a book [MAN10] and a journal indexed in JCR [MN11]. It has been the work in those rst
articles what allowed us to realize certain details that, if solved, would provide us with a
more exible and complete approach. This led to the substitution of the original formalism,
based in nite state machines, for the formalism of the Petri nets, and also led to automating
the creation of the cell tree. The use of Petri nets has been a great advance with respect
to the earlier works, since it added the possibility of parallelization of the tasks. This not
only allows to shorten execution times, but also allows new behaviors to emerge. Also, the
automated creation of the cell tree allows to keep an order, a conceptual structure through
the cells, which in turn, simplies the understanding of the system at the same time that it
allows the messages to ow through a subtree instead of having to be sent to the whole tree.
It is important to review how our work is positioned in comparison to the related work
presented in chapters 3, 4 y 5. One of the clearer references to our work in relationship to
the multi-agent system denition is that of [Lom00]. The formalism presented in that paper
combines generality with computing power but, it is dense and complex to use because of
the complexity to understand the dierent levels of nested machines and because it implies
the necessity of dening, in an extensive manner, all the details of the agents. Instead,
our approach automates the creation of the planning agents that are constructed through
primitives, which diminishes notably the specication time. Another improvement regarding
the formalism is of practical nature, a non-expert user can access and use our methodology
in a simple manner just by using the implemented tool. Therefore, and even though our
formalism has less expressive power than the one from Lomozova, our framework provides
a series of advantages for its use. Maybe it is the pragmatic approach that can attract
users when selecting our methodology, since its implementation is executable which makes
it a small programming language allowing to check the modication of resources that they
accomplish. This programming language is a high level one and, therefore, it can not compete
in exibility or in speed with a code developed in other languages. That is, an advantage
and simultaneously a disadvantage compared with other specication methods based, by
example, in the Z language since these methods allow a very clear and exible denition
78
of the agents, but they do not allow its execution having to implement it later on in a
programming language.
Considering the study of how to create test suites for nite state machines, there does
not exist a lot of related work because black box testing is a topic that has received little
attention by the evolutionary community. Actually, in one of the main works in the eld
[LI08] it is mentioned:
an heuristic based in branch distances, while our approach uses mutants which derives in
that the system instead of trying to assure branch coverage has a greater focus there where
the errors are more likely to appear. It is also to note that the modication of the phases of
the genetic algorithm allows us to simultaneously search for a wide set of mistakes and to
specialize in detecting the dierent mistakes that can be present in a system.
In relation to the creation of adaptive sequences, since it is an unprecedented approach,
it is impossible to establish any relationship in the context of the state of the art.
There exist several limitations to our methodology that will have to be solved in future
work. One of the possible modications that could be attained is that agents are capable
not only to solve symbolic tasks (simulated through the transformation of virtual resources)
but also have the possibility of executing actual code, in a way that it allows us to model a
software system through our methodology. To achieve this, we will also need to extend the
formalism introducing variables and conditions over those variables and that the creation of
the Petri nets allows the formation of loops.
In conclusion, we think that we have given response to the problems stated as a starting
point of this thesis. That is, the intention of providing with a friendlier formalism for the
creation of multi-agent systems is solved in [AMN08c, AMN09b, MAN10, MN11] where the
formalism is dened, and the implemented tool is presented. This tool aids through the
automation of the tasks and the graphical interface, the construction of multi-agent systems.
Another of the stated problems is the one of reducing the quantity of tests needed to test
a nite state machine. This is studied in [MNA09] where we present an approach based
in the use of genetic algorithms and mutation testing to select those tests that kill the
highest number of mutants. The third problem tackled is to nd ways to create adaptive
sequences that allow to reach a state in a non-deterministic machine in a univocal manner.
This problem is treated in [MNH11a, MNH11b, MNH11c] where we apply genetic algorithms
for the creation of these sequences.
Apndice A
Lenguajes formales
A.1. Introduccin
El uso de lenguajes formales constituye la base para todo mtodo formal y dado que nos
permiten denir de una manera metdica cualquier tipo de proceso con el que tengamos
que enfrentarnos. Su uso permite la comprobacin de una serie de caractersticas tiles a la
hora de estudiar el comportamiento de sistemas a la vez que facilita la tarea de asegurar que
cumple ciertas propiedades. Estos lenguajes tambin nos permitirn, en general, eliminar la
ambigedad propia del lenguaje natural.
Un lenguaje se forma a partir de una sintaxis que representa los elementos del lenguaje y
una o varias
semnticas que sirven para dar signicado a los trminos sintcticos. Se dice que
un lenguaje es reconocido por autmatas, si existe un autmata de una clase especca que
es capaz de generar este lenguaje. Chomsky [Cho56] realiza una clasicacin de los lenguajes
formales segn su potencia descriptiva:
Los lenguajes formales tal y como son entendidos y usados en esta tesis derivan su
importancia de su aplicacin para la construccin de representaciones formales de sistemas,
79
80
-calculus
de las ms comunes y de la que han derivado muchas otras. Las siguientes deniciones son
extradas del libro [AILS07].
.P
Donde:
K
iI
Pi
P |P
P [f ]
P \L
por el proceso P .
A. Lenguajes formales
81
es un conjunto de ndices.
P |Q
iI
Pi
f : Act Act es una funcin para modicar el nombre de las acciones. Estas funciones
al que se le impiden
P1 + P2 =
.P
P
Pj0
Pj
P
iI
Pj0
Pi
, donde
jI
P
P 0
P |Q
P 0 |Q
Q
Q0
P |Q
P |Q0
a
P
P 0 ,Q Q0
P |Q
P |Q0
P
P 0 , donde
P \L
P 0 \L
,
6 L
P
P 0
f ()
P [f ]
P 0 [f ]
P
P 0 donde
K
P 0
Donde
Act
K =def P
a L.
Denicin A.2 Un LTS (labeled transition system) se dene formalmente como una tupla
82
Proc
Act
es un conjunto de acciones.
Denicin A.3 Una mquina de estados nitos (F SM de sus siglas en ingls) es una tupla
(S, I, O, , , s0 ) donde:
S
es un conjunto de estados.
es un conjunto de inputs.
es un conjunto de outputs.
:SI S
:SI O
es la funcin de output.
s0 S
es el estado inicial.
Denicin A.4 Una mquina de estados nitos no determinista es una tupla (S, I, O, T r, s0 )
donde:
S
es un conjunto de estados.
es un conjunto de inputs.
es un conjunto de outputs.
A. Lenguajes formales
83
s0 S
es el estado inicial.
observables,
en
las que a pesar de que un mismo input pueda llevarnos a varios estados distintos siempre
podemos ver un output diferente y las
no observables,
tanto saber el estado al que hemos avanzado es imposible. Toda mquina de estados nitos
no determinista puede transformarse a una no determinista observable equivalente a costa
de aumentar el nmero de estados.
Las
ujo de control. Para ello utilizan condiciones y transformaciones de las variables del sistema
que se incluirn en las transiciones. Estas mquinas complican algunas tareas, haciendo
incluso muy difcil computacionalmente determinar si existen caminos que no son factibles.
Denicin A.5 Una mquina de estados nitos extendida (EF SM de sus siglas en ingls)
es una tupla (S, I, O, V, T r, s0 ) donde:
S
es un conjunto de estados.
es un conjunto de inputs.
es un conjunto de outputs.
es un conjunto de variables.
Tr
s0 S
es el estado inicial.
Para modelar sistemas distribuidos es corriente utilizar una variante de las FSMs donde se
usa una particin del conjunto de inputs y tuplas de outputs. En general, para simplicar las
deniciones se suele suponer que el sistema distribuido puede abstraerse a estar compuesto
de dos interfaces principales,
L,
Denicin A.6 Una mquina de estados distribuida es una tupla (S, I, O, , , s0 ), donde:
S
84
I = IU IL ,
s0 S
es el estado inicial.
de las mquinas de estados nitos extendidas. Estas mquinas permiten una estricta
separacin,
por
tanto
una
correcta
representacin,
entre
el
ujo
de
control
el
procesamiento. Han sido muy utilizadas en testing porque pueden representar sistemas
complejos y permiten generar conjuntos de tests de una manera sencilla.
Denicin A.7 Una Stream X-Machine es una tupla (S, M em, I, O, , , s0 , m0 ) donde:
S
M em
: S P(S)
s0 S
es el estado inicial.
A. Lenguajes formales
m0 M em
85
es un alfabeto nito.
:SS
es la funcin de transicin.
s0 S
es el estado inicial.
F S
es un alfabeto nito.
: S P(S)
es la funcin de transicin.
S0 S
F S
Los autmatas de Bchi no deterministas tienen mayor poder expresivo que los deterministas,
esto es, no se puede transformar de manera general cualquier automata no determinista de
Bchi a uno determinista que acepte el mismo lenguaje.
es un conjunto de estados.
86
es el alfabeto de la pila.
: S ( {}) P(S )
es la funcin de transicin.
s0 S
es el estado inicial.
F S
La funcin de transicin parte del estado actual, toma un smbolo del input (que puede ser
la cadena vaca) y el smbolo que se encuentra en la parte superior de la pila, y elige uno
de los estados disponibles a los que se puede llegar con esa combinacin, elimina el smbolo
superior de la pila, y aade una cadena de smbolos (que puede ser vaca) a la pila.
es un conjunto de estados.
s0 S
b
es el estado inicial.
F S
A. Lenguajes formales
87
redes de Petri son as llamadas en honor a su inventor: Carl Adam Petri. De manera
general, las redes de Petri son un modelo matemtico que permite expresar concurrencia
entre procesos.
Denicin A.11 Una red de Petri se puede denir como una tupla (S, T r, W, M0 ), donde:
S
es un conjunto de lugares.
es un conjunto de transiciones.
Tr
M0
88
arcos inhibidores, que son arcos tales que si existe un token en su lugar de
salida, evitan que la transicin a la que estn conectados se dispare. En este ltimo caso las
correspondientes redes de Petri son Turing-completas.
Bibliografa
[AC07]
2007.
[ACY95]
R.
Alur,
C.
Courcoubetis,
and
M.
Yannakakis.
In
Distinguishing
tests
for
and Applications, AICCSA '10, pages 17. IEEE Computer Society, 2010.
[AILS07]
Reactive Systems,
pages 118123.
C.
sive
Andrs,
testing
M.G.
of
Merayo,
timed
and
M.
systems.
Nez.
Available
Pasat:
http://kimba.mat.ucm.es/manolo/papers/atva08-passive-extended.pdf,
2008.
[AMN08c]
[AMN08d]
Bibliografa
90
Press, 2008.
[AMN09a]
In
A hierarchical methodology to
In
pages 195196.
P.M.S. Bueno and M. Jino. Automatic test data generation for program paths
using genetic algorithms. In
[BM10]
software
systems.
[Boe81]
B.W. Boehm.
[Bra87]
M.E. Bratman.
[Bro90]
1987.
Bibliografa
[Bru91]
91
J.C. Brustoloni.
Technical
CMU-CS-91-204,
Report
School
of
Computer
Science,
Carnegie
Process Algebra.
Cambridge Tracts in
Computers and
[CDG09]
[Cha04]
pages
Information Theory,
T.S. Chow.
IEEE
Articial
Calculateurs Paralleles,
10, 1998.
[CS94]
Computing, 1994.
[CW09]
In
Test data
Int. Conf. on
Software Engineering Advances, 2007. ICSEA 2007, page 47, aug. 2007.
Bibliografa
92
[Der06]
[DFL 97]
K. Derderian.
Knowledge Engineering
Congolog, a concurrent
Articial Intelligence,
121:109169, 2000.
[DHHG06]
Automated Unique
Computer
Automated Software
In
12th
[DMC96]
Aiding test
M. Dorigo.
PhD thesis,
Bibliografa
[DSI 11]
93
Test data
2nd International
Conference on Software Engineering and Computer Systems (ICSECS'11) (to
be published), 2011.
generation for event-b models using genetic algorithms.
[ELL01]
In
S. Edelkamp, A.L. Lafuente, and S. Leue. Directed explicit model checking with
hsf-spin.
In
[FBK 91]
Workshop
on Linear Time, Branching Time and Partial Order in Logics and Models for
Concurrency, LNCS 354, pages 123172. Springer, 1989.
1996.
[FOSG97]
[FSGSS11]
In
Formal methods
6:3765, 1997.
[GHHD07]
Bibliografa
94
[GHJV93]
In
P. Godefroid and S. Khurshid. Exploring very large state spaces using genetic
algorithms.
[Gol89]
D.E. Goldberg.
Learning.
[GP08]
Addison-Wesley, 1989.
Journal of Articial
D. Harel.
Science of
R.M. Hierons.
53(10):13301342,
2004.
[HKGM00] V. Hilaire, A. Koukam, P. Gruer, and J.P. Mller.
prototyping of multi-agent systems.
In
Societies in the Agent World, ESAW '00, pages 114127. Springer, 2000.
[HKRJ07]
2007.
[HKW05]
Bibliografa
[HL05]
95
C.A.R. Hoare.
Communications of the
[Hoa85]
C.A.R. Hoare.
[How99]
G.A. Howel. White paper for berkeley/stanford ce&m research workshop, 1999.
www.ce.berkeley.edu/tommelein/CEMworkshop/Howell.pdf.
[HU08]
R.M. Hierons and H. Ural. The eect of the distributed test architecture on the
power of testing.
[Ipa06]
F.
Ipate.
Bounded
machiness. In
sequence
testing
from
non-deterministic
nite
state
N.R. Jennings.
Articial Intelligence,
117:277296, 2000.
[JSE96]
B.F. Jones, H.-H. Sthamer, and D.E. Eyres. Automatic structural testing using
genetic algorithms.
[KE95]
[KHS09]
Optimization by simulated
A. Kalaji, R.M. Hierons, and S. Swift. Generating feasible transition paths for
testing from an extended nite state machine (EFSM).
In
Applicable Algebra in
Bibliografa
96
[KK10]
2010.
[KM01]
[Kon04]
B. Korel.
IEEE Transactions on
[LEK05]
2005.
[LI07]
[LI08]
In
pages 525
528, 2008.
[LL32]
[LO09]
Symbolic Logic.
Automation in Construction,
18(4):499511,
2009.
[Lom00]
I.A. Lomazova. Nested Petri Nets - a formalism for specication and verication
of multi-agent distributed systems.
2000.
[MA05]
Bibliografa
[Mae89]
97
P. McMinn.
Software
P. McMinn.
paper). In
of articial intelligence.
1987.
[Mil80]
R. Milner.
[Mil89]
R. Milner.
[Mil99]
R. Milner.
Springer, 1980.
Cambridge
T.
Miyamoto
and
S.
Kumagai.
survey
of
object-oriented
petri
nets
[MMS01]
2001.
[MN11]
[MNA09]
In
IEEE
Bibliografa
98
Press, 2011.
[MNH11b]
[Mol09]
[MS76]
18th Int. Conf. on Application and Theory of Petri Nets, pages 82101. Springer,
1997.
3rd
Int. Conf. on Knowledge Based Intelligent Information Engineering Systems,
KES'99, pages 8892, 1999.
[NP99]
In
[NVHV07]
7th
In
[PGGS08]
2008.
Bibliografa
[PGGZ94]
99
[PYB96]
Testing deterministic
9th IFIP
pages 125140.
Z. Ren and C.J. Anumba. Multi-agent systems in construction: State of the art
and prospects.
[RAU03]
R.
Reiter.
A.S.
Rao
and
Architecture.
+
[RMB 95]
M.
Roper,
M.P.
George.
Maclean,
A.
Brooks,
J.
Miller,
and
M.
Wood.
Genetic
algorithms and the automatic generation of test data, 1995. Technical report
RR/95/195[efOcs-19-95].
[RN95]
Prentice-
Bibliografa
100
[Ros98]
A.W. Roscoe.
[RR09]
In
pages
Computer
In
Articial Intelligence,
60(1):5192,
1993.
[SL01]
[Smi00]
G. Smith.
[SSK11]
2000.
In
Bibliografa
[ST05]
101
J. Tretmans. Conformance testing with labelled transition systems: Implementation relations and test generation.
29:4979, 1996.
[WC01]
2009.
[WJ95]
The
M. Wooldridge, N. R. Jennings, and D. Kinny. The Gaia methodology for agentoriented analysis and design.
In
Evolutionary functional
D. Whitley, S. Rana, and R.B. Heckendorn. The island model genetic algorithm:
On separability, population size and convergence.
[XLH 10]
Z. Xiao, T. Li, M. Huang, J. Shi, J. Yang, J. Yu, and W. Wu. Hierarchical MAS
based control strategy for microgrid.
[Yan98]
X. Yang.
Glamorgan, 1998.
[Zhu03]
Bibliografa
102
[ZJW01]
Organisational rules as
Journal of
Relacin de publicaciones
A Formal Methodology to Specify Hierarchical
Agent-Based Systems. En 4th Int. Conf. on Signal-Image Technology & Internet-based
Systems, SITIS'08, pginas 169-176. IEEE Computer Society Press, 2008.
A Formal Methodology to Specify Hierarchical AgentWeb-Based Information Technologies and Distributed Systems,
Based Systems.
En
2011.
C.
Planning of Work Schedules Through the Use of a Hierarchical Multi-Agent System. En la revista Automation in Construction, DOI:
Molinero
M.
Nez.
10.1016/j.autcon.2011.05.006, 2011.
2008 IEEE International Conference on Signal Image Technology and Internet Based Systems
Abstract
preferences of the corresponding user. In this line, the concept of utility function is very useful. Essentially, a utility
function returns a real number for each possible basket of
goods: The bigger this number is, the happier the owner
is with this basket. Intuitively, agents should appropriately
simulate the systems that they are representing by considering the utility function that would establish the expected
behavior (see e.g. [25, 7, 6, 14, 19, 12]). In fact, there exist several proposals showing how agents can be trained to
learn the preferences of users (see e.g. [2, 6, 26]). Besides, a
formal denition of the preferences of the user provides the
agent with some negotiation capacity when interacting with
other agents [13, 26, 17]. Let us remark that, in most cases,
utility functions take a very simple form. For instance, they
may indicate that an agent A is willing to exchange the item
a by the items b and c.
Even though there are general purpose formalisms to formally describe complex concurrent systems (such as process algebras [11, 21, 3] or Petri Nets [4, 5]) they are not
suitable to describe agents since these languages and notations do not provide specic operators to deal with the
inherent characteristics of agents. However, there has been
already several studies to formally describe the use of intelligent electronic agents that are nested into one another
(see, for example, [15, 16] for two approaches based on
Petri Nets and automata, [22, 23] for approaches based on
process algebras, and [24, 20] for approaches based on nite
state machines). Most of these approaches have been created in favor of comprehensibility. Therefore they facilitate
to derive and apprehend new properties.
Even though there are already several formal approaches
to describe the systems that we are interested in, our experience shows that there is a need for another viewpoint to
confront this problem. If we try to incorporate the base of
facts to a system, there will always be a lack of capacity
to implement every possible structure of the agent, every
different solution to the same problem, and every combination of small pieces that constitute a complex problem. This
is the reason why we think that there is a need for a new
In this paper we introduce a formal framework to specify agent-based systems where each agent is specialized in
a single task that will be fullled by making calls to other
simpler agents. In other words, we are interested in systems
that can perform a task by subdividing it in easier tasks
and by using the knowledge about each agent already introduced in the system. The idea is to prefabricate a basic
structure that can be reused by either changing the main
goal or by adding several different specialized agents.
The main characteristic of our methodology is that each
complex agent contains a schematic denition of other
agents. Each agent is thus able to retain and produce certain information, such as the time needed to accomplish a
certain task, taking into account a given set of agents and
resources. This allows to quickly produce information regarding the necessities in resources and derive the demands
to other subsystems.
In order to increase the applicability of our approach,
we have fully implemented a tool that allows us to graphically specify complex systems. In addition, the tool allows
us to simulate the behavior of the specied systems so that
some interesting properties, such as starvation and maximal
progress, can be studied.
1 Introduction
The representation and study of communities where intelligent (electronic) agents replace their (human) owners is
a topic that has attracted a lot of interest. In particular, there
is ongoing research in technologies able to model users by
means of agents which autonomously perform electronic
transactions (see [9] for a survey on the topic). In order
to increase the power of these agents they must know the
Research partially supported by the Spanish MEC project WEST/FAST (TIN2006-15578-C02-01) and the Marie Curie project TAROT
(MRTN-CT-2003-505121).
169
2 Preliminaries
framework to formally dene the class of systems previously described. We believe it is easier and more feasible to
incorporate bits of knowledge by having the system recomposing this information into complex tasks. This approach
simplies at least two aspects. First, it helps to ensure the
completion of the base of facts. Second, it allows to relocate
the different agents, due to its modularity, so that they can
be spread over a network to parallelize some of the tasks.
TYPE
1
2
3
4
5
6
7
CONTENT
Information
Negotiation
Proposal message
Acceptance message
Hiring message
Job started message
Job nished message
s0
transin
2
s1
transin
1
transin
3
sf
In this section we present our formal language to specify complete systems as well as all the agents taking part in
them. The main idea consists in having a world that is composed of communication cellules. These components will
be interconnected in a hierarchical way, that is, the main
communication cellule will hold the main agent while each
of the next communication cellules will hold simpler agents.
This process is iterated until we reach the last level that will
hold only atomic agents.
We will make a distinction between generic agents, that
is, agents fullling a complex task (which will be done by
calling other agents) and atomic agents, which are basic
agents in charge of executing simple tasks. This distinction
is merely represented as a different set of variables taken
from the same general denition of an agent. Agents will
send messages using communication cellules. These cellules will forward these messages to other cellules that will
broadcast them to the agents under their control, until the
nal atomic agent is reached. Then, an atomic portion of
the global goal will be produced through the transformation
of resources that this atomic agent performs.
Each agent will have a different utility function, as dened in the previous section, depending on the utility that
each of the resources represent for the specic agent. This
function will take into account different combinations of resources to decide which task should be performed.
We will start by dening the simpler element in the system, the agents, and scale up in complexity to dene the
complete system.
Given a conguration M
=
(s, V, ib, ob)
and another one M
= (s , V , ib , ob ) belonging to a second agent, an external transition
(m, oborigin , ibdestination ) Tex will modify the
congurations to M = (s, V, ib, Remove(ob, m)) and
M = (s , V , Concat(m, ib ), ob ).
Denition 5 A communication
(l, A, ib, ob), where
cellule
is
tuple
172
transex
ia3 agent
3
agent1
4 The A\ tool
transex
oa3
transex
ia1
buf f ers
transex
oa1
transex
ia2
agent2
transex
oa2
transex
12
C1
transex
23
C2
transex
21
C3
transex
32
Figure 3. World.
173
NAME
LEVEL
INITIAL
RESOURCES
GOAL
agent1
agent2
1
1
s1
s1
(410, 290)
(370, 340)
s6
s6
agent3
agent4
agent5
agent6
agent7
agent8
agent9
agent10
2
2
2
2
2
2
2
2
s1
s1
s1
s2
s2
s2
s3
s4
(175, 151)
(220, 241)
(312, 287)
(149, 150)
(224, 159)
(220, 176)
(231, 148)
(149, 101)
s3
s4
s5
s4
s5
s6
s6
s6
agent11
agent12
agent13
agent14
agent15
3
3
3
3
3
s1
s2
s3
s4
s5
(70, 100)
(75, 50)
(72, 68)
(72, 35)
(72, 43)
s2
s3
s4
s5
s6
Figure 7. Phase 2 in A\
Figure 5. Phase 1 in A\
s1
s1
s2
s3
s4
s5
s6
t12
s2
t23
s3
t34
s4
t45
s5
t56
s6
:money.
:money+land.
:money+land+plan.
:money+land+plan+construction materials.
:money+land+plan+construction materials+worker.
:money+land+plan+construction materials+worker+house.
174
Figure 8. Phase 3 in A\
First, agent1 has all the possible paths to achieve its goal
already displayed in front of him. By applying its utility
function, as an example = 3 money + 1/time which
will give for path agent3 +agent9 a value of 1218.00 and for
the other path (agent4 +agent10 ) a value of 1107.00, therefore this agent decides that the best way is to step through
s3 . So, it calls agent3 to start its internal processes. Then,
agent3 will then restart the whole process until it nally
calls agent11 which is an atomic agent. Therefore, it will
start to transform the resources by taking part of the money
(in s1 ) and transforming it into land (reaching s2 ).
References
176
Abstract. The goal of this paper is to provide a method to generate efcient and
short test suites for Finite State Machines (FSMs) by means of combining Genetic
Algorithms (GAs) techniques and mutation testing. In our framework, mutation
testing is used in various ways. First, we use it to produce (faulty) systems for the
GAs to learn. Second, it is used to sort the intermediate tests with respect to the
number of mutants killed. Finally, it is used to measure the tness of our tests,
therefore allowing to reduce redundancy. We present an experiment to show how
our approach outperforms other approaches.
1 Introduction
Software testing is an expensive and time consuming task. If a formal approach is used,
tests are derived from a specication. For derived test sets to be complete, the tester
needs to assume a given set of assumptions and hypotheses, allowing to reduce the
space of the possible implementations. Our intention is to combine GAs and mutation
testing to create a new approach capable of deriving a test suite that, with a short amount
of execution time, nds the 95% of the faulty implementations. We call our methodology GAMuT (Genetic Algorithm and MUtation Testing) and it is composed of 3 main
phases: Learning through evolution, learning through specialization, selection and reduction of the test cases.
GAs have shown to have a good performance in search and optimization problems.
There exists a number of papers where GAs are used in testing (e.g.[4,5,2]). They usually represent the test data generation problem as an optimization problem and heuristics are used to generate test cases. Mutation Testing has been widely used for checking
the performance in test suites, by measuring its capability to kill mutants, for details into
applications developed through mutation testing see [3,8] for some formal approaches
and [1] for a critical discussion on its use. We propose to use mutation as a way to
provide the GA with enough learning examples in an automated way, by modifying
the specication and subsequently creating simulations of faulty implementations. We
compile several populations into a community. Therefore, each community has several
populations, with several inhabitants each, and each individual has a DNA that directly
J. Cabestany et al. (Eds.): IWANN 2009, Part I, LNCS 5517, pp. 343350, 2009.
c Springer-Verlag Berlin Heidelberg 2009
344
represents a test sequence, that is, a chain of inputs that will be applied to the implementation under test (in short, IUT). In our methodology, mutation testing is used in three
ways. In the rst phase of GAMuT, called learning through evolution, the community
is presented with a set of mutants. In our approach we use 100 IUTs and each of the
populations is confronted with all the IUTs. The tness function is a heuristic based on
the percentage of mutants killed. The second phase of GAMuT, learning through specialization, also uses mutants but in a different way. In this case, each population inside
the community (after having evolved to kill the biggest number of mutants) is given one
IUT, mutated from the specication, and each population evolves to try and minimize
the length of the sequence needed to nd the error inside that mutant. Finally, we select
the ttest individual from each population (from both phases) and create a set of tests,
which we confront with the nal and biggest set of mutants (500 in our methodology),
to be able to nd the number of mutants killed by each of the selected individuals. Then,
as the last step, we make a subdivision with the smaller set of tests that kills the highest
number of mutants.
The rest of the paper is organized as follows, in Section 2 we present the language
used to dene specications, the mutation operators, and dene the operations and objects of GA. In Section 3 we give a schema of the different phases of our methodology.
In Section 4 we present experiments and the results of the comparisons of our technique
with random testing. Finally, in section 5 we give our conclusions and some ideas for
further development.
2 Preliminaries
We introduce hereby some general notions, about Finite State Machines, and about our
GA. Specications and its mutants are given by means of nite state machines.
Denition 1. A Finite State Machine, in short FSM, is a tuple M = (S, I, O, T r, s0 )
where S is a nite set of states, I is the set of input actions, O is the set of output
actions, T r is the set of transitions, and s0 is the initial state. We say that M is inputenabled if for all state s S and input i I, there exist s S and o O such that
(s, s , i, o) T r. We say that M is deterministic if for all s S and i I there do not
exist two different transitions (s, s1 , i, o1 ), (s, s2 , i, o2 ) T r.
A transition belonging to T r is a tuple (s, s , i, o) where s, s S are the initial and
nal states of the transition, and i I and o O are the input and output actions,
respectively. Intuitively, a transition (s, s , i, o) of a FSM indicates that if the machine
is in state s and receives the input i, then the machine emits the output o and moves
to s . Along the rest of this paper we assume that all the machines are input-enabled
and deterministic. The rst restriction, as usual, is needed to ensure that implementations will react to any input provided to them. The second limitation is not vital to our
approach, although it simplies the implementation of the algorithm.
Next we dene two mutation operators: One will modify the output of a certain
transition and the other will modify the state at which the transition arrives.
Denition 2. Let M = (S, I, O, T r, s0 ) be a FSM. The application of the operator
moper1 to M produces a mutant by choosing a transition tr = (s, s , i, o) T R and
345
3 Description of GAMuT
Next we describe our GA. Since we do not want to nd a single solution and for the
sake of genetic diversity, we have added another component to usual GAs: A community
holds several populations, having in turn several inhabitants. We do not allow genetic
crossing between populations. This can be seen as a parallelism to what is sometimes
called in the literature species. An inhabitant of a specic population has a DNA sequence that is formed by genes, that codies the test to be applied. The value that each
gene can take is any input i I. The DNA sequence can be modied through mutation
and recombination, that is, by mating of two inhabitants. In addition, it can also mutate
the length of its sequence. The community holds the specication that we are trying to
check as well as a set of examples of mutated specications that we will call exIUT , and
each population holds a mutated IUT specic for it, used in the specialization phase.
In order to initiate our algorithm, all genes are randomly initialized, so that a random
number of gens is available for each possible DNA. The size of the population, the
number of populations, and the tness function are decisions to be made by the tester,
that has to take into account the number of states of the machine. An example of tness
function used in GAMuT is shown in Section 4. The search nished by two means,
one will be to reach the maximum number of generations specied for the GA, the
other is that the test sequences are able to detect a specic percentage of the faulty
IUTs. We count with two mutation operators for DNA: To change the value of one
or more gens and to modify the length of the DNA sequence. DNAs can be modied
also by combining them with the DNA of another inhabitant through mating. In our
approach we have used a single point crossover, with random position for the division.
346
As usual, we will use elitism as a way to control that only the best solutions actually get
to mate and reproduce. We will use the roulette wheel selection technique that allows
to choose the inhabitants in a proportional scale to its tness. In our case, we also add
after reproduction the original set of elected best inhabitants from the population, not
to loose solutions. In order to decide who are the best, we nd the top/lowest tness
scores, and we take a percentage of the top to be chosen as the best.
Our algorithm is divided into several phases that are graphically represented in
Figure 1. These phases are:
347
348
We mutate the value of various genes simultaneously, being the number of mutations
randomly chosen, but proportionally to the inverse of its tness function, that is, n =
random[1,ng /3]
, being n the number of genes modied, ng the total number of genes,
f
and f the value given by the tness function.
There are two tness functions: One for the evolution phase and another one for the
specialization phase.
| 100
is the percentage of mutant imple1. Fitness for evolution: f = | mutantskilled
| mutants |
mentations, for which an inhabitant nds an error.
2. Fitness for specialization: f = e l , where e is equal to 1 if an error is found,
and l is the length of the genetic sequence starting to count from the point where
the error is found; otherwise, starting to count from the beginning of the sequence,
and 0 1 is its weight. This heuristic tries to approximately nd the shortest
test sequence that detects an error in the IUT that we are checking.
Mating is done through selection with the roulette wheel selection technique and it
uses a single point crossover for DNA reconversion.
In order to check convergence in the evolution step, we take into account the ttest
individuals from each population, and consider them as a test suite, that is applied to
the number of learning IUTs. If the total number of killed mutants is over 85%, then we
allow the program to continue towards its next step. For the specialization phase we set
nding 75% of the errors as a good number to stop the algorithm and go to the selection
process. This number does not represent the mutants that the set will kill, but how many
of the test found an error in a specic IUT. Obviously, these values can be modied
to nd tter tests, but our experience shows that these limits behave good enough. If
convergence is not reached before the total number of generations allowed, then the
system stops the process and continue with its next step.
In order to compare our methodology we have implemented a random testing tool.
Random testing is a technique argued to be as valid as any other testing technique (see
[7,9,6]). As we can see in Figure 3, the test suite resulting after selection is the shortest
one and detects up to 94.6% of mutants as faulty. Compared to the randomly generated
test suite, it outperforms it both by number of mutants killed and by having a shorter
test sequence. Even though to produce our test suite takes more time than a random
generation, the extra performance of our approach to nd errors, even though not very
349
signicant, is worth the additional computations. Actually, the time spent in testing is a
valuable asset. Thus, we have to minimize the number of applied tests (in other words,
the length of the test suite) even if we have to make additional off-line computations, that
are very cheap when compared to the cost of testing. Actually, in order to test a system
we usually have to stop it. Thus, the more time the system is halted, the most expensive
the testing process is, since the system cannot be producing what it is supposed to
produce. In the case of the evolution and specialization test suites, they are between 1%
and 2% below in test coverage (i.e. in proportion of killed mutants) because we have
chosen the best tests of both test suites, and they are a lot longer to apply due to their
high redundancy on the kind of errors found. This is even so if we eliminate, from the
selected tests, those that kill under 1% of the mutants, because the time to apply those
tests, compared to the benets of the number of mutants detected, makes it not worthy
to retain them in the nal test suite.
350
which the phases are applied, because this modies the starting point of the population
for the second GA step (specialization), making it a good starting point to be able to
locate an optimum. Furthermore, selection is crucial as well because we need to get rid
of the redundancy that the overlapping solutions offers, a normal consequence of the
stochastic transformations.
We believe that this approach is feasible and since it tends to create a close-tocomplete set of tests, with a short amount of testing time, it is suitable for its application
on a number of systems, once it is developed for other languages. Due to this fact, one
line of future work will be to study how to codify more languages into the DNA sequences and any derivation that will cause this on the rest of the elements of the system,
like the mutation operators and the tness functions.
Another idea for future development is to provide the GA algorithm with memory
for its inhabitants. Then, they could foresee the best mutation rates and the ones that are
leading them to a better heuristic value, maybe through the use of a neural network or
simply by probabilistic methods. In this way we can reach convergence faster.
Acknowledgements. We would like to thank the anonymous reviewers of this paper for
the careful reading and their suggestions.
References
1. Andrews, J.H., Briand, L.C., Labiche, Y.: Is mutation an appropriate tool for testing experiments. In: 27th Int. Conf. on Software Engineering, ICSE 2005, pp. 402411. ACM Press,
New York (2005)
2. Derderian, K., Hierons, R.M., Harman, M., Guo, Q.: Automated Unique Input Output sequence generation for conformance testing of FSMs. Computer Journal 49(3), 331344 (2006)
3. Fabbri, S.C.P.F., Delamaro, M.E., Maldonado, J.C., Masiero, P.C.: Mutation analysis testing
for nite state machines. In: 5th IEEE Int. Symposium on Software Reliability Engineering,
ISSRE 1994, pp. 220229. IEEE Computer Society Press, Los Alamitos (1994)
4. Fatiregun, D., Harman, M., Hierons, R.M.: Evolving transformation sequences using genetic
algorithms. In: 4th IEEE Int. Workshop on Source Code Analysis and Manipulation, SCAM
2004, pp. 6574. IEEE Computer Society Press, Los Alamitos (2004)
5. Guo, Q., Hierons, R.M., Harman, M., Derderian, K.: Computing unique input/ouput sequences
using genetic algorithms. In: Petrenko, A., Ulrich, A. (eds.) FATES 2003. LNCS, vol. 2931,
pp. 169184. Springer, Heidelberg (2004)
6. Hamlet, D.: When only random testing will do. In: 1st International Workshop on Random
Testing, pp. 19. ACM Press, New York (2006)
7. Hamlet, R.: Random testing. In: Marciniak, J. (ed.) Encyclopedia of Software Engineering,
pp. 970978. Wiley, Chichester (1994)
8. Sugeta, T., Maldonado, J.C., Wong, W.E.: Mutation testing applied to validate SDL specications. In: Groz, R., Hierons, R.M. (eds.) TestCom 2004. LNCS, vol. 2978, pp. 193208.
Springer, Heidelberg (2004)
9. Zhu, H., Hall, P.A.V., May, J.H.R.: Software unit test coverage and adequacy. ACM Computing Surverys 29(4), 366427 (1997)
Abstract. We introduce a novel methodology to formally specify complex multiagent systems. Our approach allows us to redene computational problems in
terms of agents that perform certain tasks. In our view, a system is formed by the
combination of atomic and complex agents. Atomic agents are in charge of executing atomic tasks while complex agents reunite and summarize the properties
of their underlying atomic agents. Basically, our approach consists in specifying the smaller parts of the problem as atomic agents. Each atomic agent is in
charge of executing a small transformation of resources. Afterwards, the system
will recombine them to form complex agents that will embrace the knowledge
of several atomic agents. All agents are located on a superstructure of communication cellules created to record the hierarchy of the tasks. In order to provide a
useful framework, we have developed a tool that fully implements all the stages
of the methodology.
1 Introduction
Computational science embraces the concept of aiding the development of other studies
in different elds through the use of new computational means. Therefore it has to create
open systems that can be applied to a great extent of problems. In addition, it is relevant
to take into account that the people to which computational science is directed are not,
in general, computer scientists. Therefore, its easiness of use is a must. In this paper we
report on a formalism that allows to solve complex problems through the use of agents.
We propose a method to factorize the problem, being the rst step to break down the
problem into the smaller parts possible and assign an agent to each of those tasks. Then,
the produced system allows to make petitions that will create other agents that, through
recombination, are able to condense the information of several agents, so that they can
solve a complex situation.
This paper extends and enhances our previous work presented in [1]. We have simplied some of the notations, so that the resulting formalism is much easier to use.
Although we have simplied our approach, the expressive power of the framework
remains the same, being able to solve the same problems that we confronted in [1].
Even though there are general purpose formalisms to formally describe complex
concurrent systems (such as Process Algebras and Petri Nets) they are not suitable to
G. Allen et al. (Eds.): ICCS 2009, Part I, LNCS 5544, pp. 347356, 2009.
c Springer-Verlag Berlin Heidelberg 2009
348
describe agents since these languages and notations do not provide specic operators
to deal with the inherent characteristics of agents. However, there has been already several studies to formally describe the use of intelligent electronic agents that are nested
into one another (see, for example, [2,3] for two approaches based on Petri Nets and
automata, [4,5] for approaches based on process algebras, and [6,7] for approaches
based on nite state machines). Most of these approaches have been created in favor
of comprehensibility. Therefore they facilitate to derive and apprehend new properties.
However, due to its complexity, these formalisms are not supported by suitable userfriendly tools. Thus, the specication of a system is a task that cannot be carried out by
somebody that is not a real specialist in formal methods.
Our approach is able to assimilate the systems that we are interested in to a common
places structure in which one is able to locate the rest of the structure from higher order
points. If we use the subway lines as a metaphor, we only need to know the location of
the different stations, but the exact location of that small fruit shop that we are trying
to reach is bounded to the location of the closest metro station. Once we arrive to that
particular metro station, we will check the neighborhood map so that we can nd the
shop; we do not need to know in advance all the local maps associated with all the
stations of the network. This is how our systems will work: Once we have all the atomic
agents, each time that a new complex agent, embracing the knowledge of several atomic
agents, is created we will refer to this new agent when making subsequent calls to the
system. In this line, we are able to forget how atomic actions are performed because
we have a higher order element to which we can call upon. In any case, even with a
complex structure, atomic agents are still the ones that execute real tasks.
Using another metaphor we could say that our approach produces systems that are
similar to economic structures in which there exist intermediate agents that gives us the
result of the transformation of resources as a nal product. These agents, in a hidden
way, contract the prime manufacturers that create these resource transformations. Another point in favor of our approach is that it allows us to have an unbounded growth
(equivalently, subdivisions as small as needed) either by adding agents in between existing ones or by assigning new atomic agents to the system that we had before. It is
important to note that the way our systems are subdivided, in so called communication
cellules, facilitates their deployment in a distributed system in which one can obtain a
perspective of variable magnitude of the global tasks. This holds as long as we keep the
hierarchical structure of the ensemble.
The rest of the paper is organized as follows. In Section 2 we introduce some auxiliary notation. Section 3 represents the bulk of the paper. There we dene the syntax of
the proposed formalism, giving a running example of a system implemented with our
tool. In Section 4 we briey describe the technical details of the architecture of the tool
developed to specify the systems. Finally in Section 5 we present our conclusions.
2 Preliminaries
In this section we introduce some notation that will be used throughout the rest of the
paper. First, since users have different preferences, in order to properly design agents the
rst step consists in expressing these preferences. In order to extract preferences from
349
users several mechanisms have been presented in the literature (see [8,9,10]). In this
paper, preferences in a given moment will be given by a utility function. These functions
associate a value (a utility measure) with each possible combination of resources a user
could own. Alternatively, other mechanisms such as preference relations could be used
(see e.g. [11] for conditions to transform one of the possibilities into the other).
In order to manage resources we will denote them as elements of a vector x
. We
consider a special resource to record the performance of the system. The time that it
takes to complete the tasks of the system will also be considered as another resource. A
vector of resources is a vector of real numbers in which each number denotes the total
amount of a specic resource. Along this paper we consider that n is the number of
resources of the system.
Denition 1. Let x
IRn be a vector. We have that xi represents the i-th component
of x
. Let x
, y IRn be two vectors. We write x
+ y to denote the addition of x and y.
We say that q is the addition of x
and y if 1 i n we have qi = xi + yi .
n
We denote by 0 IR the vector having all the value components equal to zero. We
write x y if for all 1 i n we have xi yi .
A utility function is dened as any function f u : IRn IR. We denote the set of all
utility functions by F .
Intuitively, given a utility function f u , We say that f u (
x) > f u (
y ) means that x is
preferred to y. For instance, if we have x = (x1 , x2 ) representing the rst element of
the resource vector the number of apples and the second element the number of oranges, f u (
x) = 3 x1 + 2 x2 , means that, for example, the agent is equally happy
owning 6 apples or 9 oranges. Let us consider another agent whose utility function is
x) = 1 x1 + 2 x2 . Then, both agents can make a deal if the rst one gives 3
f u (
oranges in exchange of 4 apples: After the exchange both are happier. Alternatively, if
x2 represents the amount of money instead of oranges then the rst agent would be a
customer while the second one might be a vendor. Utility functions allow a great exx) = x1 x2 denotes that variety is preferred.
pressivity in preferences. For instance, f u (
A usual assumption is that no resource is a bad, that is, if the amount of a resource is increased, so does the value returned by the utility function. Using a derivative expression,
u
1 ,...,xn )
0 for all x1 , . . . , xn IR
this property can be formally expressed as f (xx
i
and 1 i n. This requirement does not constrain the expressive power of utility functions, as the existence of any undesirable resource can be always expressed by
considering a resource representing the absence of it.
Next we introduce a collection of identiers to be able to univocally identify cellules, agents and paths in the system. In the next section, we will formally dene these
concepts.
Denition 2. Let w be a system (see Denition 8). The set of all possible systems is
represented by W. We denote by IDC the set of cellule identiers that are assigned
uniquely to each of the cellules. The function newIdCellule : W IDC returns an
unused identier for the world w. We use a special identier nill IDC to denote an
empty cellule. We denote by IDA the set of agent identiers that are assigned uniquely
to each of the agents belonging to the system. The function newIdAgent : W IDA
returns an unused identier for an agent. We denote by IDP the set of path identiers,
350
that are assigned uniquely to each of the paths. The function newIdPath : W IDP
returns a fresh identier for a path.
Next we show how to represent agents. We can distinguish between complex and atomic
agents. Atomic agents assume the responsibility of actually implementing tasks, and
complex agents cluster and delegate in the ulterior ones to accomplish complex tasks
and summarize the properties of the agents that are implicity inside of them.
Denition 5. An agent is a tuple a = (id, ib, P ) where id IDA is a unique identier
for this agent, ib M is the input buffer where messages will be stored, and P
P IDP is the set of paths dening the possible behaviours of this agent, being each
path labeled with an identier. Intuitively, the meaning of this set of paths is that this
specic agent will achieve through any of this paths a similar global transformation of
resources. In other words, every path takes him from the same initial state towards a
similar nal state, differing one from each other in the kind of transformations that they
perform.
351
We denote by A the set of all agents. We dene the function VTr : IDP P as
We dene VTr() =< tr1 , . . . , trm >. We also dene the function VA : IDP IDA
that returns the agent that performs this path.
VPAux(<>, id) =
0
id
=
VA(id
p)
,
.
.
.
,
tr
>,
id)
id
=
VA(id
VPAux(<
tr
2
n
p)
An agent is atomic if it has only one path, that path is conformed by a single transition, and the agent itself is in charge of executing the transition. Formally, a =
(id, ib, P ) is an atomic agent if | P | = 1 and there exists p =< tr1 , . . . , trm > P
such that for all 1 i m if tri = (
zi , idp ) then VA(idp ) = id.
During the rest of the paper we consider that agents use messages to communicate
among them. The next denition introduces the different kinds of messages that can be
sent.
Denition 6. A message is given by a tuple (t, s, ob, r) such that t {BROADCAST,
REPLIES, START JOB, FINISHED JOB}, denotes the nature of the message, s IDP
{null} the path origin of the message. In some cases this path can have the value null.
The next item ob IDP {} is the objective of the message, it can be a specic
path of an agent, or a broadcast message. The last component, r IRn represents a
transformation of resources. In the rest of this paper, we denote by M the set of all
messages.
Example 1. Let id IDA be an agent identier, p1 , p2 IDP be paths identier, and r
be a vector of resources. A message m = (BROADCAST, null, , r) represents a broadcast message () sent by a petition wanting to nd an agent that accomplish the transformation induced by r. If we have a message m = (REPLIES, p1 , p2 , r); m denotes
the message from agent VA(p1 ) that offers the path p1 , that replies to agent VA(p2 ) to
the petition of performing a certain task of the path p2 , and species the transformation
of resources r.If we have a message m = (START JOB, p1 , p2 , ), m now represents
the message from agent VA(p1 ) which is performing the path p1 for asking to start the
job to the path p2 of the agent VA(p2 ). Finally, if m = (FINISHED JOB, p1 , p2 , ), then
m is the message from agent VA(p1 ) to agent VA(p2 ) to indicate that the path p1 , which
is a sub-path of p2 , has just nished.
Cellules are elements that serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents.
352
Next, we dene the whole system that contains in a tree like structure implicity dened
by the father-son relationship, the cellules that conform the whole system.
Denition 8. We say that our system (sometimes called world) is dened with a so
called origin cellule from where the tree of cellules hang and by the vector of resources
available in the system. Therefore, a system is a pair w = (c, x) where c IDC is the
origin cellule, and x is the set of resources with which we deal in this world x IRn .
We will use a running example to illustrate previously introduced concepts. In order
to ease the presentation, we have simplied the real system that we have represented in
our formalism.
Example 2. Let us consider that we have the world represented in Figure 1. As we
observe in the gure, we have six cellules, labeled from I to V I and eight agents distributed in them. For example, let us consider agent a3 = (id3 , ib3 , P3 ). P3 is the set
of paths that this agent can perform, ib3 represents the input buffer of this agent and
id3 is the identier of this agent. The set of paths P3 contains a unique pair (pair, path
za , ) >, )}. The path identier is the rst element of the pair
identier) P3 = {(< (
represents the chain of transitions that compose this path. In this case the path is formed
by a unique transition. This transition, < (
za , ) > represents that it is performed by
the path of the agent id3 = VA() and the exchange of resources after performing
this transition is noted by z. This means that the resources of the world will change by
applying x
x
+ za , in other words, it will generate a formwork unit, by wasting 50
units of money, 40 units of wood, and 20 time units.
For example let us suppose that agent a1 = (id1 , ib1 , P1 ) has two different paths.
zg , ) >, ) and (< (
zh , ), (
0, ) >, ). Next we explain one of these
(< (
zg , ), (
paths. The path identied by , has two transitions in it. The rst transition, denoted by
(
zg , ), represents that this agent has to call to the -path of agent VA() to perform it,
and the transformation of resources by applying this transition is x
x+
zg . Then, after
performing this transition the resources of the world would change to x
x
+ za + zg .
Let us remember that the agent id3 = VA() transformation function for the path is
za . Let us note that the agent performing this transition earns money by calling another
agent.
All agents that are not atomic are complex, there are two ways to create agents one is to
insert an atomic agent during the creation of the system and the other is through petitions to the system, being the system in charge of recombining atomic and/or complex
agents already embedded in the system to create a new complex agent.
353
354
Celli+1
Cell0
World
exists y ?
Petition(
y)
World
new petition
exchange
create/call agent
exists y ?
return agent
yes/no
yes/no
Cell0
World
job nished
4 Implementation
In this section we present our tool that facilitates the task of representing the different
components of our framework. First, we are going to enumerate some of the technical
requirements of the tool. Next, we will comment on some relevant parts of the implementation, and we will show how the example can be represented.
The tool has been developed using J2EE Technology (Java, JDK 1.5, EJB) and the
Netbeans software. It makes usage of MVC architecture, to enable ease of maintenance,
and uses session facade and proxy design patterns. It also uses Java Swing components
in order to develop Graphical User Interfaces(GUI).
The tool offers four different ways to create systems. The rst one is by using an input
XML-formatted le which contains all the description data of the system. Another way
355
356
References
1. Andrs, C., Molinero, C., Nez, M.: A formal methodology to specify hierarchical agentbased systems. In: 4th Int. Conf. on Signal-Image Technology & Internet-based Systems,
SITIS 2008, pp. 169176. IEEE Computer Society Press, Los Alamitos (2008)
2. Lomazova, I.: Communities of interacting automata for modelling distributed systems with
dynamic structure. Fundamenta Informaticae 60(1-4), 225235 (2004)
3. Lomazova, I.A.: Nested Petri Nets for Adaptive Process Modeling. In: Avron, A., Dershowitz, N., Rabinovich, A. (eds.) Pillars of Computer Science. LNCS, vol. 4800, pp. 460
474. Springer, Heidelberg (2008)
4. Nez, M., Rodrguez, I.: PAMR: A process algebra for the management of resources in concurrent systems. In: 21st IFIP WG 6.1 Int. Conf. on Formal Techniques for Networked and
Distributed Systems, FORTE 2001, pp. 169185. Kluwer Academic Publishers, Dordrecht
(2001)
5. Nez, M., Rodrguez, I., Rubio, F.: Formal specication of multi-agent e-barter systems.
Science of Computer Programming 57(2), 187216 (2005)
6. Nez, M., Rodrguez, I., Rubio, F.: Specication and testing of autonomous agents in ecommerce systems. Software Testing, Verication and Reliability 15(4), 211233 (2005)
7. Merayo, M., Nez, M., Rodrguez, I.: Formal specication of multi-agent systems by using EUSMs. In: Arbab, F., Sirjani, M. (eds.) FSEN 2007. LNCS, vol. 4767, pp. 318333.
Springer, Heidelberg (2007)
8. Dastani, M., Jacobs, N., Jonker, C., Treur, J.: Modelling user preferences and mediating
agents in electronic commerce. In: Sierra, C., Dignum, F.P.M. (eds.) AgentLink 2000. LNCS,
vol. 1991, pp. 163193. Springer, Heidelberg (2001)
9. Geisler, B., Ha, V., Haddawy, P.: Modeling user preferences via theory renement. In: 5th
Int. Conf. on Intelligent User Interfaces, IUI 2001, pp. 8790. ACM Press, New York (2001)
10. Ha, V., Haddawy, P.: Similarity of personal preferences: Theoretical foundations and empirical analysis. Articial Intelligence 146(2), 149173 (2003)
11. Mas-Colell, A., Whinston, M., Green, J.: Microeconomic Theory. Oxford University Press,
Oxford (1995)
Chapter 5
A formal methodology to specify hierarchical agent-based systems
5.1. Introduction
The representation and study of communities where intelligent (electronic) agents replace
their (human) owners is a topic that has attracted a lot of interest. In particular, there is ongoing research in technologies able to model users by means of agents which autonomously
perform electronic transactions (see1 for a survey on the topic). In order to increase the
power of these agents they must know the preferences of the corresponding user. In this
line, the concept of utility function is very useful. Essentially, a utility function returns a
real number for each possible basket of goods: The bigger this number is, the happier the
94
owner is with this basket. Intuitively, agents should appropriately simulate the systems that
they are representing by considering the utility function that would establish the expected
behavior (see e.g.27 ). In fact, there exists several proposals showing how agents can be
trained to learn the preferences of users (see e.g.4,8,9 ). Besides, a formal denition of the
preferences of the user provides the agent with some negotiation capacity when interacting
with other agents.911 Let us remark that, in most cases, utility functions take a very simple
form. For instance, they may indicate that an agent A is willing to exchange the item a by
the items b and c.
The motivation of this work is to be able to create a exible computational system capable of offering different solutions to new problems. Instead of pre-introducing thoroughly
all the possible behaviors of a system, the system reorganizes its structure to be able to cope
with new petitions coming from the user. It bases itself in a series of behaviors (or task)
that will be called atomic tasks which are the main bricks upon which to construct any new
behavioral answer to the new needs that may appear.
Even though there are general purpose formalisms to formally describe complex concurrent systems (such as process algebras1214 or Petri Nets15,16 ) they are not suitable to
describe agents since these languages and notations do not provide specic operators to
deal with the inherent characteristics of agents. However, there has been already several
studies to formally describe the use of intelligent electronic agents that are nested into one
another (see, for example,17,18 for two approaches based on Petri Nets and automata,19,20
for approaches based on process algebras, and21,22 for approaches based on nite state machines). Most of these approaches have been created in favor of comprehensibility. Therefore they facilitate to derive and apprehend new properties. Moreover, these approaches
have also shown that the recursive denition of agent-based systems allows to keep the
original properties of basic agents.
If we try to incorporate the base of facts to a system, there will always be a lack of
capacity to implement every possible structure of the agent, every different solution to the
same problem, and every combination of small pieces that constitute a complex problem.
That is why we think that there is a need for a new framework to formally dene the class
of systems previously described. We believe it is easier and more feasible to incorporate
bits of knowledge by having the system recomposing this information into complex tasks.
This approach simplies at least two aspects. First, it helps to ensure the completion of the
base of facts. Second, it allows to relocate the different agents, due to its modularity, so
that they can be spread over a network to parallelize some of the tasks.
The main skeleton of the system is this so called atomic agents which are the ones
95
that are in charge of executing the actual transformations that will occur in the system.
Through the recombination of this atomic agents, new and complex agents are created. The
rst advantage of this approach, is that once the atomic agents are dened little interaction
from part of the user is needed, as well, the lack of programming abilities will also not be
a disadvantage. All is needed is to program the underlying specic characteristics of the
system, that is what this system will be able to handle, by example procedures to call to
the motors of a robot, and whatever future need of the user will be handled by the system
itself.
If we take a look in another direction, we would like to assimilate the systems that we
are interested in to a common places structure in which one is able to locate the rest of
the structure from higher order points. If we use the subway lines as a metaphor, we only
need to know the location of the different stations, but the exact location of that small fruit
shop that we are trying to reach is bounded to the location of the closest metro station.
Once we arrive to that particular metro station, we will check the neighborhood map so
that we can nd the shop; we do not need to know in advance all the local maps associated
with all the stations of the network. That is how our systems will work: Once we have
all the atomic agents, each time that a new complex agent, embracing the knowledge of
several atomic agents, is created we will refer to this new agent when making subsequent
calls to the system. In this line, we are able to forget how atomic actions are performed
because we have a higher order element to which we can call upon. In any case, even with
a complex structure, atomic agents are still the ones that execute real tasks. Using another
metaphor we could say that our systems are similar to economic structures in which there
exist intermediate agents that gives us the result of the transformation of resources as a nal
product. These agents, in a hidden way, contract the prime manufacturers that create these
resource transformations.
Another point in favor of our approach is that it allows us to have an unbounded growth
(equivalently, subdivisions as small as needed) either by adding systems in between existing
ones or by assigning new atomic agents to the ones that we had before.
In order to cope with time and calculation limitations, the system is subdivided into a
hierarchical structure in which agents are ordered considering its complexity (how many
agents does it uses to perform a task) and also the eld of knowledge to which that
specic agent is inserted into. I assume here, that if agents are located correctly into groups
of related matters, meaning by it that if two agents perform similar tasks, they will be
inserted together, when the pieces are recombined following the procedure explain later in
this texts, they will be kept close in the hierarchical tree.
96
This hierarchical structure is implemented through a system of so called cells that conglomerate similar agents together. This cells are ordered in a tree structure, which all hang
from the main cell, every petition will be inserted into the main cell and will be carried on
down on the tree until it has been processed. This allows too, although it has not been addressed in the implementation, the possibility of facilitating a computational limit, meaning
that the search could stop after it has descended a limit of levels down in the tree structure,
if the system needs to take decisions in a certain amount of time that can not be surpassed.
It is important to note that the way our systems are subdivided, in so called communication cellules, facilitates their deployment in a distributed system in which one can obtain
a perspective of variable magnitude of the global tasks. This holds as long as we keep the
hierarchical structure of the ensemble.
In this work, agents are treated as knowledge elements, agents are inserted as new
abilities that the system can have access to, and then agents are created through the recombination of these abilities to generate complex tasks. Each agent represents a knowledge,
each action is therefore identied with a knowledge about that action. When a petition is
made to the system, it tries to accomplish it by reusing its bits of knowledge. In comparison
with the human behavior, this is thought as a metaphor of the mirror neurons, discovered
by chance by the group formed by Giacomo Rizzolatti , Giuseppe Di Pellegrino, Luciano
Fadiga, Leonardo Fogassi, and Vittorio Gallese at the university of Parma, Italy, while measuring the activities of neurons regarding the movement of a monkey. Unexpectedly some
neurons red not only when the monkey was moving the hand, but also when it looked
how someone else was moving the hand. These led to a new theory of learning in which
it is stated that they way humans and other mammals learn is through the neural mimic of
activities seen in other individuals. Therefore the how-to knowledge and the actual act is
primarily red by the same neurons.
The system apprehends more complex concepts in the same way children do, rst as a
baby you start to involuntary move your muscles, noticing that that makes your arm move,
with time you learn to control your arm, and the modications that it performs in your
surroundings, afterwards, as more concepts and experiences (in our system petitions) are
incorporated, you no longer think about moving the arm but of reaching an object and
grabbing it. That is, once we know how to perform an action the underlying mechanisms
are automated, we no longer have to think about them.
The generic task method states that the structure and representation of domain knowledge is completely determined by its use (much as it happens in our approach, where concepts are only derived from the actual task that can be accomplished by atomic agents).
97
The main problem underlying generic tasks is related to the predetermined problem solving strategy that they use (we are able to overcome this situation, since our methodology
proposes a exible problem solving strategy, that will vary depending on the kind of atomic
agents included in the system).
The rest of the paper is organized as follows. In Section 5.2 we will discuss some of
the most relevant articles in the eld of agents. In Section 5.3 we introduce some auxiliary
notation that will be used during the rest of the paper. In Section 5.4 we present the formalism to describe our systems. In Section 5.5 we briey present our tool and give a small
example to show its main features. Finally, in Section 5.6 we present our conclusions and
some lines for future work.
5.2. Overview of some relevant articles in the eld of agents
5.2.1. Pattie Maes - The dynamics of action selection
This paper (23 ) addresses the problem of choosing an action in an autonomous multi-agent
system. Actions are chosen following a rational goal oriented fashion, but this approach can
have conicting goals, it should be adaptive to new situations, and there exist the possibility
of a certain component failing, making it harder to reach the nal goal.
This is done so in the situation of a mindless multi-agent system, such as those of
Brooks subsumption architectures. This systems, although desirable for properties such as
modularity, distributed behavior, exibility and robustness lack of a proper action selection
procedure: which agent should become active? and what are the factors that determine a
cooperation among certain agents?. The hypothesis presented in this paper are that rational
action of the global system can emerge, and that there is not the need for bureaucratic
agents (agents that decide which agent should become active).
There exist in this framework several parameters to be tuned by the user, allowing to
have different kind of action selection procedures, such as more/less data oriented, goal
oriented, deliberated, fast.
Agents make part of a hierarchical system in the way that the activation of an agent
is linked in a network of predecessor and successor links, which describe what agents
should be activated before the current agent that is trying to perform an action. An agent is
described by the tuple (l p , la , ld , a) where:
l p is a list of preconditions which have to be fullled before the agent can become
active.
la and ld represent the post-conditions in terms of a add list and delete list scheme.
98
Clearly it is a denition of the term agent biased towards its own work, since he is going
to dene precisely those elements as part of his agent programming language. Since the
possibility of ascribing beliefs, decisions, capabilities and obligations to any element, even
the most simple of the systems, and therefore following its denition, considering that
99
anything can be said to be an agent, he uses the words of John McCarthy, to explain when
ascribing those mental states to a system is something useful:
To ascribe beliefs, free will, intentions, consciousness, abilities, or wants to a
machine is legitimate when such an ascription expresses the same information
about the machine that it expresses about a person, It is useful when the ascription helps us understand the strcture of the machine, its past or future behavior,
or how to repair or improve it. It is perhaps never logically required even for
humans, but expressing reasonably briey what is actually known about the state
of the machine in a particular situation may require mental qualities or qualities
isomorphic to them. Theories of belief, knowledhe and wanting can be constructed for machines in a simpler setting than for humans, and later applied to
humans. Ascription of mental qualities is most straightforward for machines of
known structure such as thermostats and computer operating systems, but it is
most useful when applied to entities whose structure is incompletely known.
Shoham adopts the S5 modal logic which have properties that includes tautological
closure, positive introspection and negative introspection. And the semantics adopted are
the possible world semantics.
He states that decisions are logically constrained though not determined by the agents
beliefs. These beliefs refer to the state of the world, to the mental state of other agents
and to the capabilities of this and other agents. This perspective motivates the introduction
of two mental categories: belief and decision (or choice), and another not mental per se
construct which is capability. Although decision will be treated in terms of obligation as
an obligation to oneself.
Denitions of the mental categories:
Time, all operators are related to time.
Belief, an agent a believes something on a certain time t: Bta
Obligation, agent a has an obligation to agent b on time t: OBLta,b
Decision, agent a obliges itself: DECat = OBLta,a
Capability, agent a is capable of doing something at time t: CANat
All of these constructs maintain a certain set of properties, like internal consistency of
believes and obligations, good faith (agents only commit to what they believe themselves
capable of), introspection (agents are aware of their obligations) and persistence of the
mental state (agents have perfect memory of believes and obligations, and they only let go
of a believe if they learn a contradictory fact).
Later on in the article he discusses the AGENT0, a language made to create agents
and dene its mental categories, and the message passing (communications) in between
100
the agents, also discusses the need for agentication (create agent-like representation out
of cameras or other devices so they can be used by agents).
5.2.3. Rodney A. Brooks - Elephants dont play chess
Rodney A. Brooks have written a series of articles talking about the subsumption architecture one of them is Elephants dont play chess which is kind of a summary of all the
developments made by his team, and a theoretical comparison with symbolic approaches.
He adheres himself to a current dogma in the AI world, called situated activity, based
on the physical grounding hypothesis. Which states that intelligence is a general property
that can arise from the combination of a series of different reactive and situated (meaning
that they only work located in a real world) agents that handle different parts of the overall
robots behavior.
His thesis against the symbolic approaches is that they are too eld dependent, they
are not capable of adapting to the noise existing in the real world, and that the sensory
equipment is incapable of presenting with accurate symbolic descriptions of the objects
that constitute the real world, rendering such approaches practically unusable. Also the
number of calculations necessary to nd solutions in the search spaces (usually for NPcomplete spaces), constitute another drawback of trying to use the symbolic position.
The physical grounding hypothesis works based on the assumption that every system
needs to have its representations grounded in the physical world. Therefore to connect
the system by sensors and actuators to the real world is the primary interest of these approaches. This kind of approach forces the construction of the system in a bottom up
manner, everything has to be concrete responses to the environment.
Another important point in the article is the explanation of the subsumption architecture. It is a way to program the robot based on incremental layers, each one of them
connecting perception to action, based on augmented nite state machines (AFSM). All
of this layers are compiled to simulate parallelism. There are two subsumption languages,
the old and the new, used in different experimental robots. I will hereby quote the general
denition for the old subsumption language:
Each augmented nite state machine has a set of registers and a set of timers,
or alarm clocks, connected to a conventional nite state machine which can control a combinational network fed by the registers. Registers can be written by
attaching input wires to them, and sending messages from other machines. The
messages get written into the registers by replacing any existing contents. The
arrival of a message, or the expiration of a timer, can trigger a change of state
in the interior nite state machine. Finite state machine states can either wait
on some event, conditionally dispatch to one of two other states based on some
101
The new subsumption language, uses behaviors (that are in fact AFSMs). The main
tools to interact in between the behaviors are message passing, suppression and inhibition.
Another difference with the old language is that behaviors can share registers, and a new
more general timing mechanism than the original alarm clocks.
Later on the article explains one by one the different robots build with this subsumption architecture. Showing how different reaction layers can make emerge an intelligent
behavior.
5.3. Preliminaries
In this section we introduce some notation that will be used throughout the rest of the paper.
Since users have different preferences, in order to properly design agents the rst step
consists in expressing these preferences. In order to extract preferences from users several
mechanisms have been presented in the literature (see e.g.4,25,26). In this paper, preferences in a given moment will be given by a utility function. These functions associate a
value (a utility measure) with each possible combination of resources a user could own.
Alternatively, other mechanisms such as preference relations could be used (see e.g.27 for
conditions to transform one of the possibilities into the other).
Denition 5.1. Let IR+ = {x IR | x 0}. Vectors in IRn+ (for n 2) are usually denoted
by x,
y,
. . . The vector 0 denotes the tuple having all the components equal to zero. Given
x IRn , xi denotes its i-th component. Let x,
y IRn+ : x y if for all 1 i n, xi yi holds.
If there exist n different kinds of resources then a utility function is any function f :
IR IR+ .
n
Intuitively, f (x) > f (y) means that x is preferred to y. For instance, if the resource
x1 denotes the amount of apples and x2 denotes the amount of oranges, then f (x1 , x2 ) =
3 x1 + 2 x2 means that, for example, the agent is equally happy owning 6 apples or 9
oranges. Let us consider another agent whose utility function is f (x1 , x2 ) = x1 + 2 x2 .
Then, both agents can make a deal if the rst one gives 3 oranges in exchange of 4 apples:
102
After the exchange both are happier. Alternatively, if x2 represents the amount of money
in any currency (for example in dollars) then the rst agent would be a customer while the
second one might be a vendor. A usual assumption is that no resource is a bad, that is, if the
amount of a resource is increased, so does the value returned by the utility function. Using
a derivative expression, this property can be formally expressed as
f (x1 ,...,xn )
xi
0 for any
CONTENT
Information
Negotiation
Proposal message
Acceptance message
Hiring message
Let ID be a set of agent identiers. A message is a tuple (T, s, d, c), where T is the type
of message, s ID is the agent source of the message, d ID {} is the agent destination
of the message ( represents a broadcast message) and c String represents the string of
characters containing the message.
We denote by the empty message. We denote by M the set of all messages.
Next we will dene a collection of identiers to be able to univocally address agents and
cellules.
Denition 5.3. Let w be a system (see Denition 5.8). The set of all possible systems is
represented by W . We denote by IDC the set of cellule identiers that are assigned uniquely
to each of the cellules. The function newIdCellule : W IDC returns an unused identier
for the world w. We use a special identier nill IDC to denote an empty cellule. We
denote by IDA the set of agent identiers that are assigned uniquely to each of the agents
103
belonging to the system. The function newIdAgent : W IDA returns an unused identier
for an agent.
104
transex
out
s0
transin
2
s1
transin
1
transin
3
sf
transex
in
Fig. 5.1. A generic agent.
id = id then we are considering an atomic agent that is itself in charge of its transition
105
is the timeb consumed to perform the transition, m represents the output message that the
agent emits to the outgoing buffer (ob) when this transition is triggered (the empty message
is denoted by ), D Val(R) denotes a subset over the set of valuations that denotes which
valuations allow the transition to occur, and Z : Val(R) Val(R) is the transformation
id ,m,D,Z
id ,t,m,D,Z
m1 /m2 ,Z
In order to assign each agent to a specic communication cellule, so that the hierarchical structure can be kept, we will dene the traces of an agent. The set of all traces that an
agent can perform will be use to compare agents.
Denition 5.6. Given an agent, we dene a trace as a possibly empty sequence of outgoing
messages tr = m1 , . . . , mn with n 0, where each mi is in M . If n = 0 then we have the
b This
value will be dened by default only for atomic agents since complex agents will calculate the associated
time from the information collected from the contracts with other agents. In addition to consider the sum of all the
involved time values, we have to add a certain delay to simulate the time that it takes to perform communications
among agents.
106
empty trace .
Let a = (id, S, s0 , s f , R, V , Tin , Tex , ib, ob, ) be an agent. We say that a (possibly empty)
sequence of messages m1 , . . . , mn , with n 0, is a trace of a if there exists a sequence of
transitions belonging to Tin and starting at s0 such that
id,m ,D,Z
id,mn ,D,Z
1
s0
A ,in s1 . . . sn1 A ,in sn
Cellules are elements that serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents.
Denition 5.7. A cellule is a tuple (A , id, Sons, Father, ib) where
A IDA is the set of agents that belong to the cellule.
id IDC is a unique identier for this cellule.
Sons IDC is the set of identiers of the sons of this cellule. If Sons = then we
are in a node cellule.
Father IDC is the identier of the cellule that is father of this cellule. If Father=nill then we are in the initial cellule, from which all other cellules are dened.
ib M is the input buffer where messages will be stored.
We denote by C the set of all cellules.
Let us remark that when an agent is added to a cellule, the incoming buffer of the agent
is connected to the outgoing buffer of the cellule, while the outgoing buffer of the agent
is associated with the input buffer of the cellule. This means that an agent does not send
messages to another agent; it sends them to the associated cellule. Similarly, an agent
receives messages only from the cellule to which it is attached. A graphical representation
of this can be seen in Figure 5.2 where we can observe several agents connected to the
cellule C.
Next, we dene the whole system that contains in a tree like structure implicity dened
by the father-son relationship, the cellules that conform the whole system.
Denition 5.8.
We say that our system (sometimes called world) is dened with a so called origin
cellule from where the tree of cellules hang and by the vector of resources available in the
107
a3
transex
ia3
transex
oa3
transex
oa1
a1
C
transex
ia1
transex
oa2
transex
ia2
a2
C1
ns ex
13
t ra
31
ns ex
ns ex
12
t ra
t ra
21
ns ex
t ra
C3
ex 2
ns 5
t ra
ex 5
24
ns ex
C4
ns 2
t ra
t ra
42
t ra
ns ex
C2
C5
All agents that are not atomic are complex, there are two ways to create agents one is to
insert an atomic agent during the creation of the system and the other is through petitions
108
Celli+1
Cell0
World
create/call agent
exists y ?
Petition(y)
World
new petition
exchange
Cell0
World
exists y ?
return agent
yes/no
yes/no
job nished
to the system, being the system in charge of recombining atomic and/or complex agents
already embedded in the system to create a new complex agent.
Denition 5.9. We say that a petition is a tuple pet = ( f u , y,
o)
where f u F is a utility
function, y IRn is the vector of resources that is added to the resources already existing in
the world, and o IRn is the objective of the transitions, that is, the vector of resources that
we expect to have after performing the petition.
Example 5.1.
We will explain the main messages by applying a petition (a graphical representation is
given in Figure 5.4). Let us consider a petition pet = ( f u , y,
o).
The tuple has 3 elements,
the rst one is the initial resources, y = [1000, 500, 500, 100, 0, 100, 0, 0, 500], the second
one a utility function (in this case f u = 10 x1 + 5 x9), and the third element of the tuple is
the objective tuple of resources o = [0, 0, 0, 0, 1, 0, 1, 0, 0].
o)
is inserted in the world
The rst diagram of Figure 5.4 denotes that pet = ( f u , y,
w = (I, x).
When a new petition is inserted in the world, the resources of the petition are
added to the existing vector of resources. After this initial stage, the world asks to its
structure of cellules if there are any agent(s) which can achieve the objective function o.
109
though this is a toy example, so that we can concentrate on the main features of the tool, we have already
tested our tool with some more complex examples. However, as we indicate in the last section of the paper, we
still need to use our tool to specify a real system.
110
NAME
LEVEL
INITIAL
RESOURCES
GOAL
agent1
s1
(410, 290)
s6
agent2
s1
(370, 340)
s6
agent3
s1
(175, 151)
s3
agent4
s1
(220, 241)
s4
agent5
s1
(312, 287)
s5
agent6
s2
(149, 150)
s4
agent7
s2
(224, 159)
s5
agent8
s2
(220, 176)
s6
agent9
s3
(231, 148)
s6
agent10
s4
(149, 101)
s6
agent11
s1
(70, 100)
s2
agent12
s2
(75, 50)
s3
agent13
s3
(72, 68)
s4
agent14
s4
(72, 35)
s5
agent15
s5
(72, 43)
s6
state 6, but agent1 owns more money than agent2 while it has less time to arise it. So, we
expect that agent1 will nd a faster, although more expensive, way to proceed than agent2 .
We will show the decision that agent1 takes in order to obtain a faster path. The agent2
behaves in the same way as agent1 . The rst message from agent1 has type=1, that is,
information, and it is a broadcast message to another communication cellule. This message
is used to look for all agents in that cellule that have the same nal state. This rst message
s1
t12
s2
t23
s3
t34
s4
t45
s5
s1
:money.
s2
:money+land.
s3
:money+land+plan.
s4
:money+land+plan+construction materials.
s5
:money+land+plan+construction materials+worker.
s6
:money+land+plan+construction materials+worker+house.
t56
111
s6
is sent from C1 to C2 .
The agents agent8 , agent9 , agent10 have their goal as s6 . All of them answer to the
previous message by sending information concerning their amounts of resources. agent1
starts building a tree in order to decide the best path to the goal.
Now agent1 asks, by sending a broadcast message to C2 , who has as goal state s2 , s3 ,
s4 . These messages ow through C2 . We have that agent4 , agent6 , and agent3 will answer
with messages sending s1 , s1 and s2 . Because the initial state of agent1 is s1 , it only has to
obtain one possible way for s2 .
In the nal step of this phase agent1 sends to C2 a message asking for agents whose
goal is s2 . No agents will answer to it. The A \ tool has a timeout module which sends
an internal transition for agent1 denoting that nobody is going to answer this last message.
When this timeout is sent, agent1 starts to decide which path it prefers to follow its utility
function.
112
In phase 3 we have the situation described in Figure 5.9. First, agent1 has all the
possible paths to achieve its goal already displayed in front of him. By applying its utility
function, this agent decides that the best way is to step through s3 . So, it calls agent3 to
start its internal processes. Then, agent3 will then restart the whole process until it nally
calls agent11 which is an atomic agent. Therefore, it will start to transform the resources
by taking part of the money (in s1 ) and transforming it into land (reaching s2 ).
5.6. Conclusions and future work
In this paper we have presented a formalism to represent complex hierarchical systems
where tasks can be distributed and/or subcontracted among agents. We are aware that our
formalism is difcult to use since there are a lot of mathematical machinery underlying the
denition of our systems. Thus, we have decided to build a tool that fully implements our
methodology. In this way, a user of our methodology does not need to pay attention to the
formal details and can concentrate on dening the appropriate hierarchical structure.
The system we have implemented allows a more direct approach to model systems that
will expand with the use of it by the user. Agent technology allows to have an unbounded
growth of the system, and having declared all the possible atomic task that a system can
perform as outputs will allow the system to complete any petition that the user can foresee.
There are of course limitations, due to the nature of the simplied perceived world as
a vector of resources. In this line a possible future implementation should maybe base
the world representation in a BDI (belief, desire, intention) system, with a modal logic
113
and allowing symbolic representation of the world and user needs. But until date we have
considered it outside of the focus of our research, to be able to advances in other areas.
There are at least two lines for future work. On the one hand, there is a lot of room
to continue the theoretical study. In particular, we can exploit the trace relation between
agents so that we can dene a conformance relation to determine whether a real system
correctly implements one of our worlds. On the other hand, more practical, we have used
our tool only with small/medium size examples. We are working on the complete denition
of a real system by using our tool. Specically, we are considering28 as a non-trivial system
to be described in our tool.
References
1. R. Guttman, A. Moukas, and P. Maes, Agent-mediated electronic commerce: A survey, The
Knowledge Engineering Review. 13(2), 147159, (1998).
2. L. Rasmusson and S. Janson, Agents, self-interest and electronic markets, The Knowledge Engineering Review. 14(2), 143150, (1999).
3. T. Eymann. Markets without makers - a framework for decentralized economic coordination
in multiagent systems. In 2nd Int. Workshop on ELectronic COMmerce, WELCOM01, LNCS
2232, pp. 6374. Springer, (2001).
4. M. Dastani, N. Jacobs, C. Jonker, and J. Treur. Modelling user preferences and mediating agents
in electronic commerce. In Agent Mediated Electronic Commerce, The European AgentLink
Perspective, LNCS 1991, pp. 163193. Springer, (2001).
5. J. Lang, L. v. Torre, and E. Weydert, Utilitarian desires, Autonomous Agents and Multi-Agent
Systems. 5(3), 329363, (2002).
6. M. McGeachie and J. Doyle. Utility functions for ceteris paribus preferences. In AAAI Workshop
on Preferences in AI and CP: Symbolic Approaches, pp. 3338. AAAI Press, (2002).
7. J. Keppens and Q. Shen. A calculus of partially ordered preferences for compositional modelling
and conguration. In AAAI Workshop on Preferences in AI and CP: Symbolic Approaches, pp.
3946. AAAI Press, (2002).
8. F. Bacchus and A. Grove. Graphical models for preference and utility. In Uncertainty in Articial
Intelligence, UAI95, pp. 310. Morgan Kaufmann, (1995).
9. T. Sandholm. Agents in electronic commerce: Component technologies for automated negotiation and coalition formation. In 2nd Int. Workshop on Cooperative Information Agents, CIA98,
LNCS 1435, pp. 113134. Springer, (1998).
10. S. Kraus, Negotiation and cooperation in multi-agent systems, Articial Intelligence. 94(1-2),
7998, (1997).
11. A. Lomuscio, M. Wooldridge, and N. Jennings. A classication scheme for negotiation in electronic commerce. In Agent Mediated Electronic Commerce, The European AgentLink Perspective, LNCS 1991, pp. 1933. Springer, (2001).
12. C. Hoare, Communicating Sequential Processes. (Prentice Hall, 1985).
114
I. I NTRODUCTION
Evolution is the way life adapts to its environment. If this
environment is the landscape formed by the solution of a
problem, then this adaptation may serve us to nd a way to
solve it. This idea is what led evolutionary approaches to be
used as search techniques.
Testing ([1], [2]) is an important part of the production of
new systems since it takes a high percentage of the time and
cost of developing them. Therefore, being able to create new
methods that allow us to discover faults in the implementation
is a necessity. Reaching a specic state is a fundamental part
of the testing process because it allows the tester to move
the implementation to that state and continue the testing of a
certain part of a system, such as a specic component of an
embedded system. If we solve this problem in a deterministic
FSM, the solution is found in linear time. However, in the
context of a non-deterministic FSM, this problem belongs
to the EXPTIME complete category, therefore the use of
heuristic methods is a must. Moreover, since non-determinism
may arise in several ways, as when abstracting data from
protocols or when composing a system out of several individual components, to produce test suites for non-deterministic
implementations is a problem of practical importance.
Research partially supported by the Spanish MICINN project TESIS
(TIN2009- 14312-C02-01), the UK EPSRC project Testing of Probabilistic
and Stochastic Systems (EP/G032572/1).
Robert M. Hierons
Department of Information Systems and Computing,
Brunel University
Uxbridge, Middlesex, UB8 3PH United Kingdom
Email: rob.hierons@brunel.ac.uk
q0
q0
a
q0
1
q1
q0
2
1
q2
q1
2
q2
b/1
a
q2
s0
a/1
a/1
a/2
s1
b/1
b/1
s2
b
q1
q1
1
q2
a/1
s2 .
will be represented throughout the text by s1
We say that M is observable if there do not exist two
different transitions (s, x, y, s1 ) and (s, x, y, s2 ), with s1 = s2 .
Next, we dene d-reachibility. A state s is deterministically
reachable (see [3]), which is denoted by d-reachable, in the
context of a non-deterministic FSM when there exists an input
sequence that applied to the initial state can only return the
state we are looking for. Only a subset of the states are dreachable in a ndFSM . Our purpose is to use an adaptive
sequence that would allow to deterministically (univocally)
reach any state in the non-deterministic machine. This can
be achieved in two cases. One often appears when all the
leaves (end nodes) of the tree that forms the adaptive sequence
represent the target state of the ndFSM . The second case
arises when the tree is innite but every leaf that can be
reached after a nite sequence represents the target state. Of
course, since this perfect solution will seldomly appear, we
introduce the concept of a sequence d--reaching a state, being
the percentage of times that the adaptive sequence is able
to reach that target state.
We will dene a function such that given M =
(S, I, O, s0 , st , T r), computes the distance from every other
node to the target state by using Dijkstras shortest path
algorithm. The type of the function is dsMt : S IN {nil}
and it performs the following operations.
1) Create a graph G = (V, E), where V is the set of nodes
and E is the set of transitions, such that V will have
one element for each state contained in S. The set E
will have one transition for each transition contained in
T r with the peculiarity that it will be inverted, that is,
the end node will be switched with the start node. This
will create a graph that is an inversion of the original
machine M .
2) From the node in V representing the target node st S,
calculate the tree formed by the Dijkstra shortest path
algorithm, and store the distances to each node in dsMt .
Any node not appearing in this tree will have a value of
nil.
Let us note that the computational complexity associated
with this function is O(E + V log(V )).
We will next formally dene our adaptive sequences.
M
M
Denition 2: Given M = (S M , I, O, sM
0 , st , T r ),
=
an adaptive sequence for M is a tuple TM
(S, T r, s0 , SI , SO , SG , ) where:
S is the (possibly innite) set of states.
s0 S is the initial state.
SI , SO and SG conform a partition of S, that is SI
SO SP = S and they are pairwise disjoint.
T r (SI I SO ) (SO O SI ) is the transition
relation.
is a function that maps the states from the adaptive
sequence to the states of ndFSM . : S S M such that
for all s, s , s S we have that s i s , s o s if
i/o
(s ).
and only if (s)
The transition relation and the sets of states fulll the following conditions:
SI is the set of input states. We have that s0 SI . For
all input state s SI there exist at most one outgoing
transition s i s T r. For this transition we have that
i I and s SO .
SO is the set of output states. For all output state s SO
we have that for all o O there exists a unique state
/ SO .
s such that s o s T r. In this case, s
Moreover, there do not exist i I and s S such that
i
s
s T r.
SG is the set of target states. In most cases this set will
be formed by a unique state. We say that these states are
terminal. That is, for all state s SG we have that there
do not exist a I O such that s a s T r.
We say that an adaptive input sequence is valid if the graph
induced by T r is a tree with root at the initial state s0 .
III. M ETHODOLOGY
One specic feature of our genetic algorithm is that it is not
based on a normal DNA bit sequence, but the DNA is itself
an adaptive sequence, that is, the DNA is a labeled tree.
We initially consider a population of 25 individuals. Each
individual has a parameter chosen at random between 0 and
0.5 that represents its tendency towards choosing a random or
a minimum distance node. This parameter does not evolve and
it is randomly selected at the creation of each individual. The
choice of these decisions was taken by following the results
of the comparisons between different GAs to be shown in
Section IV. Therefore, the denition of a candidate solution
of the population can be represented by a tuple in which, in
addition to the DNA and the tendency to choose randomly
new nodes (), we include its tness value, that is, cs =
(DN A, , value).
The mutation rate is set to one mutation, every generation
for each individual. Reproduction is done 10 times in each
generation, where two children per crossover are created.
The rst step for our algorithm, that will subsequently serve
us to compute the tness value of the individuals, is to compute
the distances from every state to the target state.
Note that computing an individual based in Dijkstras shortest path algoritm (a candidate solution that takes the shortest
path to the target) is not computationally costly, and this step,
according to our experimental results, increases the quality of
the population. We set one of the 25 candidate solutions of the
initial population to have the DNA formed by a shortest path to
the target. Through a similar reasoning, given that computing a
completely random individual is also made in linear time, and
that our experiments showed that most of the times random
outperformed the Dijkstra method, in each generation we add
a random individual to incorporate diversity into our genetic
pool.
We use two stop criterions. The rst one is that the population nds a perfect solution in which a 100% of the times
the target state is reached. If this is not achieved we will stop
the search after 500 seconds, although this time can of course
be increased with a subsequent improvement of the solution.
Next, we give more details about the algorithm that controls
our methodology.
A. Operators
We present here separately the three operators common to
every GA: mutation, reproduction and selection of the ttest.
Figure 2.
Mutation operator.
Figure 3.
Crossover operator.
i/o
q0
B. Heuristic
Our tness function is given by a sampling method. We
use the DNAs of each candidate solution for a total of 100
iterations, and measure the number of times that we arrive
to the target state. This number of times is multiplied by a
coefcient to increase its relative importance. In our case
we have used = 100, this value should be equal to the
number of nodes (n), since the maximal distance from a node
to another is set by this limit, and doing so, we can be sure
that we are giving more importance to having the target node
in our adaptive sequence. In order to complete this heuristic,
every time that it ends up in a state that is not the target,
we subtract the distance from that state to the target from the
heuristic. Finally, if dsMt (s) = nil then we remove 50 points
(n/2) from the heuristic to penalize the choosing of that node.
Our GA creates adaptive sequences that either have all end
nodes as the target state, or it relegates them to a deeper part
of the tree. This provides a higher rate of success, since it
returns a bigger number of non-deterministic choices that takes
us to the goal state. Therefore, if we quantify the choices then,
probabilistically, we have a greater chance of arriving to the
target. In order to illustrate this, consider that we have Figure 4
where the ndFSM is depicted in the left, and in the right hand
side there are two possible adaptive sequences.
Our heuristic considers in a indirect manner, the size of the
graph, and the ratio of end nodes that are equivalent to the
searched state, and their relative position in the tree. Since the
heuristic measures the number of times that we hit the target
out of a hundred runs, we have a higher rate of success when
there are proportionally more end nodes that are the target and
when the end nodes are closer to the root. This is so because,
non-determinism probabilistically favors a shorter outcome.
One important fact to note is that our heuristic, since it
is a sampling method, does not give us an exact measure
of the number of times that our adaptive sequence reaches
the target. However, by taking a look at one of the graphs
(see for example Figure 7) we can observe that there exist
different amplitudes in the oscillation of the measure. Actually
the more consistent a measure is with the times measured
before, the higher rate of equal end nodes that our sequence
has. Therefore, the oscillation in the graph gives us an idea of
how close we are to having a perfect adaptive sequence (one
that will take us to the target each time).
IV. E XPERIMENTS
The implementation of our framework has been done in
Java JDK 1.6, with NetBeans as IDE. For the implementation we have used the graphic library from processing
(http://www.processing.org), together with the library traer
physics (http://www.cs.princeton.edu/traer/physics/) to help
ordering the states in the space, to represent the machines.
The executable application can be found in the address
http://www.carlosmolinero.com/reachState.zip.
We use for our experiments a randomly constructed
ndFSM s with one hundred nodes (that is, n = 100). In order
to make sure that it is connected we add a transition between
a
q0
1
q1
q0
a
q0
q0
1
a
q0
s0
a/0
a/1
s1
q1
q1
0
q0
a
q0
...
1600
1200
SIZE
800
400
***************
*** ****** ** ****** ********* ************
0
100
TIME (s)
Figure 8.
Figure 6.
********** ****** ** ****** ****
******* *** ***** **** *************
*********** **********
*** **** *****
** ******* ** ***
***
** * *
* ********* *
****************
** ** * **
* * **
* **
* * **
**
*** **
*
**
*
**
*
**
*
**
**
*
*
*
*
**
**
*** * ** **
*
**
*
Figure 9.
200
300
400
RANDOM
DIJKSTRA
HILLCLIMBING
* * GA
* *********************************************************************************************************************************************************
**** * * * * *** *
* ** ******* ***********
*
** *
** * *
* ** * *** **
******** * ***** *************** *********
** * * * **
*
*
*
*
8000
4000
FITNESS VALUE
2000
0
*
** *
******* *
*
* *
* *
*
*
*
*
*
** *
** ** *** *
*
6000
2000
100
200
300
400
4000
TIME (s)
Figure 7.
Figure 11.
RANDOM
DIJKSTRA
HILLCLIMBING
* GA
Representation of the 20 experiments. Experimental results (left), tness values (center) and sizes of the resulting adaptive sequences (right).
Figure 10. Experiment A, hillclimbing reaches the target 70% of the times.
1
81.16
55.46
69.53
68.89
80.54
0
83.38
44.67
65.70
78.36
86.07
0.5
81.49
47.01
63.46
75.22
82.08
(0-0.5)
96.89
57.45
72.19
80.65
82.48
Comparison
tness value (%)
(0-1) (0.5-1)
60.68 76.90
44.09 44.03
67.54 65.32
75.50 75.11
81.69 82.48
(0-0.5)m
54.55
48.18
70.39
78.49
82.12
(0-1)m
70.89
59.65
68.47
77.10
80.06
(0.5-1)m
79.1
48.56
70.33
70.50
88.12
Figure 12. Table comparing several GAs with different random coefcients
and populations (labeled with m) in which this coefcient was hereditary.
Abstract. The focus of this paper is to present the results of a set of experiments
regarding the construction of an adaptive sequence by a genetic algorithm and
other techniques in order to reach a goal state in a non-deterministic nite state
machine.
1 Introduction
Testing ([6,2]) is one of the most important tasks to be undertaken in software engineering. Its development and application covers a high percentage of the total cost of
development in any process of software engineering.
Reaching a specic state is a fundamental part of the testing process because it
allows the tester to move the implementation to that state and continue the testing of a
certain part of a system, such as a specic component of an embedded system. In the
case that the tester is confronted with a non-deterministic nite state machine (from
now on ndFSM ) this problem belongs to the EXPTIME complete category. Therefore,
heuristic methods are used to present a solution.
A non-deterministic nite state machine is, informally, a set of states and labeled
transitions with pairs input/output, the characteristic that makes it non-deterministic is
that from the same state there can be several transitions labeled with the same input. We
restrict our work to observable ndFSMs, that is, to machines in which two transitions
departing from the same state cannot have the same combination of input/output.
Adaptive sequences [4,3,1] is a method used to reach a state in a non-deterministic
setting. An adaptive sequence is a tree such that the unique edge that leaves its root will
be labeled by an input (to be applied to the ndFSM ), and it will reach a state such that
from this state outgoing edges labeled by outputs (returned from the ndFSM ) arrives
at one state each from where a new input will depart and so on.
We have presented in a previous work [5], the use of a genetic algorithm to create
an adaptive sequence to reach deterministically a goal state in a ndFSM . The interested
Research partially supported by the Spanish MICINN project TESIS (TIN2009- 14312-C0201), the UK EPSRC project Testing of Probabilistic and Stochastic Systems (EP/G032572/1),
and the UCM-BSCH programme to fund research groups (GR58/08 - group number 910606).
reader is referred to the aforementioned paper for a more complete understanding of our
approach, detailed explanations of the evolution of our GA and a formal denition of the
elements present in the system. The goal of this paper is to present a set of experiments
regarding the achievement of our genetic algorithm and some other techniques to an
extent in which we can assure its validity.
The rest of the paper is organized as follows. In Section 2 we summarize the main
aspect of the evolution of our GA. In Section 3 we show the results of our experiments
and in Section 4 we present our conclusions.
2 Description of our GA
In this section we summarize the main concepts behind the evolution of our genetic
algorithm. A more detailed description can be found in the aforementioned paper [5].
The inhabitants from the population create, based on their random coefcients, a
new adaptive sequence which is their DNA.
This DNA is mutated once every generation, the way this is achieved is by traversing
randomly the adaptive sequence and when the algorithm nds a node with no children
then it adds a subtree to the adaptive sequence, or deletes the subtree to which the node
belongs to (each with a 50% probability). The positive point about using this method to
select a node is that it has a similar probability of being chosen as when executing the
ndFSM . This allows to always modify the nodes that inuence in a greater extent the
overall functioning of the adaptive sequence.
Crossover is done by selecting the individuals with a higher heuristic value through
roullete wheel selection and then traversing randomly both instances to try to nd a node
that represents the same node in the ndFSM . If this node is found then the algorithm
exchanges the subtree of both adaptive sequences and creates two children that are
added to the population. If no node is found following this procedure, then no crossover
is performed.
In the beginning of the next generation, all the specimens are judged by a sampling
procedure (running 100 times its adaptive sequence), and the algorithm performs a selection of the ttest, maintaining a constant number in the population by eliminating
those individuals with the worst heuristic value. The selection of the ttest is an elitist
selection, which means that the best individual from the last generation is copied directly into the next one without any mutation or crossover, to make sure that the GA
does not lose the best solution found until that moment.
3 Experimental comparison
The number of experiments that we have conducted was established by taking into account the amplitude of the oscillation in the averaged heuristic values of the runs of
different GAs against a series of ndFSMs. This value tends to stabilize around 50 experiments. This is one of the main motivations for having extended our experimental
setup with respect to our previous work, since, before, we only performed 20 experiments and, as one can see in Figure 1, the value uctuates at that point greatly.
Fig. 1. Evolution of the average heuristic values for several techniques, including various kinds
of GAs. The hillclimbing methodology appears in dotted lines.
We were also able to increase the speed of the algorithm, which has led to a modication in the heuristic values and of the total size of the resulting specimens.
3.1 Description of the experimentation
The experiments were run in a Intel Core2 Duo CPU T7300 at 2.00GHz with 2 GB of
RAM.
The different techniques were given separate runs of 200 seconds each to nd a solution. The GA was started with a population of 50 individuals, a crossover rate of 25
(half of the population was reproducing and producing new offspring), and a mutation
rate of 1 (each individual was mutated once every generation). The highest individual was transferred into the next generation following the normal procedure for elitist
evolution.
The hillclimbing specimen mutates as many times as it needs in order to nd an
specimen with a higher value and then continue its evolution, adding new nodes to its
adaptive sequence.
The dijkstra individual is initiated once. In order to do so, rst the Dijkstras shortest
path algorithm is ran in the ndFSM in order to calculate the distance from each state to
the goal state. The algorithm as is proposed in this paper starts by creating a graph that
i/o
is an inverted copy of the ndFSM , that is, a graph in which for a transition si
sj
existing in the ndFSM there exist one transition sj
si in the inverted graph. Then
we use the goal state as the initial state and calculate Dijkstras shortest path algorithm.
The random individual mutates a random number of times between 0 and the total
number of states in the ndFSM .
The heuristic that is used is the same for every type of evolution present in the
system. The adaptive sequence of each specimen is used a hundred times to run the
ndFSM , then the ndFSM returns its current state and we apply add of n (where n is
the number of states), if it is the goal state, we subtract n/2 if it is a node from where the
goal is unreachable, or subtract the value of its distance to the goal in any other case.
Since the adaptive sequence is applied a hundred times, the total amount of heuristic
value that an individual can have is 10000 points, that is considered being 100% t,
which means that every reachable end node of its adaptive sequence is the goal state.
A drawback of this heuristic method is that using a sampling rating method, creates a
uctuation in the values for the same adaptive sequence, which makes evolution more
complicated.
The rst set of experiments are focused on comparing different GAs, with different
random coefcients, and that traverse the ndFSM in a distinctive manner (the results
from the experiments are shown in Figure 2). The random coefcient is a number that
expresses how likely the GA will mutate using the shortest distance to the goal state.
A random coefcient of 0 will behave randomly, and a coefcient of 1 will traverse the
ndFSM using the minimum distance, between these values, the specimen will choose
some times at random and sometimes the closest node to the goal.
There are three ways of selecting the random coefcient for a new specimen. The
rst one is that every specimen in the population has a steady coefcient, for example
in GA 0.5 the whole population has 0.5 as its coefcient. The second manner is that it
is started randomly from an interval, which is for example the case for GA (0-0.5). And
the third approach consist in a hereditary option, in which it is the average of its parents
with a small amount of random added, which will be the case for GA (0-1)m. Every
population labeled with an m (mixed) behaves in this last manner.
The population that achieved better results was the one started in the range of (01)
with the hereditary coefcient (GA (0-1)m). This population created, in average, adaptive sequences that reached 70.32% of the times the goal state, and obtained the lowest
average distance
with respect to the maximum achieved by any other method ( = 9.41,
n
j=0
i=0
where =
). This behaves as expected since this
n
population tries every possible random coefcient value and, depending on the conguration of the ndFSM (how much non-determinism contains, how much branching
towards the goal following the shortest path) the individuals with highest results pass
their conguration to their offspring. The second best population is the one started in the
range (0-0.5), this is the population that appeared to behave best in the few experiments
that we presented in our previous paper.
The overall values are lower than in Section 3.3 because given the high number of
populations, we restricted highly the time that we allowed the populations to evolve.
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
x
1
93.86
54.47
84.38
56.35
71.88
58.98
84.54
41.81
75.16
45.66
37.42
70.06
32.8
68.17
81.42
73.17
91.77
49.78
56.06
34.66
76.68
96.89
75.86
100.0
15.22
31.68
66.05
80.33
94.74
50.88
92.7
59.04
76.79
87.69
75.04
75.13
25.43
63.92
100.0
42.03
63.9
100.0
57.66
59.53
50.08
43.0
55.69
100.0
91.68
64.2
71.01
75.34
91.7
87.52
76.2
67.7
56.52
54.1
66.55
74.69
55.95
86.48
60.0
33.02
67.05
12.61
0
92.77
42.05
43.95
52.47
71.91
59.41
92.78
59.18
93.38
48.21
42.52
59.52
35.45
59.0
79.46
65.68
96.93
54.23
59.24
39.88
79.94
97.94
97.94
100.0
14.3
31.88
71.37
64.73
91.75
47.65
90.64
61.49
67.46
79.42
80.73
56.26
28.58
60.53
86.49
48.09
76.38
100.0
66.83
54.29
51.91
39.63
64.75
100.0
93.8
61.01
56.26
74.22
76.8
82.2
61.8
65.53
61.6
36.59
58.43
64.15
49.47
80.08
43.24
20.77
64.76
15.25
0.5
93.85
50.09
74.3
51.35
80.17
56.27
86.11
60.58
70.02
47.12
47.91
46.87
42.12
49.87
75.17
81.31
88.7
44.37
53.38
31.36
76.95
93.76
100.0
100.0
19.72
34.59
73.07
79.23
94.72
44.58
91.65
56.16
86.4
81.57
72.69
58.42
30.52
63.42
100.0
37.8
80.41
100.0
63.96
59.53
51.29
36.09
63.74
100.0
93.8
67.49
56.72
89.7
86.55
80.06
72.98
67.71
57.58
53.28
59.45
70.35
55.47
86.48
43.35
27.09
66.39
13.61
(0-0.5)
88.6
51.5
64.62
53.57
85.38
56.29
90.73
39.64
85.5
65.26
44.68
52.12
59.73
71.18
86.54
63.52
100.0
56.12
61.2
45.75
86.34
94.84
100.0
100.0
20.84
39.65
72.77
74.24
92.66
55.89
85.41
52.56
54.64
89.7
65.61
64.52
30.72
59.46
100.0
46.55
71.12
100.0
54.41
57.81
44.86
41.25
56.68
100.0
94.82
62.89
75.15
92.85
89.62
78.14
59.72
66.52
58.02
59.99
60.44
76.8
50.53
85.45
57.56
25.49
67.63
12.69
Comparison
HEURISTIC VALUE (%)
(0-1) (0.5-1) (0-0.5)m (0-1)m
100.0 92.75 91.75
93.81
48.94 50.15 43.93
57.67
56.42 74.95 51.3
50.78
54.69 52.61 39.0
55.76
81.99 69.69 78.01
81.19
63.6 56.78 61.15
64.33
79.2 84.37 87.54
93.8
64.67 30.83 51.9
52.15
100.0 85.58 97.92
83.45
51.02 53.34 37.49
64.03
41.64 39.89 35.29
39.92
50.17 49.29 54.47
65.79
38.1 37.45 44.29
40.98
87.7 59.99 81.48
75.41
83.45 82.45 78.1
82.37
83.88 75.22 72.05
81.32
100.0 100.0 98.97
92.85
58.05 42.61 56.14
61.62
59.96 46.76 56.68
58.77
35.66 29.49 37.51
37.56
83.33 83.33 82.1
79.97
73.08 94.79 72.16
100.0
100.0 97.93 98.94
100.0
100.0 100.0 100.0
100.0
17.3 16.74 22.49
20.61
28.52 31.39 30.63
41.11
65.65 78.09 66.09
65.78
65.77 65.35 69.84
86.1
74.7 86.89 90.52
94.77
61.25 55.89 62.37
68.11
90.68 89.69 88.55
94.86
54.13 53.13 51.1
63.15
74.84 55.88 54.49
74.41
83.14 85.16 80.4
87.65
62.63 78.16 61.37
85.42
71.79 62.66 47.79
93.84
24.53 23.33 33.51
37.83
62.39 64.29 67.14
66.67
100.0 97.94 100.0
100.0
37.08 34.6 38.32
49.86
75.27 78.35 72.15
77.22
100.0 100.0 100.0
100.0
57.37 53.5 66.21
63.64
61.82 53.09 51.02
61.69
49.93 47.22 45.82
46.78
40.73 29.9 36.7
34.71
62.8 64.85 68.89
61.65
100.0 100.0 100.0
100.0
92.77 92.83 91.3
92.74
61.9 64.33 63.78
64.91
63.64 60.47 55.54
63.88
95.91 73.03 73.12
94.87
86.54 83.42 75.63
92.8
77.86 76.96 79.58
86.39
75.09 70.12 73.09
81.37
68.17 63.55 60.4
54.23
69.91 53.2 73.93
62.67
51.13 33.67 62.2
60.22
60.46 56.34 55.25
62.25
74.75 63.11 70.67
66.34
52.75 50.6 44.29
51.8
81.15 79.0 83.03
87.17
60.84 53.73 59.4
64.92
22.72 14.16 26.32
24.4
67.4 63.83 65.02
70.32
12.74 15.69 15.29
9.41
(0.5-1)m
87.71
52.16
49.46
50.65
77.05
54.11
79.29
61.57
77.74
58.78
38.08
58.47
31.24
48.3
73.88
76.28
100.0
52.7
54.78
33.95
82.2
95.84
100.0
100.0
12.41
23.06
70.42
78.13
91.64
51.91
89.58
55.32
53.83
84.15
52.11
51.51
26.62
59.75
93.75
49.79
72.2
100.0
63.74
66.75
52.01
32.36
48.44
100.0
92.7
67.53
64.35
72.19
89.63
89.6
63.79
63.48
61.52
49.14
59.36
78.87
45.05
89.59
55.56
27.98
64.75
15.99
HC
97.92
70.13
64.2
54.63
66.68
76.4
52.35
22.07
53.04
56.15
24.82
45.29
37.73
82.52
81.44
83.52
82.45
54.36
58.73
21.91
59.36
67.08
87.55
100.0
28.03
49.36
81.97
79.57
100.0
68.44
100.0
80.33
77.3
95.9
56.92
59.71
45.9
76.22
100.0
49.1
87.68
74.45
73.28
64.78
56.59
49.33
73.31
100.0
98.97
78.71
75.99
76.94
96.45
89.6
73.85
60.2
61.43
44.82
70.68
82.88
37.38
92.82
32.13
12.95
67.41
16.15
RD
67.86
27.23
21.0
31.43
64.56
27.57
55.84
19.34
64.83
29.27
21.93
25.19
22.71
30.83
65.67
44.19
100.0
23.23
32.8
18.4
62.13
39.94
69.59
100.0
5.61
10.25
44.25
48.22
75.25
39.0
58.54
42.71
40.29
71.28
34.73
33.62
8.35
35.57
100.0
12.55
41.44
100.0
37.7
38.42
29.83
18.3
44.74
82.53
85.54
38.62
42.08
48.37
52.58
65.62
51.35
42.78
35.57
23.62
38.33
26.74
30.43
67.44
36.29
10.56
43.98
35.95
DJ
53.5
18.05
17.34
-4.56
15.25
24.8
31.36
-13.26
19.57
4.95
6.25
-7.81
18.28
15.14
63.95
31.75
63.25
-2.32
15.07
-14.39
17.82
-1.02
59.05
100.0
-9.54
-18.26
15.1
20.68
52.0
12.19
64.3
24.85
21.25
47.5
-8.45
4.5
21.73
17.38
12.78
-21.52
34.3
19.41
35.52
27.12
21.52
20.2
36.77
66.01
63.6
33.85
-0.1
34.48
36.76
64.64
7.66
33.74
38.05
-9.34
5.35
35.1
35.23
63.6
-10.08
-4.58
23.08
57.69
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
x
Comparison
HEURISTIC VALUE (%)
GA HC RD DJ
GA
94.85 89.22 79.87 52.0 1158.0
87.44 92.82 59.1 36.16 1696.0
100.0 97.94 81.46 -0.26 12469.0
83.38 74.29 50.4 22.02 33972.0
97.95 96.44 82.92 32.08 789.0
97.93 87.26 49.81 -13.12 2996.0
59.24 51.45 32.88 10.92 2088.0
67.89 71.29 36.51 21.62 4990.0
91.73 98.98 65.39 24.08 1465.0
40.86 31.24 15.76 -11.77 40213.0
23.6 30.72 2.76 -16.14 1771.0
98.97 92.34 64.89 39.03 2295.0
57.85 57.37 40.66 35.69 6214.0
100.0 100.0 73.03 39.54 1205.0
63.37 58.5 19.71 6.82 5249.0
35.25 34.16 12.26 -17.09 4857.0
83.97 73.82 50.8 18.57 29354.0
100.0 85.04 75.24 12.1 931.0
95.82 73.63 41.17 3.25 17124.0
65.73 61.16 43.14 -2.14 24934.0
88.48 89.72 56.17 34.7 20182.0
79.35 77.47 41.91 3.48 6162.0
75.01 77.92 53.88 40.15 5688.0
82.26 75.76 62.67 35.56 54952.0
75.11 47.01 34.81 12.12 4207.0
76.07 70.59 42.27 15.71 4038.0
82.32 68.43 53.03 38.08 3796.0
72.08 51.55 37.13 10.82 59619.0
48.14 51.8 20.74 4.94 1331.0
55.1 44.85 25.88 20.33 12127.0
87.51 58.42 23.33 6.67 3637.0
82.21 77.67 52.99 -1.7
1359.0
69.86 62.48 26.7 4.8
23292.0
46.53 46.33 11.16 -13.8 6481.0
80.07 44.61 30.25 20.18 43219.0
73.05 69.37 45.39 -17.26 40626.0
90.75 79.53 49.21 7.35 6071.0
92.76 64.74 43.57 9.16 35659.0
100.0 100.0 90.7 36.4 1129.0
100.0 100.0 76.96 15.51 1328.0
100.0 100.0 100.0 64.64 1428.0
100.0 86.66 54.44 36.41 2182.0
100.0 85.6 75.19 20.21 2433.0
94.83 91.75 70.64 38.45 5342.0
95.88 83.21 55.83 21.61 32788.0
40.5 23.55 7.06 -23.96 3610.0
71.16 60.95 41.44 22.27 12694.0
73.39 82.49 38.43 21.34 1624.0
98.97 95.9 76.42 64.64 4848.0
89.53 64.41 48.12 -13.07 2116.0
79.34 71.81 48.48 16.58 11994.8
2.24 12.31 33.74 66.26 -
SIZES
HC
RD
8160.0 261.0
6948.0 265.0
2642.0 233.0
1214.0 257.0
7759.0 263.0
6723.0 266.0
7016.0 268.0
5223.0 265.0
7309.0 271.0
1244.0 277.0
7288.0 272.0
6196.0 265.0
5310.0 266.0
6775.0 260.0
3943.0 266.0
5221.0 271.0
1972.0 269.0
7769.0 276.0
2686.0 265.0
1902.0 267.0
2150.0 263.0
4523.0 267.0
5844.0 280.0
1003.0 262.0
5519.0 273.0
4839.0 267.0
5571.0 261.0
992.0 266.0
7590.0 271.0
4924.0 272.0
5668.0 278.0
7236.0 266.0
1848.0 267.0
4422.0 278.0
1286.0 272.0
1226.0 248.0
4404.0 269.0
1163.0 271.0
6709.0 257.0
7465.0 268.0
8079.0 263.0
6727.0 263.0
7034.0 269.0
5580.0 259.0
1839.0 264.0
6644.0 281.0
3254.0 276.0
7011.0 271.0
4201.0 252.0
6574.0 261.0
4892.5 266.4
-
DJ
2.0
9.0
8.0
8.0
9.0
15.0
17.0
10.0
12.0
14.0
20.0
9.0
13.0
11.0
15.0
17.0
10.0
12.0
10.0
25.0
13.0
12.0
7.0
9.0
10.0
12.0
7.0
11.0
13.0
12.0
14.0
13.0
14.0
16.0
12.0
11.0
15.0
8.0
9.0
10.0
6.0
7.0
10.0
11.0
10.0
24.0
10.0
12.0
4.0
14.0
11.7
-
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
x
Comparison
HEURISTIC VALUE (%)
GA HC RD DJ
GA
57.97 59.38 39.67 39.75 2335.0
82.1 63.45 40.85 1.69 1135.0
45.6 40.47 22.74 -13.97 1851.0
40.58 43.98 16.99 -4.04 2210.0
73.59 76.19 51.13 -4.71 983.0
57.77 51.24 30.36 15.48 1202.0
54.73 42.91 27.95 11.76 1363.0
45.79 45.04 23.67 -7.88 1219.0
70.33 80.09 43.12 36.26 1872.0
48.03 54.49 36.51 37.62 1278.0
36.16 44.48 19.6 5.86 1315.0
29.04 33.27 15.69 -15.87 1311.0
41.36 32.48 28.45 18.27 1356.0
82.3 83.52 67.31 21.91 867.0
49.56 41.1 24.14 -8.33 2660.0
45.54 54.21 31.72 17.2 2360.0
21.33 19.89 5.21 -17.45 1746.0
84.3 86.47 66.66 10.6 1133.0
63.36 70.87 39.84 42.09 1300.0
49.74 24.62 17.65 -8.0
2418.0
62.79 36.93 29.67 -12.25 929.0
55.35 37.5 34.99 11.64 12114.0
61.44 59.83 37.25 11.56 2288.0
55.72 49.96 32.73 22.82 1317.0
81.24 82.93 69.26 68.5 1053.0
41.72 50.61 25.06 2.82 1130.0
63.26 72.46 43.89 12.28 784.0
86.4 85.42 71.96 67.45 707.0
44.3 41.73 27.69 -0.04 1183.0
70.44 58.64 32.06 10.43 3888.0
82.04 66.02 67.91 5.21 955.0
40.02 27.37 19.3 -9.84 892.0
17.6 14.39 0.84 -16.62 1028.0
36.19 22.5 20.29 3.64 1652.0
32.36 35.66 19.81 19.14 1204.0
35.85 30.34 16.57 4.96 1159.0
35.54 35.81 16.48 10.64 1143.0
74.8 84.39 51.48 36.65 1753.0
57.39 56.07 35.28 22.2 2470.0
46.02 32.06 31.15 -12.67 1457.0
53.61 27.24 28.52 -17.42 12179.0
53.84 51.13 29.58 -6.26 5989.0
86.32 87.07 72.36 64.3 708.0
68.34 73.39 44.11 13.18 1689.0
67.62 79.35 47.22 39.81 1353.0
52.77 31.66 33.2 6.14 4991.0
39.84 41.64 18.11 15.91 1811.0
42.09 52.96 21.75 2.63 2199.0
43.21 27.67 14.38 9.8
9047.0
52.54 25.63 18.86 -21.39 1692.0
54.4 50.53 33.22 10.87 2253.6
4.33 10.46 24.56 49.25 -
SIZES
HC
RD
5701.0 1320.0
6800.0 1302.0
6345.0 1306.0
5490.0 1290.0
6930.0 1312.0
6533.0 1312.0
6358.0 1321.0
6462.0 1271.0
6265.0 1323.0
7141.0 1335.0
7006.0 1310.0
6081.0 1315.0
6538.0 1309.0
7554.0 1258.0
5631.0 1284.0
6593.0 1271.0
6474.0 1348.0
6762.0 1266.0
7057.0 1295.0
6164.0 1336.0
6811.0 1310.0
2858.0 1281.0
6669.0 1309.0
6467.0 1315.0
7806.0 1317.0
7073.0 1317.0
7214.0 1319.0
7867.0 1303.0
7099.0 1319.0
4823.0 1297.0
7364.0 1308.0
6564.0 1332.0
6936.0 1342.0
6045.0 1332.0
7082.0 1341.0
7150.0 1323.0
6423.0 1321.0
6356.0 1279.0
5151.0 1311.0
6658.0 1318.0
1992.0 1297.0
4624.0 1277.0
7824.0 1313.0
7223.0 1289.0
6963.0 1277.0
4080.0 1356.0
6771.0 1323.0
5827.0 1316.0
2434.0 1311.0
5942.0 1303.0
6279.6 13.1
-
DJ
11.0
15.0
14.0
16.0
15.0
18.0
15.0
19.0
15.0
13.0
15.0
21.0
12.0
10.0
17.0
12.0
22.0
17.0
7.0
17.0
16.0
10.0
15.0
12.0
2.0
18.0
17.0
8.0
16.0
11.0
18.0
17.0
21.0
18.0
12.0
16.0
15.0
7.0
16.0
28.0
17.0
17.0
4.0
13.0
9.0
16.0
10.0
16.0
15.0
27.0
14.8
-
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
x
Comparison
HEURISTIC VALUE (%)
GA HC RD DJ
GA
17.78 12.21 0.48 -6.14 2527.0
42.85 34.23 23.11 -35.1 7276.0
40.0 33.07 16.18 -14.87 2366.0
48.31 35.73 20.77 15.5 4518.0
22.76 17.35 4.45 -0.25 3790.0
60.18 60.52 49.8 39.58 1719.0
24.66 22.62 8.01 9.75 2459.0
53.6 52.46 36.75 19.96 2097.0
20.9 19.53 8.83 -1.1
2272.0
54.66 47.64 35.01 12.4 1780.0
28.53 28.9 15.2 -35.15 2899.0
80.11 82.65 61.27 65.76 1336.0
49.99 57.23 32.7 -10.4 2371.0
37.45 33.78 16.03 19.44 2886.0
28.55 16.23 11.78 -6.55 2445.0
42.87 30.32 25.81 1.64 2516.0
46.39 43.84 23.91 -2.56 7992.0
65.96 74.06 54.36 24.62 2363.0
100.0 100.0 100.0 100.0 850.0
57.56 52.16 44.97 -40.15 1657.0
40.59 48.57 23.57 23.12 1267.0
24.28 20.18 10.75 5.19 2361.0
46.48 31.53 18.75 -21.27 4118.0
20.54 23.66 11.76 1.37 2692.0
17.72 25.46 5.42 4.48 1904.0
40.59 43.62 19.28 -26.21 2591.0
50.71 57.1 32.17 -7.79 2372.0
46.99 35.34 21.26 2.85 2622.0
32.35 39.64 15.49 4.58 1552.0
45.77 34.45 31.86 19.36 3352.0
47.11 32.56 28.73 0.38 2400.0
29.26 25.05 5.14 -22.12 2102.0
40.43 35.34 16.96 10.37 14366.0
35.72 25.86 19.98 -27.36 3748.0
33.8 27.29 19.61 6.25 18806.0
45.4 44.15 27.5 -9.46 2287.0
57.84 44.55 34.53 -2.28 2347.0
36.11 18.76 8.56 -16.88 2324.0
70.36 62.78 32.87 14.82 7568.0
55.79 66.11 29.16 3.88 2196.0
22.03 32.42 7.7 -14.13 2399.0
70.04 63.44 45.17 6.79 2163.0
17.07 15.68 5.43 -4.24 2025.0
74.72 38.38 65.28 5.06 2367.0
34.59 28.27 12.84 4.7
2351.0
28.13 28.58 10.02 5.4
2421.0
17.75 15.99 9.17 -9.58 2153.0
56.97 68.18 37.12 -27.05 2179.0
41.92 47.05 25.98 1.16 2061.0
32.79 32.66 18.24 -11.45 2387.0
42.74 39.34 24.79 1.53 3271
3.82 8.49 20.95 47.97 -
SIZES
HC
RD
4578.0 2659.0
3181.0 2552.0
5254.0 2571.0
4804.0 2585.0
4340.0 2636.0
7089.0 2594.0
6113.0 2640.0
5131.0 2589.0
6802.0 2635.0
7121.0 2627.0
5528.0 2545.0
7455.0 2644.0
6047.0 2600.0
4510.0 2596.0
5443.0 2643.0
5466.0 2589.0
2765.0 2551.0
6280.0 2593.0
7.0
2590.0
6492.0 2567.0
6546.0 2597.0
5588.0 2641.0
3790.0 2579.0
6065.0 2646.0
6176.0 2625.0
5170.0 2619.0
6823.0 2630.0
4882.0 2626.0
5849.0 2582.0
4910.0 2619.0
4924.0 2585.0
4624.0 2645.0
1863.0 2624.0
4017.0 2614.0
1407.0 2546.0
6024.0 2649.0
6243.0 2573.0
5069.0 2633.0
2582.0 2581.0
6073.0 2570.0
6003.0 2591.0
7312.0 2620.0
5994.0 2632.0
6841.0 2659.0
5389.0 2637.0
5392.0 2639.0
5757.0 2644.0
6152.0 2612.0
6552.0 2579.0
6613.0 2611.0
5300.7 2608.3/
-
DJ
67.0
30.0
16.0
12.0
16.0
11.0
13.0
12.0
20.0
10.0
23.0
14.0
28.0
16.0
21.0
14.0
14.0
7.0
7.0
27.0
10.0
16.0
20.0
20.0
18.0
34.0
19.0
12.0
16.0
10.0
19.0
30.0
17.0
30.0
17.0
16.0
21.0
21.0
16.0
15.0
16.0
16.0
18.0
14.0
16.0
16.0
21.0
24.0
21.0
15.0
18.6
-
Fig. 3. Overview of the results obtained with ndFSMs with a connection level of 4, including a
set of ndFSMs with 100 states (left), 500 states (center) and 1000 states (right).
Fig. 4. Representation of the scatter plots of Hillclimbing with respect to Random, and of GA
with respect to Random.
References
1. R. Alur, C. Courcoubetis, and M. Yannakakis. Distinguishing tests for nondeterministic and
probabilistic machines. In 27th ACM Symp. on Theory of Computing, STOC95, pages 363
372. ACM Press, 1995.
2. P. Ammann and J. Offutt. Introduction to Software Testing. Cambridge University Press,
2008.
3. M. Gromov, N. Yevtushenko, and A. Kolomeets. On the synthesis of adaptive tests for nondeterministic nite state machines. Programming and Computer Software, 34:322329, 2008.
4. R.M. Hierons. Testing from a non-deterministic nite state machine using adaptive state
counting. IEEE Transactions on Computers, 53(10):13301342, 2004.
5. C. Molinero, M. Nez, and R.M. Hierons. Creating adaptive sequences with genetic algorithms to reach a certain state in a non-deterministic FSM. In IEEE Symposium on Articial
Life, ALIFE11 (to appear). IEEE Computer Society Press, 2011.
6. G.J. Myers. The Art of Software Testing. John Wiley and Sons, 2nd edition, 2004.
Manuel Nez
Robert M. Hierons
Departamento de Sistemas
Informticos y Computacin
Facultad de Informtica.
Universidad Complutense
Madrid, Spain
Departamento de Sistemas
Informticos y Computacin
Facultad de Informtica.
Universidad Complutense
Madrid, Spain
Department of Information
Systems and Computing
Brunel University
Uxbridge, Middlesex, UB8
3PH United Kingdom
molinero@fdi.ucm.es
mn@sip.ucm.es
rob.hierons@brunel.ac.uk
ABSTRACT
q0
We propose an islands model genetic algorithm that creates adaptive sequences. An adaptive sequence is a tree of inputs and outputs that gathers the behaviours of a non-deterministic Finite State
Machine (in short, ndFSM ). Adaptive sequences are derived by
having in mind to reach a certain state of the original ndFSM . We
use adaptive sequences to create a testing algorithm for ndFSMs
and show experimentation regarding its behaviour and comparison
with other techniques.
I.2.8 [Computing Methodologies]: Articial Intelligence, Problem Solving, Control Methods, and SearchHeuristic Methods;
D.2.5 [Software Engineering]: Testing and Debugging
General Terms
Experimentation, Algorithms, Verication
q0
1
q1
q0
2
1
q2
q1
2
q2
b/1
a
q2
s0
q0
a/ 1
s1
a/ 1
a/ 2
b/1
q1
b/1
s2
q1
q2
a/ 1
Figure 1: An ndFSM (left) and two possible adaptive sequences: trying to univocally reach state s 1 (center) and
state s 2 (right).
Keywords
genetic algorithms; islands model; testing of non-deterministic systems
1.
INTRODUCTION
cations is the Finite State Machines paradigm. If we are to handle non-determinism, then our specication will be provided in the
form of a non-deterministic Finite State Machine (in short, ndFSM ).
Non-determinism may arise in several ways, as when proposing
several parallel development possibilities for the system or when
abstracting data or time in protocols. Testing this kind of systems
is particularly difcult and has been widely studied, being state
counting [9, 4, 6] a widely applied technique.
Informally, an adaptive sequence [4, 3] is a tree that captures the
behaviour of a non-deterministic machine. For every input in this
adaptive sequence, the tree creates a child for every possible output
that the ndFSM has. Figure 1 graphically shows what an ndFSM
is and how adaptive sequences look like.
This paper is an extension of our recent work [2] that facilitated the
creation of adaptive sequences through genetic algorithms. One of
the main features left to be explored in that paper was the use of an
islands model which we felt could enhance the overall tness of the
candidate solutions of our genetic pool. Experimentation regarding
this subject is presented in this paper and we show that separately
evolving populations with different behaviours helps indeed to nd
better adaptive sequences.
The islands model for genetic algorithms [10, 11, 1, 7] allows the
parallel evolution of several genetic populations or demes. There-
2.
PRELIMINARIES
In this section we introduce some concepts that will be used throughout the rest of the paper. These denitions are taken from our previous work [2] and longer explanations can be found there.
D EFINITION 1. A non-deterministic observable nite state machines (in short, ndFSM ), is a tuple (S, I, O, s0 , st , T r) where:
(s ).
(s)
The transition relation and the sets of states fulll the following
conditions:
SI is the set of input states. We have that s0 SI . For all
input state s SI there exist at most one outgoing transition
i
s
s T r.
SG is the set of target states. In most cases this set will be
formed by a unique state. We say that these states are terminal. That is, for all state s SG we have that there do not
exist a I O such that s a s T r.
T r (SI I SO ) (SO O SI ) is the transition
relation.
We say that an adaptive input sequence is valid if the graph induced
by T r is a tree with root at the initial state s0 .
s2 .
be represented throughout the text by s1
We say that M is observable if there do not exist two different transitions (s, x, y, s1 ) and (s, x, y, s2 ), with s1 = s2 .
3.1.5 Heuristic
3.
This subsection is a summary of what can be found in our aforementioned paper [2] and we refer the interested reader to that paper
in order to nd a longer explanations. The rst step to compute our
adaptive sequences is to apply Dijkstras shortest path algorithm to
a graph such that it is an inversion of the original ndFSM , that is, a
graph that the initial and end states of every transition are inverted.
3.1.1 DNA
The DNA in our work is an adaptive sequence, that is, a tree of
inputs and outputs. This makes our GA problem specic.
3.1.2 Mutation
The mutation operator randomly adds or deletes a subtree from the
DNA, having as base node one of the end nodes of the tree that
represents its adaptive sequence. The way an individual mutates is
directed by its random coefcient. This coefcient ranges between
0 and 1, where values closer to 1 tend to choose the state closer in
distance to our goal state and values closer to 0 tend to randomly
choose a state.
In this work we have added a population that mutates by following
a different behaviour: it tries to choose the input for which less nondeterminism is created. In the case that this restriction if fullled
by several available inputs, then it chooses the state in the same
way as any other population.
3.1.3 Reproduction
The selection of the parents for reproduction is done through using roulette wheel selection. Reproduction has to choose a point
to cross individuals, in both adaptive sequences, that represent the
same state from the original ndFSM . This is done by randomly
traversing the tree from the rst candidate solution and for every
node doing another traversal in the second parent until a node that
represents the same state in the ndFSM is found. These nodes
are relegated to a set of possible crossover points. Later on, one
of these points is chosen to inter-exchange the subtrees from the
parents and create two different children. If no possible crossover
point is found, then this operation is cancelled. We reproduce half
of the population, creating 2 children per crossover.
We propose to keep several different populations that will have different random coefcients.
The random coefcient, as understood in this paper, indicates how
likely is the mutation operator of an individual to choose the next
state from the ndFSM based on the distances towards the goal
state or just simply choose a random state. In our past work we
compared several types of populations with different random coefcients, but we did not add their solutions: we restricted ourselves to choosing the one that seemed more likely of nding an
optimal solution. In this work we complete these populations with
an entirely new one that tries to reach the goal state creating the
minimum non-determinism along its path, that is, choosing when
possible the input that does not create non-determinism.
Random coefcients will be, for each population, randomly initialized within a range that can be either inherited from its parents or
generated from a x value. Several kinds of population with several ranges and different methods for its selection are included in
the islands model. This is what creates genetic diversity between
the different demes.
The populations that are present in our system are based in the random coefcients 0, 0.5, 1, (0 1), (0.5 1), (0 0.5), (0 1)m
and the low determinism population, plus the two demes that gather
the best specimens as explained in the paragraphs below. The populations that had a general best achievement in our past results have
been the ones started in the range of (0 0.5) and (0 1)m, where
m stands for hereditary random coefcient (mixed).
generations the less promising demes and removing them from the
algorithm distributing their candidate solutions among the other
populations. In this way, we were able to initially explore a large
portion of the tness landscape. Afterwards, we can focus on obtaining a higher number of specimens and a higher number of generations per time unit to the demes achieving a higher tness. This
approach also allows us to have a higher consistency over different
types of ndFSMs, since depending on their congurations, different types of random coefcients evolve better than others. In order
to avoid the aforementioned problem regarding that migration produced stagnation in local maxima, we modied migration by separately evolving the different populations. In each generation we
took the best candidate solution and migrates it towards a new population that is conformed by the best specimens and that evolves
these solutions (we name this population mixBest). Furthermore,
we created another population in which we only inserted the global
best candidate solution (we name this population absBest). Out of
these two idealized populations, one was better than the other depending on the conguration of the ndFSM . In machines with 100
states, the mixBest achieved a higher overall tness, that is, population mixBest obtained mixBest = 5.24, while absBest = 10.91,
where denotes the average distance to the maximum, therefore,
the lower this coefcient the better the population is. However, this
tendency changed when the number of states was increased to 500
since mixBest = 10.34 while absBest = 10.66. These two populations evolved with the parameters that we found to behave better
in a set of 300 experiments, which was to initiate the population in
the range of (0 1)m. It is worth to mention that this set of experiments was performed before we started to produce this paper. We
can see a comparison between these two populations in Figure 2.
4. TESTING OF A NON-DETERMINISTIC
FINITE STATE MACHINE USING ADAPTIVE SEQUENCES
Our implementation relations is based on r-equivalence and consists in considering that the traces of the implementation conforms
to those of the specication. Therefore, we will consider our implementation under test (IUT) to fulll our specication (SPEC) when
the traces of the IUT are contained in those of the SPEC.
Figure 2: Comparison between the tness results of the two Figure 3: Comparison between the tness results of the nal
kinds of migrated populations over the 79 different ndFSMs. solutions of the GA and the islands model GA over 79 different
ndFSMs.
FITNESS VALUE
2000
4000
6000
8000
40
80
120
160
2000
4000
TIME (s)
ISLAND GA
SIMPLE GA
HILLCLIMBING
if (There exists a transition not traversed outgoing from the current state)
if (There exists a transition not traversed outgoing from the current state)
Apply the input.
Error found.
endIf
endIf
else
else
Choose a non-traversed transition.
Reset and use the pre-calculated adaptive sequences to get to the initial state
of the transition (mark every transition used in this process as traversed).
Reset.
calculate Dijkstras shortest path to reach the initial state of the transition.
From the available transitions at the current state, choose the state that
has a lower distance to the goal.
Apply the input that moves the machine to that state.
Mark transitions as traversed.
if (Traces of the transition are not included in the SPEC)
Error found.
endIf
if (the current state of the machine has no connection to the goal state)
Reset.
endIf
endWhile
endWhile
endIf
if (all transitions are traversed)
minNumIUT =
tmethodA tGA
prep
where t
represents the preparation time and t is the average
time for each test over the whole set of IUTs.
t
tprep
ttests
ttotal
r
e
e
IslandsGA
4.11
160612
15329.8
175941.8
1.19
1
3566
Comparison
methodA methodA
148.35
166.01
0
0
529034
645609
529034
645609
1
15.04
1
0.99
3566
3541
Random
155.27
0
601394.9
601394.9
13.37
0.98
3491
else Reset.
endIf
endIf
if (all transitions are traversed)
Mark all transition as non-traversed.
endIf
endWhile
6. REFERENCES
[1] E. Cant-Paz. A survey of parallel genetic algorithms.
Calculateurs Paralleles, 10, 1998.
[2] J. Doe1, J. Doe2, and J. Doe3. Creating adaptive sequences
with genetic algorithms to reach a certain state in a
non-deterministic FSM. In IEEE Symposium on Articial
Life, ALIFE11 (to appear). IEEE Computer Society Press,
2011.
[3] M. Gromov, N. Yevtushenko, and A. Kolomeets. On the
synthesis of adaptive tests for nondeterministic nite state
machines. Programming and Computer Software,
34:322329, 2008.
Figure 10: Cumulated time for 3566 IUTs of the different techniques including the precalculation time for the islands model
GA.
Figure 11: Time for each test of the 3566 IUTs with the different techniques.
Figure 12: Number of resets for each test of the 3566 IUTs with
the different techniques.
Automation in Construction
j o u r n a l h o m e p a g e : w w w. e l s ev i e r. c o m / l o c a t e / a u t c o n
a r t i c l e
i n f o
Article history:
Accepted 11 May 2011
Available online 15 June 2011
Keywords:
MAS
Agents
Scheduling
Critical path graph
a b s t r a c t
We propose a methodology to simulate every small task of a site-work with a multi-agent system. These
agents handle resources as a way to perform transformations on their world. The system will simulate the
construction of a building through the denition of the atomic elements of the system and the automatic
recombination of these elements. This allows us to foresee parallel and sequential tasks and handle the
creation of a graph, in the form of a Petri net, that facilitates the task of accurately planning the schedule of the
site-work.
2011 Elsevier B.V. All rights reserved.
1. Introduction
Construction success highly depends on the capacity of the project
manager to handle multiple teams with a wide variety of tasks and
with different needs. These teams must be correctly orchestrated
during the realization of their labor since the total cost of the
construction depends on the total amount of time the building takes
to be constructed. Therefore, parallelization of tasks is highly
desirable, although this is not always achievable. Different tasks
cannot be executed before a certain amount of resources has already
been created or before the team in charge of executing the task is free
to start its implementation.
It is therefore mandatory to create a timed organizational structure
of the planned work. The instruments more commonly used to handle
this need are Gantt diagrams and Critical Path graphs. Although good
planning is usually achieved through the experience gathered by the
project manager, a number of elements are always left out.
Imperfections are therefore left in the schedule of the work site and
these sometimes lead to undesired time delays. We present in this
paper a computational system that, through the use of agents,
simulates the resources created or exchanged by every agent in the
construction site and that self-organizes these agents to dene a
possible sequential frame in which every task is to be executed. More
specically, our goal is to provide a system that automatically
constructs a graph, in the form of a Petri net [1], representing the
sequence of jobs to be undertaken during a construction process.
Actually, one of the main advantages of Petri nets is that there exist
several formal methods for analyzing them.
Corresponding author.
E-mail addresses: molinero@fdi.ucm.es, mn@sip.ucm.es (C. Molinero).
0926-5805/$ see front matter 2011 Elsevier B.V. All rights reserved.
doi:10.1016/j.autcon.2011.05.006
1228
1229
1230
dene all the calls that will be done asking other agents to start
working. This Petri net is able to dene parallel or sequential calling of
agents, depending on the kind of resources involved in the petition.
Example 1. As a means to understand the difference between atomic
and complex agents we propose a simple example depicted in Fig. 1.
There exists an atomic agent, called agent0, that creates 2 units of the
resource of type A and agents agent1 and agent2 consume 1 unit of the
resource of type A and create 1 unit of the resource of type B. Then, if
we consider that the system has 2 units of the resource of type A, and
we ask for 2 units of the resource of type B, the system will create
complex agent3 placing in parallel calls to agents 1 and 2. Another
possibility is that the system has no resources and we ask for 1 unit of
type B, then the system will use agent0 and agent1 (or agent2) placing
them sequentially, creating complex agent4. The last possibility is that
the system has no resources and asks for 2 units of the resource of
type B. Then, it will create complex agent5 and use agent0 followed by
parallel calls to agent1 and agent2.
Cells serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents. Abstractly, a cell is
the macro-concept that holds the set of related instances (agents).
Cells are organized following a tree structure.
A cell holds a set of agents that are inserted inside it. They also have
an identier and pointers to the cells that are under it as sons, and to
its father in the tree structure. Cells also have a buffer to hold the
messages that they receive.
Example 2. Continuing with the previous example, and to better
illustrate the cell concept, we will insert two cells in our system. In the
rst cell we insert agent0 and in the second cell we insert agents 1 and
2. This is shown in the left part of Fig. 2.
Next, we introduce a petition in which we demand the system to
provide us with 2 units of resource of type B. The system constructs a
complex agent that rst uses agent0 to get one resource of A, and then
uses agent1 and agent2, in parallel, that consume the resource and
provide one resource of type B. Since the atomic agents that the
complex agent will use are located in different cells, in order to
maintain a coherent cell structure for the sending of the messages, the
system introduces a new cell that will be a common parent to both
cells and locates the complex agent in that cell. This is shown in the
right part of Fig. 2.
The cell structure is principal to the passing of the messages. By
construction, it allows a cell to send STARTJOBs messages downwards
to its sons until it nds the specied agent. Since the cell structure was
automatically constructed by the system having in consideration that
a complex agent is inserted in a cell that is a common parent to all the
agent 5
agent 4
agent 0
agent 1
agent 2
agent 3
Fig. 1. Atomic agents 0, 1 and 2 (left), a complex agent that executes agents 1 and 2 in parallel (center left), a complex agent that executes 0 and 1 sequentially (center right) and a
complex agent that executes agent 0 followed by executing in parallel agents 1 and 2 (right).
1231
0
0
Initialcell
Initialcell
Fig. 2. Cell structure in which two cells where atomic agents are inserted (left) and a petition is made that creates a complex agent composed of the three atomic agents (right).
cells that hold agents inserted into the complex agent, these messages
will follow the shortest path possible. An example of the passing of the
messages is shown in Fig. 3. The system can send two families of
messages. The rst one is used during the creation of a new complex
agent through a petition. These messages are either a BROADCAST,
used to ask for the creation of resources to every agent in the system
or a REPLIES, sent back by the agents that are capable of partially
fullling the petition. The second family is used during the execution
of a complex agent and they can be of type STARTJOB, used to ask an
agent to start its procedure, and FINISHEDJOB, sent back by the agent
when its tasks have been accomplished.
The system contains in a tree-like structure, implicitly dened by
the fatherson relationship, the cells that conform the whole system.
This structure allows the user to have a hierarchical organization of
concepts. In order to completely dene a system we need to dene the
resources that it holds, the origin cell and a threshold value that will
be used to discriminate between good and bad values of the utility
functions dened through the user petition. Resources are represented by a tuple. Any negative number in that tuple indicates that the
system needs to be provided with that specic resource.
There are two ways to create agents. The rst one is to insert an
atomic agent during the creation of the system. The second one is
1232
1233
Table 1
Values of the agents.
CELL
c1
s 1
100,
s 2
= [
= [
10,
c2
8,
50,
0,
100,
0,
0,
0,
1,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
1,
1,
1,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0
0
]
]
]
c3
s 3
= [
2,
10,
0,
0,
100,
0,
0,
0,
0.5,
1,
0,
0,
0,
0,
0,
0,
0,
c3
s 4
= [
2,
10,
0,
0,
100,
0,
0,
0,
0.5,
1,
0,
0,
0,
0,
0,
0,
0,
c4
s 5
= [
30,
120,
0,
0,
0,
0,
2,
1,
1,
0,
0,
0,
0,
0,
c5
s 6
= [
10,
60,
c5
s 7
= [
10,
60,
c5
s 8
= [
10,
c5
s 9
= [
c5
s 10
c5
100,
0,
0,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0.333,
1,
0,
0,
0,
0,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0.333,
1,
0,
0,
0,
0,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0.333,
1,,
0,
0,
0,
0,
7,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0,
= [
7,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0,
s 11
= [
7,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0,
c6
s 12
= [
4,
70,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.5,
0.5,
0,
c6
s 13
= [
4,
70,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.5,
0.5,
0,
c7
s 14
= [
2,
30,
0,
20,
0,
0,
0,
0,
0,
0,
0,
0,
0,
c7
s 15
= [
2,
30,
0,
0,
20,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0.334 ]
c7
s 16
= [
2,
30,
0,
0,
20,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0.334 ]
0,
0,
0.333,
0.334,
0.334 ]
1234
Fig. 6. Preparing to create the rst complex agent: site is ready to build.
= (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0).
Apet = fg is the set of agents that are used by the petition (empty in
the beginning).
1235
point. The petition now looks for the lub (least upper bound) of the
cells. Since it does not nd it, it creates a new cell and inserts agent
a 18 . Again, the transformation of resources is given by s
=
18
a Apet sa, such that a = (id, ib, PN, sa). Let us be reminded that
now we have Apet = fa5 ; a4 ; a3 ; a17 g. Fig. 8 represents graphically
this petition.
1236
= (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0).
Apet = fg is the set of agents that are used by the petition (empty in
the beginning).
The petition sends its messages, receives agents Apet = fa12 ; a13 ;
a6 ; a7 ; a8 ; a18 g, and creates a cell and agent a19 and inserts it. Fig. 9
represents the result of this process.
11
2
0
12
1237
14
10
15
16
that the user can foresee. This is done through recombining atomic
agents. We continue to add complex agents in every interaction with
the tool. Thus, the system is able to perform more complex tasks with
each use, that will not need to be re-computed. Let us note that the
distinction between atomic and complex agents is fundamental since
without this separation, every behavior of the system would need to
be pre-implemented before needing it.
We had presented a previous version of the formalism [35,36]. It
has been through working on these papers that we realized some
details that, when resolved, would create a more complete and
exible approach. This led to the substitution of paths by Petri nets
and nding a way to automatically create the cell tree. The use of Petri
nets, in the enhanced model, has been a great advance in relation with
the published papers since it has added the possibility of parallelizing
tasks (agents). This does not only allow us to shorten execution time,
but in some cases even creates new emerging behaviors. Also, the
automatic creation of the cell tree, due to the computation of the least
upper bound of a cell set, is a big advantage. It allows us to keep an
order, a conceptual structure, of how agents are inserted into the tree.
Thus, with this advance, the system is able to save time in its searches.
This feature depends on the way the system sends the messages,
through its cells, and from them down to each of their sons. Moreover,
keeping close in the hierarchy agents that perform similar tasks is an
automated feature. Therefore, this represents an improvement with
respect to a manual procedure for the insertion of agents, in which
agents could have been inserted anywhere.
Acknowledgements
We would like to thank Csar Andrs with whom we developed
the initial formal language that led, after several transformations and
improvements, to the actual framework and language.
We would like to thank the anonymous reviewers for the careful
reading and their useful comments.
Research partially supported by the Spanish MEC project TESIS
(TIN2009-14312-C02-01).
Appendix
In this appendix we will present the formal framework of our
approach. We will begin by outlining some preliminary notation
regarding Petri nets and message communication in Appendix A
and then present the formal denition of the framework itself in
Appendix B.
Appendix 1. Preliminaries
In this Section we briey comment on the variant of the Petri nets
formalism that we use in our approach and dene the messages that
we allow to be exchanged between agents. Along the appendix we
will consider a set ID a that contains all the possible agent identiers.
1238
0
1
5
5
Fig. 13. A complex agent used to show how time evolves in the Petri net.
Let us note that we do not store the order in which messages are
received in the buffer. That is why we dene a buffer as a set. Let us
also note that the notion of atomic agent means that the agent is itself
in charge of executing the transformation of resources.
Cells serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents. Abstractly, a cell is
1239
Before we insert the new agent into the tree structure, we must
dene how to compute the least upper bound of a set of agents.
All agents that are not atomic are complex. There are two ways to
create agents. One is to insert an atomic agent during the creation of
the system and the other is through petitions to the system, being the
system in charge of recombining atomic and/or complex agents
already embedded in the system to create a new complex agent.
Denition
6. Let w = c0 ; x; be a system. A petition is a tuple
pet = f u ; o; Apet , where
f u F is a utility function.
n
IR
is the objective of the transitions, that is, the vector of
resources that we expect to have after performing the petition.
Apetp IDa is the set of agents capable of answering the petition.
Initially this set is empty, and the petition lls it as it searches
through the system.
We denote by PET the set of all petitions. We say that a petition
pet = f u ; o; Apet is fullled when
a
si + o + x0
ai Apet
where for each agent belonging to the set Apet we have ai = (id, ib, PN,
s ia, ti).
c
If Father = c0 or Father = nil
GF Father Otherwise
Denition 9. The least upper bound (in short, lub) of a set of agents,
given by a function : P C C, is induced by the following order
relation: a b if there exists a descending path through the cell tree
that goes from b to a. We dene the lub as the lowest cell (in terms of
the level in the tree) that remains a common path to reach all the cells
in the set.
u Insertion
of an agent: Let w = c0 ; x; be a system and pet =
f ; o; Apet be a petition, let cellspet = fcjc : c = Acell ; id; Sons;
Father; ibCa : aApet aAcell g be a set of cells, and anew =
constrAg(pet) be the agent to be inserted. The anew agent is inserted
into a cell as follows:
If there exists (cellspet) and (cellspet) c0, then insert anew in
(cells).
Otherwise, let us consider the set Fcells = {GF(c)|c cellspet}, we
insert anew into cnew = ({anew}, newIdCell(w), Fcells, c0, ib) where ib is
an empty buffer. In addition, for every element belonging to Fcells,
change the father to be cnew.
1240
1241