Federwin - Sip.ucm - Es Sic Investigacion Publicaciones Pdfs Tesis CarlosMolinero

Dos aplicaciones de los mtodos formales
para el desarrollo y testing de sistemas

complejos
TESIS DOCTORAL
Autor: Carlos Molinero Brizuela
Departamento de Sistemas Informticos y Computacin

Facultad de Informtica
Universidad Complutense de Madrid
Director: Manuel Nez Garca
Resumen
Los mtodos formales tienen su aplicacin fundamental en dos etapas del desarrollo de
los sistemas de software: en la fase de especicacin, para asegurar una consistencia de los
requerimientos, y en la fase de comprobacin de la correccin del sistema. Es en esta ltima
fase donde se encuadra el
testing formal, que esencialmente consiste en la aplicacin de un
conjunto de tests, derivados a partir de una especicacin descrita en algn lenguaje formal,
para comprobar que la implementacin se comporta conforme a lo que dicha especicacin
indica. Una de las subcategoras de los mtodos formales son los mtodos formales grcos.
Estos son formalismos matemticos que cuentan con algn tipo de representacin visual para
facilitar la comprensin del sistema especicado. El principal objetivo de esta tesis consiste
en estudiar algunas de las aplicaciones de los mtodos formales grcos. Especcamente, el
estudio se centra en una variante de las redes de Petri y su aplicacin para el desarrollo de
un sistema multi-agente y en la automatizacin del testing para mquinas de estados nitos
(FSM de sus siglas en ingls), tanto en su variante determinista como no determinista.
En lo que respecta a la especicacin de sistemas mediante el uso de formalismos grcos
se presenta una metodologa para la creacin de sistemas multi-agente. El formalismo
ha ido evolucionando, partiendo del uso de las FSMs como mtodo para representar los
comportamientos de los agentes, a una metodologa sustentada sobre las redes de Petri. Este
sistema utiliza dos tipos de agentes:
agentes simples y agentes complejos. Los agentes simples
son los que ejecutan las tareas primitivas y los complejos son agentes planicadores que
regulan el funcionamiento del resto de los agentes. Los agentes se agrupan en una estructura,
llamada de
clulas, creando un rbol que regula el paso de mensajes.
Para encontrar mtodos de testeo de mquinas de estados nitos se han usado los
algoritmos genticos como mtodo de optimizacin por un lado de los conjuntos de tests para
una FSM determinista, y por otro lado como mtodo para crear rboles que permiten llegar
a un estado de manera unvoca dentro de una FSM no determinista, lo cual es fundamental
para el proceso de testing de este tipo de mquinas.
iii
iv
Summary
Formal methods have their fundamental application in two phases of the development of
software systems: in the specication phase, to assure consistency of the requirements, and
in the phase of checking the correction of the system. It is in this last phase, where formal
testing takes place, which essentially consists in the application of a test suite, derived from
some formal specication, to check that the implementation behaves accordingly to the
specication. One of the sub-categories of formal methods are the graphical formal methods.
These mathematical formalisms are equipped with some kind of visual representation
methodology to facilitate the understanding of the system under specication. The main goal
of this thesis is to study some of the applications of graphical formal methods. Specically,
the study focus in a variant of the Petri nets and its application to the development of multiagent systems and in the automation of testing for nite state machines, in its deterministic
and non-deterministic aspects.
In respecto to the specication of systems by means of graphical formalisms we present a
methodology for the creation of multi-agent systems. The formalism has evolved expanding
from a rst use of nite state machines as a method to represent the behaviors of the agents
towards a methodology based in Petri nets. This system uses two types of agents:
simple and
complex. Simple agents are the ones in charge of executing the primitive tasks and complex
agents are planners that regulate the inner working of the rest of the agents. The agents are
held in a cell structure, in the form of a tree, that regulates the message ow.
We have used genetic algorithms to nd methods for testing nite state machines, using
them as an optimization method to nd a short test suite for deterministic nite state
machines and to create
adaptive sequences which are trees of inputs that allow us to reach a
certain state, in a univocal manner, in a non-deterministic nite state machine.
vi
Agradecimientos
A la primera persona a la que quera dedicarle esta tesis es a Manuel Nez, mi director
de tesis, por su paciencia y sus gritos. De una manera especial, quiero tambin agradecer a
Robert M. Hierons toda la ayuda que me ha prestado durante el transcurso de mi estancia
en Brunel y su gua y apoyo en todos los artculos que hemos escrito en colaboracin durante
este ltimo ao. Agradecer tambin a mi compaero Csar Andrs su ayuda con los primeros
artculos y con toda la parafernalia burocrtica que rodea el entregar una tesis. Finalmente,
tambin quiero recordar a mis padres, a mi hermano, a mis amigos y a mi chica, simplemente
por estar ah y aguantarme.
vii
viii
ndice general
Summary
1. Introduccin
1.1.
Discusin integradora y objetivos . . . . . . . . . . . . . . . . . . . . . . . . .
2. Introduction
2.1.
11
Integration discourse and objectives . . . . . . . . . . . . . . . . . . . . . . . .
3. Estado del arte: testing formal
12
21
3.1.
Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21
3.2.
Relaciones formales entre procesos
. . . . . . . . . . . . . . . . . . . . . . . .
23
3.2.1.
IOCO: input output conformance . . . . . . . . . . . . . . . . . . . . .
23
3.2.2.
La r-equivalencia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
23
3.2.3.
La s-equivalencia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
24
3.3.
Tcnicas clsicas de testing formal
. . . . . . . . . . . . . . . . . . . . . . . .
26
3.3.1.
El mtodo
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
26
3.3.2.
El mtodo
Wp
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
27
3.3.3.
Las secuencias UIO (secuencias nicas de input/output) . . . . . . . .
27
3.3.4.
State counting
28
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4. Estado del arte: mtodos de bsqueda heursticos
31
4.1.
Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
31
4.2.
Los algoritmos genticos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
32
4.2.1.
Codicacin de la secuencia del ADN . . . . . . . . . . . . . . . . . . .
33
4.2.2.
Mutacin
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
34
4.2.3.
Cruce de la especie . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
34
4.2.4.
Juzgar y seleccionar a la especie
35
ix
. . . . . . . . . . . . . . . . . . . . .
ndice general
4.3.
4.4.
4.5.
Otras tcnicas heursticas
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
36
4.3.1.
Algoritmos basados en la optimizacin de colonias de hormigas
. . . .
36
4.3.2.
Escalada (hillclimbing) . . . . . . . . . . . . . . . . . . . . . . . . . . .
39
4.3.3.
Enfriamiento simulado . . . . . . . . . . . . . . . . . . . . . . . . . . .
40
4.3.4.
Inteligencia de enjambres (swarm intelligence) . . . . . . . . . . . . . .
41
4.3.5.
Formacin dinmica de ros
. . . . . . . . . . . . . . . . . . . . . . . .
42
Tcnicas de bsqueda heursticas para testear sistemas . . . . . . . . . . . . .
43
4.4.1.
Uso de algoritmos genticos en testing
43
4.4.2.
Mtodos heursticos para explorar grandes espacios de estados
. . . .
48
4.4.3.
Optimizacin automtica de tests mediante un modelo bacteriolgico .
49
4.4.4.
Heursticas para diagnosticar fallos . . . . . . . . . . . . . . . . . . . .
50
. . . . . . . . . . . . . . . . . .
Aplicacin de algoritmos genticos para la asignacin de recursos
. . . . . . .
5. Estado del arte: sistemas multi-agente
50
53
5.1.
Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
53
5.2.
Especicacin formal de los sistemas multi-agentes
. . . . . . . . . . . . . . .
57
5.3.
Organizacin de sistemas multi-agente
. . . . . . . . . . . . . . . . . . . . . .
62
5.4.
MAS aplicados a la construccin
. . . . . . . . . . . . . . . . . . . . . . . . .
67
6. Conclusiones y trabajo futuro
69
7. Conclusions and future work
75
A. Lenguajes formales
79
A.1. Introduccin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
79
A.2. Repaso de lenguajes comnmente usados . . . . . . . . . . . . . . . . . . . . .
80
A.2.1. lgebras de procesos . . . . . . . . . . . . . . . . . . . . . . . . . . . .
80
A.2.2. Sistemas etiquetados de transiciones
. . . . . . . . . . . . . . . . . . .
81
. . . . . . . . . . . . . . . . . . . . . . . .
82
A.2.4. Stream X-Machines . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
84
A.2.5. Autmatas de Bchi . . . . . . . . . . . . . . . . . . . . . . . . . . . .
85
A.2.6. Autmatas con pila . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
85
A.2.7. Mquinas de Turing
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
86
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
87
A.2.3. Mquinas de estados nitos
A.2.8. Redes de Petri
ndice de guras
4.1.
Paisajes de diferentes funciones heursticas.
. . . . . . . . . . . . . . . . . . .
32
4.2.
Mutacin de un gen del ADN. . . . . . . . . . . . . . . . . . . . . . . . . . . .
34
4.3.
Cruce de dos individuos, con punto de cruce nico (arriba) y con puntos de
cruce mltiples (abajo).
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
36
4.4.
Variacin de la concentracin de feronomas en caminos que evitan un obstculo. 38
4.5.
Diversas inicializaciones del algoritmo de escalada simple en dos paisajes

distintos. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
A.1. Una red de Petri (izquierda) y el resultado de su ejecucin.
xi
. . . . . . . . . .
40
87
xii
NDICE DE FIGURAS
Captulo 1
Introduccin
Al llegar a la Facultad de Informtica, con el trasfondo de mi formacin como arquitecto
y verme inmerso en un grupo cuyo inters primordial eran los mtodos formales, lo
primero que capt mi atencin fue la potencia de los mtodos formales para describir
sistemas capaces de aglomerar agentes con capacidades y respuestas muy diferenciadas.
En particular, cabe destacar los formalismos grcos, ya que su representacin permita
comprender ms rpidamente el funcionamiento de un sistema y obtener una visin global
del conjunto. Especcamente, resultaba natural representar conjuntos de agentes que fueran
capaces de auto-organizarse de una manera jerrquica. El resultado de esta primera toma
de contacto fueron los artculos que aparecieron ya como parte de mi trabajo de n de
Mster:
A formal approach to the specication of hierarchical multi-agent systems
[Mol09].
Las mayores dicultades encontradas en este primer trabajo estaban relacionadas con la
eleccin del lenguaje formal que dena el comportamiento de los agentes. En un principio,
los comportamientos de los agentes se describan a travs de mquinas de estados nitos.
Esto no permita la aplicacin en paralelo de acciones y por tanto, el ujo del trabajo de los
agentes
planicadores estaba limitado a la expresividad del lenguaje elegido. Esta deciencia
fue subsanada en posteriores revisiones del marco hasta acabar considerando una variante,
de hecho una versin simplicada, de las redes de Petri. Este formalismo se usar para
representar los comportamientos de los agentes en juego. Otro de los aspectos que sufri una
evolucin mayor fue la forma en la que los agentes se agrupaban en categoras para permitir
de una manera conceptual un ujo ms claro en el paso de los mensajes y, por tanto, una
mejora en la eciencia del funcionamiento del sistema.
Tras la publicacin de estos primeros trabajos, con la idea de estudiar cmo poder
testear sistemas descritos a travs de formalismos grcos, partiendo de los conocimientos
1
adquiridos en el Mster de Investigacin en Informtica sobre algoritmos genticos y teniendo

un inters cada vez mayor en esta tcnica por las posibilidades que ofrece para la resolucin
de problemas que se plantean en muy diversas reas, he redirigido parte del ujo de mi
trabajo hacia la investigacin sobre el potencial de aplicacin de los algoritmos genticos
al testing de sistemas con especicaciones descritas a travs de formalismos grcos. Cabe
destacar adems que en el mbito de mi beca FPI, realic una estancia en la Universidad de
Brunel con Robert M. Hierons, cuyos intereses de investigacin coinciden en estos temas. A
travs de una fuerte experimentacin y con diversas modicaciones a lo que se considerara un
algoritmo gentico
estndar, fuimos llegando a un modelo que presentaba una demostrable
eciencia a la hora de afrontar los problemas atacados. Dichos problemas varan al tener en
cuenta el tipo de lenguaje con el que se realiza la especicacin. En un primer momento
se investig la posibilidad de automatizar la tarea de la creacin de un conjunto de tests
para una mquina de estados nitos. Adems, se plante la necesidad de automatizar una
valoracin de la bondad de estos tests a partir del nmero de errores detectados en una
serie de mutantes creados a partir del modelo correcto. En una segunda aproximacin, la
posibilidad de testear mquinas no deterministas nos dirigi hacia el estudio de la creacin
de secuencias adaptativas para lograr alcanzar un estado de una manera semi-determinista
y poder reutilizar este tipo de secuencias para testear mquinas no deterministas.
La presente tesis doctoral se presenta en formato publicaciones, de acuerdo con el

apartado 4.4 del acuerdo del Consejo de Gobierno de fecha 14 de octubre de 2008, en el que
se aprueba la normativa de Desarrollo del Rgimen relativo a elaboracin, tribunal, defensa
y evaluacin de la Tesis Doctoral del Real Decreto 1393/2007, de 29 de octubre (BOE
de 30 de octubre), por el que se establece la ordenacin de las enseanzas universitarias
ociales de la Universidad Complutense de Madrid. En dicho artculo se contempla que
se podrn presentar tesis doctorales en formato publicaciones entendindose como tal las
tesis constituidas bsicamente por publicaciones editadas o aceptadas para su publicacin.
Dichas publicaciones recogen los resultados que han sido obtenidos en diferentes trabajos de
investigacin desarrollados con el n de alcanzar el objetivo jado para la realizacin de la
tesis. En nuestro caso la inmensa mayora de ellos han sido refrendados con su publicacin en
diversos congresos de carcter internacional y en una revista indexada en el JCR, contando
por tanto con la subsiguiente evaluacin
inter pares,
y habiendo sido raticados tras los
correspondientes rigurosos procesos de seleccin. Los trabajos que no han sido publicados
todava se encuentran en la actualidad pasando dicho proceso de seleccin y esperamos
que cuando los trmites conducentes a la defensa de esta tesis doctoral concluyan, estn
1. Introduccin
denitivamente aceptados.
En primer lugar, realizaremos una discusin integradora y repasaremos los principales
objetivos de esta tesis doctoral.
1.1. Discusin integradora y objetivos

A pesar de la utilidad de los mtodos existentes para representar y analizar sistemas,
nuestros primeros estudios detectaron una serie de problemas que podran resolverse o al
menos paliarse, mediante un tratamiento ms profundo del uso de formalismos grcos.
Concretamente detectamos tres problemas: Por un lado, los formalismos existentes para la
descripcin de agentes podan beneciarse de un uso ms
amigable
por parte del usuario
nal, de forma que la automatizacin de la fase de planicacin de las tareas a realizar poda
reducir el tiempo de especicacin de los sistemas. Por otro lado, dentro del estudio del
testing de las mquinas de estados nitos deterministas, a pesar de existir mtodos capaces
de conseguir un conjunto de tests completo, debera ser posible conseguir una mejora en
la cantidad de tests necesarios para comprobar la FSM. Finalmente, como tercer problema
detectado, en lo concerniente al testing de mquinas de estados nitos no deterministas, no
existen mtodos para crear secuencias adaptativas de forma que se evite tener que desarrollar
todo el rbol completo de posibilidades.
El objetivo principal de esta tesis es mostrar la utilidad de usar mtodos formales grcos
en aquellas situaciones donde su uso resulta adecuado y, en concreto, paliar los problemas
detectados y expuestos en el prrafo anterior. Puesto que se trata de un campo muy amplio,
hemos focalizado nuestra atencin en estudiar cmo poder denir un sistema complejo a
travs de estas metodologas y en cmo poder comprobar la validez de dichos sistemas. Un
primer objetivo concreto consiste en utilizar un formalismo grco para denir en una manera
clara y sencilla sistemas multi-agente. Un segundo objetivo es estudiar cmo se pueden
testear sistemas descritos a partir de mtodos formales grcos, en este caso utilizando la
tcnica de los algoritmos genticos. Dado que podemos encontrarnos tanto con sistemas
deterministas como no deterministas, hemos tratado de buscar mtodos para automatizar
partes del proceso de testing para ambos tipos de sistemas.
Los mtodos formales grcos otorgan una serie de ventajas con respecto tanto a los
mtodos no formales como a los mtodos formales no grcos dado que, simultneamente,
son capaces de proveernos con una denicin intuitiva y visual al tiempo que, al representar
formalismos matemticos, nos permiten analizar rigurosamente propiedades de los sistemas
estudiados. Quizs los dos formalismos que renen a la par sencillez de manejo y potencia
expresiva sean las redes de Petri, utilizadas mayoritariamente para especicar sistemas
concurrentes por su capacidad para expresar la paralelizacin de las tareas, y las mquinas
de estados nitas (FSMs), por ser uno de los formalismos ms sencillos y con capacidad
expresiva suciente para modelar, por ejemplo, protocolos de comunicacin.
Las redes de Petri han sido utilizadas para formalizar una gran variedad de modelos, desde
reacciones qumicas (la utilidad original del formalismo) hasta cadenas de montaje, pasando
por sistemas de agentes. Nuestro inters est dirigido a intentar desarrollar una modicacin
del formalismo que fuera capaz de representar un sistema de agentes jerarquizado, de forma
que pudiramos llevar a cabo uno de los objetivos que nos marcamos. Versiones iniciales
de ese sistema de agentes fueron formalizadas usando una modicacin de las mquinas de
estados nitos, pero la imposibilidad de representar adecuadamente el paralelismo inherente
a este tipo de sistemas hizo que tras varios cambios se optara por utilizar las redes de Petri
para modelizar los comportamientos de los agentes, siempre teniendo en mente la intencin
de mantener el sistema lo ms sencillo posible, para evitar errores de concepto.
Este sistema de agentes se desarrolla en distintas fases, creando un formalismo que
permite modelar sistemas sencillos jerarquizados de agentes. Este formalismo ha sido
extendido y revisado en varias ocasiones. Su versin denitiva se encuentra publicada en
la revista
Automation in Construction.
Teniendo en cuenta el hilo conductor de los objetivos que nos jamos para esta tesis
doctoral, el uso de los mtodos formales grcos, una lnea de trabajo que complementa
la descripcin formal de sistemas complejos consiste en estudiar propiedades de dichos
modelos y ms especcamente, en estudiar si una implementacin concreta es correcta
respecto a su especicacin formal. Esta lnea de trabajo corresponde a uno de los objetivos
de esta tesis. A este respecto se han estudiado dos tipos de FSMs: deterministas y no
deterministas. Inicialmente se trata de optimizar el conjunto de tests para comprobar el
correcto funcionamiento de mquinas de estados nitos deterministas para, posteriormente,
continuar con el problema de alcanzar un estado de manera unvoca en una mquina de
estados nitos no determinista.
Los resultados obtenidos durante el desarrollo de esta tesis han sido plasmados en
las siguientes publicaciones, presentadas en distintos foros internacionales, enumeradas a
continuacin en orden cronolgico:
A formal methodology to specify hierarchical agent-based systems. Publicado en 4th

Int. Conf. on Signal-Image Technology & Internet-based Systems, SITIS'08 [AMN08d].
Actas publicadas por IEEE Computer Society Press.
1. Introduccin
Combining genetic algorithms and mutation testing to generate test sequences [MNA09].
Publicado en 10th Int. Conf. on Articial Neural Networks, IWANN'09. La conferencia
IWANN se encuentra en el puesto 55 de 701 conferencias del campo de la Inteligencia
Articial segn el
Computer Science Conference Ranking (basado en Estimated Impact
of Conference, EIC, 2009) y aparece tambin catalogada con la categora B en la lista

CORE.
A hierarchical methodology to specify and simulate complex computational systems [AMN09b]. Publicado en International Conference on Computational Science,
ICCS'09. La conferencia ICCS est catalogada con la categora A en la lista CORE.
A formal methodology to specify hierarchical agent-based systems
[MAN10]. Una
pequea seleccin de los trabajos presentados en SITIS 2008 fue invitada a ser
Web-Based Information Technologies

and Distributed Systems. Este libro fue publicado por la editorial World Scientic en
extendida y participar como captulo en el libro
el ao 2010.
Creating adaptive sequences with genetic algorithms to reach a certain state in a

non-deterministic FSM [MNH11a]. Publicado en IEEE Symposium on Articial Life,
ALIFE'11. La conferencia ALIFE est catalogada con la categora A en la lista CORE.
Experimental Comparison of Dierent Techniques to Generate Adaptive Sequences
[MNH11b]. Publicado en 11th Int. Conf. on Articial Neural Networks, IWANN'11.
La conferencia IWANN se encuentra en el puesto 55 de 701 conferencias del campo
de la Inteligencia Articial segn el
Computer Science Conference Ranking
(basado
en Estimated Impact of Conference, EIC, 2009) y aparece tambin catalogado con la

categora B en la lista CORE.
An islands model genetic algorithm to test non-deterministic nite state machines

[MNH11c]. Este trabajo se encuentra bajo proceso de revisin y se incluye en esta
tesis para garantizar la completitud del estudio presentado.
Planning of work schedules through the use of a hierarchical multi-agent system [MN11].
Una modicacin y extensin de la metodologa est publicada en la revista Automation
in Construction, editada por Elsevier, que cuenta con un factor de impacto de 1.372
en el JCR.
Consideramos que estas publicaciones nos permiten armar que el objetivo principal
de esta tesis, estudiar si el uso de formalismos grcos aporta ventajas a la hora de
desarrollar sistemas software y cmo puede plantearse el proceso de testing para un

sistema especicado a travs de ellos, se ha conseguido. Especcamente las publicaciones
[AMN08a, AMN09b, MAN10, MN11] sirven para mostrar la consecucin del primer objetivo
concreto que nos marcamos, el desarrollo formal de sistemas complejos, mientras que las
publicaciones [MNA09, MNH11a, MNH11b, MNH11c] corresponden al segundo objetivo,
ayudar a la creacin de conjuntos de tests para FSMs.
Pasamos a continuacin a describir brevemente los contenidos de cada uno de los trabajos
que constituyen esta tesis doctoral.
El primer artculo [AMN08d] corresponde a la denicin inicial del sistema multi-agente.
En este caso, el comportamiento de cada uno de los agentes se modelizaba a travs de
mquinas de estados nitos. La idea inicial surgi tratando de aproximar los mundos de la
arquitectura y de los mtodos formales y su intencin era crear un mtodo de cmputo que
simulando la estructura organizativa de equipos de trabajo, en los que existen unos agentes
encargados de realizar de facto las tareas y otros agentes que organizan y planican las
tareas de los primeros, fuera capaz de ejecutar acciones complejas a travs de peticiones del
usuario, re-organizndose de manera automtica. En este trabajo se distingue entre agentes
atmicos (los encargados de ejecutar las acciones) y agentes complejos que planicaran las
activaciones de los primeros. Los agentes guardan un conjunto de recursos y una funcin
que les aplica un valor a cada uno de esos recursos. Los agentes incluyen adems un buer
de entrada y uno de salida para permitir el correcto paso de los mensajes entre ellos y una
funcin de utilidad que le asigna una bondad a la valuacin de los recursos. Estos agentes
se encuentran inscritos en una estructura de clulas. Estas clulas tambin contienen buers
de entrada y de salida para el paso de los mensajes. Finalmente, se describe en el artculo
cmo se forma la estructura de clulas (en este caso linealmente desde una clula inicial) y
pasa a presentar la herramienta creada para la construccin de sistemas multi-agente.
Los formalismos existentes y revisados en el captulo 5 no reunan ciertas condiciones
deseables en nuestro caso. Entre estas condiciones se encuentra nuestra intencin de enfocar
el desarrollo del sistema para que un usuario inexperto fuera capaz de utilizarlo. Quizs
el enfoque ms similar es el utilizado por [Lom00], donde tambin genera un sistema
jerarquizado de agentes a travs de redes de Petri, pero los distintos niveles de mquinas
anidadas, a pesar de su gran expresividad, producan una complejidad de la que desebamos
huir. Otro motivo que nos impuls a denir un nuevo formalismo era la inclusin de dos
elementos difcilmente encuadrables dentro de los formalismos mencionados, a saber: la
inclusin de las funciones de utilidad para caracterizar las elecciones de los agentes y la
1. Introduccin
posibilidad de que una sencilla denicin de pre/post-condiciones permitiera la aparicin

automatizada de agentes que planicaran las tareas de los otros agentes del sistema
para la consecucin de una meta. La idea expuesta en [AMN08d] se presenta de manera
prcticamente similar, con una presentacin ms extendida de trabajo relacionado, como
captulo de un libro en [MAN10].
Como primer paso para estudiar la posibilidad de testear sistemas descritos a travs
de metodologas formales grcas se estudi el problema de denir un conjunto de tests
para una FSM determinista. Esto conlleva el problema de cmo equilibrar la calidad con
la cantidad de los tests requeridos para poder testear la mquina. El enfoque utilizado en
[MNA09] intenta obtener un conjunto de tests lo ms corto posible para que su aplicacin
no se dilate excesivamente en el tiempo, a la par que ese conjunto detecte el mayor nmero
posible de implementaciones errneas. As, este trabajo estudia cmo crear un conjunto de
tests asegurando su correccin si el algoritmo gentico no tiene ejemplos de aprendizaje. Para
solventar este problema se utiliza la
mutacin de especicaciones [CS94]. Esta tcnica surgi
auspiciada por los lenguajes formales basados en modelos y consiste en aplicar una serie de
operadores de mutacin a la especicacin para simular una implementacin errnea. Nuestro
uso de esta metodologa es similar dado que utilizamos los mutantes de la especicacin para
dotar al algoritmo gentico con implementaciones errneas y as conseguir que el nmero de
mutantes distinguidos mida la vala de cada test producido. La idea subyacente consiste
en hacer evolucionar un test que sea capaz de localizar el mayor nmero de fallos con la
menor secuencia posible. Para ello, la heurstica tiene en cuenta tanto el nmero de mutantes
detectados por cada test como la longitud de la secuencia del test. El test se codica como una
cadena de inputs que componen el cromosoma de un individuo de la poblacin del algoritmo
gentico. Este cromosoma vara en su longitud y los operadores permiten modicar los genes
al tiempo que modican la longitud de la cadena del cromosoma. El algoritmo presentado en
este artculo contiene varias poblaciones evolucionando en paralelo y se subdivide en varias
fases. En una primera fase de
evolucin todas las poblaciones son confrontadas con todos los
mutantes para as conseguir que se alcance el mayor numero de posibilidades, los mejores
individuos de esta fase son almacenados (uno por cada poblacin). En una fase posterior,
llamada de
especializacin cada poblacin es confrontada con un solo mutante para intentar
que evolucione para detectar un tipo especco de error. Finalmente, se eligen y juntan los
mejores individuos de las fases de evolucin y especializacin eliminando a los que resultan
redundantes y los ADNs de los individuos que quedan componen el conjunto de tests a
aplicar.
La primera modicacin importante del formalismo para describir un sistema de agentes

fue la presentada en [AMN09b]. Esta revisin representa una simplicacin del paso de los
mensajes entre los agentes y del formalismo en general. En esta versin todava no se logra
la paralelizacin de las tareas y result ser tan solo un paso intermedio hacia el formalismo
nal y, por tanto, no nos extenderemos ms en su comentario. En su ltima versin, que fue
presentada como trabajo nal de master [Mol09], y que se encuentra publicada en la revista
Automation in Construction
[MN11], el formalismo usado para representar a los agentes
consiste en un sistema de redes de Petri jerarquizadas, de manera que se pueda simular la

concurrencia y paralelizacin de tareas. Este artculo presenta un amplio espectro de trabajo
relacionado tanto a nivel de sistemas multi-agente como en enfoques informticos aplicados
al project management. En el artculo los agentes se presentan como la conjuncin de una
red de Petri que dene las transformaciones de recursos, que por la estructura intrnseca
de este formalismo permite su paralelizacin y un buer de entrada para la recepcin de
los mensajes. En este formalismo una clula se dene a travs de su posicin el rbol de
clulas (el padre y sus hijos) y el conjunto de agentes que se encuentran inscritos en ella. Las
funciones de utilidad se relegan al mbito de las peticiones, permitiendo al usuario formalizar
sus preferencias al denir el conjunto de recursos a obtener por los agentes. Tambin se
presenta en este ltimo formalismo una estructura de rbol para representar a las
clulas
(conglomerantes de agentes similares) que es creada de manera automtica para optimizar

el paso de los mensajes y para que la estructura de clulas sea lo ms compacta posible,
haciendo que el usuario no tenga que preocuparse de actualizarla manualmente al aadir un
nuevo agente.
Dentro de la lnea de encontrar mtodos para testear sistemas descritos formalmente

se
trat
tambin
el
problema
de
la
alcanzabilidad
de
estados
dentro
de
una
FSM
no determinista. Los tres artculos restantes [MNH11a, MNH11b, MNH11c] tratan esta
problemtica. Dentro de una mquina no determinista existen un nmero de estados que
son alcanzables de manera determinista y que por tanto no plantean ningn problema. Sin
embargo, esta caracterstica no se da para la mayor parte de los estados. Es importante
contar con la posibilidad de llevar la mquina hasta un estado concreto porque ello permite
restringir el anlisis a un cierto componente especco de la mquina. Ello se consigue a
travs de las
secuencias adaptativas de inputs
[Hie04, GYK08, ACY95], que son rboles
basados en el formalismo LTS (sistemas etiquetados de transiciones) que contienen un input

que se ramica por los outputs que devuelve la mquina. Posteriormente, en cada una de
las hojas creadas que no representan al estado buscado, se aade un input y contina el
1. Introduccin
proceso. El conjunto de todas las secuencias adaptativas para una mquina no determinista
permite construir un conjunto de estados alcanzables que se puede despus concatenar con
secuencias capaces de distinguir cada estado de la especicacin, o por lo menos los que no
sean
r-equivalentes,
de manera parecida a lo que hace la tcnica
state counting
[PYLD93].
En el trabajo [MNH11a] se propone una metodologa general para la creacin de secuencias

adaptativas. En este artculo se explican los rudimentos de nuestra tcnica para la creacin
de estas secuencias. Para ello, se dene la adaptacin de un algoritmo gentico enfocado a
la resolucin de este problema. La primera modicacin realizada al algoritmo gentico es
que el ADN de los individuos es un rbol (que representa a la secuencia adaptativa) y dada
esta codicacin los operadores de mutacin y cruce habrn de ser redenidos. Adems, cada
individuo de la poblacin tiene un coeciente que denotar su tendencia a buscar al random
soluciones o a basarse en las distancias entre nodos precalculadas usando el algoritmo de
Dijkstra. El operador de mutacin elige al azar entre aadir un sub-rbol al ADN o eliminarlo,
posteriormente realiza un recorrido lineal al azar por el ADN hasta encontrar un nodo sin
hijos. En el caso de que se aada un sub-rbol se utilizar el coeciente de aleatoriedad
del individuo para avanzar un paso ms hacia el nodo buscado. En el caso contrario, se
obtendr el padre del nodo seleccionado y se eliminarn del ADN este nodo y todos sus
hijos. El operador de cruce realiza un recorrido por uno de los dos ADNs seleccionados y por
cada nodo realiza un recorrido aleatorio en el otro ADN. Los nodos de ambos rboles que
representan el mismo estado de la mquina no determinista son guardados en una lista de
nodos comunes, esto se efecta por la necesidad de mantener la coherencia en la secuencia
adaptativa resultante del cruce. De entre esta lista de nodos comunes se selecciona uno al
azar que ser el punto de cruce, a partir de este, se intercambian los sub-rboles de los dos
ADNs creando dos nuevos hijos que sern aadidos a la poblacin. Para la seleccin de los
individuos se utilizar el
elitismo manteniendo las mejores soluciones y se usar la tcnica de
la ruleta para seleccionar al resto de la poblacin. La valoracin de los individuos se realiza

utilizando un muestreo en el que se analiza cuntas veces se alcanza el nodo destino usando
su ADN, tambin se tiene en cuenta la distancia a la que se queda en caso de no alcanzar el
nodo objetivo. Este muestreo se realiza 100 veces dando una idea aproximada de la bondad
del individuo. En el artculo se realiza una serie de comparativas con otras tcnicas que
podran utilizarse como la de escalada, obteniendo de manera sistemtica mejores resultados
con el algoritmo gentico propuesto.
En el siguiente artculo de la serie [MNH11b] se analiza experimentalmente la ecacia del

algoritmo y los coecientes que son ms tiles a la hora de crear las secuencias adaptativas.
10
Los anlisis realizados en este artculo se proyectan en dos vertientes. El primer tipo de
anlisis realizado trata de estudiar cmo funciona la tcnica planteada en relacin a otras
tcnicas como el puro random, el uso de un rbol formado con una adaptacin del algoritmo
del camino ms corto de Dijkstra o la escalada. Todos estos anlisis se encuadran dentro
de diversas complejidades de la mquina de estados nitos no determinista. El otro tipo
de anlisis realizado consiste en estudiar qu coecientes de aleatoriedad funcionaran mejor
para diferentes tipos de mquinas no deterministas. Para ello, se comparan varias poblaciones
en las que los rangos permitidos del coeciente de aleatoriedad son modicados y se estudia,
adems, si sera mejor que este coeciente fuera heredado o inicializado al azar dentro de un
rango.
En el trabajo [MNH11c], todava bajo proceso de revisin, se presenta una paralelizacin
del algoritmo gentico para incrementar su ecacia. Conviene decir al respecto de este ltimo
trabajo que la paralelizacin incluye segregacin de las poblaciones sin ser mezcladas entre
ellas y por tanto permite explorar una mayor parte del paisaje heurstico. Para llevar a cabo
la paralelizacin se utiliza una leve modicacin del modelo de islas, en las que existe una
evolucin en paralelo de varias poblaciones distintas (que se comportarn mejor dependiendo
del contexto) y una poblacin en la que se entremezclan los mejores individuos de cada una
de las poblaciones en cada generacin. En este ltimo artculo, se incluye un procedimiento
para testear mquinas no deterministas y resultados experimentales sobre su ecacia en
comparacin con otras tcnicas.
Captulo 2
Introduction
At my arrival at the School of Computer Science, with the background of my formation
as an architect and being involved in a group whose primordial interest were formal methods,
the rst thing that caught my attention was the possibilities that oered formal methods
to describe systems capable of conglomerating agents with very dierent capabilities. In
particular, I was interested in graphical formalisms since their representation allowed us
to understand faster the global functioning of a system and obtain a global vision of
the ensemble. Specically, it was natural to represent sets of agents that were capable of
auto-organizing themselves in a hierarchical manner. The result of this rst approach was
the papers that appeared as part of my Master's nal project:
A formal approach to the
specication of hierarchical multi-agent systems [Mol09]. The biggest diculties encountered

in the process were related with the choosing of the formal language that dened the behavior
of the agents. In a rst attempt, those behaviors were described by means of nite state
machines. This decision did not allowed the agents to apply in parallel several actions and
therefore, the ow of the work of the planning agents was limited to the expressivity of the
chosen language. This deciency was solved in the last revisions of the formalism, where we
ended using Petri nets to dene the agents' behaviors. Another of the aspects that undertook
the biggest evolution was the way in which agents were grouped in categories to permit in a
conceptual way a clearer ow of the messages and, therefore, an improvement in the eciency
of the system.
After the publication of those rst papers, and with the idea of studying how to be able to
test systems described through graphical formalisms, using as a starting point the knowledge
acquired in the Master of Research in Computer Science about genetic algorithms and having
an increasing interest in this technique for the possibilities that it oers for the resolution of
11
2.1. Integration discourse and objectives
12
problems of very dierent domains, I have redirected part of my work towards researching the
potential of the application of genetic algorithms to test systems specied through graphical
formalisms. It is also to note that in the scope of my scholarship I did a short stay in the
University of Brunel with Robert M. Hierons, which research interests coincide in these
matters. Through a strong experimentation and with dierent modications to what would
be considered a standard genetic algorithm, we arrived to a model that showed a probable
ecacy in confronting the problems we needed to solve. Those problems vary considering the
type of language with which the specication is created. In a rst attempt, we studied the
possibility of automating the task of the creation of a test suite for a deterministic nite state
machine. In addition, we confronted the necessity of automating the valuation of the goodness
of those tests taking in account the number of mutants killed. In a second approximation, the
possibility of testing non-deterministic nite state machines directed us towards researching
the creation of adaptive sequences to be able to reach a state in a univocal manner and
therefore, use these type of sequences to test non-deterministic machines.
The following doctoral thesis is presented in the publication format, following the point
4.4 of the agreement of the Government Counsel with date 14th of October of 2008, in
which it is approved the regulations for the development of the Regime relative to the
elaboration, counsel, defense and evaluation of the Doctoral Thesis by means of the Royal
Decree 1393/2007, with date 29th of October (BOE of the 30th of October), by which it is
established the rules for the university education of the University Complutense of Madrid. In
the mentioned article is contemplated that doctoral thesis may be published in paper format,
understanding by it the thesis constituted entirely by published scientic papers or accepted
for publication. In our case, most of the papers have been published in dierent international
congresses and in a journal indexed in the JCR index, being, therefore, supported by the
subsequent inter pares evaluation. The works that have not been published are still passing
the selection process and we hope that when the thesis is defended they will be accepted.
Next, we present the objectives and the integration discourse of this thesis.

In spite of the utility of the existing methods to represent and analyze systems our rst
studies detected a series of problems that could be solved or at least alleviated through
a deeper treatment of the use of graphical formalisms. More precisely, we detected three
problems: On one hand, the existing formalisms for the description of agents could benet
from a
friendlier use, in such a way that the automation of the planning phase of the tasks
2. Introduction
13
could reduce the specication time of the systems. On the other hand, in the study of testing
of deterministic nite state machines, even though there exists methods that are capable of
creating a complete test suite, it should be possible to achieve an improvement in the quantity
of tests that are needed to check the FSM. Finally, the third problem detected, concerning
the testing of non-deterministic nite state machines, is that there does not exist methods
to create adaptive sequences in such a way that it is not mandatory to develop the whole
tree of possibilities.
The main objective of this thesis is to show the utility of using graphical formal methods
in those situations where its use is adequate and, specically, alleviate the problems detected
and presented in the previous paragraph. Since it is a broad eld we have focused our
attention in studying how to be able to dene a complex system through these methodologies
and in how to be able to check the validity of those systems. A rst objective is to use a
graphical formalism to dene a multi-agent system. A second objective is to study how can
we test systems described through graphical formal methods, in this case using genetic
algorithms. Since we can encounter ourselves with deterministic and non-deterministic
systems, we have tried to search methods to automate the testing process for both types
of systems.
Graphical formal methods grant us with a series of advantages regarding both nonformal methods and non-graphical formal methods because they are simultaneously capable
of providing a intuitive and visual denition at the same time that they allow us to analyze
rigorously properties of those systems. Maybe the two formalisms that reunite at the same
time ease of use and expressive power are Petri nets, used mainly to specify concurrent
systems due to its capacity to express the parallelization of the tasks, and nite state
machines because they are one the simplest formalisms and with enough capacity to model
communication protocols.
Petri nets have been used to formalize a broad variety of models, from chemical reactions
(the original use of the formalism) to assembly lines and multi-agent systems. Our interest
is directed towards developing a modication of the formalism that allows to represent a
hierarchical multi-agent system, in such a way that it allows us to achieve one the objectives
proposed in this thesis. Initial versions of the formalism were made using a modication of
nite state machines, but the impossibility to represent adequately the inherent parallelism
of those systems forced us to use Petri nets to model the behavior of the agents of the
system, always keeping in mind to maintain as simple as possible the system, to avoid
concept mistakes.
14
This multi-agent system is developed in several phases, creating a formalism that allows
to model simple hierarchical multi-agent systems. This formalism have been extended and
revised in several occasions. Its denitive version is published in the journal Automation in
Construction.
Taking in account the objectives that we stated for this thesis, the use of graphical formal
methods, a line of work that complements the formal description of complex systems consists
in studying properties of those models and more specically, in studying if an implementation
is correct with respect to its formal specication. This line of work corresponds to one of the
objectives of this thesis. In this respect, we try to optimize the test suite to check the correct
functioning of deterministic nite state machines to continue with the problem of reaching
univocally a state in a non-deterministic nite state machine.
The results obtained during the development of this thesis have been presented in
the following publications, presented in dierent international meetings, enunciated in
chronological order:
A formal methodology to specify hierarchical agent-based systems. Published in 4th

Int. Conf. on Signal-Image Technology & Internet-based Systems, SITIS'08 [AMN08d].
IEEE Computer Society Press.
Combining genetic algorithms and mutation testing to generate test sequences [MNA09].
Published in 10th Int. Conf. on Articial Neural Networks, IWANN'09. IWANN
appears in the post 55 of 701 conferences of the eld of Articial Intelligence following
Computer Science Conference Ranking (based in Estimated Impact of Conference, EIC,

2009) and appears also under the B category in the CORE list.
A hierarchical methodology to specify and simulate complex computational systems

[AMN09b]. Published in International Conference on Computational Science, ICCS'09.
CORE A.
A formal methodology to specify hierarchical agent-based systems [MAN10]. Presented

as a chapter in the book Web-Based Information Technologies and Distributed Systems.
Published by World Scientic in 2010.
Creating adaptive sequences with genetic algorithms to reach a certain state in a
non-deterministic FSM [MNH11a]. Published in IEEE Symposium on Articial Life,
ALIFE'11. CORE A.
2. Introduction
15
Experimental Comparison of Dierent Techniques to Generate Adaptive Sequences

[MNH11b]. Published in 11th Int. Conf. on Articial Neural Networks, IWANN'11.
IWANN appears in the post 55 of 701 conferences of the eld of Articial Intelligence
following
Computer Science Conference Ranking
(based in Estimated Impact of
Conference, EIC, 2009) and appears also under the B category in the CORE list.
An islands model genetic algorithm to test non-deterministic nite state machines

[MNH11c]. This work is following a revision process and is presented in this thesis
to assure its completeness.
Planning of work schedules through the use of a hierarchical multi-agent system [MN11].
Published in Automation in Construction, edited by Elsevier, with an impact factor of
1.372 in the JCR index.
We consider that these publications allow us to state that the main objective of this
thesis, that is, to study if the use of graphical formalism brings advantages when developing
software system and how can the process of testing be planned for these types of systems,
has been fullled. Specically the publications [AMN08b, AMN09a, MAN10, MN11] show
the achievement of the rst objective, that is, the formal development of a complex system,
while the publications [MNA09, MNH11a, MNH11b, MNH11c] correspond to the second
objective, aiding the creation of test suites for FSMs.
Next, we briey describe the contents of each of the papers that constitute this doctoral
thesis.
The rst article [AMN08c] corresponds to the initial denition of the multi-agent system.
In this case the behavior of each of the agents was modeled through nite state machines. The
idea emerged trying to approximate the world of architecture and formal methods and its
intention was to create a computational method that simulated the organizational structure
of work teams where there exists some agents in charge of executing the tasks and other
agents that organize and plan the tasks of the rst. In this work, it is distinguished between
atomic agents (the ones in charge of executing the tasks) and complex agents that plan the
activities of the atomic agents. The agents withhold a set of resources and a function that
values each of those resources. Agents also include an input buer and an output buer to
allow the passing of the messages and an utility function that assigns a goodness to the
valuation of resources. Those agents are inscribed in a cell structure. Those cells also contain
input and output buers to handle the message ow. Finally, it is described how the cell
structure is formed (in this case, linearly from an initial cell) and then moves to present the
16
tool created for the construction of multi-agent systems.

The existing formalisms that are reviewed in chapter 5 did not reunite certain conditions
that were desirable in our case. Between these conditions was our intention of focusing the
development of the system to allow an inexpert user to utilize it. Maybe the closer approach
is the one proposed in [Lom00], where the author generates a hierarchical multi-agent system
through Petri nets, but the dierent levels of nested machines, in spite of its great expressivity,
produced a complexity from which we wanted to scape. Another reason that moved us to
dene a new formalism was the inclusion of two elements that were dicult to insert in the
mentioned formalisms, they are: the inclusion of utility functions to characterize the choices
of the agents and the possibility that a simple pre/post condition allowed the automated
emergence of agents that planned the tasks of the other agents of the system. The idea
presented in [AMN08c] is presented and in a similar manner with a longer related work
section as a chapter in a book in [MAN10].
As a rst step to study the possibility of testing systems described through graphical
formal methodologies we studied the problem of dening a test suite for a deterministic FSM.
We studied the problem of how to balance the quality with the quantity of the number of tests
required to test the machine. The approach used in [MNA09] tries to obtain the shortest test
suite possible in order to have the shortest execution time, at the same time this test suite
must still maintain its reliability and detect the highest number of errors. Therefore, in this
work it is studied how to create a test suite assuring its correction if the genetic algorithm
does not have learning examples. To alleviate this problem we used the technique of
mutation
of specications [CS94]. This technique appeared in the context of formal languages based in
models and consists in the application of a series of mutation operators to the specication to
obtain a simulation of an erroneous implementation. Our use of this methodology is similar,
considering that we use the mutants to grant the genetic algorithm with enough erroneous
implementations and this way, we can use the number of mutants distinguished to measure
the quality of each test produced. The underlying idea consists in evolving a test to be able
to locate the highest number of errors with the shortest sequence possible. To do so, the
heuristics considers the number of mutants detected and the length of the test. The test
is codied as a sequence of inputs that constitutes the chromosome of an individual of the
population of the genetic algorithm. This chromosome varies in its length and the operator
allows to simultaneously modify the genes and the length of the chromosome. The algorithm
herewith presented contains several populations evolving in parallel and it is subdivided in
several phases. In a rst phase, called
evolution, all the populations are confronted with every
2. Introduction
17
mutant to achieve the highest possibility of detecting all the errors. In a second phase, called
specialization, each population is confronted with one single mutant, to be able to best detect
a single type of error. Finally, the best specimens from each phase and each population are
checked for redundancies and together compose the test suite.
The rst important modication applied to the formalism for dening multi-agent
systems was presented in [AMN09a]. This revision represents a simplication in the passing
of the messages between agents and in the general framework. In this version it is still not
achieved the parallelization of the tasks and it ended up being just an intermediate step
towards the nal formalism, therefore, we will not extend any longer in its description.
In its last version, that was presented as my nal project for my Master's degree [Mol09]
and that is published in the journal Automation in Construction [MN11], the formalism
used to represent agents consists in a system of hierarchical Petri nets, to be able to simulate
concurrency and the parallelization of the tasks. This paper presents a wide variety of related
work in multi-agent systems as well as in computerized approaches to project management.
In this paper agents are presented as the conjunction of a Petri net, that denes de resource
transformations and an input buer for the reception of the messages. In the formalism, a
cell is dened through its position in the cell tree (the father and its children) and the set of
agents that are contained in it. Utility functions are moved to the petition system, allowing
the user to formalize its preferences when dening the set of resources to be obtained. Also,
the representation of the system is transformed into a tree structure that is automatically
created to optimize the ow of the messages and to keep this structure as compact as possible,
allowing the user to forget of having to manually actualize it.
In the line of nding methods to test systems that are formally described, we have treated
the problem of reaching univocally a state in a non-deterministic nite state machine. The
remaining three papers [MNH11a, MNH11b, MNH11c] treat this problematic. In a nondeterministic nite state machine there exist a number of states that are deterministically
reachable and that therefore, do not create any problem. But, this is not the case for the
majority of the states. It is important to provide the tester with a way to move the machine to
a specic state because that allows him to restrict the analysis to an specic component of the
system. This is achieved through
adaptive input sequences [Hie04, GYK08, ACY95], that are
trees based in the LTS formalism that contain an input that branches in the dierent outputs
that the machine returns. Then, in each of the leaves that do not represent the searched state
an input is applied and the process continues. The set of all the adaptive sequences for a
non-deterministic machine allows to construct a set of reachable states that afterwards may
18
be concatenated with sequences able to distinguish every state of the specication or at least,
those that are not
r-equivalent, in a similar manner to what state counting does [PYLD93].
In the work [MNH11a] it is proposed a general methodology for the creation of adaptive
sequences. In this paper we dene an adaptation of a genetic algorithm to solve this type
of problems. The rst modication made to the genetic algorithm is that the DNA of the
individuals is a tree (that represents the adaptive sequence) and due to this modication
the mutation and reproduction operators had to be redened. Also, every individual has
a coecient that denotes its tendency to search random solutions or to base the search in
the distances between nodes precalculated using Dijkstra's algorithm. The mutation operator
chooses at random between adding a subtree or removing a subtree from the DNA, afterwards
it does a lineal traversal of the DNA until it nds a node without children. In the case that
a subtree is added, the random coecient will be used to to advance a step towards the
searched node. In the opposite case, it will obtain the father of the chosen node and remove
it and all of its children. The crossing operator makes a traversal in one of the DNAs and
for each node traverses the other DNA. The nodes from both trees that represent the same
state of the non-deterministic machine will be added to a list of common nodes. From this
list of common nodes, one is randomly extracted that will be the crossing point, and from
this point both trees will be inter-exchanged creating two children that will be added to the
genetic pool. For the selection of the individuals we use
elitism
keeping the best solutions
in the pool for the next generation and for the rest of the population the roullete wheel
approach is used. To value the goodness of the individuals we used a sampling method,
analyzing how many times the target node is reached out of 100 attempts, the distance at
which it stays is also taken into account in the event that the target node is not reached.
In the paper we do several experimental comparisons with other techniques that might be
applied for the construction of adaptive sequences, like a hillclimbing approach, obtaining
systematically better results with the genetic algorithm.
In the following paper from the series [MNH11b] it is experimentally analyzed the
eciency of the algorithm and which coecients are better when creating adaptive sequences.
The analysis undertook in this paper follows two paths. The rst type of analysis tries
to study how the proposed technique works in relationship with others like random, or a
tree created using Dijkstra's shortest path algorithm or a hillclimbing approach in dierent
contexts of dierent complexities. The other type of analysis consists in studying which
random coecients will work better also for dierent types of non-deterministic machines.
To do so, several populations in which the allowed range for the random coecient varies
2. Introduction
19
are used to create an adaptive sequence. It is also studied if it would be better that this
coecient is hereditary or randomly initiated.
In the work [MNH11c], still undergoing a revision process, it is presented a parallelization
of the genetic algorithm to increment its eciency. Note, that the parallelization of the
populations include its segregation to be able to explore a wider range of the heuristic
landscape. To do so, we use an island model, in which the parallel evolution of the dierent
populations (each of which will behave better depending on which type of non-deterministic
machine we are confronted with) is coupled with a population that takes the best specimens
from each of the others. In this last paper, it is included a procedure to test non-deterministic
machines and experimental results about its eciency in comparison with other techniques.
20
Captulo 3
Estado del arte: testing formal

3.1. Introduccin
En una evolucin continua y en paralelo con el desarrollo de la
ingeniera del software, el
uso de mtodos formales para aumentar la abilidad de los sistemas ha crecido enormemente.
El porcentaje, tanto en tiempo como en recursos, dedicado a la comprobacin y vericacin
de sistemas y de sus requerimientos es cada vez mayor.
El
testing es el mtodo ms utilizado hoy en da en entornos industriales para aumentar
la abilidad de los sistema, esto es, la ausencia de errores en la implementacin con respecto
a los requerimientos. Brevemente, las tcnicas de testing se pueden denir como la aplicacin
(sistemtica) de un conjunto de inputs a un sistema para comprobar que los outputs que
produce corresponden a los resultados esperados.
Podemos distinguir varios tipos de testing dependiendo del conocimiento existente sobre
la implementacin del sistema o del acceso que tengamos a esta. Si este conocimiento es total
se habla de
testing de caja blanca. Este es el caso, por ejemplo, del testing de software cuando
se tiene acceso al cdigo fuente. En el caso de no poder tener acceso al funcionamiento interno
de la implementacin se habla de
se tiene acceso a las
testing de caja negra. En este ltimo tipo de testing solo
trazas que produce la implementacin como respuesta a los inputs que
se le proporcionan. Por tanto, en este marco la mayora de los criterios de correccin son
relaciones de conformidad entre las trazas de la implementacin y el conjunto de trazas del
que disponemos en la especicacin, de forma que la estructura interna de la implementacin
no se tiene en cuenta.
Uno de los problemas a los que nos enfrentamos en el testing de caja negra es la
posibilidad de que los fallos del sistema queden enmascarados por no haber alcanzado una
21
3.1. Introduccin
22
traza sucientemente larga como para revelar estos fallos. Al no tener conocimiento sobre
la composicin exacta de la implementacin a la que se van a aplicar los tests, la persona a
cargo de la creacin del conjunto de tests habr de realizar una serie de hiptesis sobre el
sistema, tales como un limite superior en el nmero de estados. Otros tipos de hiptesis a
realizar sobre el sistema comprenden suponer que la mquina de estados que tericamente
representar al sistema es mnima, que es fuertemente conexa, que tiene los mismos inputs y
outputs que el sistema especicado, que tiene un estado inial, la existencia de un reset, etc.
Este tipo de hiptesis son necesarias para intentar conseguir un conjunto de tests que sea
considerado como completo y correcto.
Para poder decidir que la implementacin se comporta correctamente respecto a la
especicacin se ha de establecer un criterio de correccin. Este criterio de correccin
depender del tipo de sistema al que nos enfrentemos y de la informacin de la que
dispongamos de la implementacin. Algunos de los criterios de correccin utilizados en testing
son IOCO [Tre96],
r-equivalencia [PYB96, Hie04, Ipa06] y s-equivalencia [HU08]. En general,
dependiendo del tipo de sistema al que vayan a aplicarse los tests, se establecer el criterio
de adecuacin ms idneo a discrecin de la persona a cargo de crear el conjunto de tests.
De manera general, se puede denir formalmente una relacin entre mquinas a travs
de denir una relacin entre sus estados. Por tanto, si somos capaces de distinguir
unvocamente un estado de otro dentro de una mquina, podemos decir que dos mquinas
sern distinguibles si se pueden distinguir sus estados iniciales. Si no somos capaces de
distinguir dichos estados iniciales para el criterio de correccin elegido, entonces consideramos
que las mquinas estn relacionadas. Para la distincin entre estados, una de las tcnicas que
existen consiste en la creacin de
secuencias nicas de input/output
que, como su nombre
indica, son las secuencias de inputs y outputs de longitud mnima que logran distinguir un
estado de cualquier otro dentro de una mquina. Otros mtodos comnmente usados son el
Wp .
Algunos de los mtodos para generar conjuntos completos de tests, generan un
problema de explosin de estados. En estos casos, otras metodologas como realizar el test
al vuelo
o usar tcnicas heursticas completan el escenario para la creacin de tests.
Si la especicacin viene dada en forma de una mquina de estados nitos, esto es, si
estamos comprobando el ujo de control de un sistema, los tipos de errores que pueden
aparecer son
errores de operacin:
cuando las secuencias de outputs producidas en la
implementacin no coinciden con las de la especicacin,
errores de transferencia:
cuando
un input de la implementacin nos lleva a un estado distinto que el de la especicacin o
extra (falta de) estados: cuando para hacer iguales la implementacin y la especicacin sera
23
necesario quitar estados (o aadirlos) [Cho78].

En el resto del captulo haremos un recorrido por las relaciones que se establecen como
criterio de comparacin entre procesos y los mtodos clsicos ms utilizados en testing formal.
3.2. Relaciones formales entre procesos

3.2.1. IOCO: input output conformance
Esta relacin de conformidad [Tre96] est basada en el lenguaje formal de las
Esencialmente, una
IOT S
IOT Ss.
es una LTS (ver Apndice A.2.2) donde el conjunto de acciones
est subdividido en inputs y outputs. En este marco, un estado que no puede hacer una
estable y un
llama quiescente.
transicin interna se llama
estado que no puede realizar ninguna transicin
interna o un output se
La quiescencia se representa con la accin
queda aadida al alfabeto de acciones de forma que
L=I O
aumentado con
que
representa al lenguaje de etiquetas
Denicin 3.1 Sea (S, I, O, T r, s0 ) una IOTS. Denimos los siguientes conceptos:
Dado s S , s after = {s0 S|s == s0 }
Dado s S , out(s) = {o O|s0 S : s o s0 } {|s0 S : s s0 }
Dado S 0 S , out(S 0 ) = {out(s)|s S 0 }
S
Dado s S , Straces(s) = { L |s0 S : s == s0 }

M after = s0 after
Straces(M ) = Straces(s0 )
Sean I , S dos IOT S . Se dice que I es conforme a S , y se denota por I ioco S , si para
toda traza Straces(S) se cumple out(I after ) out(S after ).
3.2.2. La r-equivalencia
La r-equivalencia [PYLD93] es una relacin de equivalencia que podemos establecer entre
mquinas de estados nitos no deterministas. Esta relacin se dene de manera negativa,
es decir, se dice que dos estados son
se denotar por
r-equivalentes cuando no pueden r-distinguirse, lo que
r s0 . En su caso, la relacin de discriminacin se dene para secuencias
hasta una longitud
y se extiende hasta el caso general.
3.2. Relaciones formales entre procesos
24
Como paso previo a denir la
r-equivalencia
debemos ampliar algunas nociones bsicas
del formalismo de las mquinas de estados nitos no deterministas.
Denicin 3.2 Sea (S, I, O, T r, s0 ) una mquina de estados nitos no determinista. Sean
i/o
i/o
s S y i I . Denimos (s, i) = {s0 S|s s0 T r} y (s, i) = {o O|s0 : s s0
T r}. Esta segunda nocin se puede extender a secuencias de inputs en la forma usual. Sean
/o
s S y I . Denimos (s, .) = {o.((s, ), )|s0 : s
s0 T r}.
La relacin binaria entre estados de r-distinguibilidad se dene como:
s
es r(1) distinguible de s0 , denotado por s r(1) s0 , si existe i I tal que
(s, i) (s0 , i) =
Sea k > 1. Se dice que s es k-distinguible de s0 , denotado por s r(k) s0 , si existe

1 j < k tal que (s, ) (s0 , ) = , con I j , o si existe un input i I , y dos
estados s1 (s, i) y s01 (s0 , i) tales que s1 r(j) s01 .
Se dice que dos estados son r-distinguibles, denotado por s r s0 si existe un k tal que
s r(k) s0 .
Finalmente, decimos que dos estados son r-equivalentes, denotado por s r s0 , si no
existe k tal que s r s0 .
Sean M1 = (S1 , I, O, T r1 , s0 ) y M2 = (S2 , I, O, T r2 , q0 ) dos mquinas nitas no
deterministas con S1 S2 = . Denimos M1 M2 como la mquina (S1 S2 , I, O, T r1
T r2 , s0 ). Decimos que M1 y M2 son r-equivalentes, denotado por M1 r M2 , si s0 r q0 en
M1 M2 .
Cabe remarcar que la eleccin del estado inicial en
M1 M2
es irrelevante para el uso
que le damos a esta operacin.
3.2.3. La s-equivalencia
La
s-equivalencia [HU08] se utiliza para comparar estados en sistemas distribuidos en los
que no se permite el paso de mensajes entre los distintos componentes. En las deniciones
que siguen a continuacin introduciremos una serie de notaciones y funciones preliminares
para poder entender la denicin de s-equivalencia.
Una secuencia
un smbolo
x,
se puede concatenar con otra secuencia
denotado por
Dada una secuencia
x .
tenemos que
0,
denotado por
La longitud de una secuencia
[]lk
0 ,
o con
se denota por
denota la subsecuencia que comienza en el
||.
k -simo
elemento y termina en el
l
otro caso, []k
||
[]1 = .
l-simo
25
elemento, mientras que se cumpla que
. Diremos tambin []00
y que para un
1, []k0
l k;
=
en cualquier
[]k1 . Por tanto,
Denicin 3.3 Sea (S, I, O, , , s0 ) una mquina de estados nitos distribuida. Dado un
elemento (oU , oL ) O denotamos por o|U (resp. o|L ) la componente U (resp. la componente
L) del par.
Dado j {U, L}, denimos la funcin j : (I O) (Ij {} Oj {}) como
sigue:
j () =
j (i/o ) =
/ j ()
si i 6 Ij o|j =
i/ j ()
si i Ij o|j =
/oj j ()
si i 6 Ij o|j = oj 6=
i/oj j ()
si i Ij o|j = oj 6=
Denimos otra funcin auxiliar para quitar de la secuencia producida por las
apariciones del par /:
(
r() =
r(i/o ) =
r()
si i = o =
i/o r() en cualquier otro caso
Denimos la funcin h : S I (I O) que devuelve la secuencia de input/output

que resulta de aplicar la secuencia de inputs a un cierto estado como:
h(s, ) =
h(s, i) = i/(s, i) h((s, i), )
Dado j {U, L}, denimos j : S I (I O) como la funcin tal que dados un

estado s y una secuencia de inputs devuelve la secuencia de input/outputs proyectada sobre
el puerto j , esto es, j (s, ) = r(j (h(s, ))).
Para denir la s-equivalencia es necesario denir en primer lugar la nocin de
sincronizable.
secuencia
Intuitivamente, una secuencia de estados ser sincronizable para un estado
sS
si no detectamos ningn problema de
desde
s.
controlabilidad en la aplicacin de la secuencia
Un problema de controlabilidad ocurre cuando un cierto puerto tiene que ejecutar
un input pero no sabe cuando es el momento en el que introducirlo porque ni el output

asociado con la transicin justamente anterior, ni el input de dicha transicin se ejecutaron
en ese puerto.
3.3. Tcnicas clsicas de testing formal
26
Denicin 3.4 Sea (S, I, O, , , s0 ) una mquina de estados nitos distribuida. Una
secuencia de inputs I es sincronizable para s S si para todo 2 k || tenemos que
k1
[]kk Ij implica j (h((s, []k2
0 ), []k1 )) 6= (, ). Denotaremos el conjunto de secuencias
sincronizables para un estado s por Synch(s).
Finalmente la nocin de
s-distinguibilidad se representa primeramente como una relacin
binaria entre estados para acabar denindola entre dos mquinas.
Denicin 3.5 Sea (S, I, O, , , s0 ) una mquina de estados nitos distribuida, I ,

s1 , s2 S , y j {U, L}. Decimos que la secuencia de inputs localmente s-distingue s1 y s2
en el puerto j si Synch(s1 ) Synch(s2 ) y j (s1 , ) 6= j (s2 , ). Ms an, localmente
distingue los estados s1 y s2 si existe un puerto j en el que localmente s-distingue s1 y
s2 en j . Si no existe una secuencia de inputs que s-distinga localmente s1 y s2 , entonces
decimos que s1 y s2 son s-equivalentes lo que se denota por s1 s s2 y en cualquier otro caso
escribimos s1 s s2 .
Sean M1 = (S1 , I, O, 1 , 1 , s0 ) y M2 = (S2 , I, O, 2 , 2 , q0 ) dos mquinas distribuidas
con S1 S2 = . Denimos M1 M2 = (S1 S2 , I, O, , , s0 ) como la mquina tal que
si s S1 , entonces (s, i) = 1 (s, i) y (s, i) = 1 (s, i) y en otro caso (s, i) = 2 (s, i) y
(s, i) = 2 (s, i). Escribimos M1 s M2 sii s0 s q0 en M1 M2 .
Conviene destacar que igual que ocurra en el caso de la
del estado inicial en
M1 M2
r-distinguibilidad,
la eleccin
es irrelevante.

En las siguientes subsecciones introduciremos algunas de las tcnicas ms utilizadas en
el mundo del testing formal.
3.3.1. El mtodo W
Esta tcnica, presentada en [Cho78], se utiliza para especicaciones dadas como mquinas
de estados nitos y usa el
conjunto de caracterizacin o conjunto W.
Denicin 3.6 Sea (S, I, O, , , s0 ) una mquina de estados nitos. La denicin de se

extiende para trabajar con secuencias de la siguiente manera: dada una secuencia I y
un estado s S ,
(s, ) = s,
donde es la secuencia vaca.
27
(s, .) = {(s, ).((s, ), )| I, I }

El conjunto W contiene aquellas secuencias que distinguen los comportamientos de cada
par de estados. Por tanto, formalmente se dene como:
W = { I |s1 , s2 S, s1 6= s2 : (s1 , ) 6= (s2 , )}

Para construir este conjunto primero se construyen particiones
k-equivalentes
que dos estados son

particin
k -equivalente
si no existe
k-equivalentes.
Se dice
(s1 , ) 6= (s2 , ).
Una
es una particin del conjunto de estados en los que todos los
k -equivalentes.
estados incluidos son
I k tal que
Se construirn todas las particiones
incrementando sucesivamente el valor de
k -equivalentes
k , hasta que solo quede un estado en cada particin.
Posteriormente el conjunto W constar de las secuencias mnimas que distinguen los estados
dos a dos. Por lo tanto, para construir este conjunto se cogern las particiones
se buscar la ltima
k -equivalentes,
que mantena a cada par de estados en la misma particin y se usara
esa secuencia concatenada con el input que los divide en la siguiente particin.
Para
construir
el
conjunto
P,
de transiciones, llamado
de
tests
nal
se
utilizara
un
conjunto
implementacin con un numero de estados igual a
Z=
viene dado por
cobertura
que contiene aquellas secuencias que atraviesan todas las
transiciones de la mquina. Se utilizar tambin un conjunto llamado
estados
de
que para una
y una especicacin con un nmero de
(I 0 .W ) (I 1 .W ) . . . (I mn .W ). El conjunto denitivo de
tests es la concatenacin de todas las secuencias de ambos conjuntos, es decir, el conjunto
T = P.Z .
3.3.2. El mtodo Wp
El mtodo
Wp
[FBK 91] utiliza subconjuntos de
Cada subconjunto de
distingue al estado
El conjunto
si
el estado
Pi
para conseguir el conjunto de tests.
es el que distingue a cada estado de los dems. De esta manera
Wi
de todos los dems.
se particiona dependiendo del estado al que se llega con la secuencia y el
T =
es una particin de
conjunto de tests resultante es

los estados y
iIS
Pi .Wi ,
donde
IS
es un conjunto de etiquetas para
tal que todas las secuencias que lo constituyen llegan
si .
3.3.3. Las secuencias UIO (secuencias nicas de input/output)

Una secuencia nica de input/output [SD88] para un estado
es una secuencia de pares
input/output tal que al aplicar sus inputs, los outputs obtenidos son distintos de los que se
28
obtienen para cualquier otro estado de la mquina. Formalmente:
Denicin 3.7 Dada una F SM = (S, I, O, , , s0 ), una secuencia se dice que es una
U IO para un estado s S si para todo estado t S, t 6= s se cumple que (s, in()) 6=
(t, in()), tal que in() denota la secuencia de inputs que forma parte de .
De manera similar al mtodo W, para calcular los tests en este mtodo se empieza por
construir el conjunto de cobertura de transiciones
P,
el cul se concatena con la parte de
inputs del conjunto de todas las UIO para cada estado.
3.3.4. State counting

State counting
[PYLD93], o conteo de estados, es una tcnica de testing que se aplica
a mquinas no deterministas. Es una tcnica parecida al mtodo
Wp
pero permite su
aplicacin de una forma adecuada a mquinas no deterministas. Se forma de la siguiente

manera.
Denicin 3.8 Sea (S, I, O, s0 , T r) una mquina de estados nitos no determinista.

Se construye un conjunto de inputs W que caracteriza a toda pareja de estados que
sean r-distinguibles.
Sean S1 , . . . , Sz conjuntos mximos de estados r-distinguibles (ver Denicin 3.2).
Sea Sd S el conjunto de estados que son determinsticamente alcanzables. Un estado
se considera determinsticamente alcanzable cuando existe una secuencia de inputs que
si es aplicada al estado inicial el nico resultado posible es el estado en cuestin.
Dado un subconjunto Sj S , Sjd = Sj Sd son los estados determinsticamente
alcanzables pertenecientes a ese subconjunto.
Para cada estado s S se crea un conjunto de pares de secuencias de inputs y de
outputs, F (s). Estas secuencias i /o F (s), son aquellas tales que i I y o O ,
existe un conjunto Sk de estados r-distinguibles (1 k z ) tal que i /o visita,
comenzando en s, estados de Sk un nmero de veces igual a |S| |Skd | + 1, y esta
condicin no se cumple para ningn prejo de la secuencia.
es la parte de entrada de las secuencias de F (s), es decir, Fi (s) = {i
I |i /o F (s)}.
Fi (s)
29
Se dene T (i , Fi (s)) como la concatenacin de i seguido de todos los prejos de

secuencias que pertenecen Fi (s).
El conjunto nal de tests viene dado por :
T =
T (j , Fi (sj ))W
sj Sd
donde
sj Sd
son los estados alcanzables determinsticamente desde el estado inicial,
la secuencia de inputs que lleva al estado en cuestin y
Fi (sj )
es
son las secuencias de longitud
mnima que permiten alcanzar cada estado perteneciente a particiones
r-distinguibles.
30
Captulo 4
Estado del arte: mtodos de bsqueda

heursticos
4.1. Introduccin
Las tcnicas heursticas de bsqueda se utilizan para encontrar soluciones a problemas
cuya resolucin es computacionalmente compleja. Estas tcnicas utilizan una funcin que
mide la vala de una solucin para intentar encontrar soluciones que vayan hacia el mximo
global, sin necesidad de explorar todas las posibles soluciones existentes. De esta manera, son
capaces de encontrar soluciones
ptimas en problemas donde tcnicas exhaustivas fallaran,
dado que el espacio de soluciones es demasiado grande para ser explorado al completo.
Existen ciertos problemas a la hora de utilizar cualquiera de las tcnicas heursticas
disponibles. Quizs el mayor de estos problemas sea la denicin de una funcin heurstica
correcta, ya que simultneamente necesitamos conseguir que sea
sencilla de calcular,
para
acortar el tiempo entre dos generaciones y que podamos alcanzar el mayor nmero de
generaciones posibles para un intervalo de tiempo, y que sea lo
ms correcta posible,
para
que al juzgar las soluciones candidatas logremos discernir cules son aquellas ms cercanas a
ofrecernos el mximo. La denicin de esta funcin heurstica crear un
paisaje del problema.
Una funcin heurstica correcta debera evitar que se produjeran planicies en ese paisaje, ya
que eso provocara que el algoritmo no lograra distinguir cul es la direccin que debe tomar
la evolucin para alcanzar el mximo. Por tanto, una funcin heurstica adecuada para un
problema debera poder eliminar estas mesetas. En la Figura 4.1 aparecen varias guras
extradas de [McM04] donde se muestran los paisajes que pueden crear diferentes funciones
heursticas para alcanzar un mismo objetivo y cmo una correcta denicin de las mismas
31
4.2. Los algoritmos genticos
32
Figura 4.1: Paisajes de diferentes funciones heursticas.
permite a las soluciones avanzar siempre hasta el mximo global.

Procederemos en las siguientes secciones a hacer un recorrido por las tcnicas heursticas
algoritmos genticos, la tcnica de optimizacin

de la colonia de hormigas, la optimizacin de sistemas de partculas, el enfriamiento simulado
y la escalada.
ms utilizadas. Entre ellas encontraremos los

Los
algoritmos genticos [Gol89] son una tcnica de computacin evolutiva basada en la
teora de la evolucin de las especies de Darwin. Estos algoritmos codican una solucin a
un problema en forma de una cadena de ADN perteneciente a un individuo de la poblacin.
Cada una de los individuos representa, por tanto, una posible solucin al problema. La
poblacin evoluciona a travs de una serie de operadores para adaptarse al paisaje heurstico
del problema. Los operadores que se encuentran en un algoritmo gentico son
mutacin,
reproduccin y seleccin de la especie. La mutacin modica uno de los genes de la cadena

del ADN y tiene como objetivo ampliar la bsqueda a zonas inexploradas del espacio de la
solucin. La reproduccin consiste en el intercambio de partes de la cadena de ADN de dos
individuos de la poblacin. La manera ms sencilla de realizar la reproduccin es elegir un
punto de corte y crear dos individuos nuevos: el primero tendr la primera parte del ADN
de la madre y la segunda del padre, mientras que el segundo individuo tendr la primera
parte del ADN del padre y la segunda de la madre. Este operador se utiliza para evitar que
la poblacin se quede estancada en mximos locales e intenta alcanzar una solucin mejor a
travs de usar combinaciones de soluciones parciales correctas. La seleccin de los individuos
para la reproduccin suele realizarse a travs de lo que se llama la
tcnica de la ruleta. Para
ello se inserta en un multiconjunto a todos los individuos un nmero de veces proporcional
33
a su vala, para posteriormente extraer al azar dos elementos de ese multiconjunto. El tercer
operador, seleccin de la especie, se implementa mediante la asignacin de un valor a cada
individuo utilizando una funcin heurstica. Se eliminan las soluciones menos vlidas para
mantener constante el nmero de individuos de la poblacin. Con ello se intenta conseguir
que el tiempo de cmputo de cada generacin sea constante y fomentar adems que sean
las soluciones ms correctas las que se mantengan. Dentro de la seleccin de la especie se
suele aplicar el
elitismo, es decir, trasladar directamente a la siguiente generacin las mejores
soluciones sin haberles aplicado ningn tipo de modicacin (ni a travs de mutaciones ni a
travs de la reproduccin).
Una extensin que permite a la tcnica aumentar en gran medida su efectividad es su
paralelizacin. Existen diversas maneras de paralelizar un algoritmo gentico [NP99, CP98,
Kon04]. De manera general, la ganancia en calidad de la solucin viene dada por dos factores.
Uno es intrnseco a la paralelizacin: la mejora en los tiempos de cmputo al utilizar mayor
nmero de procesadores. Sin embargo la otra fuente de ganancia pertenece a la idiosincrasia
del algoritmo gentico, y consiste en que en la mayora de los patrones de paralelizacin
se establece que los movimientos inter-poblacionales (las migraciones) sean restringidos.
De hecho, lo ms usual es que las migraciones se restrinjan a las poblaciones cercanas.
Ello permite que el algoritmo explore una mayor parte del paisaje heurstico de manera
independiente en cada poblacin y, por tanto, se evitan problemas de mximos locales. El
modelo ms comn de paralelizacin de un algoritmo gentico es el
modelo de islas [WRH98].
Durante el resto de la seccin procederemos a establecer con mayor claridad los conceptos
con la ayuda de un ejemplo sencillo que nos permita visualizar la codicacin del ADN as
como su modicacin a travs de los operadores.
4.2.1. Codicacin de la secuencia del ADN

Las soluciones al problema se codican como el ADN de los individuos. La manera ms
sencilla de realizar esta codicacin consiste en una secuencia, que en muchos casos tomar la
forma de una cadena binaria. Es este tipo de codicacin el que utilizaremos para mostrar en
ejemplos sencillos el uso de los operadores, pero conviene tener en cuenta que la codicacin
del ADN puede ser mucho ms compleja. Ello suele ocurrir en muchos algoritmos genticos
aplicados a problemas concretos en los que su codicacin como una cadena es imposible o
sencillamente ms compleja que una codicacin en forma de rbol o de cualquier otro tipo
de estructura.
La inicializacin del ADN suele ser aleatoria. En cualquier caso, conviene mencionar que si
34
Figura 4.2: Mutacin de un gen del ADN.
se conoce algn tipo de solucin base podra usarse como ADN inicial de los individuos. Una
inicializacin aleatoria tiene como objetivo explorar de manera uniforme el paisaje heurstico
de la solucin al problema y comenzar a evolucionar las soluciones candidatas a partir de
diversos puntos.
4.2.2. Mutacin
La mutacin modica un gen especco de la cadena de ADN. En el caso de que la
cadena sea binaria, la mutacin consistira en elegir uno de los genes al azar y si es un 0
cambiarlo por un 1 y viceversa. En cualquier otra situacin es conveniente especicar los
valores permitidos para cada tipo de gen, para saber los que puede tomar la mutacin. Es
preferible realizar un nmero bajo de mutaciones por cada individuo y por cada generacin,
ya que en caso contrario, el individuo originario y el mutado seran tan diferentes que juzgar
si ha habido una mejora en su valor heurstico sera relativamente poco til, para ello se
utiliza lo que se llama la probabilidad de mutacin. En la Figura 4.2 podemos visualizar un
ejemplo de la mutacin de un gen de una cadena binaria.
4.2.3. Cruce de la especie

El cruce se realiza usualmente entre los mejores individuos de la especie ya que as
obtendremos, con alta probabilidad, un descendiente de mayor vala. sin embargo, si siempre
se usara esta estrategia la poblacin tendera a ser demasiado uniforme, reduciendo la
diversidad gentica. Ello equivale a eliminar la bsqueda simultnea por diferentes caminos
del espacio del problema, y reduce la posibilidad de alcanzar el mximo global. Por tanto, la
tcnica que suele producir los mejores resultados es la de
jerarqua lineal que inserta en un
multiconjunto a los individuos de la poblacin un nmero de veces proporcional al puesto que

ocupan en la poblacin, jerarquizados por su vala heurstica. Si existen varias funciones de
jerarqua multi-objetivo. Otra

tcnica que se utiliza comnmente para la seleccin de los individuos es la ruleta, que como
cuya optimizacin depende la vala de un individuo se habla de
35
ya hemos explicado brevemente, consiste en insertar en un multiconjunto a los individuos

un nmero de veces proporcional a su vala. Los individuos que se seleccionarn para la
reproduccin se extraern de este multiconjunto. Estas tcnicas permiten la posibilidad de
elegir todava a un individuo de vala baja, aunque ser elegido con menor probabilidad que
uno de vala mayor.
Existen varios tipos usuales de cruce. El primero sera el de
punto de cruce nico, en el
que se elige un punto de la cadena de los progenitores y se producen dos hijos, el primero
con la primera mitad del ADN de la madre y la segunda mitad con el ADN del padre, y el
otro hijo con la combinacin opuesta. El segundo tipo sera el del
punto de cruce mltiple,
en el que se realiza un proceso similar pero con dos o ms puntos de cruce. Finalmente, el
tercero sera un cruce en el que cada gen pertenece a uno de los progenitores (el primero a
la madre, el segundo al padre y as sucesivamente). En la Figura 4.3 podemos visualizar un
ejemplo grco de los dos primeros tipos de cruce.
4.2.4. Juzgar y seleccionar a la especie

Este operador toma como base la vala otorgada por la funcin heurstica a cada una
de las soluciones que conforman la poblacin, tras producirse la reproduccin, y elimina
a un nmero de individuos hasta mantener la poblacin en un nmero jo de individuos.
La seleccin de los individuos a eliminar puede realizarse por dos vas. La primera consiste
en directamente eliminar a los peores individuos de la especie, pero esto podra producir
nuevamente un estancamiento en la solucin, y para evitarlo se suele utilizar el
mtodo de
torneo. En este mtodo se eligen al azar dos individuos y se enfrentan, resultando vencedor
el individuo con mejor valor heurstico, el perdedor se elimina de la poblacin hasta reducir
sucientemente el nmero de especmenes de la poblacin.
Otro mtodo que podra utilizarse sera una tcnica similar a la
ruleta
explicada en el
cruce, pero en vez de insertar a los individuos un nmero de veces proporcional a su vala se
les insertara un numero de veces inversamente proporcional a su vala.
El
elitismo
es una convencin a travs de la cul se transeren a la siguiente generacin
al individuo (o los individuos) mejor adaptado de esta generacin sin aplicarle ninguna
mutacin. De esta manera se evita perder las mejores soluciones al realizar las mutaciones y
los cruces.
4.3. Otras tcnicas heursticas
36
Figura 4.3: Cruce de dos individuos, con punto de cruce nico (arriba) y con puntos de cruce
mltiples (abajo).

4.3.1. Algoritmos basados en la optimizacin de colonias de hormigas
La naturaleza es una fuente interminable de inspiracin para multitud de campos. Al
igual que los mtodos de seleccin darwiniana han inspirado a los algoritmos genticos, el
comportamiento de las
colonias de hormigas
tambin ha servido para resolver multitud de
problemas [Dor92, DMC96, DG97]. Lo ms interesante de este comportamiento es que a

pesar de no existir una inteligencia global, las hormigas consiguen a travs de una serie
precisa de comportamientos individuales instintivos hacer emerger algn tipo de inteligencia
37
en su interaccin. Ello se pone de maniesto sobre todo en la manera que logran encontrar
los caminos ms cortos entre la fuente de comida y la colonia.
Cmo logran las hormigas localizar los caminos ms cortos si no existe comunicacin ni
una visin global del conjunto?, la realidad es que s existe un tipo de
comunicacin, se realiza
a travs de depositar feromonas en el camino que cada hormiga recorre. Cada hormiga tiene
un comportamiento simple: se mueve de manera azarosa en busca de comida, pero al alcanzar
una fuente de comida, vuelve a la colonia a traerla y vuelve a ir hacia la comida para buscar
ms. En este proceso deposita feromona, que se ve reforzada cuantas ms veces repita este
camino. Decir que una hormiga se mueve al azar, tiene por tanto, una parte de verdad pero
hay que tener en cuenta que en el caso de que una hormiga detecte un ujo de feromona lo
sucientemente fuerte, seguir su rastro esperando encontrar una fuente de comida localizada
por otra hormiga, y as contribuir en la aportacin de comida a la colonia. Una pregunta
lcita consiste en cuestionarse si este mtodo tambin sirve para encontrar los caminos ms
cortos. En la Figura 4.4 podemos observar cmo funciona el mtodo y cmo caminos largos se
abandonan cuando se encuentran otros ms cortos. Al comienzo las hormigas al enfrentarse
al obstculo toman al azar un camino u otro. Si hubiera un nmero muy alto de hormigas
la mitad iran por un camino y la otra mitad por el otro. Pero las hormigas que eligen el
camino B tardarn ms tiempo en recorrerlo, por lo que el ujo de hormigas es mayor en el
camino A. Puesto que, adems, la feromona se evapora con el tiempo, el rastro de feromonas
dejado en el camino A despus de un intervalo de tiempo ser mucho mayor que el rastro
del camino B. Ello llevar a que ms hormigas elijan el camino A, reforzando este camino
hasta que prcticamente todas las hormigas tomen el camino ms corto desde el nido hasta
la fuente de comida.
La aplicacin de estos principios con hormigas virtuales, permite resolver problemas de
caminos mnimos en un grafo, tales como el problema del viajante de comercio y a travs de
transformaciones, se puede aplicar esta tcnica para hallar buenas soluciones para una gran
variedad de problemas.
ACO (del ingls Ant Colony Optimization) funciona de la siguiente manera. Se inicializan
todas las transiciones del grafo a un valor de feromonas constante. Una vez nalizada esta
inicializacin, el algoritmo constar de los siguientes pasos.
1. Las hormigas comienzan a recorrer el grafo. La manera en la que una hormiga

el proximo nodo viene determinada por la siguiente probabilidad:
pkij = P
ij ij
hNi (ih
ih
)
elegir
38
Figura 4.4: Variacin de la concentracin de feronomas en caminos que evitan un obstculo.
donde
Ni
son los nodos vecinos de
que va del nodo

siendo
dij
i al j
ij
i, ij
es la cantidad de feromona de la transicin
es la bondad de la transicin
la longitud (el peso) de la transicin.
ij . Normalmente, ij = 1/dij ,
son dos coecientes que valoran
el peso relativo de cada uno de las dos medidas.

2. Se actualiza la cantidad de feromona de cada transicin. Esta actualizacin viene
determinada por la ecuacin
ij (1 ) ij +
cantidad de feromona de la transicin que va del nodo

que determina el nivel de evaporacin, y
la hormiga
en la transicin desde
k,ij
hasta
j.
kAN T S (k,ij ), donde
ij
es la
i al j , (0, 1) es un coeciente
es la cantidad de feromona que deposita

Normalmente, la cantidad de feromona
depositada viene dada por la expresin:
(
k,ij =
donde
Q/Lk si el ciclo de la hormiga k contiene la arista ij

0
es una constante y
en cualquier otro caso

Lk
es la longitud total del ciclo de la hormiga.
3. Se repiten estos pasos hasta que se produzcan un nmero de generaciones prejadas o

se alcance un criterio de parada (como que la solucin hallada no haya mejorado en
39
generaciones).
Una de las ms optimizaciones ms relevantes del algoritmo bsico es el
system
MAX-MIN ant
[SH00], donde solo se permite a la mejor hormiga aumentar el nivel de feromona,
se limitan los valores de feromona en las transiciones entre unos mximos y unos mnimos
(para evitar que la mejor solucin domine a todas las dems) y en el caso de que la solucin
no haya variado despus de un tiempo se suavizan las diferencias en los niveles de feromona
entre las transiciones para que se puedan buscar nuevas soluciones.
4.3.2. Escalada (hillclimbing)

La tcnica de escalada [RN95] es una de las ms sencillas de implementar y que suele
producir buenas soluciones en poco tiempo. Existen dos variantes principales. La primera se
llama de
mxima pendiente
y se basa en aplicar todos los operadores posibles a un punto
del espacio de bsqueda, y elegir el que devuelva el mayor valor, y mover el estado actual
hasta ese punto. La segunda variante es
escalada simple
y su funcionamiento se basa en
ir aplicando operadores hasta que la aplicacin de un operador haya mejorado la vala del
estado actual. En ese momento se modica el estado actual y se pasa al transformado por el
operador encontrado. La escala simple suele aplicarse solo en los casos en los que por haber
demasiados operadores o tardar mucho en aplicar cada uno de ellos, encontrar el mximo de
entre los operadores disponibles conllevara demasiado tiempo para cada interaccin.
La tcnica de escalada funciona muy bien para paisajes heursticos con un solo mximo
o con pocos mximos locales. Por contra, funcionar muy mal en el caso de que existan
muchos mximos locales, ya que esta tcnica se estanca en dichos valores. En la Figura 4.5
podemos observar cmo en el paisaje de la izquierda, la inicializacin del algoritmo en el
punto
lograr encontrar siempre el mximo. En cambio, en la parte derecha de la gura
observamos que si se inicializa el algoritmo en los puntos

mximos locales, si se inicia en
se quedar estancado en
el algoritmo no sabr qu direccin tomar, y la nica
vez que encontrar el mximo global ser si es inicializado en
d.
Para evitar este tipo de
problemas se han optado por varias modicaciones del algoritmo original. Una consiste en
llevar en paralelo varias escaladas desde distintos puntos del paisaje heurstico. Otra consiste
en evaluar si puede mejorar pasando a algn vecino y en caso contrario, elegir el siguiente
punto al azar. En esta lnea, una alternativa consiste en analizar puntos al azar y escoger
aquel que permita una mejora.
40
Figura 4.5: Diversas inicializaciones del algoritmo de escalada simple en dos paisajes distintos.
4.3.3. Enfriamiento simulado

Esta tcnica [KGV83] est basada en el proceso de templado de los metales y otros
materiales, que se elevan hasta una alta temperatura para luego ir bajndola gradualmente.
Este proceso excita energticamente a las partculas lo que hace que aumente su movilidad.
Posteriormente al ir bajando la energa dichas partculas se van colocando formando
estructuras uniformes de manera que el metal resultante tiene unas propiedades ms
uniformes. La aplicacin de esta metfora al campo de las bsquedas heursticas reutiliza
las frmulas extradas de estos procesos para intentar encontrar el mximo global dentro de
un paisaje heurstico. Inicialmente una funcin de probabilidad que tiene como parmetro
la temperatura permitir el movimiento del sistema hacia estados heursticamente peores.
Segn vaya bajando la temperatura simulada del sistema, el algoritmo comenzar a aceptar
solo aquellos estados que mejoran la vala heurstica. Al nal del proceso se comportar como
una bsqueda voraz. La primera fase permitir escapar de mximos locales mientras que la
segunda fase permite ascender hasta el mximo del lugar en el que nos hemos situado.
De
una
temperatura
manera
T0
ms
formal
este
mtodo
comienza
la
bsqueda
inicializando
la
a un valor alto y se elegir el estado siguiente mediante la aplicacin de
los siguientes pasos.
Si el vecino ms proximo mejora la vala entonces se acepta y se contina.
Si el vecino ms proximo tiene una vala menor que la del estado en el que nos
encontramos, se aceptar en el caso de que
umbral de aceptacin al azar entre 0 y 1,
valor heurstico) y
E(s0 )
U (0, 1) < e
E(s)
E(s)E(s0 )
T
,
siendo
U (0, 1)
un
la energa de nuestro estado actual (su
la energa del vecino hacia el que intentamos movernos.
41
Una vez aceptado un vecino nuevo (si ningn vecino nuevo es aceptado paramos), la
temperatura se actualizar bajando. Esta actualizacin de la temperatura puede ser
T T ,
lineal
donde
o estar formulada por un nmero de ecuaciones como
[0.8, 0.99],
T0
1+log(k) , siendo
T T,
el nmero de la iteracin actual, o
T0
1+k .
El algoritmo parar dependiendo de varios criterios, como puede ser que la temperatura
sea sucientemente baja, se hayan alcanzado un numero de iteraciones mximo, no se
acepte ningn vecino en una iteracin, se haya alcanzado un valor heurstico suciente,
etc.
4.3.4. Inteligencia de enjambres (swarm intelligence)

La tcnica descrita por este mtodo [KE95] contiene un conjunto de soluciones candidatas
a la resolucin del problema de forma que estas soluciones se comportan como una bandada
de pjaros que unican su velocidad con aquella de sus vecinos. Cada una de estas soluciones
intenta llegar al mximo y a travs de la inuencia de las partculas cercanas es capaz
de encontrar una solucin. Esto es, cuando una partcula encuentra un punto del paisaje
heurstico que aumenta el valor, las partculas cercanas tendern a moverse hacia ese
punto y, a travs de aproximaciones a todos los mximos encontrarn el mximo global
(probabilsticamente).
En el algoritmo original, la solucin al problema se encuentra en un espacio de
dimensiones. Cada partcula
y el de su
tiene dos vectores; el de su
posicin Xi = (xi1 , xi2 , . . . , xid ).
cuenta la posicin de la mejor partcula
Pg = (pg1 , pg2 , . . . , pgd ).

velocidad:
velocidad Vi = (vi1 ), vi2 , . . . , vid ,
Adems, la partcula
recuerda su mejor posicin hasta el momento
tiene una memoria que
Pi = (pi1 , pi2 , . . . , pid ).
Tambin se tiene en
g , heursticamente hablando, en el vecindario cercano
El clculo de la posicin de la partcula se realiza a travs de su
xij xij + vij
donde la velocidad se calcula a travs de la siguiente ecuacin:
vij vij + 1 U (0, 1) (pij xij ) + 2 U (0, 1) (pgj xgj )

donde
representa el
componente cognitivo
el
componente social,
equilibrando entre
los dos la inuencia de cada uno de estos factores y la de la anterior velocidad, y
U (0, 1)
es
un nmero elegido al azar entre 0 y 1.

El principal problema de esta tcnica es que no realiza una bsqueda local exhaustiva. Por
lo tanto, la aplicacin de este mtodo tiende a acercarse al mximo pero en ciertas ocasiones
sin encontrarlo. Para evitar este contratiempo, se han introducido diversas modicaciones al
42
algoritmo original. Quiz la ms sencilla de ellas consista en introducir un trmino de
inercia
constante a la ley de la velocidad, quedando la frmula como:

vij vij + 1 U (0, 1) (pij xij ) + 2 U (0, 1) (pgj xgj )
Esta inercia tambin puede ser modicada linealmente:
vij k vij + 1 U (0, 1) (pij xij ) + 2 U (0, 1) (pgj xgj )

donde
es la inercia en la iteracin
y se actualiza como
Otra modicacin posible consiste en aplicar un
k+1 = k ,
con
(0, 1).
factor de constriccin, siendo esta mejora
la que aparenta haber dado los mejores resultados:
vij K (vij + 1 U (0, 1) (pij xij ) + 2 U (0, 1) (pgj xgj ))

donde
K=
|2(1 +2 )
2
.
(1 +2 )2 4(1 +2 )|
4.3.5. Formacin dinmica de ros

Un mtodo heurstico originado en el seno del grupo donde se ha desarrollado esta tesis,
est basado en la formacin dinmica de los ros [RR09]. Se produce lluvia sobre los nodos
orgenes y el nodo destino se sita al nivel del mar. Las gotas, al pasar de nodo en nodo,
van produciendo erosin (bajando la altura de los nodos); si no pueden avanzar, las gotas
depositan sedimentos (aumentando la altura de los nodos). De esta manera se va equilibrando
el grafo para encontrar los caminos ms cortos desde el nodo origen al nodo destino.
En cada iteracin se asigna una probabilidad a una gota
subida o planos
P (d) =
1
notClimbingF actor . El
de poder elegir caminos de
notClimbingF actor se inicializa a 1 y se decrece
en
0.01 en cada iteracin, pero cada n iteraciones (a determinar por el usuario) se incrementa
en
0.5 para realizar un proceso similar a el enfriamiento simulado. Si U (0, 1) > P (d) entonces
Pd (i, j) =
P (i,j)
lN (i,l)
0
donde
(i, j) =
U (0, 1) P (d)
altitud(j)altitud(i)
y
distancia(i,j)
entonces
si j Ni

Ni
son los estados vecinos del estado
i.
Por contra, si
Pd (i, j) =
43
(i,j)
total
/|(i,j)|
total
total
si j Fi
si j Di
si j Ui
donde
Ni = Di Ui Fi , Di
son los vecinos a la misma altura que i. Estos ltimos solo aparecern al comienzo del
Fi
son los vecinos ms bajos que i,
Ui
son los vecinos ms altos que
algoritmo, permitiendo una bsqueda de alguna manera aleatoria en las primeras iteraciones.
son parmetros del algoritmo:
bajada y
[0, 1]
sera un valor pequeo y
relaciona la posibilidad de subir pendientes con la de
la posibilidad de elegir un camino plano frente a uno de bajada. Normalmente,
[0, 1]
un valor alto para asegurarse de que se estudian
todos los posibles caminos.

Las gotas en el mismo nodo son agrupadas en una gota de tamao mayor, y al llegar a
un nodo se subdividen siguiendo las respectivas probabilidades de cada vecino.
la erosin de un nodo modica su altura
erosion(i, j) =
paramErosiontamGota
costeSolucion
(i, j).
altitud(i) = altitud(i) erosion(i, j)
donde
En cunto a la sedimentacin se produce
cuando una gota no puede moverse a ningn nodo vecino y aumenta la altitud
altitud(i) =
altitud(i) + paramSedim tamGota
4.4. Tcnicas de bsqueda heursticas para testear sistemas

4.4.1. Uso de algoritmos genticos en testing
Los
mtodos
de
bsqueda
heursticos
han
sido
ampliamente
aplicados
resolver
problemas relacionados con la construccin de conjuntos de tests. En general, como se explica

en [McM04], la enumeracin exhaustiva de todos los inputs posibles de un programa de
tamao medio es inviable y, por tanto, el problema de la eleccin del conjunto de tests a
aplicar, de entre todos los tests posibles, se ha intentado resolver de diferentes maneras siendo
una de ellas la aplicacin de los algoritmos genticos. Dada la especial relevancia para esta
tesis de la aplicacin de los algoritmos genticos al testing, desarrollaremos este tema con
mayor profundidad.
El trabajo anteriormente mencionado [McM04] es una revisin del estudio de los mtodos
de bsqueda heursticos aplicados a la ingeniera del software, en especial, al mundo del
testing. Este trabajo fue revisado y actualizado recientemente por el autor con motivo de
una conferencia [McM11].
44
Atendiendo a la clasicacin realizada en [McM11], la mayora de los trabajos llevados

a cabo en esta rama corresponden a la categora de
testing estructural o de caja blanca, en
el que a partir del cdigo del programa se estudian los ujos de control y se denen los
caminos a ser testeados, buscando a la par los valores que satisfagan las condiciones de cada
rama. Los trabajos dentro del rea pueden clasicarse en dos grandes grupos atendiendo
a sus objetivos, como se muestra en la revisin del estado del arte de la aplicacin de los
algoritmos genticos al testing de sistemas [MA05], o en [AGET10] donde se realiza una
revisin de las limitaciones de la aplicacin de los algoritmos genticos al testing. Un grupo
se centrara en satisfacer las restricciones impuestas para ejecutar una determinada rama del
ujo de control del programa, atendiendo a una preseleccin de los caminos en los que es ms
comn o crtico encontrar un error [PGGZ94, BJ01]. Otro grupo buscara conseguir encontrar
tests para cubrir el mayor nmero de ramas posibles [RMB 95, JSE96, PHP99, MMS01].
El trabajo [PGGZ94] presenta una aplicacin sencilla de un algoritmo gentico para
encontrar valores que satisfagan las restricciones impuestas a lo largo de un camino dentro
del ujo de control de un programa. Mientras que en el trabajo [BJ01] se realiza un primer
anlisis del sistema bajo test, para crear un conjunto de tests inicial. Una posible tcnica para
crear este conjunto de tests consiste en utilizar un conjunto de inputs aleatorios inicialmente.
En este conjunto se busca el camino ejecutado con mayor nmero de nodos en comn con el
camino del cual se desea obtener el conjunto de datos para realizar el test. Estos valores se
usarn para caracterizar a la poblacin inicial del algoritmo. Durante la bsqueda tambin
se utilizar esta medida de similitud como parte de la mtrica. Esta mtrica tambin tendr
en cuenta los valores de las
distancias de rama
ya utilizada en [Kor90] que a su vez toma
como idea inicial el trabajo presentado en [MS76].

Dentro del grupo de trabajos enfocados a conseguir la comprobacin del mayor nmero
de ramas posibles, el trabajo presentado en [RMB 95] utiliza los algoritmos genticos para
crear un conjunto de test que cubra la mayor parte de cdigo posible. Para realizar esta
tarea se considera una poblacin en la que se van insertando individuos que cubren partes
individuales del cdigo pero que en su conjunto son capaces de ejecutar casi completamente
todas las ramas del ujo de control del programa. As, cada individuo maneja un conjunto
de valores para las variables y ejecuta una parte del programa y entre toda la poblacin
se crea el conjunto de tests. En el trabajo [JSE96] se usa una aproximacin similar pero
con la especicidad de intentar producir tests en las fronteras de las restricciones, dado que
es en estos valores donde se encuentran errores de manera ms frecuente. El enfoque de
[PHP99] utiliza el
grafo de control de dependencias
para dirigir la bsqueda de casos de
45
test. Los autores implementan su algoritmo, llamado TGen, y un algoritmo de bsqueda

aleatoria para realizar una comparacin y poder estimar la efectividad de su enfoque. En
este trabajo se utiliza tambin la similitud entre los tests, para elegir los individuos para
el cruce, atendiendo a que hayan sido capaces de ejecutar nodos que se encuentran en una
rama comn. Otra caracterstica de este trabajo es que en el caso de estar demasiado tiempo
intentando satisfacer una condicin el algoritmo abandona este camino y lo deja para ms
tarde, esto evita que el algoritmo se quede bloqueado en el caso de existir caminos no factibles
en el cdigo. El trabajo [MMS01] presenta GADGET, un sistema de algoritmos genticos
para generar conjuntos de tests para cdigo C/C++. Los autores utilizan un elemento que
mantiene el control de la ejecucin. Este elemento sirve para insertar un primer conjunto
de test, para comprobar qu partes del cdigo han sido cubiertas por algn test y para
lanzar la ejecucin del algoritmo gentico en pos de alcanzar mayor cobertura. Por ltimo, el
elemento de control de ejecucin tambin comprueba la posibilidad de que algn individuo
del algoritmo gentico cubra una parte del ujo de control, aunque se est intentando cubrir
otra.
Otra posibilidad explorada en la literatura, es la de utilizar los algoritmos genticos para
realizar test funcional o de caja negra. Dentro de esta lnea podemos encontrar los trabajos
de [LEK05, BW08, WLTW09].
Los autores del trabajo [LEK05] proponen un sistema, basado en una extensin de
los algoritmos genticos con lgica borrosa y la asignacin de edades a la poblacin,
para encontrar el conjunto de tests que es ms efectivo a la hora de discriminar entre
implementaciones correctas y errneas. Para ello utilizan una serie de presunciones que les
ayudan a distinguir los lugares donde es ms probable que aparezca un error. Entre estas
testing de valores frontera (es ms normal que exista un

error cerca de los valores extremos en las variables), testing de equivalencia de clases (que
requiere la comprobacin de solo un elemento representativo de cada clase) y el testing de
decisin basado en tabla de valores (basado en una especicacin lgica de los requerimientos
hiptesis se encuentran las del
funcionales). A partir de esta base, los test se priorizan para que se ejecuten en primer lugar
los tests con mayor capacidad para desenmascarar errores. El algoritmo gentico codica
un caso de test en un cromosoma y la funcin de adecuacin asigna un valor positivo a
cada test que ha sido capaz de detectar un error y cero a los que no lo han detectado. La
asignacin de edades a la poblacin es una manera de restringir la poblacin sin utilizar
una medida expeditiva del control de esta. Segn este mtodo, a cada individuo se le
asigna una edad basada en su vala heurstica y el individuo desaparece cuando su edad
46
ha superado la edad mxima permitida. La utilizacin de la lgica borrosa se usa para

distinguir la probabilidad de cruce de un individuo dependiendo de su edad, que se distingue
en 3 valores joven, viejo y edad media. Esta tcnica permite que los individuos jvenes no
se crucen, lo que a su vez permite una mayor capacidad de exploracin a travs de las
mutaciones, que los individuos viejos no se crucen, para evitar el caer en mximos locales,
y que, sobre todo, sean los individuos de edad media los que tengan mayor probabilidad de
cruce. En el trabajo [BW08] se presenta una metodologa de tests funcionales para el testeo
de sistemas de control embebidos en un coche. El objetivo del artculo es conseguir crear un
algoritmo gentico que disee diversos tipos de ambientes para la comprobacin del correcto
funcionamiento del sistema de aparcamiento automatizado de un vehculo y el sistema de
asistencia en el frenado. Para ello se realiza una simulacin computerizada de un vehculo
y se le somete a diversos escenarios, creados por el algoritmo gentico, en los que debera
funcionar sin producir colisiones tal y como se encuentra especicado su comportamiento.
Un enfoque similar es el presentado en [WLTW09] donde se procura crear situaciones lmites
para comprobar el funcionamiento del
control de velocidad
control de distancia
de un
vehculo en movimiento, en este caso, la funcin heurstica intenta minimizar el tiempo a la

colisin teniendo en cuenta o no si se activa una seal de peligro para el conductor avisandole
de la necesidad de retomar el control del vehculo.
Algunas publicaciones han atendido tambin a un estudio centrado en crear test para
especicaciones descritas en lenguajes formales concretos. As se pueden encontrar trabajos
que buscan la manera de testear mquinas de estados nitas [DHHG06, LI07, LI08, KHS09,
DHHG10], diagramas UML [DaDHS07, SSK11], especicaciones escritas en Z [Yan98] o,
como un ejemplo ms, en event-B [DSI 11].

En el trabajo [DHHG06] se usan los algoritmos genticos para solventar el problema de
generar secuencias nicas de input/output (UIO de sus siglas en ingls), este problema es
NP-duro. Para realizar la evaluacin de las diferentes secuencias sin tener que realizar una
comprobacin exhaustiva de si esa secuencia es una UIO se crea una tabla de transiciones
en la que se especica la frecuencia con la que se repite la conjuncin de un input con
un output, y se propone que el algoritmo gentico intente minimizar esas frecuencias en
las secuencias creadas. En los trabajos [LI07, LI08] se presenta una metodologa para el
desarrollo de conjuntos de tests en mquinas de estados nitas extendidas a travs del uso
de algoritmos genticos. Para ello se utiliza una heurstica basada en la combinacin de dos
medidas: el
nivel de aproximacin y el nivel de rama. La primera medida da una idea de a qu
distancia, en nmero de estados, se ha desviado en el ujo de control del estado objetivo. La
47
segunda medida establece la distancia de los valores asignados a las variables para cumplir
una cierta condicin (aquella que nos desvi del camino deseado dentro del ujo de control).
En los trabajos [KHS09, DHHG10] se estudia el problema de encontrar caminos factibles
dentro de una mquina de estados nitos extendida (EFSM de sus siglas en ingls), esto
es, buscar un conjunto de transiciones cuyas guardas pueden ser activadas a partir de una
serie de valores dados al conjunto de variables. Para lograr asignar una heurstica que pueda
usar el algoritmo gentico, el algoritmo subdivide las guardas de las transiciones en varias
categoras, dependiendo del comparador usado (=, <, >, , , 6=) y de los tipos de valores que
se comparan (variable con parmetro jo, variable con variable, constante con expresiones de
variables, etc.). Adems, se tienen en cuenta otras caractersticas como si dentro del camino
vuelve a aparecer la variable comparada, considerando tambin la existencia de guardas
compuestas a travs de AND o OR. De este modo, se le asignan a las transiciones una serie
de penalizaciones dependiendo de la complejidad para ser resuelta (un OR es ms fcil de
cumplir que un AND, un
6=
ms fcil que un
=,
etc). Finalmente, se aplica el algoritmo
gentico para encontrar el conjunto de transiciones factibles dentro de la EFSM.

Los trabajos presentados en [DaDHS07, SSK11] buscan conseguir un conjunto de test a
partir de los diagramas de estado de UML. El primer trabajo utiliza una funcin heurstica
que asigna mayor vala a las secuencias capaces de activar el mayor nmero de estados, o que
activan estados hasta ahora no activados por el resto de las secuencias. Este trabajo cuenta
con la limitacin de que los autores no han implementado su aproximacin y por tanto no
existe comparativa con otros tipos de aproximaciones. El segundo trabajo transforma los
diagramas de estado de UML en mquinas de estados nitos extendidas y a partir de ah
aplica los algoritmos genticos para obtener el conjunto de tests.
Por ltimo habra que considerar los trabajos en este campo dirigidos a testear sistemas
temporales [WSJE97, DMHN09].
En el trabajo [WSJE97] se utilizan los algoritmos genticos para encontrar el mximo
y mnimo tiempo de ejecucin de varios programas. Para ello la heurstica mide los ciclos
de procesador utilizados por cada una de las ejecuciones. Los autores comentan que si bien
encontrar el menor tiempo de ejecucin es sencillo, encontrar el mximo signica entrar
en un mayor nmero de partes del cdigo distintas, lo que implica un mayor tiempo de
bsqueda, tambin comentan su incapacidad para comprobar si este es el mayor tiempo
de ejecucin posible. El trabajo [DMHN09] enuncia el problema de la generacin de tests
como un problema de optimizacin en el mbito de mquinas de estados nitos extendidas
que presentan restricciones temporales. Como se explica en el trabajo, cuando se trata con
48
output, en los que

una transicin produce un output diferente al especicado, y de transferencia entre estados,
mquinas de estados nitas existen dos tipos de errores posibles, los de
que sucede cuando una transicin desplaza al sistema hasta un estado distinto del esperado.
En el caso de las mquinas de estados extendidas, realizar una comprobacin a travs de
todas las transiciones conlleva el problema de ser capaz de ejecutar todas las guardas que
existen en las transiciones. Aadido a este problema, si nos encontramos, como es el caso,
comprobando mquinas de estados extendidas con restricciones temporales, puede aparecer
un tercer tipo de error relacionado con la ejecucin de las transiciones fuera de los intervalos
de tiempo especicados. Los autores usan como punto de partida la tesis [Der06] en la que se
desarrollan ideas para encontrar las transiciones factibles dentro de una mquina de estados
nitos extendida.
4.4.2. Mtodos heursticos para explorar grandes espacios de estados

En el trabajo [GK02] los autores proponen la creacin de una nueva metodologa para
la exploracin de grandes espacios de estados de sistemas reactivos concurrentes. En este
trabajo, se aplica a model checking una tcnica heurstica para solventar el problema de la
explosin de estados. Los autores usan algoritmos genticos para encontrar estados que no
satisfacen una determinada propiedad.
Puesto que la profundidad a la que se encuentra la solucin no es conocida a priori, los
autores proponen la utilizacin de un cromosoma de longitud variable. Otra modicacin
del algoritmo es que si el grado de transiciones que parten de un estado es mayor que dos, la
codicacin binaria impone ciertos problemas, as que modican esta codicacin. La ltima
modicacin al marco usual es que se mide la longitud efectiva de una secuencia (cuantos
genes han sido activados al aplicar la secuencia) y slo se aplican operadores de mutacin
y de cruce hasta esa longitud efectiva de cruce. Otra modicacin se presenta en el caso de
que el peor y mejor valor heurstico sean cercanos, en este caso, se aumenta el porcentaje de
mutaciones temporalmente hasta producir una mejora en la poblacin. Tambin se reinicia
el algoritmo en el caso de que durante muchas generaciones la vala no haya aumentado.
El tipo de funcin heurstica propuesta en este trabajo se basa en los tipos de errores
que se pretende detectar. Se consideran dos tipos de errores: el de
punto muerto (deadlock),
cuando la implementacin llega a un estado desde el que no existen transiciones de salida

y de
armacin,
que sucede cuando expresiones booleanas creadas sobre variables de la
implementacin se evalan a falso. Para detectar los errores de deadlock, la heurstica suma
el nmero de transiciones de salida desde cada estado recorrido por el camino representado
49
en el cromosoma. Para detectar los errores de armacin se bonica a los cromosomas que
modican el control del ujo del programa para producir el mayor nmero de comprobaciones
booleanas (que se encuentran localizadas en ciertos puntos del cdigo).
Los autores del trabajo [AC07] proponen una metodologa heurstica basada en la
aplicacin de una transformacin de la metodologa de optimizacin de la colonia de hormigas
para encontrar errores en grandes sistemas concurrentes. La exploracin de los sistemas
de este tipo se lleva a cabo de manera exhaustiva a travs de la tcnica de
de modelos (model checking),
comprobacin
pero esta tcnica deja de ser til al enfrentarse a grandes
sistemas puesto que produce una explosin del conjunto de estados. Los autores reutilizan
una heurstica aplicada a cada estado basada en la proposicin lgica a satisfacer [ELL01].
Los autores modican la metodologa de la colonia de hormigas, dado que la cantidad
de estados puede hacer que el tiempo que transcurre entre cada iteracin sea demasiado
grande y por tanto limitan el camino mximo de una hormiga a una serie de pasos. El
problema con esta tcnica es que la solucin puede encontrarse a una profundidad mayor
que la proporcionada por el nmero de estados. En este caso, los autores proponen utilizar
la
tcnica del misionero
que subdivide en fases la exploracin del grafo. Esencialmente si
tras terminar la primera fase no se ha encontrado el nodo objetivo, en la segunda fase

las hormigas comenzaran desde los nodos nales encontrados en la primera fase. De esta
manera se conservan constantes la cantidad de memoria y tiempo necesarios para construir
un camino.
4.4.3. Optimizacin automtica de tests mediante un modelo bacteriolgico

En el trabajo [BFJT02] los autores proponen una nueva tcnica heurstica donde se
combinan las tcnicas de los algoritmos genticos con tcnicas de
testing de mutantes
que
cabe mencionar que las tcnicas de testing de mutantes estn bien asentadas y consisten
esencialmente en crear una serie de mutaciones a partir de la especicacin o, si esta no
existe, del sistema bajo estudio, para funcionar como implementaciones errneas con las que
contrastar el conjunto de tests creados.
El algoritmo bacteriolgico simplica los individuos de la poblacin hasta constituirlos
de un solo gen formado por los tests ms prometedores. Esto es, cuando un test ha logrado
matar a un nmero elevado de mutantes, esta secuencia se reproduce y muta al mismo
tiempo. El marco se aplica al testeo de componentes .NET.
4.5. Aplicacin de algoritmos genticos para la asignacin de recursos
50
4.4.4. Heursticas para diagnosticar fallos

La meta del trabajo presentado en [GHHD07] es proponer una heurstica que sea capaz de
encontrar el lugar en el que se ha producido un error. Se llama
sntoma
a la aparicin de un
fallo y las transiciones que podran usarse para explicar por qu se ha producido ese sntoma
se llaman
candidatas al diagnstico.
La metodologa estudiada propone intentar encontrar
una secuencia de longitud mnima que sea capaz de mostrar el mismo sntoma. Ello permite
reducir el coste de comprobar a posteriori manualmente la secuencia para localizar el error
real.
Se llama
conjunto de conicto
al conjunto de transiciones que se han recorrido antes de
que la implementacin mostrara un sntoma. La transicin que contiene el error se encuentra

dentro de este conjunto de conicto, y, por tanto, cada una de las transiciones del conjunto
podran servir para explicar el fallo.
La manera en la que se construye el conjunto de conicto mnimo se puede resumir en
que por cada estado que atraviesa el camino que ha dado un sntoma se intenta encontrar
un camino ms corto para llegar a l, para proseguir la aplicacin del conjunto de inputs del
primer camino. Si se observa el sntoma tenemos que la transicin que causa el error debe
estar por debajo de este estado.
4.5. Aplicacin de algoritmos genticos para la asignacin de

recursos
Finalizamos este captulo mencionando que los algoritmos genticos han cumplido un
papel importante en el estudio de algoritmos para planicar tareas y asignar recursos.
Por ejemplo, en [CCZ01] los algoritmos genticos se utilizan para la asignacin de tareas a
los recursos existentes en un sistema. En este enfoque, el ADN de cada habitante usa un array
de dos dimensiones: una dimensin para las tareas y otra para los recursos. Esta estrategia
de project management se aplica a la produccin de software usando una estimacin del
coste de producir el software basado en el modelo COCOMO [Boe81]. El usuario del sistema
necesita especicar una grafo de tareas con orden de precedencia, una base de datos de los
empleados, incluyendo sus habilidades y salario, y una funcin objetivo.
En [CW09] se presenta el uso de algoritmos genticos para resolver tareas de planicacin
de proyectos. En este caso, se considera que los recursos son limitados. Por tanto, se impone
un limite superior en el orden de ejecucin de las tareas. Este modelo considera el equilibrio
entre coste y tiempo y las relaciones de dependencia entre las diferentes tareas. Las tareas
51
contienen un modo de ejecucin que determina el conjunto de recursos, duracin de las

tareas y la posibilidad de ser paralelizadas. El enfoque considera cuatro subsistemas: el
subsistema de entradas, el subsistema de equilibrio entre tiempo y coste, el subsistema
para la organizacin de los recursos y el subsistema de salida. Esta divisin facilita las
relaciones de precedencia, las restricciones de los recursos y que se alcancen las condiciones
de interrupcin/solapamiento. Una tcnica similar se propone en [LO09] pero enfocada a
proyectos con aspectos repetitivos, y por tanto que usan los mismos recursos en diferentes
intervalos temporales. Este mtodo considera duracin y coste de los proyectos, adems de
restricciones en las relaciones de precedencia entre actividades y la continuidad del trabajo.
52
4.5. Aplicacin de algoritmos genticos para la asignacin de recursos
Captulo 5
Estado del arte: sistemas multi-agente

5.1. Introduccin
Existe una gran discusin sobre lo que signica el termino
agente
en el mundo de la
informtica. Puesto que son esencialmente piezas de software autnomas, esta denicin
puede ser adscrita a una gran cantidad de sistemas. Hay, por tanto, diferentes aproximaciones
a la denicin del trmino
agente y gran cantidad de arquitecturas para la construccin de
sistemas multi-agente.
De manera general se puede decir que un sistema de agentes es un conjunto de piezas
autnomas de software que trabajan en cooperacin para resolver algn tipo de tarea. La
cooperacin se puede entender como cooperacin
implcita
explcita.
En el caso de la
cooperacin implcita, esta se realiza entre diferentes agentes que no tienen conocimiento
unos de los otros, realizan tareas restringidas a un dominio que es complementario al de
otros agentes, y en el conjunto de sus dominios se resuelve el problema. En un tipo de
cooperacin explcita, los agentes se comunican a travs del paso de mensajes de algn tipo.
Otra forma de ver a los agentes es considerndolos como formados por expresiones que
se activan cuando los parmetros del ambiente en el que estn inmersos satisfacen sus
condiciones, produciendo una transformacin en su entorno. Con esta consideracin en mente,
se podra decir que los agentes representan un tipo de sistema que est siempre en marcha,
aunque pase por fases de aletargamiento debido a que el entorno no satisface las condiciones
para la puesta en operacin de los agentes del sistema.
En el trabajo [FG96], los autores intentan enfocar el problema de denir el signicado
del trmino
agente,
dado que puede ser aplicado a una gran variedad de sistemas y usos.
Los autores intentan denir las lneas generales para una taxonoma de agentes autnomos.
53
5.1. Introduccin
54
Para ello, comienzan con un breve resumen de diferentes casos aceptados por la comunidad
cientca a los que se puede aplicar la palabra
agente. Los autores se centran en denir un
agente autnomo, ms que en dar una denicin de lo que sera la cualidad de ser agente y
despus construir el concepto de autonoma. Su denicin es:
Un agente autnomo es un sistema situado dentro y como parte de un ambiente

que percibe su ambiente y acta en l a travs del tiempo, persiguiendo su propia
agenda para afectar a lo que percibe en el futuro.
Tambin presentan una discusin sobre cmo describir a un agente. Basndose en su
denicin previa de un agente autnomo, enumeran una serie de elementos que deben tenerse
en cuenta a la hora de describir a un agente y establecen una serie de subclases de agentes
como reactivos, autnomos, orientados a metas, temporalmente continuos, comunicativos,
con capacidad de aprendizaje, mviles, exibles o con cracter.
Los autores adems proponen una taxonoma diferente de agentes, considerando una
clasicacin biolgica.
Siguiendo esta lnea de pensamiento los agentes autnomos estn
biolgicos, agentes robticos y agentes computacionales. Estos ltimos

pueden ser subdividos en agentes de vida articial y agentes de software. Una vez ms, esta
categora puede ser dividida en agentes para tareas especcas, agentes para entretenimiento
y virus.
subdivididos en agentes
Otra denicin que podemos encontrar en la literatura sobre el trmino agente es la propuesta
en el trabajo [Sho93]. Para el autor un agente se dene como:
Una entidad cuyo estado se compone de componentes mentales tales como

creencias, capacidades, opciones y compromisos. Estos componentes se denen
de una manera precisa y se corresponden con sus signicados en el mundo real.
Los autores del trabajo [ZJW01], denen a un agente autnomo como:
Los agentes son entidades de software que exhiben un comportamiento autnomo

y pro-activo hacia una meta, sus actividades no estn sujetas al ujo global de
control, pueden tomar la iniciativa cuando sea apropiado, y reaccionan a cambios
en el ambiente en el que estn situados.
En el trabajo [Bru91] se propone una clasicacin de agentes que no est basada en
la caracterizacin usual de simblicos/reactivos sino en la cantidad de conocimiento que
est integrado en el sistema. Ello lleva a una clasicacin dependiendo de la habilidad de
los agentes para planicar, adaptar o reusar casos existentes. En esta visin, los agentes
55
autnomos son sistemas capaces de llevar a cabo acciones autnomas y con propsito en
un mundo. Por lo tanto, tienen que ser reactivos. Ello lleva al problema de que los agentes
tienen que reaccionar sucientemente rpido a los cambios hechos en su ambiente. Por ello,
poner demasiado nfasis en la capacidad computacional del sistema suele llevar a un sistema
de agentes que es inutilizable en la prctica.
Para caracterizar el comportamiento dirigido hacia una meta que se espera de un agente
autnomo, el autor propone un
sistema de impulsos, en el sentido psicolgico, que los agentes
tienen. Los intentos para conseguir realizar estos impulsos es lo que motiva a un agente
a tomar una u otra accin. Desde su punto de vista, las acciones y las metas deben ser
jerrquicas.
Cabe
destacar
que
para
alcanzar
alguna
meta,
un
agente
tiene
que
tener
un
conocimiento pre-insertado de tareas y de sus resultados, o ser capaz de encontrar cmo

satisfacer un impulso a travs de algn tipo de comportamiento de bsqueda. Respecto a
la primera posibilidad, el conocimiento puede insertarse de manera
estructural
simblica.
El conocimiento estructural permite una respuesta ms rpida al ambiente, mientras que el

conocimiento simblico permite un comportamiento ms exible y una posibilidad de obtener
respuestas ms complejas.
El autor distingue entre
agentes reguladores, agentes planicadores y agentes adaptativos..
Existe una jerarqua para relacionar todos estos comportamientos y tipos de agentes. Los
agentes reguladores se relacionan con los comportamientos instintivos. Los agentes basados
en casos se relacionan con comportamientos habituales para los que ya existe una gua
sobre cmo llevarlos a cabo. Los agentes que resuelven problemas serviran para tipos de
necesidades menos frecuentes. Los agentes aleatorios se equipararan a jugar, en la que nuevas
maneras de ensamblar acciones primitivas apareceran. Finalmente, los agentes adaptativos
crearan teora para casos muy pocos frecuentes.
El trabajo [Kis91] enfoca el problema de tener que decidir entre crear un sistema multiagente ms general o con mayor potencia.
Generalidad
es la habilidad de un agente para
poder abarcar cambios y condiciones inesperadas en su ambiente (exibilidad del sistema),

mientras que la
potencia est relacionada con la capacidad de procesamiento por unidad de
tiempo (efectividad del sistema). Existen otros requerimientos en el diseo de estos sistemas
como son racionalidad, autonoma y reexin. En este contexto,
racionalidad
signica que
las acciones de los agentes son apropiadas con respecto a su propsito, exibles y efectivas.
En un sistema con arquitectura
creencia, deseo e intencin
(BDI de sus siglas en ingls),
esta caracterstica puede describirse como que un agente no cree que algo y su contrario sean
5.1. Introduccin
56
simultneamente verdad y que este agente acta para satisfacer sus deseos.
Autonoma es la
capacidad de que un agente, pensado como un proceso continuo que percibe su ambiente,
reaccione a cambios en su ambiente de una manera autnoma. Por ltimo,
reexin signica
que los agentes tienen que ser conscientes de sus capacidades y de sus creencias.
Siempre existir una disyuntiva entre dar mayor exibilidad y capacidad general a un
agente o asignarle la mayor potencia de ejecucin posible. El autor de este trabajo piensa
que una solucin podra ser una arquitectura en capas para conseguir un equilibrio entre
estas dos propiedades.
El mismo trabajo tambin presenta varios mecanismos que pueden mejorar la potencia
de clculo de un sistema.
Especializacin en modalidades, tanto para los sensores como inputs (dependiendo del
tipo de percepcin que producen) como para los outputs.
situacin, se reere a que un sistema est emparejado con su

ambiente y acoplamiento, se reere al grado de restriccin o inuencia de control
ejercida por un proceso sobre otro. Se llaman mecanismos reactivos porque ambos
Mecanismos reactivos:
son procedimientos de reejos ante estmulos externos.

No utilizar una representacin simblica sino representaciones implcitas.
Intercambio de espacio por tiempo de clculo.
Paralelizacin.
De la misma manera, se describen ciertos mecanismos para mejorar la generalidad. Estos
mecanismos son:
Desacoplamiento. Consigue generalidad a travs de proveer una situacin interna con
mayor consistencia.
Manejo del no-ahora y no-aqu. Lo que signica que deberamos crear agentes capaces
de manejar situaciones pasadas/futuras y posibilidades.
Representaciones simblicas.
Representaciones no modales.
Uso de primitivas de pequea escala.
Serializacin, es decir, la generalidad requiere reusabilidad.
57
A continuacin haremos una revisin de algunos de los artculos clsicos ms relevantes

en el campo de los agentes y que estn ms relacionados con esta tesis. Aunque el rea
est en continua evolucin, los sistemas basados en agentes se asientan sobre algunos de los
trabajos seminales que revisaremos en esta seccin. Esperamos que esta panormica permita
obtener una visin general sobre las bases de los sistemas multi-agente, remitiendo al lector
interesado a conseguir informacin ms detallada sobre el campo en [WJ95, SLB09], as como
en panormicas sobre agentes para la ingeniera del software (AOSE) [Jen00, WC01, BCP05,
PGGS08].
5.2. Especicacin formal de los sistemas multi-agentes

Aparentemente, los agentes estn avocados a ser el modelo de la nueva generacin
para procesos ingenieriles de sistema de software complejos. A pesar de ello, un nmero
de cuestiones relativas a la naturaleza y el uso de un enfoque basado en agentes siguen sin
tener respuesta. Los agentes son exibles, operan en cooperacin, socializacin y su resultado
nal depende de un incierto dilogo que puede ser establecido en el nivel de conocimiento de
los agentes. Por tanto, debern desarrollarse mtodos para crear sistemas multi-agente cuya
abilidad pueda vericarse.
La especicacin formal de los requerimientos de un sistema de agentes es una temtica
que ha cobrado un gran inters por parte de la comunidad cientca. As, metodologas
heredadas de la disciplina de la ingeniera del software han sido incorporadas a la creacin
de sistemas multi-agente con la intencin de dotar de mayor rigor y vericabilidad a estos
sistemas. Esto permitir avanzar en el campo y aplicar estos sistemas de manera rigurosa.
El uso que se le ha dado a los mtodos formales, est centrado sobre todo en dos vertientes,
una en la especicacin de los requisitos y la otra en la creacin de herramientas para la
vericacin formal. En esta tesis nos centraremos en analizar los mtodos de especicacin
por encontrarse ms cercanos a los objetivos aqu planteados y porque son unos pre-requisitos
para que exista la vericacin.
A partir del trabajo [DFL 97] podemos identicar varias propiedades que seran
deseables aparecieran en un formalismo para sistemas multi-agente:
Dotar de un lenguaje preciso y sin ambigedades para la especicacin de los
componentes del sistema y su comportamiento.
Tomar en consideracin las necesidades de aplicacin prctica de los agentes, siendo
capaz de expresar algunos o todos de los siguientes comportamientos: percepcin,
58
accin, creencia, conocimiento, metas, motivaciones, deseos, emociones, etc.

Ayudar a identicar propiedades que deben poseer los sistemas de agentes, para ser
capaces de comprobar las implementaciones de los mismos.
Medir, evaluar, clasicar y estudiar las implementaciones.
Tener la capacidad de encargarse de la multiplicidad de agentes, las propiedades
de grupo de los mismos, as como el conocimiento y la intencin compartida y las
interacciones entre los agentes como son la comunicacin y la cooperacin.
Para alcanzar estos objetivo se han utilizado diferentes mtodos; en algunos de los casos se
han intentado crear mtodos de especicacin pensados especcamente para sistemas multiagente como Agent UML [BMO00], CASL [SL01] o SLABS [Zhu03]. Este enfoque permite
crear mtodos formales que se ajustan a la perfeccin a las necesidades de los agentes. En
los dems casos, se procura utilizar mtodos de especicacin preexistentes y comnmente
utilizados en el mundo de la ingeniera del software, para as evitar la proliferacin innecesaria
de nuevas metodologas. Dentro de esta ltima lnea surge el problema de que los formalismos
existentes no fueron concebidos para trabajar como un mtodo de especicacin de agentes y,
por tanto, algunas de las caractersticas propias de estos sistemas no estn contempladas por
estos formalismos. Por ello, el enfoque ms comn es trabajar con la combinacin de varias
herramientas de especicacin, para modelar las diversas partes del comportamiento de los
agentes. An as, algunos autores mantienen que lenguajes de especicacin preexistentes
como el lenguaje Z no consiguen modelar de manera adecuada otro tipo de caractersticas
inherentes a los sistemas multi-agente como la representacin del sistema de creencias, deseos
e intenciones de los agentes.
Dentro de los formalismos anteriormente mencionados para la especicacin de agentes
encontramos Agent UML. Agent UML es una modicacin del formalismo de especicacin
de UML para ajustarse a las necesidades de los agentes, para ello, se crea un nuevo tipo de
diagramas llamados
diagramas de protocolos en donde se recogen caractersticas propias de
los agentes como los roles, semnticas de mensajes extendidas, protocolos parametrizados y
lneas de vida multi-hilo.
En CASL los autores combinan una teora de accin [Rei91] y estados mentales basados en
el
clculo situacional (situation calculus) [MH87] con ConGolog [dGLL00] que es un lenguaje
no determinista y concurrente que tiene una semntica formal.

El mtodo de SLABS utiliza un sistema llamado
casta (del ingls caste) cuya denicin
es prxima a las clases en un lenguaje orientado a objetos, en una casta se especica el
59
ambiente del agente, sus variables, sus acciones y su comportamiento.
Dentro de el trabajo [DFL 97] tambin se presentan varios formalismos que han
sido utilizados comnmente para denir sistemas multi-agente. Entre estos formalismos se
encuentra el lenguaje de especicacin Z [Smi00] utilizado para especicar sistemas multiagente en [dL96]. Este lenguaje ha sido criticado por ser inapropiado para modelar las
interacciones entre agentes, lo cual puede ser solventado utilizando CSP [Ros98] para modelar
las estructuras de los protocolos de comunicacin.
Un enfoque similar es el adoptado en [HKGM00] donde se utiliza una variacin de Z
llamado Object-Z, que es una extensin de este lenguaje para soportar objetos y aqu
es utilizado para especicar los comportamientos de los agentes. Object-Z se combina
con statecharts [Har87] utilizado para especicar los aspectos reactivos del sistema. Este
trabajo propone un sistema basado en tres conceptos interrelacionados: rol, interaccin y
organizacin. Un rol es un comportamiento genrico, estos roles pueden relacionarse a travs
de patrones de interaccin y el conjunto de esos patrones de interaccin constituye una
organizacin.
Dentro tambin del trabajo [DFL 97] se pueden encontrar otros mtodos de especicacin como son las lgicas temporales, utilizadas para representar los aspectos dinmicos
de los agentes, combinadas con otros formalismos para especicar el estado cognitivo de los
agentes. Este es el enfoque de [FW97] en el que se describe el uso del lenguaje Concurrent METATEM. Este lenguaje esta basado en una lgica de primer orden aumentada con
operadores temporales, que gobierna el comportamiento reactivo de los agentes.
Uno de los mtodos ms utilizados a la hora de especicar los comportamientos de los
agentes es hacerlo a partir de algn tipo de lgica, bien modal o temporal. A continuacin
repasaremos algunos de estos trabajos.
En el trabajo [Sho93] se propone un marco computacional que promueve una visin
sociolgica de la computacin, en la que los agentes se combinan para realizar algn tipo de
clculo. Los agentes quedan denidos por su estado mental, el cual puede descomponerse en
creencias, decisiones, capacidades y obligaciones.
En este trabajo se adopta la lgica modal S5 [LL32] la cual tiene propiedades que incluyen
tanto su cierre tautolgico como la introspeccin positiva y negativa. La semntica adoptada
es la de los mundos posibles.
Se considera que las decisiones estn lgicamente restringidas, aunque no determinadas,
por las creencias del agente. Estas creencias se reeren al estado del mundo, al estado mental
de otros agentes y a las capacidades que le son propias y de otros agentes. Esta perspectiva
60
creencia y decisin (o eleccin), y otro

capacidad. Por otro lado, la decision se
motiva la introduccin de dos categoras mentales:

tipo de construccin no mental per se, que es la
tratar en trminos de
Todas
estas
obligacin, como una obligacin a uno mismo.
construcciones
mantienen
un
cierto
conjunto
de
propiedades,
como
consistencia interna entre creencias y obligaciones, buena fe (un agente solo se propondr
hacer lo que se crea capaz de hacer), introspeccin (los agentes son conscientes de sus
obligaciones) y la persistencia del estado mental (los agentes tienen una memoria perfecta de
sus creencias y obligaciones, y solo dejan de creer algo si aprenden un hecho contradictorio
con ese algo).
El autor tambin analiza AGENT0, que es un lenguaje para denir sistemas multi-agente,
denir las categoras mentales de los agentes, y el tipo de comunicaciones entre agentes.
Otro enfoque que ha utilizado una formalizacin a partir de lgicas temporales es el
presentado en [RG91]. La arquitectura de
creencia, deseo e intencin
(BDI de sus siglas
en ingls) represent un paso adelante para modelizar sistemas multi-agente . La mayor

contribucin de este trabajo con respecto a los anteriores trabajos inuyentes en el campo
[Bra87] o [CL90] es la inclusin de intenciones como un elemento de primera clase en la
arquitectura de creencia, deseo e intencin y no como un derivado temporal de la creencia y
el deseo.
Los autores usan una semntica de mundo posible, de forma que el mundo aparece
situacin.
Los eventos transforman una situacin en otra. Existe una distincin entre eventos primitivos,
que transforman el mundo a un punto adyacente en el rbol temporal, y eventos noprimitivos, compuestos de varios eventos primitivos, que pueden verse como una planicacin
modelizado como un rbol temporal. Un punto en particular de un mundo se llama
y que transforman el mundo a un punto no-adyacente. Las ramas del rbol representan
diferentes opciones.
El formalismo distingue entre frmulas de estado (evaluadas a cada punto temporal en el
rbol) y frmulas de camino (evaluadas a lo largo del camino). Los autores usan CTL [ES89]
para representar las frmulas.
Un enfoque que mezcla el lenguaje Z con una lgica temporal es ForMAAD [HKRJ07].
En este trabajo se utiliza Z para denir las caractersticas funcionales y estructurales de
los agentes, mientras que la lgica temporal es utilizada para denir el carcter reactivo de
los mismos. Esta eleccin est motivada porque ambos mtodos cuentan con sistemas para
la vericacin de sus propiedades, tambin intentan con ello denir una metodologa para
la especicacin de los sistemas de agentes que permita ser derivada desde requerimientos
61
abstractos e ir descendiendo en la escala de detalle componiendo una especicacin correcta.

En el trabajo [FSGSS11] donde se hace una revisin de los mtodos formales en el campo
del AOSE, se pueden encontrar descritos varios lenguajes de algebras de procesos para
agentes como el API-calculus [RCAP02], o el CSP||B [ST05]. Otras lgebras de procesos
que podemos encontrar son el
-calculus
[ER01] y el
Comenzaremos por explicar brevemente el
-calculus
-calculus,
[Kin05].
ya que es una de las ms sencillas
y a partir de la cul evolucionan otras como el API-calculus. El lgebra de procesos
calculus es una evolucin de CCS [Mil80, Mil89] a la que se le ha aadido capacidades que
permiten modelar la movilidad de los procesos. La mayor de estas modicaciones es el uso
de
nombres en vez de acciones simples, en los nombres se pueden codicar tanto mensajes,
como agentes, como conexiones. API-calculus es una extensin de

propone la adicin al formalismo de
-calculus.
Este lenguaje
unidades de conocimiento que consiste en una base de
conocimiento y en un conjunto de hechos, que podrn ser incluidos o desestimados por cada
agente. Tambin incorpora la nocin de
trmino que puede ser un nombre (al igual que en -
calculus) una regla/hecho o una funcin. La ltima modicacin al lenguaje es la adicin de la

nocin de
milieu y que sirve para agrupar procesos u otros milieu para alcanzar un objetivo
comn. El trabajo que describe
-calculus
formula un nuevo lenguaje algebraico para la
especicacin de sistemas multi-agentes basados en una arquitectura de
creencia e intencin,
describiendo su semntica y modos de operacin. En CSP||B se describe una arquitectura

compuesta por una serie de mquinas B, limitadas cada una de ellas a interactuar con un
proceso CSP, y ser entre los procesos CSP donde se producir la comunicacin entre las
mquinas. As, los procesos CSP sirven como protocolos de comunicacin entre las mquinas
y se puede realizar una vericacin composicional del sistema al completo.
Otra vertiente de la especicacin formal para su uso con sistemas multi-agente es el uso
de mtodos relacionados con los autmatas. Especial relevancia se le ha dado al uso de las
redes de Petri como en [MW97, Cha04, CDG09, BM10] y el anteriormente mencionado
[Lom00]. Ejemplos de otros formalismos de autmatas utilizados para la denicin de
sistemas multi-agente pueden ser [HKW05, GP08].
En el trabajo [MW97] se presenta un formalismo basado en las redes de Petri coloreadas
para la denicin de sistemas multi-agente. Este trabajo propone un sistema basado en
Object-oriented Coloured Petri net [MK05] y en el mtodo de Shoham:
Agent oriented
programming [Sho93] (comentado en ms detalle en este captulo) para crear lo que llaman
Agent-oriented Coloured Petri nets.
En el trabajo [Cha04] se propone un formalismo que permite la modelizacin de sistemas
5.3. Organizacin de sistemas multi-agente
62
multi-agente a travs de lo que llama
cooperative objects. Cooperative objects son una mezcla
de un formalismo basado en objetos a travs de clases y las redes de Petri. En la clase se

denen las variables y los mtodos que pertenecen a esa clase, y con las redes de Petri se
especica su comportamiento de manera que uno complementa a la otra. El autor hace un
ejemplo con el tpico problema del cazador y la presa, modelando ambos comportamientos.
En el trabajo [CDG09] se puede encontrar una modelizacin de un sistema multiagente usando el formalismo de las redes de Petri, para as, poder realizar vericaciones
viveza (liveness) y acotacin (boundedness).

se propone un nuevo formalismo llamado Agent Petri Nets
de propiedades como la de
En el trabajo [BM10]
para
disear sistemas multi-agentes. Este nuevo formalismo es una modicacin de las redes de
Petri en la que se incluyen los conceptos de agente, ambiente y restricciones para la ejecucin
de transiciones dependiendo de los agentes.
El trabajo [Lom00] propone un sistema de redes de Petri, en el que cada token puede
ser a su vez otra red de Petri. Esto permite tener cualquier nmero de niveles de redes de
Petri, en la que los objetos pueden tener su propia estructura y jerarqua, pudiendo aparecer,
evolucionar y desaparecer durante la ejecucin del sistema.
En el trabajo [HKW05] se propone la denicin de los agentes a travs del formalismo
de autmatas nitos temporales, de esta manera se pueden utilizar la herramienta UPPAAL
que permite realizar model checking y simulaciones. A partir de la denicin de agentes
en modelos temporales de autmatas, construyen un autmata de manera automtica
compuesto de todos los sub-autmatas para la derivacin automtica del cdigo.
En el trabajo [GP08] se utiliza el formalismo de los
redes de diagramas de inuencia. Los
autores reivindican que los diagramas de redes de inuencia proveen una representacin clara
y compacta con la que razonar sobre las creencias y los procesos de toma de decisiones de los
agentes. El formalismo de los
diagramas de redes de inuencia es una red de diagramas de
inuencia multi-agente propuesto en [KM01], el cual a su vez deriva de las redes bayesianas.

En el trabajo [ZJW01] se introduce un modelo para dotar de estructuras de organizacin
a sistemas multi-agente. Se presentan tres conceptos organizativos principales:
organizacin, estructuras de organizacin
patrones de organizacin.
leyes de
Los autores adems
introducen un formalismo basado en una lgica temporal para la especicacin de las leyes
de organizacin. Este enfoque utiliza trabajos anteriores, notablemente Gaia [WJK00], para
denir sistemas multi-agente en trminos de un modelo de roles. Se otorga un rol especco
63
a los agentes que ayuda a denir una estructura. La asignacin de un modelo de roles es til
para ciertas situaciones en las que se coopera entre agentes, pero para alcanzar un mayor
nivel de generalidad es ms til el uso de estructuras de organizacin (de una manera similar
a la de los catlogos de patrones que son ampliamente explotados en el diseo de sistemas
orientados a objetos [GHJV93]).
Puesto que los agentes normalmente trabajan en sistemas multi-agente con otros agentes
en conjunto, o unos contra otros para cumplir un objetivo, actan en una sociedad de agentes.
Por lo tanto, exhiben un comportamiento social, interactuando entre ellos. Si tenemos un
sistema abierto donde las metas de los agentes pueden entrar en conicto, necesitamos denir
una estructura social que permita que la meta global se alcanzace.
El uso de una metfora organizativa, puede mejorar tres aspectos de un sistema multiagente:
1. Ayudan a caracterizar el modelo de roles para un MAS.
2. Hacen al sistema menos complejo a la hora de manejarlo y disearlo.
3. Cuando se procura que un MAS funcione ayudando a una organizacin del mundo real,
reduce la brecha conceptual entre el sistema de software y la organizacin para la que
funciona.
El uso de estructuras organizativas sirve para agrupar a los agentes que forman un
elemento unicado y reutilizarlos en una estructura ms compleja en la que las organizaciones
y los agentes interactan a travs del intercambio de conocimiento o coordinando sus tareas
con otros agentes.
Las leyes organizativas ayudan a denir cuando un nuevo agente debera ser aceptado en
la organizacin, qu rol debera tener, qu comportamientos deberan ser permitidos dentro
de la organizacin y cules deberan ser prevenidos. Las estructuras organizativas funcionan
como una topologa de los posibles patrones de interaccin y el rgimen de control de las
actividades de la organizacin. Por ello, las estructuras organizativas deberan ser denidas en
primer lugar, dado que permiten denir los modelos de los roles. Los patrones organizativos
permitiran la reutilizacin de varios tipos de estructuras organizativas. Ello simplicara y
acelerara el trabajo de los diseadores y de los implementadores. La idea consiste en crear
un catlogo con las estructuras ms repetidas y ms tiles.
Las leyes organizativas especican relaciones y las posibles interacciones entre los
diferentes roles. Los autores utilizan una lgica temporal para denir estas leyes, ya que
dichas leyes son intrnsecamente temporales.
64
Finalmente, los autores denen las fases que requerira la completa denicin de un MAS
siguiendo un esquema organizativo. Estas fases son:
1. La denicin de la estructura organizativa, mediante la eleccin de la topologa
y
el
rgimen
de
control.
Ello
conlleva
considerar
la
eciencia
organizativa,
la
correspondiente organizacin del mundo real en el que el MAS est situado y la

necesidad de respetar y fomentar las leyes organizativas.
2. Completar
los
roles
preliminares
los
modelos
de
interaccin.
Para
ello
ser
necesario adoptar las necesarias estructuras organizativas, manteniendo los aspectos

organizativos independientes y dependientes tan separados como sea posible.
3. Explotar todos los patrones organizativos en el diseo de una estructura organizativa
y en el diseo del modelo de interacciones nal.
4. Denir el modelo de agente (como en Gaia). En esta fase se identican los tipos de
agentes que formarn el sistema y las instancias de los agentes que tendrn estos tipos.
En este contexto, un tipo de agente puede considerarse como un conjunto de roles de
agente. Aunque puede haber una correspondencia uno a uno entre los roles de agentes y
los tipos de agentes, esta condicin no es obligatoria. Por ejemplo, un diseador puede
elegir agrupar roles similares como un tipo de agente.
5. La denicin de un modelo de servicios (tambin como en Gaia). Esta fase identica
los principales servicios que se requieren para la realizacin del rol del agente. Un
servicio es un nico bloque coherente de actividad del que el agente se ocupar. Es
necesario documentar las propiedades de cada servicio que pueda ser realizado por un
agente. Especcamente es necesario identicar sus inputs, outputs, pre-condiciones y
post-condiciones.
Para poder mejorar sus capacidades para tomar decisiones, es importante proveer
a los agentes con informacin apropiada y categorizada. En esta lnea, el anlisis de
varios mtodos de sistemas basados en conocimiento [SBD98] llev a la creacin de una
clasicacin heurstica que ha sido capaz de abstraer un comportamiento comn para la
resolucin de problemas de estos sistemas. Uno de las aproximaciones especcas de esta
clasicacin heurstica son los
mtodos limitadores de rol que son esqueletos donde insertar
una implementacin especica de un mtodo para la resolucin de problemas. Otro de estos

mtodos viene dado por las
tareas genricas, que establece que la estructura y representacin
del dominio de conocimiento est completamente determinada por su uso. El principal
65
inconveniente subyacente a estas tcnicas est relacionado con que la estrategia para la
resolucin de problemas que usan ha de ser predeterminada.
Como se deriva del trabajo [HL05] la jerarquizacin de los sistemas multi-agente es una
manera sencilla de organizar la toma de decisiones dentro de una sociedad de agentes, es
un sistema comn en todo tipo de sociedades y sirve para poder estructurar el sistema. Los
agentes se agrupan conceptualmente en una estructura de rbol, en la que los agentes ms
altos en la jerarqua tienen una interpretacin ms global del sistema. En algunos casos, como
en el trabajo [WDPK09], esta jerarquizacin proviene de la necesidad de tomar decisiones
globales en casos en los que los agentes son capaces de conocer solo parcialmente el sistema.
As, agentes con condicionantes similares son reunidos en grupos y en estos grupos la decisin
sntesis que rene las decisiones parciales tomadas

agente llamado gerente toma en cuenta las decisiones
global proviene de otro agente llamado de

por cada agente. Posteriormente, un
de los agentes de sntesis para alcanzar una decisin global. En otros casos la jerarquizacin
responde ms a un patrn de capacidades, en las que existen agentes que consumen menos
recursos, pero cuya capacidad para realizar tareas es limitada, y otros agentes ms generales
pero cuyo coste de activacin es mayor. En este ltimo tipo de esquemas se intenta activar
los agentes ms altos en la jerarqua el menor nmero de veces posibles, y solo usarlos cuando
las capacidades de otros agentes no alcancen para ejecutar la tarea requerida por el usuario
del sistema. El impacto de este tipo de arquitecturas se estudia en [OSS08]. En este trabajo
los autores observan que este tipo de estructura al pasar por varios niveles de competencia
incrementa el tiempo usado en completar algunas de las tareas debido a la latencia producida
por el necesario pase de mensajes para asignar las tareas a los agentes, pero mientras el
nmero de capas se mantenga por debajo de tres niveles sigue siendo beneciosa para el
desarrollo general del sistema.
Otro trabajo que propone un sistema para la jerarquizacin de agentes es [NVHV07]. En
l, los autores usan la
programacin de conjuntos de respuestas (answer set programming)
para denir a travs de lgica los componentes de conocimiento y creencias de un agente.

Para conseguir la jerarquizacin cada agente razona sobre dos lenguajes uno pblico y otro
privado, con ello se crea una jerarquizacin, al no compartir toda la informacin con agentes
que no la necesitan, y mantener un lenguaje privado para usar en los razonamientos internos.
Esto a su vez facilita el manejo global del sistema, ya que acelera los clculos de los agentes
que no tienen que incorporar a su base de conocimiento reglas innecesarias para sus tareas.
Existen multitud de aplicaciones en las que se han utilizado los sistemas multiagentes jerarquizados, como ejemplos de algunas de ellas podemos citar los trabajos
66
[SGH03, Bal98, XLH 10].

Otro tipo de organizacin que podemos encontrar en la revisin sobre los paradigmas
organizativos [HL05] es la organizacin holnica que es una red de jerarquas anidadas, en las
que cada subgrupo puede tener una organizacin distintiva. Otros patrones organizativos son
las coaliciones, los equipos, las congregaciones, las sociedades, las federaciones, los mercados,
las matrices y nalmente las organizaciones compuestas.
Otros enfoques consideran que la organizacin del sistema se realizar de forma ms
natural, sin la necesidad de una denicin precisa de su estructura, dentro de esta lnea
podemos encontrar los trabajos [Bro90, Par97, GHWA05].
Dentro de esta ltima lnea encontramos el trabajo [Bro90], donde se muestra un resumen
de los avances relacionados con la teora de las
arquitecturas subsumidas y una comparacin
con enfoques simblicos.

El autor se adhiere a uno de los dogmas del mundo de la inteligencia articial, llamado
actividad situacionada, basado en la hiptesis de base fsica. Esta direccin establece que la
inteligencia emerge de la combinacin de una serie de agentes reactivos y situados (lo que
signica que solo funciona en agentes situados en el mundo real) que manejan diferentes
partes del comportamiento general de un macro-agente (en el caso de los experimentos
presentados en el trabajo, este macro-agente se corresponde con un robot).
Su tesis contra los enfoques simblicos es que estos dependen demasiado del campo
de aplicacin y no son capaces de adaptarse al ruido que existe en el mundo real. De igual
manera, este tipo de acercamientos han de enfrentarse al problema de que el equipamiento de
sensores es incapaz de proveer descripciones simblicas exactas de los objetos que constituyen
el mundo real. Tambin, el nmero de clculos necesarios para encontrar soluciones en
el espacio de bsqueda constituye un inconveniente para los planteamientos basados en
aproximaciones simblicas.
La hiptesis de base fsica se basa en la suposicin de que cada sistema necesita tener su
representacin en el mundo fsico. De esta forma, la conexin del sistema con sus sensores
y accionadores sobre el mundo real es el inters primordial de estos enfoques. Este tipo de
metodologa fuerza la construccin del sistema desde abajo hacia arriba, de forma que todo
tiene que ser respuestas concretas al ambiente.
Otro punto importante de este trabajo es la explicacin de las arquitecturas subsumidas.
Estas son una manera de programar al macro-agente basado en incrementos de capas,
donde cada capa conecta la percepcin a la accin, basadas en mquinas de estados nitos
aumentadas (AFSM).
67
Dentro de la arquitectura subsumida, se puede encuadrar tambin el trabajo [Mae89].

Este artculo enfoca el problema de elegir una accin en un sistema multi-agente autnomo.
Las acciones se eligen normalmente de manera racional orientndolas hacia la meta. Sin
embargo, este enfoque permite la existencia de varias metas que entren en conicto. Ello
ocurre en la situacin de un sistema multi-agente sin un sistema central de planicacin,
como en las arquitecturas subsumidas. A pesar de estos sistemas tengan varios tipos de
propiedades deseables (modularidad, comportamiento distribuido, exibilidad y robustez)
carecen de una forma apropiada para poder elegir las acciones a llevar a cabo. La hiptesis
asumida en este artculo es que puede emerger una accin racional del sistema global y que no
existe una necesidad de crear agentes burocrticos (agentes que deciden que agentes han de
ser activados). En este enfoque los agentes forman parte de un sistema jerrquico de manera
en la que la activacin de un agente est conectada en una red con la de su predecesor y
sucesor, la cual describe que agentes han de ser activados antes del agente que intenta realizar
una accin.
5.4. MAS aplicados a la construccin

En esta seccin trataremos algunos de los enfoques en los que se han utilizado los sistemas
multi-agente para su aplicacin a la construccin, dado que el caso de estudio al que se aplica
nuestro sistema multi-agente es a la construccin de calendarios para la planicacin de una
obra.
El trabajo [FOSG97] postula el uso de un sistema de agentes para representar a todos
los participantes de una obra y la localizacin distribuida de los recursos. Los
macro-
agentes tienen como propsito ser una agrupacin funcional de uno o mas ordenadores interconectados a travs de una red local y dedicados a manejar los recursos locales. Entre estos
agentes se pueden distinguir: expedidores, jefes, supervisores, personal, maquinaria, manager
del stock, manager de los materiales de soporte y manager de adquisiciones. Tambin es
necesario disponer de un agente planicador y protocolos de negociacin que consideren los
costes de depreciacin, costes de operacin y benecios. Finalmente, los distintos agentes
sern capaces de formar coaliciones.
El mtodo ABSM (modelizacin y simulacin basada en agentes) se aplica a la
construccin
de
forma
independiente
en
combinacin
con
mtodos
de
simulacin
tradicionales [SBWM03]. Mientras que la mayora de los enfoques para la planicacin en

sistemas complejos usan un enfoque discreto (CPM, PERT, etc), el ABSM puede incorporar
a estas tcnicas una simulacin continua para aumentar la comprensin de los sistemas
5.4. MAS aplicados a la construccin
68
complejos subyacentes. Ms an, el uso de agentes puede explicar la disciplina de la

construccin mejor que un enfoque de control centralizado [How99]. Los autores proponen
dos campos en los que esta tcnica tendra una aplicacin directa: el estudio de la seguridad
de los trabajadores y la reduccin del tiempo en la erradicacin de los deshechos. El trabajo
concluye diciendo que ABSM combinado con las tcnicas discretas tradicionales provee una
exibilidad aadida para la modelizacin de sistema complejos de la construccin.
Los autores del trabajo [KPPL00] presentan un MAS como una metodologa de
negociacin para el problema de la optimizacin del calendario de un proyecto distribuido.
La motivacin de este artculo se basa en la necesidad de coordinar todos los deseos de las
diferentes organizaciones implicadas en una obra. La coordinacin de proyectos ha aumentado
en complejidad debido a un constante incremento del nmero de sub-contratas. La tcnica
descrita representa cada agente implicado en la obra, esto es, cada sub-constructor, con sus
propias funciones de utilidad. A cada agente en el sistema se le otorgan capacidades de
negociacin dentro de un proceso de negociacin sncrona, emparejado con otro mecanismo
de negociacin, llamado
negociacin recursiva,
usado en la negociacin entre dos agentes
especcos.
En el trabajo [RAU03] se propone un uso de un sistema multi-agente para la negociacin
de reclamaciones dentro de la construccin. Los autores desarrollan el modelo MASCOT.
En este modelo se usa un protocolo de negociacin basado en el protocolo de concesin
monotonica (MCP de sus siglas en ingls
monotonic concession protocol).
En cuanto a
las estrategias negociadoras los agentes toman decisiones basadas en el principio de que
maximicen simultneamente la utilidad personal y la del grupo.
Los autores del trabajo [RA04] realizan un recorrido por las aplicaciones que han tenido
los sistemas multi-agente en la construccin. En el se analizan diversas categoras a las que
han sido aplicados los MAS como parte del proceso de construccin tales como al diseo o a
la negociacin. El autor explica que el uso de MAS en la construccin puede ser el ms til
para esta industria dado que un MAS provee de un enfoque descentralizado para modelar los
problemas fragmentados que aparecen en la ingeniera o en la gerencia de la construccin.
Los sistemas multi-agente han sido utilizados para mejorar el ujo de trco en un solar
de construccion [KK10]. Los autores reivindican que dado el carcter dinmico del ujo de
camiones en un solar, el uso de un sistema multi-agente es el ms adecuado, puesto que
puede modicarse para ajustarse a la variabilidad del sistema. Los autores usan el sistema
multi-agente como un sistema de simulacin para predecir posibles problemas y desarrollar
un proceso constructivo eciente en trminos de coste y tiempo.
Captulo 6
Conclusiones y trabajo futuro

En esta tesis se ha presentado un estudio de aplicacin de formalismos grcos para el
desarrollo de sistemas y de mtodos para testear dichos sistemas. Para ello se ha formalizado
un sistema multi-agente a partir de las redes de Petri y se han utilizado los algoritmos
genticos para testear sistemas descritos a travs de mquinas de estados nitos.
En lo que respecta al estudio de la aplicacin de los algoritmos genticos para mejorar
el testing de sistemas especicados a travs de formalismos grcos, los principales avances
han sido en dos campos. En el campo del testing aplicado a las mquinas de estados nitos
deterministas, se ha creado una heurstica a travs de ejemplos defectuosos generados a partir
de mutaciones de la especicacin. En el campo del testing de mquinas no deterministas,
la creacin de secuencias adaptativas permite alcanzar de manera cuasi-determinista estados
dentro de estas mquinas, lo que a su vez permite al testeador la comprobacin del sistema
completo o testear en el caso de un sistema distribuido un componente especco del mismo.
Dentro de las mquinas de estados nitos no deterministas hemos planteado un algoritmo
para realizar el testing, a travs de asegurar la cobertura de todas las transiciones de la
mquina y el ltimo artculo de la serie desarrolla una paralelizacin del algoritmo alcanzando
una mejora con respecto a su implementacin previa, ya que esta paralelizacin permite
al algoritmo gentico, basado en un modelo de islas, explorar diversas partes del paisaje
heurstico de manera paralela y por tanto asegura que tiene una mayor capacidad para
evitar los mximos locales.
Como trabajo futuro en esta lnea quedan dos vertientes principales. La primera sera
estudiar una extensin de
edad
del algoritmo gentico, en la que los habitantes no son
seleccionados para morir sino que tienen rangos de edad y una edad mxima y adems,
solo se permite el cruce de los habitantes que tengan una edad media. La idea sera ver si
69
70
esto permite al algoritmo no saltarse el mximo durante las primeras etapas de la bsqueda,
ya que la mezcla de los individuos produce saltos en su posicin dentro del paisaje heurstico
y eliminar este cruce en las primeras etapas de la bsqueda permitira obtener cromosomas
ms sencillos y coherentes. Otra de las ventajas de esta ampliacin podra ser una vez ms
reforzar el hecho de que se evite caer en mximos locales ya que los individuos viejos no
tendran la posibilidad de reproducirse. Esta modicacin ha sido estudiada en [LEK05].
Una modicacin ms que podra estudiarse, consiste en utilizar que se hayan denido
edades en los individuos para permitir implementar algn tipo de aprendizaje transmitido
desde los individuos de mayor edad a los jvenes. Para realizar esta modicacin, la idea
sera que los individuos demasiado mayores como para reproducirse estudiaran la secuencia
adaptativa que han creado y marcaran en el grafo de la mquina los caminos que les han
llevado un mayor nmero de veces a alcanzar el estado objetivo, de esta manera (similar a lo
que hace ACO al depositar la feromona) los individuos ms jvenes mutaran eligiendo con
una cierta probabilidad las ramas que han resultado ms efectivas en pocas anteriores. Al
ser el grafo marcado por todos los individuos, se conseguira de manera estadstica calibrar la
bondad de cada transicin del grafo. Por supuesto, para evitar que toda la poblacin examine
las mismas transiciones, habra que fomentar algn elemento de rebelda en una buena parte
de la poblacin joven, de manera que exploraran sin escuchar a los mayores y buscaran por
nuevas zonas del grafo, tambin ser necesario que el aprendizaje se olvide, para evitar que
una solucin gobierne a las dems durante demasiadas generaciones.
En la segunda parte de esta tesis hemos podido observar cmo la denicin de un sistema
de agentes a partir de un enfoque formal facilita el desarrollo del mismo, a la par que
constituye el ncleo de su funcionamiento. El lenguaje formal de las redes de Petri ha sido
usado para describir el funcionamiento de un agente, permitiendo la paralelizazin de sus
tareas. El formalismo original de las redes de Petri fue en este caso extendido para permitir
manejar tiempo, se aadi una estructura similar a las de las redes jerrquicas (en la cul
algunos arcos representan a su vez otras redes de Petri) y adems las transiciones realizan
tareas de manera similar a lo que hacen las funciones en el formalismo de las Stream-XMachines. La manera automatizada en la que se construyen las redes de Petri, asegura que
la paralelizacin de las tareas no produce problemas a la hora de sincronizar esas tareas
para realizar una nueva transicin que necesita que todas las tareas paralelizadas hayan
terminado.
Puesto que entendemos que los usuarios de nuestra metodologa no necesitan comprender
el formalismo que la dirige, hemos implementado una herramienta que permite una sencilla
71
denicin de los agentes a partir de los recursos que transforman y de la realizacin

de peticiones al sistema. De esta manera, un usuario de nuestra metodologa puede
despreocuparse de los detalles formales y concentrarse en denir los agentes que forman
el sistema de una manera apropiada.
En
comparacin
con
otras
herramientas
similares
como
Stroboscope
Simulation
http://www.cem.umich.edu/Ioannou/StrobWeb/), nuestro enfoque tiene una
Environment (
ventaja principal dado que el propio sistema se encarga de planicar la activacin de los
agentes, eliminando la necesidad de insertar manualmente agentes de gran complejidad para
la realizacin de tareas complejas. En nuestra metodologa esto se realiza a travs del anlisis
de la transformacin de los recursos que cada agente efecta, utilizando estos como pre/post
condiciones que permiten el encadenamiento o paralelizacin de los mismos.
Nuestro enfoque permite modelar sistemas que se expandirn con cada uso. Para realizar
esto basta con reincorporar al sistema actual agentes que ya fueron diseados para su reutilizacin.
Hemos presentado este formalismo en dos conferencias [AMN08d, AMN09a], un captulo
de un libro [MAN10], y una revista indexada en JCR [MN11]. Ha sido el trabajo en
los primeros artculos lo que nos permiti darnos cuenta de ciertos detalles que de ser
resueltos permitiran una metodologa mas completa y exible. Ello llev a la sustitucin
de un formalismo inicial basado en mquinas de estados nitos por redes de Petri, y a la
automatizacin de la creacin del rbol de clulas. El uso de las redes de Petri ha sido
un gran avance en relacin con los trabajos iniciales, dado que ha aadido la posibilidad
de paralelizar las tareas. Esto no solo permite acortar los tiempos de ejecucin, sino que
incluso, en algunos casos, permite que aoren nuevos comportamientos. Adems, la creacin
automtica del rbol de clulas permite mantener un orden, una estructura conceptual a
travs de las clulas, que hace ms sencillo comprender el sistema a la persona que lo esta
deniendo y que a su vez permite que la transmisin de los mensajes pueda realizarse por
sub-rboles en lugar de mediante el recorrido del rbol completo.
Conviene repasar en estas conclusiones cmo se posiciona el trabajo realizado en esta
tesis con respecto al trabajo relacionado presentado en los captulos 3, 4 y 5. Uno de
los referentes ms claros de este trabajo en su parte del formalismo para la denicin
de sistemas multi-agentes es [Lom00]. El formalismo presentado en este artculo combina
generalidad con potencia de clculo pero es, en cambio, farragoso y complejo de utilizar
por la complejidad para entender los distintos niveles de redes anidadas, el formalismo en
s y porque su utilizacin conlleva la necesidad de denir de manera extensiva todos los
72
detalles de los agentes. En cambio, nuestro sistema automatiza la creacin de los agentes
planicadores construyndose a base de primitivas, lo que disminuye notablemente el tiempo
de especicacin. Otra mejora con respecto a este formalismo es de ndole prctica ya que, al
proporcionar una implementacin para la especicacin de sistemas, un usuario no experto
en formalismos matemticos puede acceder a su uso. Por tanto, y a pesar de que quizs
el formalismo propuesto adolece de una menor capacidad expresiva que el de Lomozova,
nuestro marco de trabajo proporciona una serie de ventajas para su uso. Quizs sea el
enfoque pragmtico lo que pueda atraer a un usuario a la hora de utilizar esta metodologa,
ya que el mismo sistema de especicacin, al estar implementado y ser ejecutable, se convierte
en un pequeo lenguaje de programacin permitiendo ejecutar los agentes y comprobar la
modicacin de los recursos. Este lenguaje de programacin, al ser de un nivel alto, no
puede competir ni en exibilidad ni en velocidad con un cdigo desarrollado ex-profeso
en otros lenguajes, pero permite a los usuarios inexpertos calcular de una manera simple
transformaciones de recursos. Ello es, por tanto, una ventaja y una desventaja respecto
a mtodos de especicacin basados, por ejemplo, en el lenguaje Z ya que estos mtodos
permiten denir muy claramente y con una gran exibilidad agentes que realizan tareas
complejas, pero no permiten su ejecucin, conllevando el trabajo aadido de implementarlo
en un lenguaje de programacin al uso.
En el estudio de cmo poder crear conjuntos de tests para mquinas de estados nitos,
no son muchos los trabajos relacionados existentes, puesto que el testing de caja negra ha
recibido poca atencin por parte de la comunidad que trabaja con mtodos evolutivos. De
The test generation

strategy we present in this paper, of using genetic algorithms on a state machine model of
the system, is an evolutionary approach that has not been proposed before, to the best of our
knowledge. La mayor parte de los artculos presentan una heurstica basada en la distancia
hecho, uno de los principales artculos en el campo [LI08] menciona:
de rama, mientras que nuestro enfoque, al utilizar mutantes, deriva en que el sistema en
vez de intentar asegurar cobertura de todas las ramas se focalice all donde los errores son
ms comunes. Tambin es destacable la modicacin de las fases del algoritmo gentico que
nos permite simultneamente buscar la generalidad y la especializacin en el anlisis de los
errores del sistema.
En relacin a la creacin de secuencias adaptativas, al tratarse de un tema indito es
imposible establecer relacin alguna en el contexto del estado del arte.
Existen varias limitaciones a nuestra metodologa que habrn de ser solventadas como
trabajo futuro. Una de las posibles modicaciones consiste en conseguir que los agentes sean
73
capaces de llevar a cabo no solo tareas simblicas (simuladas a partir de la transformacin

de unos recursos virtuales) sino que adems tengan la posibilidad de ejecutar cdigo de
manera que se pueda modelizar un sistema de software a travs de esta metodologa. Para
conseguir esta mejora habra adems que ampliar el formalismo introduciendo condiciones
sobre variables y que la creacin de las redes de Petri (que ahora mismo trabajan sobre
tareas lineales) permita la creacin de
loops (con condiciones).
En conclusin, pensamos que se ha dado respuesta a los problemas planteados como punto
de partida de esta tesis, mencionados en la discusin integradora. A saber, la intencin de
proveer de un formalismo ms amigable para el usuario nal para la creacin de sistemas
multi-agentes queda solventada en los artculos [AMN08d, AMN09a, MAN10, MN11] en
donde se dene dicho formalismo, acompaado de una herramienta para la creacin de
sistemas multi-agentes, que tanto por la automatizacin de ciertas tareas como por la propia
existencia de una herramienta grca para la denicin de los agentes, facilita la utilizacin
por parte del usuario nal. Otro problema planteado, el de conseguir reducir la cantidad de
test necesarios para para comprobar una mquina de estados nitos, se trata en el artculo
[MNA09], donde se presenta un planteamiento basado en el uso de algoritmos genticos
y testing de mutantes para comprobar la ecacia, y por tanto la utilidad de los tests,
seleccionando aquellos que ms mutantes distinguen. El tercer problema planteado que trata
sobre la forma de crear secuencias adaptativas para alcanzar un estado en una mquina
de estados nitos no determinista se trata en [MNH11a, MNH11b, MNH11c] en los que se
aplican los algoritmos genticos para la creacin de dichas secuencias.
74
Captulo 7
Conclusions and future work

In this thesis we have presented a study of the application of graphical formalism for the
development of complex systems and testing methods for those systems. To do so, a multiagent system has been formalized through the use of Petri nets and we have used genetic
algorithms to test systems described through nite state machines.
Regarding the study of the application of genetic algorithms to improve the testing of
systems specied through graphical formalisms, the main advances have been in two elds.
In the eld of testing of deterministic nite state machines, we have created a heuristic using
mutants of the specication. In the eld of testing non-deterministic nite state machines,
the creation of adaptive sequences allows us to reach a state in a cuasi-deterministic manner,
which in turn, allows the tester to check the whole system or in the case of a distributed
system, a specic component of it.
Concerning non-deterministic nite state machines we have proposed an algorithm to
create the test suite through ensuring the covering of all the transitions of the machine and
the last article of the series presents a parallelization of the algorithm improving its previous
implementation. Since the parallelization allows the genetic algorithm, based in an islands
model, to explore several parts of the heuristic landscape, it assures that the algorithm has
a higher capacity to avoid local maxima.
As a future work in this line there remains two main aspects. The rst aspect will be to
study an
age
extension of the genetic algorithm, in which the individuals are not selected
to die but instead they have age ranges and a maximal age, and also it is only allowed
the reproduction of the middle-aged individuals. The idea is that this allows the algorithm
to not skip the maximum during the rst steps of the search, since the crossing of the
individuals produces jumps in its position in the heuristic landscape and, therefore, removing
75
76
the reproduction operator during the rst stages of the search allows the algorithm to obtain
simpler chromosomes. Another advantage could be to avoid falling into local maxima since
older individuals do not have the possibility of reproducing. This modication has been
studied in [LEK05].
Another possible modication is derived from the fact that individuals have age to allow
us to implement some type of learning algorithm. To achieve this modication, the older
individuals will analyze the paths that led them with a greater success to the searched state
and they will mark those paths in the graph (similarly to what ants do when depositing
its pheromone), the younger individuals will mutate choosing with a certain probability the
branches that were more successful in earlier stages. Since the graph will be marked by
every individual, it will statistically equilibrate the goodness of each transition in the graph.
Nevertheless, to avoid that the whole population examines the same transitions, we will
need to add a rebelliousness component in some of the younger individuals in order for them
to explore other parts of the graph. It will also be important to forget the accumulated
knowledge over time in order to avoid that a solution rules over the rest during too much
generations.
In this thesis we were able to observe how the denition of a multi-agent system with
a graphical formal language facilitates its development at the same time that it constitutes
the core of its behavior. The formal language of Petri nets have been used to describe
the functioning of an agent allowing the parallelization of its tasks. The original formalism
of Petri nets has been extended to manage time and we also added a structure similar to
hierarchical networks (in which some arcs represent other Petri nets) and also the transitions
work in a similar way to functions in Stream-X-machines. The automated manner in which
Petri nets are constructed assures that the parallelization of the tasks does not produce
problems when synchronizing those tasks in a new transition that needs other tasks to be
nished.
Since we understand that a user of our methodology does not need to understand the
formalism beneath it, we have implemented a tool that allows a simple denition of the
agents from the transformation of resources that they accomplish. Therefore, a user of our
methodology does not have to worry about the formal details and can concentrate in dening
the agents that form the system.
In comparison with other implemented tools like Stroboscope Simulation Environment
http://www.cem.umich.edu/Ioannou/StrobWeb/), our approach has one main advantage and
it is that the system is in charge of planning the activation of the agents, removing the need
7. Conclusions and future work
77
to manually insert agents of great complexity. In our methodology this is achieved through
the analysis of the transformation of resources that each agent accomplishes, using those as
pre/post conditions that allow the chaining or parallelization of the tasks.
Our approach allows to model systems that will be expanded with each use. To achieve
this it suces to reincorporate agents that were designed in a previous system.
We have presented this formalism in two conferences [AMN08c, AMN09b] a chapter of
a book [MAN10] and a journal indexed in JCR [MN11]. It has been the work in those rst
articles what allowed us to realize certain details that, if solved, would provide us with a
more exible and complete approach. This led to the substitution of the original formalism,
based in nite state machines, for the formalism of the Petri nets, and also led to automating
the creation of the cell tree. The use of Petri nets has been a great advance with respect
to the earlier works, since it added the possibility of parallelization of the tasks. This not
only allows to shorten execution times, but also allows new behaviors to emerge. Also, the
automated creation of the cell tree allows to keep an order, a conceptual structure through
the cells, which in turn, simplies the understanding of the system at the same time that it
allows the messages to ow through a subtree instead of having to be sent to the whole tree.
It is important to review how our work is positioned in comparison to the related work
presented in chapters 3, 4 y 5. One of the clearer references to our work in relationship to
the multi-agent system denition is that of [Lom00]. The formalism presented in that paper
combines generality with computing power but, it is dense and complex to use because of
the complexity to understand the dierent levels of nested machines and because it implies
the necessity of dening, in an extensive manner, all the details of the agents. Instead,
our approach automates the creation of the planning agents that are constructed through
primitives, which diminishes notably the specication time. Another improvement regarding
the formalism is of practical nature, a non-expert user can access and use our methodology
in a simple manner just by using the implemented tool. Therefore, and even though our
formalism has less expressive power than the one from Lomozova, our framework provides
a series of advantages for its use. Maybe it is the pragmatic approach that can attract
users when selecting our methodology, since its implementation is executable which makes
it a small programming language allowing to check the modication of resources that they
accomplish. This programming language is a high level one and, therefore, it can not compete
in exibility or in speed with a code developed in other languages. That is, an advantage
and simultaneously a disadvantage compared with other specication methods based, by
example, in the Z language since these methods allow a very clear and exible denition
78
of the agents, but they do not allow its execution having to implement it later on in a
programming language.
Considering the study of how to create test suites for nite state machines, there does
not exist a lot of related work because black box testing is a topic that has received little
attention by the evolutionary community. Actually, in one of the main works in the eld
The test generation strategy we present in this paper, of using genetic

algorithms on a state machine model of the system, is an evolutionary approach that has not
been proposed before, to the best of our knowledge. The greatest part of the papers present
[LI08] it is mentioned:
an heuristic based in branch distances, while our approach uses mutants which derives in
that the system instead of trying to assure branch coverage has a greater focus there where
the errors are more likely to appear. It is also to note that the modication of the phases of
the genetic algorithm allows us to simultaneously search for a wide set of mistakes and to
specialize in detecting the dierent mistakes that can be present in a system.
In relation to the creation of adaptive sequences, since it is an unprecedented approach,
it is impossible to establish any relationship in the context of the state of the art.
There exist several limitations to our methodology that will have to be solved in future
work. One of the possible modications that could be attained is that agents are capable
not only to solve symbolic tasks (simulated through the transformation of virtual resources)
but also have the possibility of executing actual code, in a way that it allows us to model a
software system through our methodology. To achieve this, we will also need to extend the
formalism introducing variables and conditions over those variables and that the creation of
the Petri nets allows the formation of loops.
In conclusion, we think that we have given response to the problems stated as a starting
point of this thesis. That is, the intention of providing with a friendlier formalism for the
creation of multi-agent systems is solved in [AMN08c, AMN09b, MAN10, MN11] where the
formalism is dened, and the implemented tool is presented. This tool aids through the
automation of the tasks and the graphical interface, the construction of multi-agent systems.
Another of the stated problems is the one of reducing the quantity of tests needed to test
a nite state machine. This is studied in [MNA09] where we present an approach based
in the use of genetic algorithms and mutation testing to select those tests that kill the
highest number of mutants. The third problem tackled is to nd ways to create adaptive
sequences that allow to reach a state in a non-deterministic machine in a univocal manner.
This problem is treated in [MNH11a, MNH11b, MNH11c] where we apply genetic algorithms
for the creation of these sequences.
Apndice A
Lenguajes formales
A.1. Introduccin
El uso de lenguajes formales constituye la base para todo mtodo formal y dado que nos
permiten denir de una manera metdica cualquier tipo de proceso con el que tengamos
que enfrentarnos. Su uso permite la comprobacin de una serie de caractersticas tiles a la
hora de estudiar el comportamiento de sistemas a la vez que facilita la tarea de asegurar que
cumple ciertas propiedades. Estos lenguajes tambin nos permitirn, en general, eliminar la
ambigedad propia del lenguaje natural.
Un lenguaje se forma a partir de una sintaxis que representa los elementos del lenguaje y
una o varias
semnticas que sirven para dar signicado a los trminos sintcticos. Se dice que
un lenguaje es reconocido por autmatas, si existe un autmata de una clase especca que
es capaz de generar este lenguaje. Chomsky [Cho56] realiza una clasicacin de los lenguajes
formales segn su potencia descriptiva:
1. Lenguaje recursivamente enumerable: reconocido solo por mquinas de Turing.

2. Lenguaje dependiente del contexto: reconocido por autmatas linealmente acotados
(una mquina de Turing determinista cuya cinta de memoria est acotada por un
cierto nmero entero de veces sobre la longitud de entrada).
3. Lenguajes independientes del contexto: reconocidos por los autmatas con pila.
4. Lenguajes regulares: reconocidos por los autmatas nitos.
Los lenguajes formales tal y como son entendidos y usados en esta tesis derivan su
importancia de su aplicacin para la construccin de representaciones formales de sistemas,
79
A.2. Repaso de lenguajes comnmente usados
80
en las que se utilizarn para describir su comportamiento. Dependiendo de la expresividad

del lenguaje elegido se podr especicar el comportamiento funcional del sistema, el
comportamiento frente a los datos, u otros tipos de propiedades.

A.2.1. lgebras de procesos
Un lgebra es un conjunto de smbolos con una serie de reglas para denir operaciones
sobre estos smbolos. En el caso de las lgebras de procesos los smbolos representan procesos
o acciones, y las operaciones que se pueden realizar sobre ellos sern concatenaciones,
paralelizaciones, transformaciones en otros procesos, eleccin entre procesos, renombramiento
de las acciones y restricciones de las acciones.
Existen varias lgebras de procesos como CCS[Mil80, Mil89], CSP [Hoa78, Hoa85],
ACP[BW90], y
-calculus
[Mil99]. En esta seccin trataremos CCS en detalle, que es una
de las ms comunes y de la que han derivado muchas otras. Las siguientes deniciones son
extradas del libro [AILS07].
Denicin A.1 La sintaxis de CCS contiene:

Una coleccin de canales A y su complementario A = {a|a A}. Se considera que
= a.
a
El conjunto de etiquetas viene dado por L = A A.
El conjunto de acciones Act = L { }, donde es la accin que surge de la
comunicacin en paralelo de dos mquinas con acciones complementarias, esto es, si
a
a
P P 0 y Q Q0 entonces P |Q P 0 |Q0 es interna y no observable.

Un conjunto innito numerable K de nombres de procesos.
las expresiones en este lenguaje se forman mediante la siguiente EBNF:
P ::=
.P
Donde:
K
iI
Pi
P |P
P [f ]
P \L
es un nombre de proceso que pertenece a K.
es una accin que pertenece a Act. .P
por el proceso P .
representa la ejecucin de una accin seguida
81
es un conjunto de ndices.
P |Q
iI
Pi
representa la eleccin entre varios procesos.
representa la ejecucin en paralelo y su sincronizacin de los procesos P y Q.
f : Act Act es una funcin para modicar el nombre de las acciones. Estas funciones
tienen las siguientes restricciones f ( ) = , f (a) = f (a).

L L es un subconjunto de etiquetas. P \L representa el proceso P
al que se le impiden
ejecutar las acciones dentro de L

Se utiliza como convencin el nombre de proceso
(0
para la suma vaca de procesos
i Pi ) que representa la parada de un sistema. Adems, usualmente se escribe
P1 + P2 =
i{1,2} Pi para representar la eleccin entre dos procesos.
La semntica operacional de CCS viene caracterizada por el siguiente conjunto de reglas
.P
P
Pj0
Pj
P
iI
Pj0
Pi
, donde
jI
P
P 0
P |Q
P 0 |Q
Q
Q0
P |Q
P |Q0
a
P
P 0 ,Q Q0
P |Q
P |Q0
P
P 0 , donde
P \L
P 0 \L
,
6 L
P
P 0
f ()
P [f ]
P 0 [f ]
P
P 0 donde
K
P 0
Donde
Act
K =def P
a L.
A.2.2. Sistemas etiquetados de transiciones

Los sistemas etiquetados de transiciones (LTS de sus siglas en ingls) pueden ser usados
como formalismo inducido por las reglas operacionales que denen las lgebras de procesos.
Denicin A.2 Un LTS (labeled transition system) se dene formalmente como una tupla
(Proc, Act, { | Act}) donde:
82
Proc
Act
es un conjunto numerable de estados.
es un conjunto de acciones.
Para cada Act, Proc Proc es un conjunto de transiciones. Usualmente se

escribir s s0 para denotar (s, s0 ) .
A.2.3. Mquinas de estados nitos

Este tipo de mquinas se utilizan para denir el ujo de control de un sistema. Al no
utilizar datos, estas mquinas son una simplicacin que permite denir conceptos de una
manera sencilla, y se han utilizado histricamente para la representacin de protocolos de
comunicacin. En primer lugar, presentamos la versin determinista del formalismo.
Denicin A.3 Una mquina de estados nitos (F SM de sus siglas en ingls) es una tupla
(S, I, O, , , s0 ) donde:
S
es un conjunto de estados.
es un conjunto de inputs.
es un conjunto de outputs.
:SI S
es la funcin de cambio de estado.
:SI O
es la funcin de output.
s0 S
es el estado inicial.
El indeterminismo puede aparecer al hacer abstraccin de los datos de un sistema

para convertirlo en una mquina de estados, por abstraccin de ciertas propiedades y
comportamientos, o por peculiaridades especcas del sistema. En este caso, es necesario
considerar una variante de las FSMs que permita representar el indeterminismo.
Denicin A.4 Una mquina de estados nitos no determinista es una tupla (S, I, O, T r, s0 )
donde:
S
83
es un conjunto de transiciones. Una transicin ti T r es una

i/o
tupla ti = (s1 , i, o, s2 ) donde s1 , s2 S , i I , o O y suele denotarse por s1 s2 .
Tr S I O S
s0 S
Existen dos tipos de mquinas de estados nitos no deterministas: las
observables,
en
las que a pesar de que un mismo input pueda llevarnos a varios estados distintos siempre
podemos ver un output diferente y las
no observables,
que no tienen esta restriccin y por
tanto saber el estado al que hemos avanzado es imposible. Toda mquina de estados nitos
no determinista puede transformarse a una no determinista observable equivalente a costa
de aumentar el nmero de estados.
Las
mquinas de estados nitos extendidas permiten manejar datos adems de denir el
ujo de control. Para ello utilizan condiciones y transformaciones de las variables del sistema
que se incluirn en las transiciones. Estas mquinas complican algunas tareas, haciendo
incluso muy difcil computacionalmente determinar si existen caminos que no son factibles.
Denicin A.5 Una mquina de estados nitos extendida (EF SM de sus siglas en ingls)
es una tupla (S, I, O, V, T r, s0 ) donde:
S
es un conjunto de variables.
es un conjunto de transiciones. Una transicin se dene como una tupla

(s, i, g, op, o, s0 ), donde s, s0 S , i I , o O, g es una relacin entre las variables y
op es una operacin de transformacin de las variables.
Tr
s0 S
Para modelar sistemas distribuidos es corriente utilizar una variante de las FSMs donde se
usa una particin del conjunto de inputs y tuplas de outputs. En general, para simplicar las
deniciones se suele suponer que el sistema distribuido puede abstraerse a estar compuesto
de dos interfaces principales,
L,
que es como est presentado en esta tesis.
Denicin A.6 Una mquina de estados distribuida es una tupla (S, I, O, , , s0 ), donde:
S
es un conjunto nito de estados.
84
I = IU IL ,
donde IU (resp. IL ) es el alfabeto de entrada del puerto U (resp. L) y

asumimos IU IL = .
O = (OU {}) (OL {}) \ {(, )},
donde OU (resp. OL ) es el alfabeto de salida

del puerto U (resp. L) y asumimos OU OL = .
es la funcin de transicin. Extendemos para manejar secuencias de

inputs, esto es, : SI S es la funcin que representa el estado alcanzado despus
de la aplicacin secuencial de todos los inputs de una secuencia desde un estado.
: S I S
es la funcin de salida. Extendemos para manejar secuencias de

inputs, esto es, : S I O es la funcin que representa la secuencia de outputs
creada por la aplicacin secuencial de los inputs de la secuencia desde un estado.
: S I O
s0 S
A.2.4. Stream X-Machines

El tipo ms conocido de X-machines son las
stream X-Machines, que son una modicacin
de las mquinas de estados nitos extendidas. Estas mquinas permiten una estricta
separacin,
por
tanto
una
correcta
representacin,
entre
el
ujo
de
control
el
procesamiento. Han sido muy utilizadas en testing porque pueden representar sistemas
complejos y permiten generar conjuntos de tests de una manera sencilla.
Denicin A.7 Una Stream X-Machine es una tupla (S, M em, I, O, , , s0 , m0 ) donde:
S
es el conjunto nito de estados.
M em
es la memoria que no tiene porque ser nita.
es el alfabeto nito de entrada.
es el alfabeto nito de salida.
es el conjunto de funciones de procesamiento. Cada una de las funciones es

del tipo : M em I O M em.
es una funcin parcial que dene el conjunto de estados que se

pueden alcanzar a partir de uno dado. En el caso de tratarse de una Stream X-Machine
determinista esta funcin ser del tipo : S S .
: S P(S)
s0 S
m0 M em
85
es el valor inicial de la memoria.
A.2.5. Autmatas de Bchi

Los autmatas de Bchi son autmatas de estados nitos que aceptan lenguajes innitos
(reconocen lenguajes
-regular). Se dice que una palabra innita es aceptada si visita estados
de aceptacin innitas veces. Los autmatas de Bchi se utilizan habitualmente en tcnicas

de
model checking. Distinguimos entre autmatas deterministas y no deterministas.
Denicin A.8 Un autmata determinista de Bchi es una tupla (S, , , s0 , F ), donde:

S
es un alfabeto nito.
:SS
es la funcin de transicin.
s0 S
F S
es el conjunto de estados de aceptacin.
Un autmata no determinista de Bchi es una tupla (S, , , S0 , F ), donde:

S
es un alfabeto nito.
: S P(S)
S0 S
es el conjunto de estados iniciales.
F S
Los autmatas de Bchi no deterministas tienen mayor poder expresivo que los deterministas,
esto es, no se puede transformar de manera general cualquier automata no determinista de
Bchi a uno determinista que acepte el mismo lenguaje.
A.2.6. Autmatas con pila

Los autmatas con pila permiten reconocer los lenguajes libres de contexto.
Denicin A.9 Un autmata de pila es una tupla (S, , , , s0 , Z, F ), donde:

S
86
es el alfabeto del autmata.
es el alfabeto de la pila.
: S ( {}) P(S )
s0 S
es el smbolo inicial de la pila.
F S
La funcin de transicin parte del estado actual, toma un smbolo del input (que puede ser
la cadena vaca) y el smbolo que se encuentra en la parte superior de la pila, y elige uno
de los estados disponibles a los que se puede llegar con esa combinacin, elimina el smbolo
superior de la pila, y aade una cadena de smbolos (que puede ser vaca) a la pila.
A.2.7. Mquinas de Turing

Las mquinas de Turing son un formalismo que ofrece la misma potencia de clculo que
los computadores basados en la arquitectura de Von Neumann.
Denicin A.10 Una mquina de Turing es una tupla (S, , , s0 , b, F, ), donde:

S
es un conjunto nito de smbolos distintos del espacio en blanco. es el alfabeto

del lenguaje que reconoce la mquina de Turing.
es un conjunto nito de smbolos de cinta. Este conjunto se puede subdividir en 3

subconjuntos: = {b} , donde es un conjunto de smbolos auxiliares y b el
smbolo en blanco.
s0 S
b
es el smbolo en blanco. Inicialmente la cinta solo contiene el smbolo en blanco.
F S
es la funcin de transicin. Ntese que el valor

L, R, N (Left, Right, No-move) se usa para conocer la direccin en la que ha de moverse
el cabezal de la cinta.
: S\F S {L, R, N }
87
Figura A.1: Una red de Petri (izquierda) y el resultado de su ejecucin.
A.2.8. Redes de Petri

Las
redes de Petri son as llamadas en honor a su inventor: Carl Adam Petri. De manera
general, las redes de Petri son un modelo matemtico que permite expresar concurrencia
entre procesos.
Denicin A.11 Una red de Petri se puede denir como una tupla (S, T r, W, M0 ), donde:
S
es un conjunto de lugares.
es un conjunto de transiciones.
Tr
IN es un multiconjunto de arcos. Esta funcin dene arcos

entre lugares y transiciones (o viceversa) y asigna una multiplicidad del arco. Este valor
es el nmero de tokens a aadir o eliminar al atravesar el arco.
W : (S T ) (T S)
M0
es el marcado original, esto es, la posicin de los tokens al inicializar la mquina.
Denimos dos conjuntos t = {p|(p, t) W } y t = {p|(t, p) W }.

La semntica de una red de Petri viene dada por las siguientes ecuaciones:
Se permitir el disparo de una transicin t, denotado por M t M 0 , si para todo p t,
el nmero de tokens es mayor o igual que W (p, t), y el marcado se modicar como se
indica a continuacin.
p t, M 0 (p) = M (p) W (p, t)
p t, M 0 (p) = M (p) + W (t, p)
Escribimos M M 0 si existe un t tal que M t M 0 .
88
Existen mltiples extensiones al formalismo bsico. Una de las extensiones consiste en

aadir informacin temporal, que permite manejar conceptos como la edad de los tokens
o ciertos intervalos temporales en los que se puede disparar una transicin. Otra extensin
son las
redes de Petri jerarquizadas,
en las que los tokens de redes superiores representan
redes de Petri coloreadas, que asignan

cualidades a los tokens a travs del color o lo que se llama lugares de fusin que asigna las
otras redes de Petri a su vez. Tambin existen las
mismas propiedades y nmero de tokens a varios lugares simultneamente. Una posibilidad

ms es el uso de
arcos inhibidores, que son arcos tales que si existe un token en su lugar de
salida, evitan que la transicin a la que estn conectados se dispare. En este ltimo caso las
correspondientes redes de Petri son Turing-completas.
Bibliografa
[AC07]
E. Alba and F. Chicano. Finding safety errors with ACO. In
Genetic and Evolutionary Computation, GECCO '07,
9th annual Conf. on
pages 10661073. ACM,
2007.
[ACY95]
R.
Alur,
C.
Courcoubetis,
and
M.
Yannakakis.
nondeterministic and probabilistic machines.
In
Distinguishing
tests
for
27th ACM Symp. on Theory
of Computing, STOC'95, pages 363372. ACM Press, 1995.

[AGET10]
S. H. Aljahdali, A. S. Ghiduk, and M. El-Telbany. The limitations of genetic

algorithms in software testing. In
ACS/IEEE Int. Conf. on Computer Systems
and Applications, AICCSA '10, pages 17. IEEE Computer Society, 2010.
[AILS07]
L. Aceto, A. Inglfsdttir, K.G. Larsen, and J. Srba.
Modelling, Specication and Verication.

[AMN08a]
Cambridge Univ. Press, 2007.
C. Andrs, M.G. Merayo, and M. Nez.

information system. In
Reactive Systems,
Formal development of a complex
3rd Int. Conf. on Systems, ICONS'08,
pages 118123.
IEEE Computer Society Press, 2008.

[AMN08b]
C.
sive
Andrs,
testing
M.G.
of
Merayo,
timed
and
M.
systems.
Nez.
Available
Pasat:
http://kimba.mat.ucm.es/manolo/papers/atva08-passive-extended.pdf,
2008.
[AMN08c]
C. Andrs, M.G. Merayo, and M. Nez.
Passive testing of timed systems.
6th Int. Symposium on Automated Technology for Verication and Analysis,

ATVA'08, LNCS 5311, pages 418427. Springer, 2008.
In
[AMN08d]
C. Andrs, C. Molinero, and M. Nez.

hierarchical agent-based systems. In
89
A formal methodology to specify
4th Int. Conf. on Signal-Image Technology
Bibliografa
90
& Internet-based Systems, SITIS'08,
pages 169176. IEEE Computer Society
Press, 2008.
[AMN09a]
C. Andrs, M.G. Merayo, and M. Nez. Formal correctness of a passive testing

approach for timed systems.
In
5th Workshop on Advances in Model Based
Testing, A-MOST'09, pages 6776. IEEE Computer Society Press, 2009.

[AMN09b]
C. Andrs, C. Molinero, and M. Nez.
A hierarchical methodology to
specify and simulate complex computational systems.
In
9th Int. Conf. on
Computational Science, ICCS'09, LNCS 5544, pages 347356. Springer, 2009.

[Bal98]
Joo Balsa. A hierarchical multi-agent system for natural language diagnosis. In
13th European Conference on Articial Intelligence, ECAI'98,
pages 195196.
John Wiley and Sons, 1998.

[BCP05]
C. Bernon, M. Cossentino, and J. Pavn. Agent-oriented software engineering.
Knowledge Engineering Review, 20(2):99116, 2005.

[BFJT02]
B. Baudry, F. Fleurey, J.M. Jzquel, and Y. Le Traon. Automatic test cases

optimization using a bacteriological adaptation model: Application to .NET
components. In
17th Int. Conf. on Automated Software Engineering, ASE'02,
page 253. IEEE Computer Society, 2002.

[BJ01]
P.M.S. Bueno and M. Jino. Automatic test data generation for program paths
using genetic algorithms. In
[BM10]
SEKE'01, pages 29, 2001.
K. Barkaoui B. Marzougui, K. Hassine.

multi agent systems: Agent petri nets.
A new formalism for modeling a
Journal of Software Engineering and
Applications, 3:11181124, 2010.

[BMO00]
B. Bauer, J. P. Mller, and J. Odell.

multiagent
software
systems.
Agent uml: A formalism for specifying
Int. Journal of Software Engineering and
Knowledge Engineering, 11(3):207230, 2000.

Software Engineering Economics.
[Boe81]
B.W. Boehm.
[Bra87]
M.E. Bratman.
[Bro90]
R.A. Brooks. Elephants don't play chess.

6:315, 1990.
Prentice Hall, 1981.
Intentions, Plans and Practical Reason.
1987.
Robotics and Autonomous Systems,
Bibliografa
[Bru91]
91
J.C. Brustoloni.
Autonomous agents: Characterization and requirements.
Technical
CMU-CS-91-204,
Report
School
of
Computer
Science,
Carnegie
Mellon University, 1991.

[BW90]
J.C.M. Baeten and W.P. Weijland.
Process Algebra.
Cambridge Tracts in
Computer Science 18. Cambridge University Press, 1990.

[BW08]
O. Bhler and J. Wegener.
Evolutionary functional testing.
Computers and
Operations Research, 35:31443160, October 2008.

[CCZ01]
C. Chang, M. Christensen, and T. Zhang.

management.
[CDG09]
Annals of Software Engineering, 11(1):107139, 2001.
J. R. Celaya, A. A. Desrochers, and R. J. Graves.

multi-agent systems using petri nets.
[Cha04]
Genetic algorithms for project
Modeling and analysis of
Journal of Computers, 4:981996, 2009.
W. Chainbi. Multi-agent systems: a petri net with objects based approach. In
IEEE/WIC/ACM Int. Conf. on Intelligent Agent Technology, (IAT'04),
pages
429 432, 2004.

[Cho56]
N. Chomsky. Three models for the description of language.
Information Theory,
IRE Transactions on, 2(3):113 124, 1956.

[Cho78]
T.S. Chow.
Testing software design modeled by nite state machines.
IEEE
Transactions on Software Engineering, 4:178187, 1978.

[CL90]
P.R. Cohen and H.J. Levesque. Intention is choice with commitment.
Articial
Intelligence, 42(23):213261, 1990.

[CP98]
E. Cant-Paz. A survey of parallel genetic algorithms.
Calculateurs Paralleles,
10, 1998.
[CS94]
D.A. Carrington and P.A: Stocks.

and software testing. In
A tale of two paradigms: Formal methods
Z User Workshop, pages 5168. Springer, Workshops in
Computing, 1994.
[CW09]
P.-H. Chen and H. Weng.

project scheduling.
A two-phase GA model for resource-constrained
Automation in Construction, 18(4):485498, 2009.
[DaDHS07] C. Doungsa-ard, K. Dahal, A. Hossain, and T. Suwannasart.

generation from UML state machine diagrams using GAs.
In
Test data
Int. Conf. on
Software Engineering Advances, 2007. ICSEA 2007, page 47, aug. 2007.
Bibliografa
92
[Der06]
[DFL 97]
Automated test sequence generation for nite state machines using

genetic algorithms. PhD thesis, Brunel University, 2006.
K. Derderian.
M. D'inverno, M. Fisher, A. Lomuscio, M. Luck, M. De Rijke, M. Ryan, and

M. Wooldridge.
Formalisms for multi-agent systems.
Knowledge Engineering
Review, 12:315321, 1997.

[DG97]
M. Dorigo and L.M. Gambardella. Ant colony system: A cooperative learning

approach to the traveling salesman problem.
IEEE Transactions on Evolutionary
Computation, pages 5366, 1997.

[dGLL00]
G. de Giacomo, Y. Lesprance, and H. J. Levesque.
Congolog, a concurrent
programming language based on the situation calculus.
Articial Intelligence,
121:109169, 2000.
[DHHG06]
K. Derderian, R.M. Hierons, M. Harman, and Q. Guo.
Automated Unique
Input Output sequence generation for conformance testing of FSMs.
Computer
Journal, 49(3):331344, 2006.

[DHHG10]
K. Derderian, R.M. Hierons, M. Harman, and Q. Guo. Estimating the feasibility

of transition paths in extended nite state machines.
Automated Software
Engineering, 17:3356, 2010.

[dL96]
M. d'Inverno and M. Luck.
Understanding autonomous interaction.
European Conference on Articial Intelligence, ECAI'96,
In
12th
pages 529533. John
Wiley and Sons, 1996.
[DMC96]
M. Dorigo, V. Maniezzo, and A. Colorni.

a colony of cooperating agents.
The ant system: Optimization by
IEEE Transactions on Systems, Man and
Cybernetics B, 26(1):2941, 1996.

[DMHN09] K. Derderian, M.G. Merayo, R.M. Hierons, and M. Nez.
Aiding test
case generation in temporally constrained state based systems using genetic

algorithms. In
10th Int. Conf. on Articial Neural Networks, IWANN'09, LNCS
5517, pages 327334. Springer, 2009.

[Dor92]
M. Dorigo.
Optimization, Learning and Natural Algorithms.
Politecnico di Milano, 1992.
PhD thesis,
Bibliografa
[DSI 11]
93
I. Dinca, A. Stefanescu, F. Ipate, R. Lefticaru, and C. Tudose.
Test data
2nd International
Conference on Software Engineering and Computer Systems (ICSECS'11) (to
be published), 2011.
generation for event-b models using genetic algorithms.
[ELL01]
In
S. Edelkamp, A.L. Lafuente, and S. Leue. Directed explicit model checking with
hsf-spin.
In
8th international SPIN workshop on Model checking of software,
SPIN'01, pages 5779. Springer-Verlag New York, Inc., 2001.

[ER01]
A. Esterline and T. Rorie. Using the pi-calculus to model multiagent systems. In
Formal Approaches to Agent-Based Systems, volume LNCS 1871, pages 164179.

Springer Berlin / Heidelberg, 2001.
[ES89]
[FBK 91]
Workshop
on Linear Time, Branching Time and Partial Order in Logics and Models for
Concurrency, LNCS 354, pages 123172. Springer, 1989.
E.A. Emerson and J. Srinivasan. Branching time temporal logic. In
S. Fujiwara, G. von Bochmann, F. Khendek, M. Amalou, and A. Ghedamsi.

Test selection based on nite-state models.
IEEE Transactions on Software
Engineering, 17(6):591603, 1991.

[FG96]
S. Franklin and A.C. Graesser. Is it an agent, or just a program?: A taxonomy
3rd Workshop on Intelligent Agents: Agent Theories,

Architectures, and Language, ATAL'96, LNCS 1193, pages 2135. Springer,
for autonomous agents. In
1996.
[FOSG97]
J.M. Fonseca, E. De Oliveira, and A. Steiger-Garao.

management system.
[FSGSS11]
A dai based resource
Applied Articial Intelligence, 11(6):525550, 1997.
A.E. Fallah-Seghrouchni, J.J. Gomez-Sanz, and M.P. Singh.

in agent-oriented software engineering.
In
Formal methods
10th Int. Conf. on Agent-oriented
software engineering, AOSE'10, pages 213228. Springer-Verlag, 2011.

[FW97]
M. Fisher and M. Wooldridge. On the formal specication and verication of

multi-agent systems.
International Journal of Cooperative Information Systems,
6:3765, 1997.
[GHHD07]
Q. Guo, R.M. Hierons, M. Harman, and K. Derderian.

diagnosis when testing from nite state machines.
and Reliability, 17(1):4157, 2007.
Heuristics for fault
Software Testing Verication
Bibliografa
94
[GHJV93]
E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design patterns: Abstraction
7th European Conf. on Object-Oriented
and reuse of object-oriented design. In
Programming, ECOOP'93, LNCS 707, pages 406431. Springer, 1993.

[GHWA05] J.M.E. Gabbai, Y. Hujun, W.A. Wright, and N.M. Allinson. Self-organization,
emergence and multi-agent systems.
Int. Conf. on Neural Networks and
In
Brain, ICNN B '05. IEEE Computer Society, 2005.

[GK02]
P. Godefroid and S. Khurshid. Exploring very large state spaces using genetic
algorithms.
[Gol89]
Genetic Algorithms in Search, Optimisation and Machine
D.E. Goldberg.
Learning.
[GP08]
Software Tools for Technology Transfer, 6(2):117127, 2002.
Addison-Wesley, 1989.
Y. Gal and A. Pfeer.
Networks of inuence diagrams: a formalism for
representing agents' beliefs and decision-making processes.
Journal of Articial
Intelligence Research, 33:109147, 2008.

[GYK08]
M. Gromov, N. Yevtushenko, and A. Kolomeets. On the synthesis of adaptive

tests for nondeterministic nite state machines.
Programming and Computer
Software, 34:322329, 2008.

[Har87]
D. Harel.
Statecharts: A visual formulation for complex systems.
Science of
Computer Programming, 8(3):231274, 1987.

[Hie04]
R.M. Hierons.
Testing from a non-deterministic nite state machine using
adaptive state counting.
IEEE Transactions on Computers,
53(10):13301342,
2004.
[HKGM00] V. Hilaire, A. Koukam, P. Gruer, and J.P. Mller.
prototyping of multi-agent systems.
In
Formal specication and
1st Int. Workshop on Engineering
Societies in the Agent World, ESAW '00, pages 114127. Springer, 2000.
[HKRJ07]
A. Hadj-Kacema, A. Regayegb, and M. Jmaielb. Formaad: A formal method for

agent-based application design.
Web Intelligence and Agent Systems, 5:435454,
2007.
[HKW05]
G. Hutzler, H. Klaudel, and D. Wang.

agent systems. In
Springer, 2005.
Towards timed automata and multi-
Formal Approaches to Agent-Based Systems, pages 161172.
Bibliografa
[HL05]
95
B. Horling and V. Lesser.
A survey of multi-agent organizational paradigms.
The Knowledge Engineering Review, 19:281316, 2005.

[Hoa78]
C.A.R. Hoare.
Communicating sequential processes.
Communications of the
ACM, 21(8):666677, 1978.

Communicating Sequential Processes.
[Hoa85]
C.A.R. Hoare.
[How99]
G.A. Howel. White paper for berkeley/stanford ce&m research workshop, 1999.
www.ce.berkeley.edu/tommelein/CEMworkshop/Howell.pdf.
[HU08]
R.M. Hierons and H. Ural. The eect of the distributed test architecture on the
power of testing.
[Ipa06]
F.
Ipate.
The Computer Journal, 51(4):497510, 2008.
Bounded
machiness. In
sequence
testing
from
non-deterministic
nite
state
18th Int. Conf. on Testing Communicating Systems, TestCom'06,
LNCS 3964, pages 5570. Springer, 2006.

[Jen00]
N.R. Jennings.
On agent-based software engineering.
117:277296, 2000.
[JSE96]
B.F. Jones, H.-H. Sthamer, and D.E. Eyres. Automatic structural testing using
genetic algorithms.
[KE95]
Software Engineering Journal, 11(5):299 306, sep 1996.
J. Kennedy and R. Eberhart. Particle swarm optimization. In
IEEE Int. Conf.
on Neural Networks, ICNN'95, pages 19421948, 1995.

[KGV83]
S. Kirkpatrick, C.D. Gelatt, and M.P. Vecchi.

annealing.
[KHS09]
Optimization by simulated
Science, 220(4598):671680, 1983.
A. Kalaji, R.M. Hierons, and S. Swift. Generating feasible transition paths for
testing from an extended nite state machine (EFSM).
Software Testing Verication and Validation, ICST'09,
In
2nd Int. Conf. on
pages 230239. IEEE
Computer Society Press, 2009.

[Kin05]
D. Kinny. Algebraic specication of agent computation.
Applicable Algebra in
Engineering, Communication and Computing, 16:77111, 2005.

[Kis91]
G. Kiss. Variable coupling of agents to their environment: Combining situated
3rd European Workshop on Modeling Autonomous

Agents and Multi-Agent Worlds, MAAMAW'91, pages 231248. Elsevier, 1991.
and symbolic automata. In
Bibliografa
96
[KK10]
K. Kim and K. J. Kim. Multi-agent-based simulation system for construction

operations with congested ows.
Automation in Construction, 19(7):867 874,
2010.
[KM01]
D. Koller and B. Milch.

solving games. In
[Kon04]
Multi-agent inuence diagrams for representing and
17th Int. Joint Conf. on Articial Intelligence (IJCAI), 2001.
Z. Konfrst. Parallel genetic algorithms: advances, computing trends, applications

and perspectives. In
18th Int. Parallel and Distributed Processing Symposium,
IPDPS'04, pages 162170. IEEE Computer Society Press, 2004.

[Kor90]
B. Korel.
Automated software test data generation.
IEEE Transactions on
Software Engineering, 16:870879, August 1990.

[KPPL00]
K. Kim, J.B.C. Paulson, J.C.J. Petrie, and V. Lesser. Compensatory negotiation

for agent-based project schedule coordination, 2000.
[LEK05]
M. Last, S. Eyal, and A. Kandel.

algorithms. In
Eective black-box testing with genetic
1st Int. Haifa Verication Conf., pages 134148. Springer-Verlag,
2005.
[LI07]
R. Lefticaru and F. Ipate. Automatic state-based test generation using genetic
Int. Symposium on Symbolic and Numeric Algorithms for

Scientic Computing, SYNASC'07, pages 188 195, 2007.
algorithms.
[LI08]
In
R. Lefticaru and F. Ipate. Functional search-based testing from state machines.

In
1st Int. Conf. on Software Testing, Verication, and Validation,
pages 525
528, 2008.
[LL32]
C.I. Lewis and C.H. Langford.
[LO09]
L.D. Long and A. Ohsato.
Symbolic Logic.
The Century Corporation, 1932.
A genetic algorithm-based method for scheduling
repetitive construction projects.
Automation in Construction,
18(4):499511,
2009.
[Lom00]
I.A. Lomazova. Nested Petri Nets - a formalism for specication and verication
of multi-agent distributed systems.
Fundamenta Informaticae, 43(1-4):195214,
2000.
[MA05]
T. Mantere and J.T. Alander.
Evolutionary software engineering, a review.
Applied Soft Computing, 5:315331, 2005.
Bibliografa
[Mae89]
97
P. Maes. The dynamics of action selection. In
11th Int. Joint Conf. on Articial
Intelligence, IJCAI'89, pages 991997. Morgan Kaufmann, 1989.

[MAN10]
Web-Based Information Technologies
C. Molinero, C. Andrs, and M. Nez.
and Distributed Systems, chapter A Formal Methodology to Specify Hierarchical

Agent-Based Systems, pages 93 114. World Scientic, 2010.
[McM04]
P. McMinn.
Search-based software test data generation: a survey.
Software
Testing Verication and Reliability, 14(2):105156, 2004.

[McM11]
P. McMinn.
Search-based software testing: Past, present and future (keynote
4th International Workshop on Search-Based Software Testing (SBST
paper). In
2011), pages 153163. IEEE Computer Society, 2011.

[MH87]
J. McCarthy and P.J. Hayes.
of articial intelligence.
Some philosophical problems from the standpoint
1987.
[Mil80]
R. Milner.
A Calculus of Communicating Systems (LNCS 92).
[Mil89]
R. Milner.
Communication and Concurrency.
[Mil99]
R. Milner.
Springer, 1980.
Communicating and Mobile Systems: the -Calculus.
Cambridge
University Press, 1999.

[MK05]
T.
Miyamoto
and
S.
Kumagai.
survey
of
object-oriented
petri
nets
IEICE Transactions on Fundamentals of Electronics,

Communications and Computer Sciences, E88-A:29642971, November 2005.
and analysis methods.
[MMS01]
C. C. Michael, G. McGraw, and M.A. Schatz. Generating software test data by

evolution.
IEEE Transactions on Software Engineering, 27:10851110, December
2001.
[MN11]
C. Molinero and M. Nez. Planning of work schedules through the use of a

hierarchical multi-agent system.
[MNA09]
Automation in Construction, 2011.
C. Molinero, M. Nez, and C. Andrs.
Combining genetic algorithms and
mutation testing to generate test sequences.
In
10th Int. Conf. on Articial
Neural Networks, IWANN'09, LNCS 5517, pages 343350. Springer, 2009.

[MNH11a]
C. Molinero, M. Nez, and R.M. Hierons. Creating adaptive sequences with

genetic algorithms to reach a certain state in a non-deterministic FSM. In
IEEE
Bibliografa
98
Symposium on Articial Life, ALIFE'11 (to appear).
IEEE Computer Society
Press, 2011.
[MNH11b]
C. Molinero, M. Nez, and R.M. Hierons. Experimental comparison of dierent

techniques to generate adaptive sequences. In
11th Int. Conf. on Articial Neural
Networks, IWANN'11, LNCS 6692, pages 404411. Springer, 2011.

[MNH11c]
C. Molinero, M. Nez, and R.M. Hierons. An islands model genetic algorithm

to test non-deterministic nite state machines, 2011. Submitted.
[Mol09]
C. Molinero. A formal approach to the specication of hierarchical multi-agent

systems. Master's thesis, Universidad Complutense de Madrid, 2009.
[MS76]
W. Miller and D.L. Spooner. Automatic generation of oating-point test data.
Software Engineering, IEEE Transactions on, SE-2(3):223 226, sept. 1976.

[MW97]
D. Moldt and F. Wienberg. Multi-agent-systems based on coloured petri nets. In
18th Int. Conf. on Application and Theory of Petri Nets, pages 82101. Springer,
1997.
3rd
Int. Conf. on Knowledge Based Intelligent Information Engineering Systems,
KES'99, pages 8892, 1999.
[NP99]
M. Nowostawski and R. Poli.
Parallel genetic algorithm taxonomy.
In
[NVHV07]
D. Van Nieuwenborgh, M. De Vos, S. Heymans, and D. Vermeir. Hierarchical

decision making in multi-agent systems using answer set programming. In
7th
Int. Conf. on Computational logic in multi-agent systems, CLIMA VII'06, pages

2040. Springer, 2007.
[OSS08]
S. Okamoto, P. Scerri, and K. Sycara.
The impact of vertical specialization
on hierarchical multi-agent systems.
23rd national conference on Articial
In
intelligence - Volume 1, pages 138143. AAAI Press, 2008.

[Par97]
H. Van Dyke Parunak.

multi-agent systems.
[PGGS08]
"go to the ant": Engineering principles from natural
Annals of Operations Research, 75:69101, 1997.
J. Pavn, F. Garijo, and J. Gmez-Sanz. Complex systems and agent-oriented
Int. Workshop on Engineering Environment-Mediated

Multi-Agent Systems, EEMMAS'07, volume LNCS 5049, pages 316. Springer,
software engineering. In
2008.
Bibliografa
[PGGZ94]
99
M. Pei, E. D. Goodman, Z. Gao, and K. Zhong.

data generation using a genetic algorithm, 1994.
Automated software test

Technical report GARAGe
of Michigan State University.

[PHP99]
R. P. Pargas, M. J. Harrold, and R. R. Peck. Test-data generation using genetic

algorithms.
[PYB96]
Software Testing, Verication And Reliability, 9:263282, 1999.
A. Petrenko, N. Yevtushenko, and G. von Bochmann.
Testing deterministic
implementations from their nondeterministic FSM specications. In
Workshop on Testing of Communicating Systems, IWTCS'96,
9th IFIP
pages 125140.
Chapman & Hall, 1996.

[PYLD93]
A. Petrenko, N. Yevtushenko, A.V. Lebedev, and A. Das. Nondeterministic state

machines in protocol conformance testing. In
6th IFIP Workshop on Protocol
Test Systems, IWPTS'93, pages 363378. North Holland, 1993.

[RA04]
Z. Ren and C.J. Anumba. Multi-agent systems in construction: State of the art
and prospects.
[RAU03]
Automation in Construction, 13(3):421434, 2004.
Z. Ren, C. J. Anumba, and O. O. Ugwu.
The development of a multi-agent
system for construction claims negotiation.
Advances in Engineering Software,
34(11-12):683 696, 2003.

[RCAP02]
S. Rahimi, M. Cobb, D. Ali, and F. Petry. A modeling tool for intelligent-agent

based systems: the api-calculus. In
Soft computing agents: a new perspective for
dynamic information systems, pages 165186. IOS-Press, 2002.

[Rei91]
The frame problem in situation calculus: a simple solution

(sometimes) and a completeness result for goal regression, pages 359380.
R.
Reiter.
Academic Press Professional, Inc., 1991.

[RG91]
A.S.
Rao
and
Architecture.
+
[RMB 95]
M.
Roper,
M.P.
George.
Modeling Rational Agents within a BDI-
Morgan Kaufmann, 1991.

I.
Maclean,
A.
Brooks,
J.
Miller,
and
M.
Wood.
Genetic
algorithms and the automatic generation of test data, 1995. Technical report
RR/95/195[efOcs-19-95].
[RN95]
S. Russel and P. Norvig.

Hall, 1995.
Articial Intelligence (A Modern Approach).
Prentice-
Bibliografa
100
The Theory and Practice of Concurrency.
[Ros98]
A.W. Roscoe.
[RR09]
P. Rabanal and I. Rodrguez.
Testing restorable systems by using RFD.
10th Int. Conf. on Articial Neural Networks, IWANN'09, LNCS 5517,
In
pages
351358. Springer, 2009.

[SBD98]
R. Studer, V.R. Benjamins, and D.Fensel.

and methods.
Knowledge engineering: Principles
Data & Knowledge Engineering, 25((12)):161197, 1998.
[SBWM03] A. Sawhney, H. Bashford, K. Walsh, and A.R. Mulky. Agent-based modeling

and simulation in construction. In
35th Winter Simulation Conf., pages 1541
1547. IEEE Computer Society Press, 2003.

[SD88]
K. Sabnani and A. Dahbura. A protocol test generation procedure.
Computer
Networks and ISDN Systems, 15:285297, 1988.

[SGH03]
H. Stolk, K. Gates, and J. Hanan.

hierarchical multi-agent systems.
Discovery of emergent natural laws by
In
3rd Inter. Conf. on Intelligent Agent
Technology, IAT '03, pages 7582. IEEE Computer Society, 2003.

[SH00]
T. Sttzle and H.H. Hoos. Max-min ant system.
Future Generation Computer
Systems, 16:889914, 2000.

[Sho93]
Y. Shoham. Agent-oriented programming.
60(1):5192,
1993.
[SL01]
S. Shapiro and Y. Lesprance.
Modeling multiagent systems with CASL - a
7th Int. Workshop on Intelligent

Agents VII. Agent Theories Architectures and Languages, ATAL '00, pages 244
feature interaction resolution application. In
259. Springer, 2001.

[SLB09]
Y. Shoham and K. Leyton-Brown.
Theoretic, and Logical Foundations.
Multiagent Systems: Algorithmic, GameCambridge University Press, 2009.
The Object-Z specication language.
[Smi00]
G. Smith.
[SSK11]
M. Shirole, A. Suthar, and R. Kumar. Generation of improved test cases from

uml state diagram using genetic algorithm.
Software Engineering Conference,

USA, 2011. ACM.
2000.
In
Proceedings of the 4th India
ISEC '11, pages 125134, New York, NY,
Bibliografa
[ST05]
101
S. Schneider and H. Treharne.
Csp theorems for communicating b machines.
Formal Aspects of Computing, 17:390422, 2005.

[Tre96]
J. Tretmans. Conformance testing with labelled transition systems: Implementation relations and test generation.
Computer Networks and ISDN Systems,
29:4979, 1996.
[WC01]
M. Wooldridge and P. Ciancarini.
Agent-oriented software engineering: The
1st Int. Workshop on Agent-Oriented Software Engineering,

AOSE'00, LNCS 1957, pages 128. Springer, 2001.
state of the art. In
[WDPK09] A. Wakulicz-Deja and M. Przybya-Kasperek.
Hierarchical multi-agent system.
2009.
[WJ95]
M. Wooldridge and N.R. Jennings. Intelligent agents: Theory and practice.
The
Knowledge Engineering Review, 10(2):115152, 1995.

[WJK00]
M. Wooldridge, N. R. Jennings, and D. Kinny. The Gaia methodology for agentoriented analysis and design.
Journal of Autonomous Agents and Multi-Agent
Systems, 3(3):285312, 2000.

[WLTW09] A. Windisch, F. Lindlar, S. Topuz, and S. Wappler.
testing of continuous control systems.
In
Evolutionary functional
11th Annual conference on Genetic
and evolutionary computation, GECCO '09, pages 19431944. ACM, 2009.

[WRH98]
D. Whitley, S. Rana, and R.B. Heckendorn. The island model genetic algorithm:
On separability, population size and convergence.
Journal of Computing and
Information Technology, 7:3347, 1998.

[WSJE97]
J. Wegener, H. Sthamer, B. F. Jones, and D.E. Eyres. Testing real-time systems

using genetic algorithms.
[XLH 10]
Software Quality Control, 6:127135, October 1997.
Z. Xiao, T. Li, M. Huang, J. Shi, J. Yang, J. Yu, and W. Wu. Hierarchical MAS
based control strategy for microgrid.
[Yan98]
X. Yang.
Energies, 3(9):16221638, 2010.
Automated testing from Z specications.
PhD thesis, University of
Glamorgan, 1998.
[Zhu03]
H. Zhu. A formal specication language for agent-oriented software engineering.
Proceedings of the second international joint conference on Autonomous

agents and multiagent systems, AAMAS '03, pages 11741175. ACM, 2003.
In
Bibliografa
102
[ZJW01]
F. Zambonelli, N.R. Jennings, and M. Wooldridge.
Organisational rules as
an abstraction for the analysis and design of multi-agent systems.
Journal of
Software Engineering and Knowledge Engineering, 11(3):303328, 2001.
Relacin de publicaciones
A Formal Methodology to Specify Hierarchical
Agent-Based Systems. En 4th Int. Conf. on Signal-Image Technology & Internet-based
Systems, SITIS'08, pginas 169-176. IEEE Computer Society Press, 2008.
C. Andrs, C. Molinero y M. Nez.
Combining Genetic Algorithms and Mutation Testing to

generate test sequences. En 10th Int. Conf. on Articial Neural Networks, IWANN'09,
C. Molinero, M. Nez y C. Andrs.
LNCS 5517, pginas 343-350, Springer, 2009.
A Hierarchical Methodology to Specify and simulate

complex computational Systems. En 9th Int. Conf. on Computational Science, ICCS'09,
LNCS 5544, pginas 347-356. Springer, 2009.
C. Andrs, C. Molinero y M. Nez.
A Formal Methodology to Specify Hierarchical AgentWeb-Based Information Technologies and Distributed Systems,
C. Molinero, C. Andrs, y M. Nez.
Based Systems.
En
pginas 93 - 114. World Scientic ISBN 978-9078677284, 2010.
Creating Adaptive Sequences with Genetic

Algorithms to Reach a Certain State in a Non-Deterministic FSM. En IEEE
Symposium on Articial Life, ALIFE'11 (to appear). IEEE Computer Society Press,
C. Molinero, M. Nez y R.M. Hierons.
2011.
Experimental Comparison of Dierent Techniques

to Generate Adaptive Sequences. En 11th Int. Conf. on Articial Neural Networks,
IWANN'11, pginas 404-411 Springer, 2011.
An islands model genetic algorithm to test non-
deterministic nite state machines, 2011.
C.
Planning of Work Schedules Through the Use of a Hierarchical Multi-Agent System. En la revista Automation in Construction, DOI:
Molinero
M.
Nez.
10.1016/j.autcon.2011.05.006, 2011.
2008 IEEE International Conference on Signal Image Technology and Internet Based Systems

Csar Andrs, Carlos Molinero, and Manuel Nez
Dept. Sistemas Informticos y Computacin
Facultad de Informtica
Universidad Complutense de Madrid, 28040 Madrid, Spain
e-mail: c.andres@fdi.ucm.es, molinero@fdi.ucm.es, mn@sip.ucm.es
Abstract
preferences of the corresponding user. In this line, the concept of utility function is very useful. Essentially, a utility
function returns a real number for each possible basket of
goods: The bigger this number is, the happier the owner
is with this basket. Intuitively, agents should appropriately
simulate the systems that they are representing by considering the utility function that would establish the expected
behavior (see e.g. [25, 7, 6, 14, 19, 12]). In fact, there exist several proposals showing how agents can be trained to
learn the preferences of users (see e.g. [2, 6, 26]). Besides, a
formal denition of the preferences of the user provides the
agent with some negotiation capacity when interacting with
other agents [13, 26, 17]. Let us remark that, in most cases,
utility functions take a very simple form. For instance, they
may indicate that an agent A is willing to exchange the item
a by the items b and c.
Even though there are general purpose formalisms to formally describe complex concurrent systems (such as process algebras [11, 21, 3] or Petri Nets [4, 5]) they are not
suitable to describe agents since these languages and notations do not provide specic operators to deal with the
inherent characteristics of agents. However, there has been
already several studies to formally describe the use of intelligent electronic agents that are nested into one another
(see, for example, [15, 16] for two approaches based on
Petri Nets and automata, [22, 23] for approaches based on
process algebras, and [24, 20] for approaches based on nite
state machines). Most of these approaches have been created in favor of comprehensibility. Therefore they facilitate
to derive and apprehend new properties.
Even though there are already several formal approaches
to describe the systems that we are interested in, our experience shows that there is a need for another viewpoint to
confront this problem. If we try to incorporate the base of
facts to a system, there will always be a lack of capacity
to implement every possible structure of the agent, every
different solution to the same problem, and every combination of small pieces that constitute a complex problem. This
is the reason why we think that there is a need for a new
In this paper we introduce a formal framework to specify agent-based systems where each agent is specialized in
a single task that will be fullled by making calls to other
simpler agents. In other words, we are interested in systems
that can perform a task by subdividing it in easier tasks
and by using the knowledge about each agent already introduced in the system. The idea is to prefabricate a basic
structure that can be reused by either changing the main
goal or by adding several different specialized agents.
The main characteristic of our methodology is that each
complex agent contains a schematic denition of other
agents. Each agent is thus able to retain and produce certain information, such as the time needed to accomplish a
certain task, taking into account a given set of agents and
resources. This allows to quickly produce information regarding the necessities in resources and derive the demands
to other subsystems.
In order to increase the applicability of our approach,
we have fully implemented a tool that allows us to graphically specify complex systems. In addition, the tool allows
us to simulate the behavior of the specied systems so that
some interesting properties, such as starvation and maximal
progress, can be studied.
1 Introduction
The representation and study of communities where intelligent (electronic) agents replace their (human) owners is
a topic that has attracted a lot of interest. In particular, there
is ongoing research in technologies able to model users by
means of agents which autonomously perform electronic
transactions (see [9] for a survey on the topic). In order
to increase the power of these agents they must know the
Research partially supported by the Spanish MEC project WEST/FAST (TIN2006-15578-C02-01) and the Marie Curie project TAROT
(MRTN-CT-2003-505121).
978-0-7695-3493-0/08 $25.00 2008 IEEE

DOI 10.1109/SITIS.2008.70
169
2 Preliminaries
framework to formally dene the class of systems previously described. We believe it is easier and more feasible to
incorporate bits of knowledge by having the system recomposing this information into complex tasks. This approach
simplies at least two aspects. First, it helps to ensure the
completion of the base of facts. Second, it allows to relocate
the different agents, due to its modularity, so that they can
be spread over a network to parallelize some of the tasks.
In this section we introduce some notation that will be

used throughout the rest of the paper.
Since users have different preferences, in order to properly design agents the rst step consists in expressing these
preferences. In order to extract preferences from users several mechanisms have been presented in the literature (see
e.g. [6, 8, 10]). In this paper, preferences in a given moment
will be given by a utility function. These functions associate a value (a utility measure) with each possible combination of resources a user could own. Alternatively, other
mechanisms such as preference relations could be used (see
e.g. [18] for conditions to transform one of the possibilities
into the other).
If we take a look in another direction, we would like to

assimilate the systems that we are interested in to a common places structure in which one is able to locate the rest
of the structure from higher order points. If we use the subway lines as a metaphor, we only need to know the location
of the different stations, but the exact location of that small
fruit shop that we are trying to reach is bounded to the location of the closest metro station. Once we arrive to that
particular metro station, we will check the neighborhood
map so that we can nd the shop; we do not need to know
in advance all the local maps associated with all the stations
of the network. This is how our system will work: Once we
have all the atomic agents, each time that a new complex
agent, embracing the knowledge of several atomic agents,
is created we will refer to this new agent when making subsequent calls to the system. In this line, we are able to forget
how atomic actions are performed because we have a higher
order element to which we can call upon. In any case, even
with a complex structure, atomic agents are still the ones
that execute real tasks. Using another metaphor we could
say that our systems are similar to economic structures in
which there exist intermediate agents that gives us the result
of the transformation of resources as a nal product. These
agents, in a hidden way, contract the prime manufacturers
that create these resource transformations.
Denition 1 Let IR+ = {x IR | x 0}. Vectors in IRn+

(for n 2) are usually denoted by x
, y, . . . The vector
0
denotes the tuple having all the components equal to zero.
Given x
IRn , xi denotes its i-th component. Let x, y
IRn+ . We write x
y if for all 1 i n we have xi yi .
If there exist n different kinds of resources then a utility

function is any function f : IRn IR+ .
Intuitively, f (x) > f (y) means that x is preferred to
y. For instance, if the resource x1 denotes the amount
of apples and x2 denotes the amount of oranges, then
f (x1 , x2 ) = 3x1 +2x2 means that, for example, the agent
is equally happy owning 6 apples or 9 oranges. Let us consider another agent whose utility function is f (x1 , x2 ) =
x1 + 2 x2 . Then, both agents can make a deal if the rst
one gives 3 oranges in exchange of 4 apples: After the exchange both are happier. Alternatively, if x2 represents the
amount of money in any currency (for example in dollars)
then the rst agent would be a customer while the second
one might be a vendor. A usual assumption is that no resource is a bad, that is, if the amount of a resource is increased, so does the value returned by the utility function.
Using a derivative expression, this property can be formally
1 ,...,xn )
0 for all x1 , . . . , xn IR and
expressed as f (xx
i
1 i n. This requirement does not constrain the expressive power of utility functions, as the existence of any
undesirable resource can be always expressed by considering a resource representing the absence of it.
During the rest of the paper we consider that agents use
messages to communicate among them. The next denition
introduces the different kinds of messages that can be sent.
Another point in favor of our approach is that it allows us

to have an unbounded growth (equivalently, subdivisions as
small as needed) either by adding systems in between existing ones or by assigning new atomic agents to the ones that
we had before. It is important to note that the way our systems are subdivided, in so called communication cellules,
facilitates their deployment in a distributed system in which
one can obtain a perspective of variable magnitude of the
global tasks. This holds as long as we keep the hierarchical
structure of the ensemble.
The rest of the paper is organized as follows. In Section 2
we introduce some auxiliary notation that will be used during the rest of the paper. In Section 3 we present the formalism to describe our systems. In Section 4 we briey present
our tool and give a small example to show its main features.
Finally, in Section 5 we present our conclusions and some
lines for future work.
Denition 2 We consider seven different types of messages

and we enumerate them as follows:
170
TYPE
1
2
3
4
5
6
7
CONTENT
Information
Negotiation
Proposal message
Acceptance message
Hiring message
Job started message
Job nished message
s0
transin
2
s1
transin
1
transin
3
Let ID be a set of agent identiers. A message is a tuple

(T, s, d, c, t, D, Z), where T is the type of message, s ID
is the agent source of the message, d ID {} is the
agent destination of the message ( represents a broadcast
message) c String represents the string of characters containing the message, t is the information regarding the time
that it takes an agent to perform a task, D is the information
of the necessary conditions to start the task and Z is the
transformation of resources function that the agent emitting
the message applies to its set of resources.
We denote by the empty message. We denote by M
the set of all messages.

sf
Figure 1. A generic agent.
Denition 3 We denote by A the agent domain; a1 , . . . , an

will be used to denote elements of A. We consider a set ID
containing all the agent identiers.
An
agent
is
a
tuple
(id, S, s0 , sf , R, V, Tex , Tin , ib, ob, ) where
3 Denition of the formalism
id ID is the agent identier.
In this section we present our formal language to specify complete systems as well as all the agents taking part in
them. The main idea consists in having a world that is composed of communication cellules. These components will
be interconnected in a hierarchical way, that is, the main
communication cellule will hold the main agent while each
of the next communication cellules will hold simpler agents.
This process is iterated until we reach the last level that will
hold only atomic agents.
We will make a distinction between generic agents, that
is, agents fullling a complex task (which will be done by
calling other agents) and atomic agents, which are basic
agents in charge of executing simple tasks. This distinction
is merely represented as a different set of variables taken
from the same general denition of an agent. Agents will
send messages using communication cellules. These cellules will forward these messages to other cellules that will
broadcast them to the agents under their control, until the
nal atomic agent is reached. Then, an atomic portion of
the global goal will be produced through the transformation
of resources that this atomic agent performs.
Each agent will have a different utility function, as dened in the previous section, depending on the utility that
each of the resources represent for the specic agent. This
function will take into account different combinations of resources to decide which task should be performed.
We will start by dening the simpler element in the system, the agents, and scale up in complexity to dene the
complete system.
S is the set of states.

s0 S is the initial state.
sf S is the nal or goal state.
R is the set of resources of the agent.
A valuation is a function : R IRm
+ , being |R| =
m, that returns the current value of each variable. We
denote by Val(R) the set of all valuations R. V
Val(R) is the initial valuation of the agent.
Tin S ID IR+ S (Val(R)) Val(R)
is the set of internal transitions. The set of external
transitions must fulll the following restrictions:
| Tin | 1.
If |Tin | = 1, that is Tin = {(s1 , id , t, s2 , D, Z)}
then id = id.
If | Tin | > 1 then for all (s1 , id , t, s2 , D, Z)
Tin we have id = id.
Tex M (M) (M) is the set of external
transitions.
ib, ob (M) are the input and output buffers, respectively. We will use them to receive incoming
messages (ib) and to send outgoing messages (br).
We can use the functions Choose : (M) M,
171
Remove : (M) M (M) and Concat :

M (M) (M), having the expected meaning,
to manage buffers.
Given a conguration M
=
(s, V, ib, ob)
and another one M
= (s , V , ib , ob ) belonging to a second agent, an external transition
(m, oborigin , ibdestination ) Tex will modify the
congurations to M = (s, V, ib, Remove(ob, m)) and

M = (s , V , Concat(m, ib ), ob ).
: Val(R) IR+ is the utility function of the agent.

Agents are grouped into communications cellules. These

structures are useful to organize, connect, and produce independent agents of different complexities. The need for
this kind of organization is clear if we take into account the
fact that when making a call to nd an agent that fullls
the considered activity, if they would be grouped into the
same structure, all agents, either atomic or complex, would
answer the request, forcing the new agent to consider too
many possibilities and therefore making the system unusable. The communication cellules allow to rst ask more
complex agents and then if none knows how to answer then
the request will go on to next level, having agents of a
greater simplicity.
Intuitively, an internal transition (s1 , id , t, s2 , D, Z)

Tin is a tuple where s1 is the initial state, s2 is the nal state, id identies the agent assuming the transition1 ,
t IR+ is the time2 consumed to perform the transition,
D Val(R) denotes a subset over the set of valuations
that denotes which valuations allow the transition to occur,
that is, the transition can be performed only if the current
valuation belongs to this set, and Z : Val(R) Val(R)
is the transformation of resources produced by this tranid ,t,D,Z
sition. We write s1 in s2 as a shorthand of

(s1 , id , t, s2 , D, Z) Tin .
External
transitions
are
tuples
(m, oborigin , ibdestination ) where m is the message
being transmitted containing all the necessary information,
oborigin is the output buffer of the agent/communication
cellule that originates the message and ibdestination is the
incoming buffer of the communication cellule/agent that
receives the message. Let us remember that a message
denotes a broadcast message, that is, a message that will be
transmitted to all agents belonging to the destination celm
ex ibdestination as a shorthand
lule. We write oborigin
of (m, oborigin , ibdestination ) Tex .
In Figure 1 we show a graphical representation of a
generic agent. Next, we introduce some auxiliary concepts
that will be useful to describe the evolution of agents.
Denition 5 A communication
(l, A, ib, ob), where
cellule
is
tuple
l IN denotes the level of the cellule: Higher levels

indicate more complex tasks.
A A is the set of agents associated with this cellule.
ib, ob (M) are the incoming and outgoing buffers,
respectively. We will use the functions introduced in
Denition 3 to manage them.
The set of all communication cellules is denoted by C.
Let us remark that when an agent is added to a cellule,

the incoming buffer of the agent is connected to the outgoing buffer of the cellule, while the outgoing buffer of
the agent is associated with the input buffer of the cellule.
This means that an agent does not send messages to another
agent; it sends them to the associated cellule. Similarly, an
agent receives messages only from the cellule to which it is
attached. A graphical representation of this can be seen in
Figure 2 where we can observe several agents connected to
the cellule C.
In the next denition we introduce the concept of world,
that is, a set of cellules interconnected in the appropriate
way.
Denition 4 An agent is called atomic if it is in charge

of executing a single task. Formally, we use a function
atomic : A Bool , such that for all a = agent we have
atomic(a) = ( | Tin | = 1).
In order to have the current state of an agent we specify
its conguration as an element belonging to S Val(R)
(M) (M). Congurations are modied through the
performance of either internal or external steps:
Internal step of the system:
Given a conguration M = (s, V, ib, ob), an internal
id ,t,D,Z
transition s1 in s2 will be triggered if D(V) and

will modify the conguration to (s2 , Z(V), ib, ob).
External step of the system:
Denition 6 We say that the tuple W = (CW , FW , SW )

is a world if CW C is a set of cellules, and FW , SW :
CW CW {} are two injective functions such that given
a cellule C we have that FW (C) (resp. SW (C)) returns the
father (resp. son) of C. If a cellule does not have a father
(resp. son) then the special symbol will be returned.
1 If id = id then we are considering an atomic agent that is itself in

charge of performing the transition
2 This value will be dened by default only for atomic agents since
complex agents will calculate the associated time from the information
collected from the contracts with other agents. In addition to consider the
sum of all the involved time values, we have to take into account the time
that it takes to perform communications among agents.
172
In order to have meaningful worlds, we suppose that

for all C, C CW we have FW (C) = C if and only if
SW (C ) = C. Moreover, we also assume that FW , through
transitivity, induces a total lineal order.

Let us remark that the previous conditions on worlds imply that we have a linear structure of cellules. In particular,
SW will also induce a linear order. Moreover, if our world
contains more than one cellule, we also have that there are
exactly two cellules C, C CW such that FW (C) = and
FS (C ) = . In Figure 3 we show a graphical representation of a world including three cellules.
transex
ia3 agent
3
agent1
4 The A\ tool
transex
oa3
transex
ia1
In this section we briey describe the A\ tool. In the

previous section we have presented a modular framework
that has the capability of expressing constraints, specications, agents, cellules, and resources. The A\ tool, facilitates the denition of systems so that a user of our methodology can abstract most of the mathematical technicalities
needed to dene a system/world. We illustrate the behavior
of the most relevant phases of the framework by following
an example from scratch.3 First we will show how we can
create a new world, assigning resources, agents, cellules,
etc. Second, we will see the communication among agents,
in order to obtain resources, subcontract other agents, etc.
Finally we will show how we achieve the proposed goal.
In order to start the simulation, a preliminary phase is
necessary to create the world, the cellules, and the agents.
We create the world called Complutense and inside it we
add three different Cellules (C1 , C2 , C3 ) with some agents
in them. In Figure 5 we can observe how A\ shows the
generated world as well as an agent of this world. The set
of agents that we have introduced in the system is dened
in Figure 4.
As we can observe in the table, agent15 is an atomic
agent because it is in the lower level of the cellules and,
according to the denition of level, this cellule can only
have atomics agents; an atomic actions only goes from sn
to sn+1 . The values that are in the fth column represent
the money and the time. Even though there are other resources involved in the system we have only represented
these two resources since they are the most relevant for our
example. Complutense represents a world where agents
can build houses. We have subdivided the task of building
in six states. In Figure 6 we give a description of each of
these states.
Once the world is created, we start with the second
phase. We generate the connections that are in charge of
buf f ers
transex
oa1
transex
ia2
agent2
transex
oa2
Figure 2. Communication cellule.
transex
12
C1
transex
23
C2
transex
21
C3
transex
32
Figure 3. World.
3 Even though this is a toy example, so that we can concentrate on the

main features of the tool, we have already tested our tool with some more
complex examples. However, as we indicate in the last section of the paper,
we still need to use our tool to specify a real system.
173
NAME
LEVEL
INITIAL
RESOURCES
GOAL
agent1
agent2
1
1
s1
s1
(410, 290)
(370, 340)
s6
s6
agent3
agent4
agent5
agent6
agent7
agent8
agent9
agent10
2
2
2
2
2
2
2
2
s1
s1
s1
s2
s2
s2
s3
s4
(175, 151)
(220, 241)
(312, 287)
(149, 150)
(224, 159)
(220, 176)
(231, 148)
(149, 101)
s3
s4
s5
s4
s5
s6
s6
s6
agent11
agent12
agent13
agent14
agent15
3
3
3
3
3
s1
s2
s3
s4
s5
(70, 100)
(75, 50)
(72, 68)
(72, 35)
(72, 43)
s2
s3
s4
s5
s6
Figure 7. Phase 2 in A\
Figure 4. Agents in the world.

telling the agent that it has reached a certain state or to allow the agent to move to a new state (and, subsequently,
call the next agent to perform the new task). We try to let it
solve a certain task. This phase is presented in Figure 7.
First agent1 and agent2 send a message. Both of them
need to move from state 1 to state 6, but agent1 owns more
money than agent2 while it has less time to reach its goal.
So, we expect that agent1 will nd a faster, although more
expensive, way to proceed than agent2 .
We will show the decision that agent1 takes in order to
obtain a faster path. The agent2 follows a similar process to
agent1 . The rst message from agent1 has type=1, that is,
information, and it is a broadcast message to another communication cellule. This message is used to look for all
agents in that cellule that have the same nal state. This
rst message is sent from C1 to C2 .
The agents agent8 , agent9 and agent10 obtain their goal
when they reach state s6 . All of them answer to the previous
message by sending information concerning their amounts
of resources. After receiving the answers, agent1 starts
building a tree in order to decide the best path to the goal.
Now agent1 asks, by sending a broadcast message to C2 ,
which agents have as goal state s2 , s3 and s4 . These messages ow through C2 . We have that agent4 , agent6 , and
agent3 will answer with messages sending s1 , s1 and s2 .
Respectively because the initial state of agent1 is s1 , it only
has to obtain one possible way for s2 .
In the nal step of this phase agent1 sends to C2 a message asking for agents whose goal is s2 . No agents will
answer to it. The A\ tool has a timeout module which
sends an internal transition for agent1 denoting that nobody
is going to answer this last message. When this timeout is
sent, agent1 starts to decide which path it prefers to follow
according to its utility function.
In phase 3 we have the situation described in Figure 8.
s1
s1
s2
s3
s4
s5
s6
t12
s2
t23
s3
t34
s4
t45
s5
t56
s6
:money.
:money+land.
:money+land+plan.
:money+land+plan+construction materials.
:money+land+plan+construction materials+worker.
:money+land+plan+construction materials+worker+house.
Figure 6. Global task.
174
First, agent1 has all the possible paths to achieve its goal
already displayed in front of him. By applying its utility
function, as an example = 3 money + 1/time which
will give for path agent3 +agent9 a value of 1218.00 and for
the other path (agent4 +agent10 ) a value of 1107.00, therefore this agent decides that the best way is to step through
s3 . So, it calls agent3 to start its internal processes. Then,
agent3 will then restart the whole process until it nally
calls agent11 which is an atomic agent. Therefore, it will
start to transform the resources by taking part of the money
(in s1 ) and transforming it into land (reaching s2 ).
one hand, there is a lot of room to continue the theoretical

study. In particular, we can exploit the trace relation between agents so that we can dene a conformance relation
to determine whether a real system correctly implements
one of our worlds. On the other hand, more practical, we
have used our tool only with small/medium size examples.
We are working on the complete denition of a real system
by using our tool. Specically, we are considering [1] as a
non-trivial system to be described in our tool.
5 Conclusions and future work

In this paper we have presented a formalism to represent
complex hierarchical systems where tasks can be distributed
and/or subcontracted among agents. We are aware that our
formalism is difcult to use since there are a lot of mathematical machinery underlying the denition of our systems.
Thus, we have decided to build a tool that fully implements
our methodology. In this way, a user of our methodology
does not need to pay attention to the formal details and can
concentrate on dening the appropriate hierarchical structure.
There are at least two lines for future work. On the
175
References
[18] A. Mas-Colell, M. Whinston, and J. Green. Microeconomic

Theory. Oxford University Press, 1995.
[19] M. McGeachie and J. Doyle. Utility functions for ceteris
paribus preferences. In AAAI Workshop on Preferences in AI
and CP: Symbolic Approaches, pages 3338. AAAI Press,
2002.
[20] M. Merayo, M. Nez, and I. Rodrguez. Formal specication of multi-agent systems by using EUSMs. In 2nd IPM
Int. Symposium on Fundamentals of Software Engineering,
FSEN07, LNCS 4767, pages 318333. Springer, 2007.
[21] R. Milner. Communication and Concurrency. Prentice Hall,
1989.
[22] M. Nez and I. Rodrguez. PAMR: A process algebra for
the management of resources in concurrent systems. In
21st IFIP WG 6.1 Int. Conf. on Formal Techniques for Networked and Distributed Systems, FORTE01, pages 169
185. Kluwer Academic Publishers, 2001.
[23] M. Nez, I. Rodrguez, and F. Rubio. Formal specication of multi-agent e-barter systems. Science of Computer
Programming, 57(2):187216, 2005.
[24] M. Nez, I. Rodrguez, and F. Rubio. Specication and
testing of autonomous agents in e-commerce systems. Software Testing, Verication and Reliability, 15(4):211233,
2005.
[25] L. Rasmusson and S. Janson. Agents, self-interest and
electronic markets. The Knowledge Engineering Review,
14(2):143150, 1999.
[26] T. Sandholm. Agents in electronic commerce: Component technologies for automated negotiation and coalition
formation. In 2nd Int. Workshop on Cooperative Information Agents, CIA98, LNCS 1435, pages 113134. Springer,
1998.
[1] C. Andrs, M. Merayo, and M. Nez. Formal development

of a complex information system. In 3rd Int. Conf. on Systems, ICONS08, pages 118123. IEEE Computer Society
Press, 2008.
[2] F. Bacchus and A. Grove. Graphical models for preference
and utility. In Uncertainty in Articial Intelligence, UAI95,
pages 310. Morgan Kaufmann, 1995.
[3] J. Bergstra, A. Ponse, and S. Smolka, editors. Handbook of
Process Algebra. North Holland, 2001.
[4] W. Brauer, W. Reisig, and G. Rozenberg, editors. Petri
Nets I: Central Models and Their Properties. LNCS 254.
Springer, 1987.
[5] W. Brauer, W. Reisig, and G. Rozenberg, editors. Petri Nets
II: Applications and Relationships to Other Models of Concurrency. LNCS 255. Springer, 1987.
[6] M. Dastani, N. Jacobs, C. Jonker, and J. Treur. Modelling
user preferences and mediating agents in electronic commerce. In Agent Mediated Electronic Commerce, The European AgentLink Perspective, LNCS 1991, pages 163193.
Springer, 2001.
[7] T. Eymann. Markets without makers - a framework for decentralized economic coordination in multiagent systems.
In 2nd Int. Workshop on ELectronic COMmerce, WELCOM01, LNCS 2232, pages 6374. Springer, 2001.
[8] B. Geisler, V. Ha, and P. Haddawy. Modeling user preferences via theory renement. In 5th Int. Conf. on Intelligent
User Interfaces, IUI01, pages 8790. ACM Press, 2001.
[9] R. Guttman, A. Moukas, and P. Maes. Agent-mediated electronic commerce: A survey. The Knowledge Engineering
Review, 13(2):147159, 1998.
[10] V. Ha and P. Haddawy. Similarity of personal preferences:
Theoretical foundations and empirical analysis. Articial
Intelligence, 146(2):149173, 2003.
[11] C. Hoare. Communicating Sequential Processes. Prentice
Hall, 1985.
[12] J. Keppens and Q. Shen. A calculus of partially ordered
preferences for compositional modelling and conguration.
In AAAI Workshop on Preferences in AI and CP: Symbolic
Approaches, pages 3946. AAAI Press, 2002.
[13] S. Kraus. Negotiation and cooperation in multi-agent systems. Articial Intelligence, 94(1-2):7998, 1997.
[14] J. Lang, L. v. Torre, and E. Weydert. Utilitarian desires. Autonomous Agents and Multi-Agent Systems, 5(3):329363,
2002.
[15] I. Lomazova. Communities of interacting automata for modelling distributed systems with dynamic structure. Fundamenta Informaticae, 60(1-4):225235, 2004.
[16] I. Lomazova. Nested Petri Nets for adaptive process modeling. In Pillars of Computer Science, Essays Dedicated to
Boris Trakhtenbrot on the Occasion of His 85th Birthday,
LNCS 4800, pages 460474. Springer, 2008.
[17] A. Lomuscio, M. Wooldridge, and N. Jennings. A classication scheme for negotiation in electronic commerce.
In Agent Mediated Electronic Commerce, The European
AgentLink Perspective, LNCS 1991, pages 1933. Springer,
2001.
176
Combining Genetic Algorithms and Mutation Testing to

Generate Test Sequences
Carlos Molinero, Manuel Nez, and Csar Andrs
Dept. Sistemas Informticos y Computacin
molinero@fdi.ucm.es, mn@sip.ucm.es, c.andres@fdi.ucm.es
Abstract. The goal of this paper is to provide a method to generate efcient and
short test suites for Finite State Machines (FSMs) by means of combining Genetic
Algorithms (GAs) techniques and mutation testing. In our framework, mutation
testing is used in various ways. First, we use it to produce (faulty) systems for the
GAs to learn. Second, it is used to sort the intermediate tests with respect to the
number of mutants killed. Finally, it is used to measure the tness of our tests,
therefore allowing to reduce redundancy. We present an experiment to show how
our approach outperforms other approaches.
1 Introduction
Software testing is an expensive and time consuming task. If a formal approach is used,
tests are derived from a specication. For derived test sets to be complete, the tester
needs to assume a given set of assumptions and hypotheses, allowing to reduce the
space of the possible implementations. Our intention is to combine GAs and mutation
testing to create a new approach capable of deriving a test suite that, with a short amount
of execution time, nds the 95% of the faulty implementations. We call our methodology GAMuT (Genetic Algorithm and MUtation Testing) and it is composed of 3 main
phases: Learning through evolution, learning through specialization, selection and reduction of the test cases.
GAs have shown to have a good performance in search and optimization problems.
There exists a number of papers where GAs are used in testing (e.g.[4,5,2]). They usually represent the test data generation problem as an optimization problem and heuristics are used to generate test cases. Mutation Testing has been widely used for checking
the performance in test suites, by measuring its capability to kill mutants, for details into
applications developed through mutation testing see [3,8] for some formal approaches
and [1] for a critical discussion on its use. We propose to use mutation as a way to
provide the GA with enough learning examples in an automated way, by modifying
the specication and subsequently creating simulations of faulty implementations. We
compile several populations into a community. Therefore, each community has several
populations, with several inhabitants each, and each individual has a DNA that directly
Research supported by the Spanish projects WEST (TIN2006-15578-C02-01) and MATES

(CCG08-UCM/TIC-4124).
J. Cabestany et al. (Eds.): IWANN 2009, Part I, LNCS 5517, pp. 343350, 2009.
c Springer-Verlag Berlin Heidelberg 2009
344
C. Molinero, M. Nez, and C. Andrs
represents a test sequence, that is, a chain of inputs that will be applied to the implementation under test (in short, IUT). In our methodology, mutation testing is used in three
ways. In the rst phase of GAMuT, called learning through evolution, the community
is presented with a set of mutants. In our approach we use 100 IUTs and each of the
populations is confronted with all the IUTs. The tness function is a heuristic based on
the percentage of mutants killed. The second phase of GAMuT, learning through specialization, also uses mutants but in a different way. In this case, each population inside
the community (after having evolved to kill the biggest number of mutants) is given one
IUT, mutated from the specication, and each population evolves to try and minimize
the length of the sequence needed to nd the error inside that mutant. Finally, we select
the ttest individual from each population (from both phases) and create a set of tests,
which we confront with the nal and biggest set of mutants (500 in our methodology),
to be able to nd the number of mutants killed by each of the selected individuals. Then,
as the last step, we make a subdivision with the smaller set of tests that kills the highest
number of mutants.
The rest of the paper is organized as follows, in Section 2 we present the language
used to dene specications, the mutation operators, and dene the operations and objects of GA. In Section 3 we give a schema of the different phases of our methodology.
In Section 4 we present experiments and the results of the comparisons of our technique
with random testing. Finally, in section 5 we give our conclusions and some ideas for
further development.
2 Preliminaries
We introduce hereby some general notions, about Finite State Machines, and about our
GA. Specications and its mutants are given by means of nite state machines.
Denition 1. A Finite State Machine, in short FSM, is a tuple M = (S, I, O, T r, s0 )
where S is a nite set of states, I is the set of input actions, O is the set of output
actions, T r is the set of transitions, and s0 is the initial state. We say that M is inputenabled if for all state s S and input i I, there exist s S and o O such that
(s, s , i, o) T r. We say that M is deterministic if for all s S and i I there do not

exist two different transitions (s, s1 , i, o1 ), (s, s2 , i, o2 ) T r.
A transition belonging to T r is a tuple (s, s , i, o) where s, s S are the initial and
nal states of the transition, and i I and o O are the input and output actions,
respectively. Intuitively, a transition (s, s , i, o) of a FSM indicates that if the machine
is in state s and receives the input i, then the machine emits the output o and moves
to s . Along the rest of this paper we assume that all the machines are input-enabled
and deterministic. The rst restriction, as usual, is needed to ensure that implementations will react to any input provided to them. The second limitation is not vital to our
approach, although it simplies the implementation of the algorithm.
Next we dene two mutation operators: One will modify the output of a certain
transition and the other will modify the state at which the transition arrives.
Denition 2. Let M = (S, I, O, T r, s0 ) be a FSM. The application of the operator
moper1 to M produces a mutant by choosing a transition tr = (s, s , i, o) T R and
Combining Genetic Algorithms and Mutation Testing to Generate Test Sequences
345
an output o = o, and by returning the FSM M = (S, I, O, T r , s0 ) such that T r =

T r\{tr}{tr }, where tr = (s, s , i, o ). The application of the operator moper2 to M
produces a mutant by choosing a transition tr = (s, s , i, o) T R and a state s = s,
and by returning the FSM M = (S, I, O, T r , s0 ) such that T r = T r\{tr} {tr },
where tr = (s, s , i, o).

A usual problem in mutation testing is that the application of mutation operators may
produce an equivalent mutant, that is, a mutant equivalent to the specication. Therefore, when applying mutation testing it is normal that tests do not kill all the mutants
since some of them (the equivalent ones) are not even supposed to be killed.
GAs are an AI technique that uses metaphors of mechanisms present in nature for
organism to develop, adapt and reproduce, to try to survive in the system in which
they act and live. Its main operators are mutation, reproduction (genetic crossing) and
selection of the ttest individuals. GAs are a good method to use with black-box testing
since if we do not have any information regarding the internal structure of the IUT,
then the testing problem can be expressed as a search problem, guided by a heuristic.
In our case, the search space is the set of all possible implementations that may have
mutated from the given specication. GAs can adapt themselves to nd this optimum,
as long as the tness function is correctly dened. Let us note that if we were to leave a
genetic algorithm running indenitely, the whole population will converge to the same
inhabitant, that would be the one that maximizes the tness function.
3 Description of GAMuT
Next we describe our GA. Since we do not want to nd a single solution and for the
sake of genetic diversity, we have added another component to usual GAs: A community
holds several populations, having in turn several inhabitants. We do not allow genetic
crossing between populations. This can be seen as a parallelism to what is sometimes
called in the literature species. An inhabitant of a specic population has a DNA sequence that is formed by genes, that codies the test to be applied. The value that each
gene can take is any input i I. The DNA sequence can be modied through mutation
and recombination, that is, by mating of two inhabitants. In addition, it can also mutate
the length of its sequence. The community holds the specication that we are trying to
check as well as a set of examples of mutated specications that we will call exIUT , and
each population holds a mutated IUT specic for it, used in the specialization phase.
In order to initiate our algorithm, all genes are randomly initialized, so that a random
number of gens is available for each possible DNA. The size of the population, the
number of populations, and the tness function are decisions to be made by the tester,
that has to take into account the number of states of the machine. An example of tness
function used in GAMuT is shown in Section 4. The search nished by two means,
one will be to reach the maximum number of generations specied for the GA, the
other is that the test sequences are able to detect a specic percentage of the faulty
IUTs. We count with two mutation operators for DNA: To change the value of one
or more gens and to modify the length of the DNA sequence. DNAs can be modied
also by combining them with the DNA of another inhabitant through mating. In our
approach we have used a single point crossover, with random position for the division.
346
As usual, we will use elitism as a way to control that only the best solutions actually get
to mate and reproduce. We will use the roulette wheel selection technique that allows
to choose the inhabitants in a proportional scale to its tness. In our case, we also add
after reproduction the original set of elected best inhabitants from the population, not
to loose solutions. In order to decide who are the best, we nd the top/lowest tness
scores, and we take a percentage of the top to be chosen as the best.
Our algorithm is divided into several phases that are graphically represented in
Figure 1. These phases are:
Fig. 1. Scheme of our approach
347
1. Generation. First, the community is generated. A specied number of populations

are stored into the community. Second, inhabitants for each population are introduced into the different populations. Each inhabitant holds in its DNA a sequence
of inputs that could be applied as a test. Third, the specication is introduced and a
set of mutants is generated by applying the two mutation operators.
2. Evolution. In the evolution phase each inhabitant tries to kill mutants from a reduced set of candidates. The tness function is as simple as the percentage of
mutants killed from the set. These populations evolve as every other GA during
a number of generations, to try and nd a solution. The best individuals of each
population are selected and saved for further use.
3. Specialization. In this phase the already evolved population is modied by inserting
one specic faulty IUT into each of the populations, and making the GA try to nd
suitable individuals that will nd the mistake present in the mutation. In this case
the tness function is thought to nd one mistake in the IUT with the shortest DNA
sequence. The individuals with the shortest test sequence while detecting the fault
in the IUt of each population are selected and saved for further use.
4. Selection. We sort the inhabitants generated after the previous phases to get the ones
that kill more mutants (trying to shorten the overall testing sequence length). More
precisely, we initially select the ones that are needed to kill the mutants that did not
die when applying the rst test, and we repeat the process. Thus, by eliminating
redundant tests we have to nd a tradeoff between killing the highest number of
mutants and getting the shortest sequence. In our framework, we eliminate every
test that kills less than 1% of the mutants.
4 Application of GAMuT: Results and Comparisons

We have developed a tool to implement our methodology. We have used Java Technology (JDK 1.6) and the Netbeans software, and made usage of the MVC architecture
to enable ease of maintenance, and use session facade, singleton and light-weight design patterns. FSMs are implemented as a set of adjacency matrices, one for each input;
instead of having 1 to denote that a connection exists, the corresponding output is specied. The singleton community class holds the objects that must be available at all times.
There is a class for each GA object, 3 heuristics that implement a common interface and
a couple of auxiliary classes, like matrix and errors.
We have worked with a specication having 50 states. The corresponding FSM has
been randomly generated to avoid that its specic structure produces any bias in the
application of our methodology. Our set of inputs is I = {a, b} and the set of outputs
is O = {1, 2}, but bigger sets could be considered without affecting the results. From
the specication we derive 500 mutants, from which 100 are chosen as the learning set.
The used specication in the experiment reported in this paper is shown in Figure 2.
The number of populations in the community is 30.The size of each population is of 50
inhabitants. The maximal number of generations allowed for the phase of evolution is
200. The maximal number of generations for specialization is set to 200.
DNA are sequences < i1 ij . . . in > of inputs. We mutate the length of the DNA
sequence in a 33% of the cases, randomly deciding whether to enlarge or to shorten it.
348
Fig. 2. Example of specication
We mutate the value of various genes simultaneously, being the number of mutations
randomly chosen, but proportionally to the inverse of its tness function, that is, n =
random[1,ng /3]
, being n the number of genes modied, ng the total number of genes,
f
and f the value given by the tness function.
There are two tness functions: One for the evolution phase and another one for the
specialization phase.
| 100
is the percentage of mutant imple1. Fitness for evolution: f = | mutantskilled
| mutants |
mentations, for which an inhabitant nds an error.
2. Fitness for specialization: f = e l , where e is equal to 1 if an error is found,
and l is the length of the genetic sequence starting to count from the point where
the error is found; otherwise, starting to count from the beginning of the sequence,
and 0 1 is its weight. This heuristic tries to approximately nd the shortest
test sequence that detects an error in the IUT that we are checking.
Mating is done through selection with the roulette wheel selection technique and it
uses a single point crossover for DNA reconversion.
In order to check convergence in the evolution step, we take into account the ttest
individuals from each population, and consider them as a test suite, that is applied to
the number of learning IUTs. If the total number of killed mutants is over 85%, then we
allow the program to continue towards its next step. For the specialization phase we set
nding 75% of the errors as a good number to stop the algorithm and go to the selection
process. This number does not represent the mutants that the set will kill, but how many
of the test found an error in a specic IUT. Obviously, these values can be modied
to nd tter tests, but our experience shows that these limits behave good enough. If
convergence is not reached before the total number of generations allowed, then the
system stops the process and continue with its next step.
In order to compare our methodology we have implemented a random testing tool.
Random testing is a technique argued to be as valid as any other testing technique (see
[7,9,6]). As we can see in Figure 3, the test suite resulting after selection is the shortest
one and detects up to 94.6% of mutants as faulty. Compared to the randomly generated
test suite, it outperforms it both by number of mutants killed and by having a shorter
test sequence. Even though to produce our test suite takes more time than a random
generation, the extra performance of our approach to nd errors, even though not very
349
Fig. 3. Killed mutants/length of test sequence
signicant, is worth the additional computations. Actually, the time spent in testing is a
valuable asset. Thus, we have to minimize the number of applied tests (in other words,
the length of the test suite) even if we have to make additional off-line computations, that
are very cheap when compared to the cost of testing. Actually, in order to test a system
we usually have to stop it. Thus, the more time the system is halted, the most expensive
the testing process is, since the system cannot be producing what it is supposed to
produce. In the case of the evolution and specialization test suites, they are between 1%
and 2% below in test coverage (i.e. in proportion of killed mutants) because we have
chosen the best tests of both test suites, and they are a lot longer to apply due to their
high redundancy on the kind of errors found. This is even so if we eliminate, from the
selected tests, those that kill under 1% of the mutants, because the time to apply those
tests, compared to the benets of the number of mutants detected, makes it not worthy
to retain them in the nal test suite.
5 Conclusions and Future Work

The results after experimentation with the implementation of GAMuT have led us to
claim that the existence of these different phases is crucial. GAMuT combines the evolution as a massive learning process (thanks to mutation testing techniques), in which
we try to reach a maximum, and a more local search, specialization, that creates elements in a more sophisticated way by creating a variety of viewpoints, seen as genetic
diversity, that confronts the same problem. It is also important to remark the order in
350
which the phases are applied, because this modies the starting point of the population
for the second GA step (specialization), making it a good starting point to be able to
locate an optimum. Furthermore, selection is crucial as well because we need to get rid
of the redundancy that the overlapping solutions offers, a normal consequence of the
stochastic transformations.
We believe that this approach is feasible and since it tends to create a close-tocomplete set of tests, with a short amount of testing time, it is suitable for its application
on a number of systems, once it is developed for other languages. Due to this fact, one
line of future work will be to study how to codify more languages into the DNA sequences and any derivation that will cause this on the rest of the elements of the system,
like the mutation operators and the tness functions.
Another idea for future development is to provide the GA algorithm with memory
for its inhabitants. Then, they could foresee the best mutation rates and the ones that are
leading them to a better heuristic value, maybe through the use of a neural network or
simply by probabilistic methods. In this way we can reach convergence faster.
Acknowledgements. We would like to thank the anonymous reviewers of this paper for
the careful reading and their suggestions.
References
1. Andrews, J.H., Briand, L.C., Labiche, Y.: Is mutation an appropriate tool for testing experiments. In: 27th Int. Conf. on Software Engineering, ICSE 2005, pp. 402411. ACM Press,
New York (2005)
2. Derderian, K., Hierons, R.M., Harman, M., Guo, Q.: Automated Unique Input Output sequence generation for conformance testing of FSMs. Computer Journal 49(3), 331344 (2006)
3. Fabbri, S.C.P.F., Delamaro, M.E., Maldonado, J.C., Masiero, P.C.: Mutation analysis testing
for nite state machines. In: 5th IEEE Int. Symposium on Software Reliability Engineering,
ISSRE 1994, pp. 220229. IEEE Computer Society Press, Los Alamitos (1994)
4. Fatiregun, D., Harman, M., Hierons, R.M.: Evolving transformation sequences using genetic
algorithms. In: 4th IEEE Int. Workshop on Source Code Analysis and Manipulation, SCAM
2004, pp. 6574. IEEE Computer Society Press, Los Alamitos (2004)
5. Guo, Q., Hierons, R.M., Harman, M., Derderian, K.: Computing unique input/ouput sequences
using genetic algorithms. In: Petrenko, A., Ulrich, A. (eds.) FATES 2003. LNCS, vol. 2931,
pp. 169184. Springer, Heidelberg (2004)
6. Hamlet, D.: When only random testing will do. In: 1st International Workshop on Random
Testing, pp. 19. ACM Press, New York (2006)
7. Hamlet, R.: Random testing. In: Marciniak, J. (ed.) Encyclopedia of Software Engineering,
pp. 970978. Wiley, Chichester (1994)
8. Sugeta, T., Maldonado, J.C., Wong, W.E.: Mutation testing applied to validate SDL specications. In: Groz, R., Hierons, R.M. (eds.) TestCom 2004. LNCS, vol. 2978, pp. 193208.
Springer, Heidelberg (2004)
9. Zhu, H., Hall, P.A.V., May, J.H.R.: Software unit test coverage and adequacy. ACM Computing Surverys 29(4), 366427 (1997)
A Hierarchical Methodology to Specify and Simulate

Complex Computational Systems
Csar Andrs, Carlos Molinero, and Manuel Nez
Dept. Sistemas Informticos y Computacin.
Universidad Complutense de Madrid, Spain
{c.andres,molinero}@fdi.ucm.es, mn@sip.ucm.es
Abstract. We introduce a novel methodology to formally specify complex multiagent systems. Our approach allows us to redene computational problems in
terms of agents that perform certain tasks. In our view, a system is formed by the
combination of atomic and complex agents. Atomic agents are in charge of executing atomic tasks while complex agents reunite and summarize the properties
of their underlying atomic agents. Basically, our approach consists in specifying the smaller parts of the problem as atomic agents. Each atomic agent is in
charge of executing a small transformation of resources. Afterwards, the system
will recombine them to form complex agents that will embrace the knowledge
of several atomic agents. All agents are located on a superstructure of communication cellules created to record the hierarchy of the tasks. In order to provide a
useful framework, we have developed a tool that fully implements all the stages
of the methodology.
1 Introduction
Computational science embraces the concept of aiding the development of other studies
in different elds through the use of new computational means. Therefore it has to create
open systems that can be applied to a great extent of problems. In addition, it is relevant
to take into account that the people to which computational science is directed are not,
in general, computer scientists. Therefore, its easiness of use is a must. In this paper we
report on a formalism that allows to solve complex problems through the use of agents.
We propose a method to factorize the problem, being the rst step to break down the
problem into the smaller parts possible and assign an agent to each of those tasks. Then,
the produced system allows to make petitions that will create other agents that, through
recombination, are able to condense the information of several agents, so that they can
solve a complex situation.
This paper extends and enhances our previous work presented in [1]. We have simplied some of the notations, so that the resulting formalism is much easier to use.
Although we have simplied our approach, the expressive power of the framework
remains the same, being able to solve the same problems that we confronted in [1].
Even though there are general purpose formalisms to formally describe complex
concurrent systems (such as Process Algebras and Petri Nets) they are not suitable to
Research supported by the Spanish MEC project WEST/FAST (TIN2006-15578-C02-01).
G. Allen et al. (Eds.): ICCS 2009, Part I, LNCS 5544, pp. 347356, 2009.
c Springer-Verlag Berlin Heidelberg 2009
348
C. Andrs, C. Molinero, and M. Nez
describe agents since these languages and notations do not provide specic operators
to deal with the inherent characteristics of agents. However, there has been already several studies to formally describe the use of intelligent electronic agents that are nested
into one another (see, for example, [2,3] for two approaches based on Petri Nets and
automata, [4,5] for approaches based on process algebras, and [6,7] for approaches
based on nite state machines). Most of these approaches have been created in favor
of comprehensibility. Therefore they facilitate to derive and apprehend new properties.
However, due to its complexity, these formalisms are not supported by suitable userfriendly tools. Thus, the specication of a system is a task that cannot be carried out by
somebody that is not a real specialist in formal methods.
Our approach is able to assimilate the systems that we are interested in to a common
places structure in which one is able to locate the rest of the structure from higher order
points. If we use the subway lines as a metaphor, we only need to know the location of
the different stations, but the exact location of that small fruit shop that we are trying
to reach is bounded to the location of the closest metro station. Once we arrive to that
particular metro station, we will check the neighborhood map so that we can nd the
shop; we do not need to know in advance all the local maps associated with all the
stations of the network. This is how our systems will work: Once we have all the atomic
agents, each time that a new complex agent, embracing the knowledge of several atomic
agents, is created we will refer to this new agent when making subsequent calls to the
system. In this line, we are able to forget how atomic actions are performed because
we have a higher order element to which we can call upon. In any case, even with a
complex structure, atomic agents are still the ones that execute real tasks.
Using another metaphor we could say that our approach produces systems that are
similar to economic structures in which there exist intermediate agents that gives us the
result of the transformation of resources as a nal product. These agents, in a hidden
way, contract the prime manufacturers that create these resource transformations. Another point in favor of our approach is that it allows us to have an unbounded growth
(equivalently, subdivisions as small as needed) either by adding agents in between existing ones or by assigning new atomic agents to the system that we had before. It is
important to note that the way our systems are subdivided, in so called communication
cellules, facilitates their deployment in a distributed system in which one can obtain a
perspective of variable magnitude of the global tasks. This holds as long as we keep the
hierarchical structure of the ensemble.
The rest of the paper is organized as follows. In Section 2 we introduce some auxiliary notation. Section 3 represents the bulk of the paper. There we dene the syntax of
the proposed formalism, giving a running example of a system implemented with our
tool. In Section 4 we briey describe the technical details of the architecture of the tool
developed to specify the systems. Finally in Section 5 we present our conclusions.
2 Preliminaries
In this section we introduce some notation that will be used throughout the rest of the
paper. First, since users have different preferences, in order to properly design agents the
rst step consists in expressing these preferences. In order to extract preferences from
349
users several mechanisms have been presented in the literature (see [8,9,10]). In this
paper, preferences in a given moment will be given by a utility function. These functions
associate a value (a utility measure) with each possible combination of resources a user
could own. Alternatively, other mechanisms such as preference relations could be used
(see e.g. [11] for conditions to transform one of the possibilities into the other).
In order to manage resources we will denote them as elements of a vector x
. We
consider a special resource to record the performance of the system. The time that it
takes to complete the tasks of the system will also be considered as another resource. A
vector of resources is a vector of real numbers in which each number denotes the total
amount of a specic resource. Along this paper we consider that n is the number of
resources of the system.
Denition 1. Let x
IRn be a vector. We have that xi represents the i-th component
of x
. Let x
, y IRn be two vectors. We write x
+ y to denote the addition of x and y.
We say that q is the addition of x
and y if 1 i n we have qi = xi + yi .
n
We denote by 0 IR the vector having all the value components equal to zero. We
write x y if for all 1 i n we have xi yi .
A utility function is dened as any function f u : IRn IR. We denote the set of all
utility functions by F .

Intuitively, given a utility function f u , We say that f u (
x) > f u (
y ) means that x is
preferred to y. For instance, if we have x = (x1 , x2 ) representing the rst element of
the resource vector the number of apples and the second element the number of oranges, f u (
x) = 3 x1 + 2 x2 , means that, for example, the agent is equally happy
owning 6 apples or 9 oranges. Let us consider another agent whose utility function is
x) = 1 x1 + 2 x2 . Then, both agents can make a deal if the rst one gives 3
f u (
oranges in exchange of 4 apples: After the exchange both are happier. Alternatively, if
x2 represents the amount of money instead of oranges then the rst agent would be a
customer while the second one might be a vendor. Utility functions allow a great exx) = x1 x2 denotes that variety is preferred.
pressivity in preferences. For instance, f u (
A usual assumption is that no resource is a bad, that is, if the amount of a resource is increased, so does the value returned by the utility function. Using a derivative expression,
u
1 ,...,xn )
0 for all x1 , . . . , xn IR
this property can be formally expressed as f (xx
i
and 1 i n. This requirement does not constrain the expressive power of utility functions, as the existence of any undesirable resource can be always expressed by
considering a resource representing the absence of it.
Next we introduce a collection of identiers to be able to univocally identify cellules, agents and paths in the system. In the next section, we will formally dene these
concepts.
Denition 2. Let w be a system (see Denition 8). The set of all possible systems is
represented by W. We denote by IDC the set of cellule identiers that are assigned
uniquely to each of the cellules. The function newIdCellule : W IDC returns an
unused identier for the world w. We use a special identier nill IDC to denote an
empty cellule. We denote by IDA the set of agent identiers that are assigned uniquely
to each of the agents belonging to the system. The function newIdAgent : W IDA
returns an unused identier for an agent. We denote by IDP the set of path identiers,
350
that are assigned uniquely to each of the paths. The function newIdPath : W IDP
returns a fresh identier for a path.

3 Denition of the Formalism

In this section we present our formal language to specify complete systems as well as
all the agents taking part in them. The basic notion to dene the behaviour of agents is a
transition, that is, a transformation of resources carried out by a specic agent. Atomic
and complex agents will both hold transitions as a way to accomplish tasks, but only
atomic agents will actually perform the transformation of resources. A transformation
of resources is represented by a tuple z IRn . Intuitively, a positive component of
the tuple xi unit of the i-th resource while a negative component xj denotes that the
transition consumes xj units of the j-th resource.
Denition 3. A transition of the system is represented by the tuple (
z , idp ) where z
n
P
IR is the transformation of resources and idp ID identies the path that is in charge
of executing the transition. The set of all transitions is denoted by TR.

A path is a sequence of transitions. It is conformed of transitions, in a specic order,
through concatenation. Paths allow to specify the situation where a complex agent has
to execute several consecutive tasks.
Denition 4. A path is a sequence of transitions. If tr1 , . . . , trm TR then p =<
tr1 , . . . , trm > represents the path conformed by them. We have that pi denotes the i-th
element of the path, that is the transition tri . The set of all paths is denoted by P. We
can inductively dene paths as follows:
<> P.
If tr TR and p P then tr p P.
Thus, paths are either empty or are conformed by adding an element to a path.
Next we show how to represent agents. We can distinguish between complex and atomic
agents. Atomic agents assume the responsibility of actually implementing tasks, and
complex agents cluster and delegate in the ulterior ones to accomplish complex tasks
and summarize the properties of the agents that are implicity inside of them.
Denition 5. An agent is a tuple a = (id, ib, P ) where id IDA is a unique identier
for this agent, ib M is the input buffer where messages will be stored, and P
P IDP is the set of paths dening the possible behaviours of this agent, being each
path labeled with an identier. Intuitively, the meaning of this set of paths is that this
specic agent will achieve through any of this paths a similar global transformation of
resources. In other words, every path takes him from the same initial state towards a
similar nal state, differing one from each other in the kind of transformations that they
perform.
351
We denote by A the set of all agents. We dene the function VTr : IDP P as
follows. Let P = {(< tr1 , . . . , trm

>, ), (< tr1 , . . . , trm
>, ), . . .} be a set of paths.
We dene VTr() =< tr1 , . . . , trm >. We also dene the function VA : IDP IDA
that returns the agent that performs this path.

>, ), (< tr1 , . . . , trm

Let a = (id, ib, P ) be an agent and P = {(< tr1 , . . . , trm
>
n
P
, ), . . .} be the set of paths of agent a. We dene the function VP : ID IR using
the auxiliary function VPAux : P IDA IRn as VP() = VPAux(VTr(), VA())
being dened as:
VPAux(<>, id) =
0
VPAux(< tr1 , tr2 , . . . , trn >, id) = z +
VPAux(< tr2 , . . . , trn >, id) if tr1 = (

z , idp )
id
=
VA(id
p)
VPAux(VTr(idp ), VA(idp ))+ if tr1 = (

z , idp )
,
.
.
.
,
tr
>,
id)
id

=
VA(id
VPAux(<
tr
2
n
p)
An agent is atomic if it has only one path, that path is conformed by a single transition, and the agent itself is in charge of executing the transition. Formally, a =
(id, ib, P ) is an atomic agent if | P | = 1 and there exists p =< tr1 , . . . , trm > P
such that for all 1 i m if tri = (
zi , idp ) then VA(idp ) = id.
During the rest of the paper we consider that agents use messages to communicate
among them. The next denition introduces the different kinds of messages that can be
sent.
Denition 6. A message is given by a tuple (t, s, ob, r) such that t {BROADCAST,
REPLIES, START JOB, FINISHED JOB}, denotes the nature of the message, s IDP
{null} the path origin of the message. In some cases this path can have the value null.
The next item ob IDP {} is the objective of the message, it can be a specic
path of an agent, or a broadcast message. The last component, r IRn represents a
transformation of resources. In the rest of this paper, we denote by M the set of all
messages.

Example 1. Let id IDA be an agent identier, p1 , p2 IDP be paths identier, and r
be a vector of resources. A message m = (BROADCAST, null, , r) represents a broadcast message () sent by a petition wanting to nd an agent that accomplish the transformation induced by r. If we have a message m = (REPLIES, p1 , p2 , r); m denotes
the message from agent VA(p1 ) that offers the path p1 , that replies to agent VA(p2 ) to
the petition of performing a certain task of the path p2 , and species the transformation
of resources r.If we have a message m = (START JOB, p1 , p2 , ), m now represents
the message from agent VA(p1 ) which is performing the path p1 for asking to start the
job to the path p2 of the agent VA(p2 ). Finally, if m = (FINISHED JOB, p1 , p2 , ), then
m is the message from agent VA(p1 ) to agent VA(p2 ) to indicate that the path p1 , which
is a sub-path of p2 , has just nished.

Cellules are elements that serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents.
352
Denition 7. A cellule is a tuple (A, id, Sons, Father, ib) where

A IDA is the set of agents that belong to the cellule.
id IDC is a unique identier for this cellule.
Sons IDC is the set of identiers of the sons of this cellule. If Sons = then
we are in a node cellule.
Father IDC is the identier of the cellule that is father of this cellule. If Father=nill then we are in the initial cellule, from which all other cellules are dened.
ib M is the input buffer where messages will be stored.
We denote by C the set of all cellules.
Next, we dene the whole system that contains in a tree like structure implicity dened
by the father-son relationship, the cellules that conform the whole system.
Denition 8. We say that our system (sometimes called world) is dened with a so
called origin cellule from where the tree of cellules hang and by the vector of resources
available in the system. Therefore, a system is a pair w = (c, x) where c IDC is the
origin cellule, and x is the set of resources with which we deal in this world x IRn .
We will use a running example to illustrate previously introduced concepts. In order
to ease the presentation, we have simplied the real system that we have represented in
our formalism.

Example 2. Let us consider that we have the world represented in Figure 1. As we
observe in the gure, we have six cellules, labeled from I to V I and eight agents distributed in them. For example, let us consider agent a3 = (id3 , ib3 , P3 ). P3 is the set
of paths that this agent can perform, ib3 represents the input buffer of this agent and
id3 is the identier of this agent. The set of paths P3 contains a unique pair (pair, path
za , ) >, )}. The path identier is the rst element of the pair
identier) P3 = {(< (
represents the chain of transitions that compose this path. In this case the path is formed
by a unique transition. This transition, < (
za , ) > represents that it is performed by
the path of the agent id3 = VA() and the exchange of resources after performing
this transition is noted by z. This means that the resources of the world will change by
applying x
x
+ za , in other words, it will generate a formwork unit, by wasting 50
units of money, 40 units of wood, and 20 time units.
For example let us suppose that agent a1 = (id1 , ib1 , P1 ) has two different paths.
zg , ) >, ) and (< (
zh , ), (
0, ) >, ). Next we explain one of these
(< (
zg , ), (
paths. The path identied by , has two transitions in it. The rst transition, denoted by
(
zg , ), represents that this agent has to call to the -path of agent VA() to perform it,
and the transformation of resources by applying this transition is x
x+
zg . Then, after
performing this transition the resources of the world would change to x
x
+ za + zg .
Let us remember that the agent id3 = VA() transformation function for the path is
za . Let us note that the agent performing this transition earns money by calling another
agent.

All agents that are not atomic are complex, there are two ways to create agents one is to
insert an atomic agent during the creation of the system and the other is through petitions to the system, being the system in charge of recombining atomic and/or complex
agents already embedded in the system to create a new complex agent.
Fig. 1. Representation of a world
353
354
Celli+1
Cell0
World
exists y ?
Petition(
y)
World
new petition
exchange
create/call agent
exists y ?
return agent
yes/no
start job agent
yes/no
(a) New Petition
Cell0
World
(b) Identification phase
job nished
(c) Job phase
Fig. 2. Schematic diagrams of world behaviour
Denition 9. We say that a petition is a tuple pet = (f u , y, o) where f u F is a

utility function, y IRn is the vector of resources that is added to the resources already
existing in the world, and o IRn is the objective of the transitions, that is, the vector
of resources that we expect to have after performing the petition.

Intuitively, if we have a petition pet = (f u , y, o) is a petition, and a = (id, ib, P ) is
the agent that has created the petition, if p TR such that exists (p, idp ) P :
VP(idp ) + x + y o.
We will explain the main messages by applying a petition (see a graphical representation in Figure 2). Let us consider a petition pet = (f u , y, o). The rst component of
pet contains the initial resources, y = [1000, 500, 500, 100, 0, 100, 0, 0, 500], the second one is a utility function (in this case f u = 10 x1 + 5 x9 ), and the third element
is the objective tuple of resources o = [0, 0, 0, 0, 1, 0, 1, 0, 0].
The rst diagram of Figure 2 denotes that pet = (f u , y, o) is inserted in the world
w = (I, x). When a new petition is inserted in the world, the resources of the petition
are added to the existing vector of resources. After this initial stage, the world asks
to its structure of cellules if there are any agent(s) which can achieve the objective
function o.
4 Implementation
In this section we present our tool that facilitates the task of representing the different
components of our framework. First, we are going to enumerate some of the technical
requirements of the tool. Next, we will comment on some relevant parts of the implementation, and we will show how the example can be represented.
The tool has been developed using J2EE Technology (Java, JDK 1.5, EJB) and the
Netbeans software. It makes usage of MVC architecture, to enable ease of maintenance,
and uses session facade and proxy design patterns. It also uses Java Swing components
in order to develop Graphical User Interfaces(GUI).
The tool offers four different ways to create systems. The rst one is by using an input
XML-formatted le which contains all the description data of the system. Another way
355
to introduce a model is by using Java Database Connectivity (JDBC). JDBC is an API

for the Java programming language that denes how a client may access a database. It
provides methods for querying and updating data in a database. The third way to input a
system is by using the editor included in the GUI. The user may customize the editor and
make sure the Editor Presentations command group is checked under the Commands
tab. The last way to create systems is by loading serializable models saved previously.
Serializability of a class is enabled by the class implementing the java.io.Serializable
interface. By using an MVC design, the system can easily make it. When a model is in
the tool, it can be also saved in the same ways, by using an XML formatted le, in a
database, and by serialization of the model.
For the representation of the world, cellules, and agents we have used threads. A
java.lang. Thread object maintains bookkeeping and control for this activity. In fact,
by representing each of the components by using threads we let the system represent a
more realistic world. For example agent a1 can be waiting until agent a3 has nished
its task, while the world continues receiving petitions, and the cellules continue sending messages between the agents. The tool also introduces priority among the threads.
Each Thread has a priority, ranging between 1 and 10. Priorities have no other impact
on semantics or correctness. In particular, priority manipulations cannot be used as a
substitute for locking. Priorities can be used only to express the relative importance or
urgency of different threads, being these priority indications useful to take into account
when there is heavy competition among threads waiting to be executed. For example
the initial cellule normally has bigger priority than other cellules; the reason is that
management of petitions and the data trafc ow is mainly done through this cellule.
Another important task in a concurrency scheme is the management of shared memory, being the buffers implemented as circular buffers using a single, x size. Circular
buffers are also used for data transfer between processes. The tool uses monitors in theses buffers to synchronize accessing threads. Conceptually, a monitor is a class whose
data members are private and whose member functions are implicitly executed with
mutual exclusion. In addition, monitors may dene waiting conditions that can be used
inside the monitor to synchronize the members functions.
5 Conclusions and Future Work

The work presented in this paper provides a useful framework for the developing of
complex computational systems. With the presentation of the tool we offer the possibility of use to specialists from different elds, not being constrained its applicability to
the eld of computing technology and therefore being useful as a computational science
tool.
The work will be extended to allow testing and checking of conformance of the system implemented with it. Other future line of work will be to develop the structure of the
cellules in an AVL tree-like structure, so that the message ow will be re-equilibrated.
Another possible continuation of the work will be to specify and implement the subdivision of cellules when the number of agents that they withholds surpasses a limit,
this allows not to surcharge a specic computational resource in which the cellule may
be implemented, like a specic processor, and derive its work ow to another resource.
356
Finally, we are currently working on a complex application of our methodology to the

construction world.
References
1. Andrs, C., Molinero, C., Nez, M.: A formal methodology to specify hierarchical agentbased systems. In: 4th Int. Conf. on Signal-Image Technology & Internet-based Systems,
SITIS 2008, pp. 169176. IEEE Computer Society Press, Los Alamitos (2008)
2. Lomazova, I.: Communities of interacting automata for modelling distributed systems with
dynamic structure. Fundamenta Informaticae 60(1-4), 225235 (2004)
3. Lomazova, I.A.: Nested Petri Nets for Adaptive Process Modeling. In: Avron, A., Dershowitz, N., Rabinovich, A. (eds.) Pillars of Computer Science. LNCS, vol. 4800, pp. 460
474. Springer, Heidelberg (2008)
4. Nez, M., Rodrguez, I.: PAMR: A process algebra for the management of resources in concurrent systems. In: 21st IFIP WG 6.1 Int. Conf. on Formal Techniques for Networked and
Distributed Systems, FORTE 2001, pp. 169185. Kluwer Academic Publishers, Dordrecht
(2001)
5. Nez, M., Rodrguez, I., Rubio, F.: Formal specication of multi-agent e-barter systems.
Science of Computer Programming 57(2), 187216 (2005)
6. Nez, M., Rodrguez, I., Rubio, F.: Specication and testing of autonomous agents in ecommerce systems. Software Testing, Verication and Reliability 15(4), 211233 (2005)
7. Merayo, M., Nez, M., Rodrguez, I.: Formal specication of multi-agent systems by using EUSMs. In: Arbab, F., Sirjani, M. (eds.) FSEN 2007. LNCS, vol. 4767, pp. 318333.
Springer, Heidelberg (2007)
8. Dastani, M., Jacobs, N., Jonker, C., Treur, J.: Modelling user preferences and mediating
agents in electronic commerce. In: Sierra, C., Dignum, F.P.M. (eds.) AgentLink 2000. LNCS,
vol. 1991, pp. 163193. Springer, Heidelberg (2001)
9. Geisler, B., Ha, V., Haddawy, P.: Modeling user preferences via theory renement. In: 5th
Int. Conf. on Intelligent User Interfaces, IUI 2001, pp. 8790. ACM Press, New York (2001)
10. Ha, V., Haddawy, P.: Similarity of personal preferences: Theoretical foundations and empirical analysis. Articial Intelligence 146(2), 149173 (2003)
11. Mas-Colell, A., Whinston, M., Green, J.: Microeconomic Theory. Oxford University Press,
Oxford (1995)
Atlantis Press. Web-Based Information Technologies and Distributed Systems. VOLUME 2.
Chapter 5
Carlos Molinero, Cesar Andres and Manuel Nun ez

Dept. Sistemas Informaticos y Computacion
Facultad de Informatica
e-mail: {molinero, c.andres}@fdi.ucm.es, mn@sip.ucm.es
In this paper we introduce a formal framework to specify agent-based systems in which
each of the agents is specialized in a single task that will be fullled by making calls to
other simpler agents. In other words, we are interested in systems that can perform a task
by subdividing it in easier tasks and by using the knowledge about each agent already
introduced in the system. The idea is to prefabricate a basic structure that can be reused by
either changing the main goal or by adding several different specialized agents.
The main characteristic of our methodology is that the each complex agent contains a
schematic denition of other agents. Each agent is thus able to retain and produce certain
information such as the time needed to accomplish a certain task taking into account a
given set of agents and resources. This allows to quickly access information regarding the
necessities in resources and derive the demands to other subsystems.
In order to increase the applicability of our approach, we have fully implemented a tool
that allows us to graphically specify complex systems. In addition, the tool allows us to
simulate the behavior of the specied systems so that some interesting properties, such as
starvation and maximal progress, can be studied.
5.1. Introduction
The representation and study of communities where intelligent (electronic) agents replace
their (human) owners is a topic that has attracted a lot of interest. In particular, there is ongoing research in technologies able to model users by means of agents which autonomously
perform electronic transactions (see1 for a survey on the topic). In order to increase the
power of these agents they must know the preferences of the corresponding user. In this
line, the concept of utility function is very useful. Essentially, a utility function returns a
real number for each possible basket of goods: The bigger this number is, the happier the
94
C. Molinero, C. Andres and M. Nun ez
owner is with this basket. Intuitively, agents should appropriately simulate the systems that
they are representing by considering the utility function that would establish the expected
behavior (see e.g.27 ). In fact, there exists several proposals showing how agents can be
trained to learn the preferences of users (see e.g.4,8,9 ). Besides, a formal denition of the
preferences of the user provides the agent with some negotiation capacity when interacting
with other agents.911 Let us remark that, in most cases, utility functions take a very simple
form. For instance, they may indicate that an agent A is willing to exchange the item a by
the items b and c.
The motivation of this work is to be able to create a exible computational system capable of offering different solutions to new problems. Instead of pre-introducing thoroughly
all the possible behaviors of a system, the system reorganizes its structure to be able to cope
with new petitions coming from the user. It bases itself in a series of behaviors (or task)
that will be called atomic tasks which are the main bricks upon which to construct any new
behavioral answer to the new needs that may appear.
Even though there are general purpose formalisms to formally describe complex concurrent systems (such as process algebras1214 or Petri Nets15,16 ) they are not suitable to
describe agents since these languages and notations do not provide specic operators to
deal with the inherent characteristics of agents. However, there has been already several
studies to formally describe the use of intelligent electronic agents that are nested into one
another (see, for example,17,18 for two approaches based on Petri Nets and automata,19,20
for approaches based on process algebras, and21,22 for approaches based on nite state machines). Most of these approaches have been created in favor of comprehensibility. Therefore they facilitate to derive and apprehend new properties. Moreover, these approaches
have also shown that the recursive denition of agent-based systems allows to keep the
original properties of basic agents.
If we try to incorporate the base of facts to a system, there will always be a lack of
capacity to implement every possible structure of the agent, every different solution to the
same problem, and every combination of small pieces that constitute a complex problem.
That is why we think that there is a need for a new framework to formally dene the class
of systems previously described. We believe it is easier and more feasible to incorporate
bits of knowledge by having the system recomposing this information into complex tasks.
This approach simplies at least two aspects. First, it helps to ensure the completion of the
base of facts. Second, it allows to relocate the different agents, due to its modularity, so
that they can be spread over a network to parallelize some of the tasks.
The main skeleton of the system is this so called atomic agents which are the ones
95
that are in charge of executing the actual transformations that will occur in the system.
Through the recombination of this atomic agents, new and complex agents are created. The
rst advantage of this approach, is that once the atomic agents are dened little interaction
from part of the user is needed, as well, the lack of programming abilities will also not be
a disadvantage. All is needed is to program the underlying specic characteristics of the
system, that is what this system will be able to handle, by example procedures to call to
the motors of a robot, and whatever future need of the user will be handled by the system
itself.
If we take a look in another direction, we would like to assimilate the systems that we
are interested in to a common places structure in which one is able to locate the rest of
the structure from higher order points. If we use the subway lines as a metaphor, we only
need to know the location of the different stations, but the exact location of that small fruit
shop that we are trying to reach is bounded to the location of the closest metro station.
Once we arrive to that particular metro station, we will check the neighborhood map so
that we can nd the shop; we do not need to know in advance all the local maps associated
with all the stations of the network. That is how our systems will work: Once we have
all the atomic agents, each time that a new complex agent, embracing the knowledge of
several atomic agents, is created we will refer to this new agent when making subsequent
calls to the system. In this line, we are able to forget how atomic actions are performed
because we have a higher order element to which we can call upon. In any case, even with
a complex structure, atomic agents are still the ones that execute real tasks. Using another
metaphor we could say that our systems are similar to economic structures in which there
exist intermediate agents that gives us the result of the transformation of resources as a nal
product. These agents, in a hidden way, contract the prime manufacturers that create these
resource transformations.
Another point in favor of our approach is that it allows us to have an unbounded growth
(equivalently, subdivisions as small as needed) either by adding systems in between existing
ones or by assigning new atomic agents to the ones that we had before.
In order to cope with time and calculation limitations, the system is subdivided into a
hierarchical structure in which agents are ordered considering its complexity (how many
agents does it uses to perform a task) and also the eld of knowledge to which that
specic agent is inserted into. I assume here, that if agents are located correctly into groups
of related matters, meaning by it that if two agents perform similar tasks, they will be
inserted together, when the pieces are recombined following the procedure explain later in
this texts, they will be kept close in the hierarchical tree.
96
This hierarchical structure is implemented through a system of so called cells that conglomerate similar agents together. This cells are ordered in a tree structure, which all hang
from the main cell, every petition will be inserted into the main cell and will be carried on
down on the tree until it has been processed. This allows too, although it has not been addressed in the implementation, the possibility of facilitating a computational limit, meaning
that the search could stop after it has descended a limit of levels down in the tree structure,
if the system needs to take decisions in a certain amount of time that can not be surpassed.
It is important to note that the way our systems are subdivided, in so called communication cellules, facilitates their deployment in a distributed system in which one can obtain
a perspective of variable magnitude of the global tasks. This holds as long as we keep the
hierarchical structure of the ensemble.
In this work, agents are treated as knowledge elements, agents are inserted as new
abilities that the system can have access to, and then agents are created through the recombination of these abilities to generate complex tasks. Each agent represents a knowledge,
each action is therefore identied with a knowledge about that action. When a petition is
made to the system, it tries to accomplish it by reusing its bits of knowledge. In comparison
with the human behavior, this is thought as a metaphor of the mirror neurons, discovered
by chance by the group formed by Giacomo Rizzolatti , Giuseppe Di Pellegrino, Luciano
Fadiga, Leonardo Fogassi, and Vittorio Gallese at the university of Parma, Italy, while measuring the activities of neurons regarding the movement of a monkey. Unexpectedly some
neurons red not only when the monkey was moving the hand, but also when it looked
how someone else was moving the hand. These led to a new theory of learning in which
it is stated that they way humans and other mammals learn is through the neural mimic of
activities seen in other individuals. Therefore the how-to knowledge and the actual act is
primarily red by the same neurons.
The system apprehends more complex concepts in the same way children do, rst as a
baby you start to involuntary move your muscles, noticing that that makes your arm move,
with time you learn to control your arm, and the modications that it performs in your
surroundings, afterwards, as more concepts and experiences (in our system petitions) are
incorporated, you no longer think about moving the arm but of reaching an object and
grabbing it. That is, once we know how to perform an action the underlying mechanisms
are automated, we no longer have to think about them.
The generic task method states that the structure and representation of domain knowledge is completely determined by its use (much as it happens in our approach, where concepts are only derived from the actual task that can be accomplished by atomic agents).
97
The main problem underlying generic tasks is related to the predetermined problem solving strategy that they use (we are able to overcome this situation, since our methodology
proposes a exible problem solving strategy, that will vary depending on the kind of atomic
agents included in the system).
The rest of the paper is organized as follows. In Section 5.2 we will discuss some of
the most relevant articles in the eld of agents. In Section 5.3 we introduce some auxiliary
notation that will be used during the rest of the paper. In Section 5.4 we present the formalism to describe our systems. In Section 5.5 we briey present our tool and give a small
example to show its main features. Finally, in Section 5.6 we present our conclusions and
some lines for future work.
5.2. Overview of some relevant articles in the eld of agents
5.2.1. Pattie Maes - The dynamics of action selection
This paper (23 ) addresses the problem of choosing an action in an autonomous multi-agent
system. Actions are chosen following a rational goal oriented fashion, but this approach can
have conicting goals, it should be adaptive to new situations, and there exist the possibility
of a certain component failing, making it harder to reach the nal goal.
This is done so in the situation of a mindless multi-agent system, such as those of
Brooks subsumption architectures. This systems, although desirable for properties such as
modularity, distributed behavior, exibility and robustness lack of a proper action selection
procedure: which agent should become active? and what are the factors that determine a
cooperation among certain agents?. The hypothesis presented in this paper are that rational
action of the global system can emerge, and that there is not the need for bureaucratic
agents (agents that decide which agent should become active).
There exist in this framework several parameters to be tuned by the user, allowing to
have different kind of action selection procedures, such as more/less data oriented, goal
oriented, deliberated, fast.
Agents make part of a hierarchical system in the way that the activation of an agent
is linked in a network of predecessor and successor links, which describe what agents
should be activated before the current agent that is trying to perform an action. An agent is
described by the tuple (l p , la , ld , a) where:
l p is a list of preconditions which have to be fullled before the agent can become
active.
la and ld represent the post-conditions in terms of a add list and delete list scheme.
98
a is the level of activation of the agent.

The links of the network are used to spread activation among agents belonging to it. When
an agents preconditions are true it spreads part of its activation level to its successors
otherwise it augments the activation level of its predecessors. The algorithm that takes
place at every time step is composed of the following steps:
(1) The input from the state and goals to an agent is computed.
(2) The spreading of activation of an agent is computed.
(3) A locally computed forgetting factor ensures that the overall activation level
remains constant.
(4) The agents which fullls the following 3 conditions becomes active: it has to
be executable, its level of activation has to surpass a certain threshold and it must
have a higher activation level than all other agents which fullls the preconditions.
The parameters to be tuned in the system are:
The threshold for becoming active.
The percentage of their activation that is spread forward to other agents.
The percentage of their activation that is spread backward to other agents.
The relative amount of external input that comes from the goals as opposed to
from the state of the environment.
5.2.2. Yoav Shoham - Agent-oriented programming

In his article Agent-oriented programming, Yoav Shoham (cite24 ) proposes a new computational framework that promotes a societal view of computation, in which agents are
combined to perform a certain computation. Agents are dened by their mental state,
which is decomposed into beliefs, decisions, capabilities and obligations.
For Shoham an agent is:
an entity whose state is ciewed as consisting of mental components such as beliefs, capabilities, choices and commitments. These components are dened in a
precise fashion and stand in rough correspondence to their common sense counterparts.
Clearly it is a denition of the term agent biased towards its own work, since he is going
to dene precisely those elements as part of his agent programming language. Since the
possibility of ascribing beliefs, decisions, capabilities and obligations to any element, even
the most simple of the systems, and therefore following its denition, considering that
99
anything can be said to be an agent, he uses the words of John McCarthy, to explain when
ascribing those mental states to a system is something useful:
To ascribe beliefs, free will, intentions, consciousness, abilities, or wants to a
machine is legitimate when such an ascription expresses the same information
about the machine that it expresses about a person, It is useful when the ascription helps us understand the strcture of the machine, its past or future behavior,
or how to repair or improve it. It is perhaps never logically required even for
humans, but expressing reasonably briey what is actually known about the state
of the machine in a particular situation may require mental qualities or qualities
isomorphic to them. Theories of belief, knowledhe and wanting can be constructed for machines in a simpler setting than for humans, and later applied to
humans. Ascription of mental qualities is most straightforward for machines of
known structure such as thermostats and computer operating systems, but it is
most useful when applied to entities whose structure is incompletely known.
Shoham adopts the S5 modal logic which have properties that includes tautological
closure, positive introspection and negative introspection. And the semantics adopted are
the possible world semantics.
He states that decisions are logically constrained though not determined by the agents
beliefs. These beliefs refer to the state of the world, to the mental state of other agents
and to the capabilities of this and other agents. This perspective motivates the introduction
of two mental categories: belief and decision (or choice), and another not mental per se
construct which is capability. Although decision will be treated in terms of obligation as
an obligation to oneself.
Denitions of the mental categories:
Time, all operators are related to time.
Belief, an agent a believes something on a certain time t: Bta
Obligation, agent a has an obligation to agent b on time t: OBLta,b
Decision, agent a obliges itself: DECat = OBLta,a
Capability, agent a is capable of doing something at time t: CANat
All of these constructs maintain a certain set of properties, like internal consistency of
believes and obligations, good faith (agents only commit to what they believe themselves
capable of), introspection (agents are aware of their obligations) and persistence of the
mental state (agents have perfect memory of believes and obligations, and they only let go
of a believe if they learn a contradictory fact).
Later on in the article he discusses the AGENT0, a language made to create agents
and dene its mental categories, and the message passing (communications) in between
100
the agents, also discusses the need for agentication (create agent-like representation out
of cameras or other devices so they can be used by agents).
5.2.3. Rodney A. Brooks - Elephants dont play chess
Rodney A. Brooks have written a series of articles talking about the subsumption architecture one of them is Elephants dont play chess which is kind of a summary of all the
developments made by his team, and a theoretical comparison with symbolic approaches.
He adheres himself to a current dogma in the AI world, called situated activity, based
on the physical grounding hypothesis. Which states that intelligence is a general property
that can arise from the combination of a series of different reactive and situated (meaning
that they only work located in a real world) agents that handle different parts of the overall
robots behavior.
His thesis against the symbolic approaches is that they are too eld dependent, they
are not capable of adapting to the noise existing in the real world, and that the sensory
equipment is incapable of presenting with accurate symbolic descriptions of the objects
that constitute the real world, rendering such approaches practically unusable. Also the
number of calculations necessary to nd solutions in the search spaces (usually for NPcomplete spaces), constitute another drawback of trying to use the symbolic position.
The physical grounding hypothesis works based on the assumption that every system
needs to have its representations grounded in the physical world. Therefore to connect
the system by sensors and actuators to the real world is the primary interest of these approaches. This kind of approach forces the construction of the system in a bottom up
manner, everything has to be concrete responses to the environment.
Another important point in the article is the explanation of the subsumption architecture. It is a way to program the robot based on incremental layers, each one of them
connecting perception to action, based on augmented nite state machines (AFSM). All
of this layers are compiled to simulate parallelism. There are two subsumption languages,
the old and the new, used in different experimental robots. I will hereby quote the general
denition for the old subsumption language:
Each augmented nite state machine has a set of registers and a set of timers,
or alarm clocks, connected to a conventional nite state machine which can control a combinational network fed by the registers. Registers can be written by
attaching input wires to them, and sending messages from other machines. The
messages get written into the registers by replacing any existing contents. The
arrival of a message, or the expiration of a timer, can trigger a change of state
in the interior nite state machine. Finite state machine states can either wait
on some event, conditionally dispatch to one of two other states based on some
101
combinational predicate on the registers, or compute a combinational function of

the registers directing the result either back to one of the registers or to an output
of the augmented nite state machine. Some AFSMs connect directly to robot
hardware. Sensors deposit their calues in certain registers, and certain outputs
direct commands to actuators.
A series of layers of such machines can be augmented by adding new machines
and connecting them into the existing network in a number of ways. (...)
The new subsumption language, uses behaviors (that are in fact AFSMs). The main
tools to interact in between the behaviors are message passing, suppression and inhibition.
Another difference with the old language is that behaviors can share registers, and a new
more general timing mechanism than the original alarm clocks.
Later on the article explains one by one the different robots build with this subsumption architecture. Showing how different reaction layers can make emerge an intelligent
behavior.
5.3. Preliminaries
In this section we introduce some notation that will be used throughout the rest of the paper.
Since users have different preferences, in order to properly design agents the rst step
consists in expressing these preferences. In order to extract preferences from users several
mechanisms have been presented in the literature (see e.g.4,25,26). In this paper, preferences in a given moment will be given by a utility function. These functions associate a
value (a utility measure) with each possible combination of resources a user could own.
Alternatively, other mechanisms such as preference relations could be used (see e.g.27 for
conditions to transform one of the possibilities into the other).
Denition 5.1. Let IR+ = {x IR | x 0}. Vectors in IRn+ (for n 2) are usually denoted
by x,
y,
. . . The vector 0 denotes the tuple having all the components equal to zero. Given
x IRn , xi denotes its i-th component. Let x,
y IRn+ : x y if for all 1 i n, xi yi holds.
If there exist n different kinds of resources then a utility function is any function f :
IR IR+ .
n

Intuitively, f (x) > f (y) means that x is preferred to y. For instance, if the resource
x1 denotes the amount of apples and x2 denotes the amount of oranges, then f (x1 , x2 ) =
3 x1 + 2 x2 means that, for example, the agent is equally happy owning 6 apples or 9
oranges. Let us consider another agent whose utility function is f (x1 , x2 ) = x1 + 2 x2 .
Then, both agents can make a deal if the rst one gives 3 oranges in exchange of 4 apples:
102
After the exchange both are happier. Alternatively, if x2 represents the amount of money
in any currency (for example in dollars) then the rst agent would be a customer while the
second one might be a vendor. A usual assumption is that no resource is a bad, that is, if the
amount of a resource is increased, so does the value returned by the utility function. Using
a derivative expression, this property can be formally expressed as
f (x1 ,...,xn )
xi
0 for any
x1 , . . . , xn IR and 1 i n. This requirement does not constrain the expressive power of

utility functions, as the existence of any undesirable resource can be always expressed by
considering a resource representing the absence of it.
During the rest of the paper we consider that agents use messages to communicate
among them. The next denition introduces the different kinds of messages that can be
sent.
Denition 5.2. We consider seven different types of messages and we enumerate them as
follows:
TYPE
CONTENT
Information
Negotiation
Proposal message
Acceptance message
Hiring message
Job started message
Job nished message
Let ID be a set of agent identiers. A message is a tuple (T, s, d, c), where T is the type
of message, s ID is the agent source of the message, d ID {} is the agent destination
of the message ( represents a broadcast message) and c String represents the string of
characters containing the message.
We denote by the empty message. We denote by M the set of all messages.

Next we will dene a collection of identiers to be able to univocally address agents and
cellules.
Denition 5.3. Let w be a system (see Denition 5.8). The set of all possible systems is
represented by W . We denote by IDC the set of cellule identiers that are assigned uniquely
to each of the cellules. The function newIdCellule : W IDC returns an unused identier
for the world w. We use a special identier nill IDC to denote an empty cellule. We
denote by IDA the set of agent identiers that are assigned uniquely to each of the agents
103
belonging to the system. The function newIdAgent : W IDA returns an unused identier
for an agent.

5.4. Denition of the formalism

In this section we present our formal language to specify complete systems as well as all
the agents belonging to them. The main idea consists in having a world that is composed of
communication cellules. These components will be interconnected in a hierarchical way,
that is, the main communication cellule will hold the main agent while each of the next
communication cellules will hold simpler agents. This process is iterated until we reach
the last level that will hold only atomic agents.
We will make a distinction between generic agents, in other words, agents fullling
a complex task (which will be done by calling other agents) and atomic agents, which
are simple agents in charge of executing the actual transition. This distinction is merely
represented as a different set of variables taken from the same general denition of an
agent. Agents will send messages by using the communication cellules. These cellules will
forward these messages to other cellules that will broadcast them to the agents under their
control, until the nal atomic agent is reached. Then, an atomic portion of the global goal
will be produced through the transformation of resources that this atomic agent fullls.
Each agent will have a different utility function, as dened in the previous section,
depending on the utility that each of the resources represent for the specic agent. This
function will take into account different combinations of resources to decide which transition should be used.
We will start by dening the simpler element in the system, the agents, and scale up in
complexity to dene the complete system.
Denition 5.4. We denote by A the agent domain; a1 , . . . , an will be used to denote elements of A .
An agent is a tuple:
(id, S, s0 , s f , R, V , Tin , Tex , ib, ob) where:
id IDa is the agent identier.
S is the set of states.
s f S is the nal state or goal state.
R is the set of resources of the agent.
If |R| = m then we can use valuations : R IRm
+ that return the current value of
104
transex
out
s0
transin
2
s1
transin
1
transin
3
sf
transex
in
Fig. 5.1. A generic agent.
each variable. We denote by Val(R) the set of all valuations of R. V Val(R) is

the initial valuation of the agent.
Tin S IDa IR+ S M (Val(R))Val(R) is the set of internal transitions.
The set of internal transitions must fulll the following restrictions:
if | Tin | = 1 then (s1 , id ,t, s2 , m, D, Z) Tin : id = id.
if | Tin | > 1 then (s1 , id ,t, s2 , m, D, Z) Tin : id = id.
| Tin | 1.
Tex S M M S F (Val(R) Val(R)) is the set of internal transitions,
where F (Val(R) Val(R)) denotes the set of functions over Val(R). We say that
an agent is well formed if for all s S and all mi M there exist mo , Z, s2 such
that (s, mi , mo , s2 , Z) Tex .
ib, ob (M ) are the input and the output buffers, respectively. We will use them
to receive incoming messages (ib) and to send outgoing messages (br). We can
use the functions Choose : (M ) M , Remove : (M ) M (M ) and
Concat : M (M ) (M ), having the usual meaning, to manage buffers.

Intuitively, an internal transition (s1 , id ,t, s2 , m, D, Z) Tin is a tuple where s1 is the
initial state, s2 is the nal state, id identies the agent assuming the transitiona , t IR+
a If
id = id then we are considering an atomic agent that is itself in charge of its transition
105
is the timeb consumed to perform the transition, m represents the output message that the
agent emits to the outgoing buffer (ob) when this transition is triggered (the empty message
is denoted by ), D Val(R) denotes a subset over the set of valuations that denotes which
valuations allow the transition to occur, and Z : Val(R) Val(R) is the transformation
id ,m,D,Z
of resources produced by this transition. We write s1 ex s2 as a shorthand of

(s1 , id , s2 , m, D, Z) Tin .
External transitions are tuples (s1 , mi , mo , s2 , Z) where s1 is the initial state, s2 is the nal
state, mi is the incoming message, mo is the outgoing message, and Z : Val(R) Val(R) is
mi /mo ,Z
the transformation of the values in this transition. We write s1 in s2 as a shorthand

of (s1 , mi , mo , s2 , Z) Tex .
In Figure 5.1 we show a graphical representation of a generic agent. Next, we introduce
some auxiliary concepts that will be useful to describe the evolution of agents.
Denition 5.5. An agent is called atomic if it is in charge of executing a single task.
Formally, we use a function atomic : A Bool, such that for all a A we have
atomic(a) = ( | Tin | = 1).
In order to have the current state of an agent we specify its conguration as an element belonging to S Val(R) (M ) (M ).Congurations are modied through the
performance of either internal or external steps:
Internal step of the system:
id ,t,m,D,Z
Given a conguration M = (s, V , ib, ob), an internal transition s1

in s2 will
be triggered if D(V ) and will modify the conguration to (s2 , Z(V ), ib, Concat(m, ob)).
External step of the system:
m1 /m2 ,Z
Given a conguration M = (s, V , ib, ob), an external transition s1 ex

s2 will be triggered if m1 = Choose(ib) and will modify the conguration to
(s2 , Z(V ), Remove(ib, m1 ), Concat(m2 , ob)).

In order to assign each agent to a specic communication cellule, so that the hierarchical structure can be kept, we will dene the traces of an agent. The set of all traces that an
agent can perform will be use to compare agents.
Denition 5.6. Given an agent, we dene a trace as a possibly empty sequence of outgoing
messages tr = m1 , . . . , mn with n 0, where each mi is in M . If n = 0 then we have the
b This
value will be dened by default only for atomic agents since complex agents will calculate the associated
time from the information collected from the contracts with other agents. In addition to consider the sum of all the
involved time values, we have to add a certain delay to simulate the time that it takes to perform communications
among agents.
106
empty trace .
Let a = (id, S, s0 , s f , R, V , Tin , Tex , ib, ob, ) be an agent. We say that a (possibly empty)
sequence of messages m1 , . . . , mn , with n 0, is a trace of a if there exists a sequence of
transitions belonging to Tin and starting at s0 such that
id,m ,D,Z
id,mn ,D,Z
1
s0
A ,in s1 . . . sn1 A ,in sn
We denote by trA (a) the set of all traces of a.

Given two agents a1 , a2 A we say that a1 is more powerful than a2 , denoted by
a2 p a1 , if trA (a2 ) trA (a1 ).

Cellules are elements that serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents.
Denition 5.7. A cellule is a tuple (A , id, Sons, Father, ib) where
A IDA is the set of agents that belong to the cellule.
id IDC is a unique identier for this cellule.
Sons IDC is the set of identiers of the sons of this cellule. If Sons = then we
are in a node cellule.
Father IDC is the identier of the cellule that is father of this cellule. If Father=nill then we are in the initial cellule, from which all other cellules are dened.
ib M is the input buffer where messages will be stored.
We denote by C the set of all cellules.

Let us remark that when an agent is added to a cellule, the incoming buffer of the agent
is connected to the outgoing buffer of the cellule, while the outgoing buffer of the agent
is associated with the input buffer of the cellule. This means that an agent does not send
messages to another agent; it sends them to the associated cellule. Similarly, an agent
receives messages only from the cellule to which it is attached. A graphical representation
of this can be seen in Figure 5.2 where we can observe several agents connected to the
cellule C.
Next, we dene the whole system that contains in a tree like structure implicity dened
by the father-son relationship, the cellules that conform the whole system.
Denition 5.8.
We say that our system (sometimes called world) is dened with a so called origin
cellule from where the tree of cellules hang and by the vector of resources available in the
107
a3
transex
ia3
transex
oa3
transex
oa1
a1
C
transex
ia1
transex
oa2
transex
ia2
a2
Fig. 5.2. Communication cellule.
C1
ns ex
13
t ra
31
ns ex
ns ex
12
t ra
t ra
21
ns ex
t ra
C3
ex 2
ns 5
t ra
ex 5
24
ns ex
C4
ns 2
t ra
t ra
42
t ra
ns ex
C2
C5
Fig. 5.3. World.
system. Therefore, a system is a pair w = (c, x)

where c IDC is the origin cellule, and x is
the set of resources with which we deal in this world x IRn .
We will use a running example to illustrate previously introduced concepts. In order to
ease the presentation, we have simplied the real system that we have represented in our
formalism.

All agents that are not atomic are complex, there are two ways to create agents one is to
insert an atomic agent during the creation of the system and the other is through petitions
108
Celli+1
Cell0
World
create/call agent
exists y ?
Petition(y)
World
new petition
exchange
(a) New Petition
Cell0
World
exists y ?
return agent
yes/no
start job agent
yes/no
(b) Identification phase
job nished
(c) Job phase
Fig. 5.4. Schematic diagrams of world behaviour.
to the system, being the system in charge of recombining atomic and/or complex agents
already embedded in the system to create a new complex agent.
Denition 5.9. We say that a petition is a tuple pet = ( f u , y,
o)
where f u F is a utility
function, y IRn is the vector of resources that is added to the resources already existing in
the world, and o IRn is the objective of the transitions, that is, the vector of resources that
we expect to have after performing the petition.

Intuitively, if we have a petition pet = ( f u , y,

o)
is a petition, and a = (id, ib, P) is the
agent that has created the petition, if p TR such that exists (p, id p ) P : VP(id p ) + x+
y o.
Example 5.1.
We will explain the main messages by applying a petition (a graphical representation is
given in Figure 5.4). Let us consider a petition pet = ( f u , y,
o).
The tuple has 3 elements,
the rst one is the initial resources, y = [1000, 500, 500, 100, 0, 100, 0, 0, 500], the second
one a utility function (in this case f u = 10 x1 + 5 x9), and the third element of the tuple is
the objective tuple of resources o = [0, 0, 0, 0, 1, 0, 1, 0, 0].
o)
is inserted in the world
The rst diagram of Figure 5.4 denotes that pet = ( f u , y,
w = (I, x).
When a new petition is inserted in the world, the resources of the petition are
added to the existing vector of resources. After this initial stage, the world asks to its
structure of cellules if there are any agent(s) which can achieve the objective function o.

109
5.5. The A \ tool

In this section we briey describe the A \ tool. In the previous section we have presented a modular framework that has the capability of expressing constraints, specications, agents, cellules, and resources. The A \ tool, developed in Java, facilitates the
denition of systems following our methodology so that a user of our methodology can
abstract most of the mathematical technicalities needed to dene a system/world. We illustrate the behavior of the most relevant phases of the framework by following an example
from scratch.c First we will show how we can create a new world, assigning resources,
agents, cellules, etc. Second, we will see the communication among agents, in order to obtain resources, rent other agents, etc. And nally we will see how we achieve the proposed
goal.
In order to start the simulation, a preliminary phase is necessary to create the world,
the cellules, and the agents. We can record the traces from a cellule and the preprocessing module treats the log le containing the observed trace in order to make a formatted
trace. In other words, it can generate agent traces that follow the format established in our
framework. We create the world called Complutense and inside it we add three different
Cellules (C1 ,C2 ,C3 ) with some agents in them. In Figure 5.6 we can observe how A \
shows the generated world as well as an agent of this world. The set of agents that we have
introduced in the system is dened in Figure 5.5.
As we can observe in the table, agent15 is an atomic agent because it is in the lower level
of the cellules and, according to the denition of level, this cellule can only have atomics
agents; an atomic actions only goes from sn to sn+1 . The values that are in the fth column
represent the money and the time. Even though there are other resources involved in the
system we have only represented these two resources since they are the most relevant for
our example. Complutense represents a world where agents can build houses. We have
subdivided the task of building in six states. In Figure 5.7 we give a description of each of
these states.
Once the world is created, we start with the second phase. We generate the connections
that are in charge of telling the agent that it has reached a certain state or to allow the agent
to move to a new state (and, subsequently, call the next agent to perform the new task). We
try to let it solve a certain task. This phase is presented in Figure 5.8.
First agent1 and agent2 send a message. Both of them need to move from state 1 to
c Even
though this is a toy example, so that we can concentrate on the main features of the tool, we have already
tested our tool with some more complex examples. However, as we indicate in the last section of the paper, we
still need to use our tool to specify a real system.
110
NAME
LEVEL
INITIAL
RESOURCES
GOAL
agent1
s1
(410, 290)
s6
agent2
s1
(370, 340)
s6
agent3
s1
(175, 151)
s3
agent4
s1
(220, 241)
s4
agent5
s1
(312, 287)
s5
agent6
s2
(149, 150)
s4
agent7
s2
(224, 159)
s5
agent8
s2
(220, 176)
s6
agent9
s3
(231, 148)
s6
agent10
s4
(149, 101)
s6
agent11
s1
(70, 100)
s2
agent12
s2
(75, 50)
s3
agent13
s3
(72, 68)
s4
agent14
s4
(72, 35)
s5
agent15
s5
(72, 43)
s6
Fig. 5.5. Agents in the world.
Fig. 5.6. Phase 1 in A \.
state 6, but agent1 owns more money than agent2 while it has less time to arise it. So, we
expect that agent1 will nd a faster, although more expensive, way to proceed than agent2 .
We will show the decision that agent1 takes in order to obtain a faster path. The agent2
behaves in the same way as agent1 . The rst message from agent1 has type=1, that is,
information, and it is a broadcast message to another communication cellule. This message
is used to look for all agents in that cellule that have the same nal state. This rst message
s1
t12
s2
t23
s3
t34
s4
t45
s5
s1
:money.
s2
:money+land.
s3
:money+land+plan.
s4
:money+land+plan+construction materials.
s5
:money+land+plan+construction materials+worker.
s6
:money+land+plan+construction materials+worker+house.
t56
111
s6
Fig. 5.7. Global task.
is sent from C1 to C2 .
The agents agent8 , agent9 , agent10 have their goal as s6 . All of them answer to the
previous message by sending information concerning their amounts of resources. agent1
starts building a tree in order to decide the best path to the goal.
Now agent1 asks, by sending a broadcast message to C2 , who has as goal state s2 , s3 ,
s4 . These messages ow through C2 . We have that agent4 , agent6 , and agent3 will answer
with messages sending s1 , s1 and s2 . Because the initial state of agent1 is s1 , it only has to
obtain one possible way for s2 .
In the nal step of this phase agent1 sends to C2 a message asking for agents whose
goal is s2 . No agents will answer to it. The A \ tool has a timeout module which sends
an internal transition for agent1 denoting that nobody is going to answer this last message.
When this timeout is sent, agent1 starts to decide which path it prefers to follow its utility
function.
112
In phase 3 we have the situation described in Figure 5.9. First, agent1 has all the
possible paths to achieve its goal already displayed in front of him. By applying its utility
function, this agent decides that the best way is to step through s3 . So, it calls agent3 to
start its internal processes. Then, agent3 will then restart the whole process until it nally
calls agent11 which is an atomic agent. Therefore, it will start to transform the resources
by taking part of the money (in s1 ) and transforming it into land (reaching s2 ).
5.6. Conclusions and future work
In this paper we have presented a formalism to represent complex hierarchical systems
where tasks can be distributed and/or subcontracted among agents. We are aware that our
formalism is difcult to use since there are a lot of mathematical machinery underlying the
denition of our systems. Thus, we have decided to build a tool that fully implements our
methodology. In this way, a user of our methodology does not need to pay attention to the
formal details and can concentrate on dening the appropriate hierarchical structure.
The system we have implemented allows a more direct approach to model systems that
will expand with the use of it by the user. Agent technology allows to have an unbounded
growth of the system, and having declared all the possible atomic task that a system can
perform as outputs will allow the system to complete any petition that the user can foresee.
There are of course limitations, due to the nature of the simplied perceived world as
a vector of resources. In this line a possible future implementation should maybe base
the world representation in a BDI (belief, desire, intention) system, with a modal logic
113
and allowing symbolic representation of the world and user needs. But until date we have
considered it outside of the focus of our research, to be able to advances in other areas.
There are at least two lines for future work. On the one hand, there is a lot of room
to continue the theoretical study. In particular, we can exploit the trace relation between
agents so that we can dene a conformance relation to determine whether a real system
correctly implements one of our worlds. On the other hand, more practical, we have used
our tool only with small/medium size examples. We are working on the complete denition
of a real system by using our tool. Specically, we are considering28 as a non-trivial system
to be described in our tool.
References
1. R. Guttman, A. Moukas, and P. Maes, Agent-mediated electronic commerce: A survey, The
Knowledge Engineering Review. 13(2), 147159, (1998).
2. L. Rasmusson and S. Janson, Agents, self-interest and electronic markets, The Knowledge Engineering Review. 14(2), 143150, (1999).
3. T. Eymann. Markets without makers - a framework for decentralized economic coordination
in multiagent systems. In 2nd Int. Workshop on ELectronic COMmerce, WELCOM01, LNCS
2232, pp. 6374. Springer, (2001).
4. M. Dastani, N. Jacobs, C. Jonker, and J. Treur. Modelling user preferences and mediating agents
in electronic commerce. In Agent Mediated Electronic Commerce, The European AgentLink
Perspective, LNCS 1991, pp. 163193. Springer, (2001).
5. J. Lang, L. v. Torre, and E. Weydert, Utilitarian desires, Autonomous Agents and Multi-Agent
Systems. 5(3), 329363, (2002).
6. M. McGeachie and J. Doyle. Utility functions for ceteris paribus preferences. In AAAI Workshop
on Preferences in AI and CP: Symbolic Approaches, pp. 3338. AAAI Press, (2002).
7. J. Keppens and Q. Shen. A calculus of partially ordered preferences for compositional modelling
and conguration. In AAAI Workshop on Preferences in AI and CP: Symbolic Approaches, pp.
3946. AAAI Press, (2002).
8. F. Bacchus and A. Grove. Graphical models for preference and utility. In Uncertainty in Articial
Intelligence, UAI95, pp. 310. Morgan Kaufmann, (1995).
9. T. Sandholm. Agents in electronic commerce: Component technologies for automated negotiation and coalition formation. In 2nd Int. Workshop on Cooperative Information Agents, CIA98,
LNCS 1435, pp. 113134. Springer, (1998).
10. S. Kraus, Negotiation and cooperation in multi-agent systems, Articial Intelligence. 94(1-2),
7998, (1997).
11. A. Lomuscio, M. Wooldridge, and N. Jennings. A classication scheme for negotiation in electronic commerce. In Agent Mediated Electronic Commerce, The European AgentLink Perspective, LNCS 1991, pp. 1933. Springer, (2001).
12. C. Hoare, Communicating Sequential Processes. (Prentice Hall, 1985).
114
13. R. Milner, Communication and Concurrency. (Prentice Hall, 1989).

14. J. Bergstra, A. Ponse, and S. Smolka, Eds., Handbook of Process Algebra. (North Holland,
2001).
15. W. Brauer, W. Reisig, and G. Rozenberg, Eds., Petri Nets I: Central Models and Their Properties, LNCS 254. (Springer, 1987).
16. W. Brauer, W. Reisig, and G. Rozenberg, Eds., Petri Nets II: Applications and Relationships to
Other Models of Concurrency, LNCS 255. (Springer, 1987).
17. I. Lomazova, Communities of interacting automata for modelling distributed systems with dynamic structure, Fundamenta Informaticae. 60(1-4), 225235, (2004).
18. I. Lomazova. Nested Petri Nets for adaptive process modeling. In Pillars of Computer Science,
Essays Dedicated to Boris Trakhtenbrot on the Occasion of His 85th Birthday, LNCS 4800, pp.
460474. Springer, (2008).
19. M. Nun ez and I. Rodrguez. PAMR: A process algebra for the management of resources in concurrent systems. In 21st IFIP WG 6.1 Int. Conf. on Formal Techniques for Networked and Distributed Systems, FORTE01, pp. 169185. Kluwer Academic Publishers, (2001).
20. M. Nun ez, I. Rodrguez, and F. Rubio, Formal specication of multi-agent e-barter systems,
Science of Computer Programming. 57(2), 187216, (2005).
21. M. Nun ez, I. Rodrguez, and F. Rubio, Specication and testing of autonomous agents in ecommerce systems, Software Testing, Verication and Reliability. 15(4), 211233, (2005).
22. M. Merayo, M. Nun ez, and I. Rodrguez. Formal specication of multi-agent systems by using EUSMs. In 2nd IPM Int. Symposium on Fundamentals of Software Engineering, FSEN07,
LNCS 4767, pp. 318333. Springer, (2007).
23. P. Maes. The dynamics of action selection. In 11th International Joint Conference on Articial
Intelligence IJCAI89, pp. 991997. Morgan Kaufmann, (1989).
24. Y. Shoham, Agent-oriented programming, Articial Intelligence. 60(1), 5192, (1993).
25. B. Geisler, V. Ha, and P. Haddawy. Modeling user preferences via theory renement. In 5th Int.
Conf. on Intelligent User Interfaces, IUI01, pp. 8790. ACM Press, (2001).
26. V. Ha and P. Haddawy, Similarity of personal preferences: Theoretical foundations and empirical
analysis, Articial Intelligence. 146(2), 149173, (2003).
27. A. Mas-Colell, M. Whinston, and J. Green, Microeconomic Theory. (Oxford University Press,
1995).
28. C. Andres, M. Merayo, and M. Nun ez. Formal development of a complex information system.
In 3rd Int. Conf. on Systems, ICONS08, pp. 118123. IEEE Computer Society Press, (2008).
Creating Adaptive Sequences with Genetic

Algorithms to Reach a Certain State in a
Non-Deterministic FSM
Carlos Molinero
Manuel Nunez
Departamento de Sistemas Informticos y Computacin,
Universidad Complutense de Madrid,
Madrid, Spain, 28007
Email: molinero@fdi.ucm.es,mn@sip.ucm.es
AbstractThis paper aims to construct an evolutionary system,

based on genetic algorithms, to solve the problem of univocally
reaching a target state in a non-deterministic Finite State
Machine. Our approach proposes the creation of an adaptive
sequence, which is a tree of input and outputs that contains the
possible behaviors of the non-deterministic Finite State Machine,
through a Genetic Algorithm. Essentially, we will characterize
the DNA of the individuals as an adaptive sequence and allow
the population to evolve until a solution is found. To assure the
validity of our approach, we compare it with other methodologies
such as hillclimbing and random. We show that the Genetic
Algorithm obtains a higher rate of success in creating the
adaptive sequences.
I. I NTRODUCTION
Evolution is the way life adapts to its environment. If this
environment is the landscape formed by the solution of a
problem, then this adaptation may serve us to nd a way to
solve it. This idea is what led evolutionary approaches to be
used as search techniques.
Testing ([1], [2]) is an important part of the production of
new systems since it takes a high percentage of the time and
cost of developing them. Therefore, being able to create new
methods that allow us to discover faults in the implementation
is a necessity. Reaching a specic state is a fundamental part
of the testing process because it allows the tester to move
the implementation to that state and continue the testing of a
certain part of a system, such as a specic component of an
embedded system. If we solve this problem in a deterministic
FSM, the solution is found in linear time. However, in the
context of a non-deterministic FSM, this problem belongs
to the EXPTIME complete category, therefore the use of
heuristic methods is a must. Moreover, since non-determinism
may arise in several ways, as when abstracting data from
protocols or when composing a system out of several individual components, to produce test suites for non-deterministic
implementations is a problem of practical importance.
Research partially supported by the Spanish MICINN project TESIS
(TIN2009- 14312-C02-01), the UK EPSRC project Testing of Probabilistic
and Stochastic Systems (EP/G032572/1).
Robert M. Hierons
Department of Information Systems and Computing,
Brunel University
Uxbridge, Middlesex, UB8 3PH United Kingdom
Email: rob.hierons@brunel.ac.uk
Testing non-deterministic nite state machines produces

several complications during the development and application
of the test suite. One of them is that we can no longer
state equivalence between machines. The equivalence relationship to be established will be called r-equivalence and
consists in considering that the traces of the implementation
conforms to those of the specication (for a detailed and
formal explanation, see [3], [4], [5]). Usually, when in a nondeterministic context we will use the all weather conditions
assumption, which means that if enough inputs are applied to
the machine then we will observe every output available in
the implementation.
Several studies have already considered the problem of
dening test suites for non-deterministic machines (see for
example [3], [6], [5], [7], [8]) and shown that this problem
is computationally costly. This paper provides an automated
way to nd adaptive sequences that allow the tester to move
through a non-deterministic nite state machine in such a way
that always reaches a certain target state.
Next, we intuitively describe the main aspects of the problem that we solve in this paper.
An adaptive sequence (see for example [4], [9], [6]) is a tree
such that the unique edge that leaves its root will be labeled
by an input (to be applied to the ndFSM ), and it will reach
a state such that from this state outgoing edges labeled by
outputs (returned from the ndFSM ) will depart arriving at
one state each from where a new input will depart and so
on. Therefore, an adaptive sequence is applied by taking the
rst input and introducing it to the machine, observing the
output produced, reaching the node labeled with that output,
to next introduce the input that departs from that node. This
approach is intended to be used when a tester needs to move
the ndFSM to a certain state from a known starting point in
order to continue with the execution of a test, or to test a
specic property that arises from that target state.
In order to create this adaptive sequence we use the
evolutionary technique of Genetic Algorithms (GA), and we
propose a methodology for its evolution in the context of our
q0
q0
a
q0
1
q1
q0
2
1
q2
q1
2
q2
b/1
a
q2
s0
a/1
a/1
a/2
s1
b/1
b/1
s2
b
q1
q1
1
q2
a/1
Figure 1. An observable ndFSM (left) and two possible adaptive sequences,

one in which we try to univocally reach state s1 (center) and another in which
we try to univocally reach state s2 (right).
problem. GAs have shown a good performance in search and

optimization problems and there are a number of papers where
GAs are used in testing (e.g., [10], [11], [12], [13]). These
approaches usually represent the test data generation problem
as an optimization problem and use heuristics to generate test
cases.
We will study different evolution methodologies for our
proposed GA, in order to understand in which ways this
population is able to attain a higher level of adequacy towards
its environment. To do so, we run different experiments where
we will study whether it is better that the descendants inherit
the properties that led their ancestors to get a higher value
of adaptation or to randomly restart these values upon the
generation of a new candidate solution. Moreover, we will
also study what level of randomness in the choosing of the
next node to be added to the adaptive sequence is adequate.
To be able to enhance the comprehension of what a ndFSM
and an adaptive sequence are we will show in Figure 1 a
ndFSM (left) and two adaptive sequences, one reaching state
1 and another reaching state 2.
The rest of the paper is organized as follows. In Section II
we introduce some auxiliary notation. In Section III we will
explain the proposed methodology. In Section IV we will
show the results of our experiments. Finally in Section V we
will present our conclusions and mark future lines of research
concerning this issue.
II. P RELIMINARIES
In this section we introduce some notation and general
intuitions of the topics that will be used throughout the rest
of the paper.
We begin by reviewing the main features behind genetic
algorithms since they will be used along the paper.
Genetic algorithms [14] are a technique based on the laws
of natural evolution proposed by Darwin. Generally, these
algorithms codify a possible solution to a given problem in
the form of a DNA sequence of one of the candidate solutions
and then evolve the population to achieve an optimal solution.
The operators for any GA are reproduction of the population,
mutation of the genes and selection of the ttest. Mutation

allows the population to evolve towards a higher tness.
Maintaining several solutions in the genetic pool and mixing
them by using the reproduction operator helps to explore a
bigger part of the landscape of the solution and therefore avoid
local maxima, escaping stagnation.
Intuitively, the pseudo-code of a genetic algorithm follows
these steps:
1) Initialize the population.
2) while the stop criterion is not met do.
a) Judge the tness of the population using the heuristic.
b) Select the ttest specimens and restrict the number
of the population.
c) Reproduction of the population.
d) Mutate the specimens.
3) Present a solution.
There do exist several drawbacks to the use of genetic
algorithms. The biggest one is, of course, a proper denition
of the tness function. Since this is an approximation, one can
always argue that a better heuristic may exist. In general, we
can observe how important it is to have a heuristic landscape
without plateux to allow the population to evolve (see for
example [15]). Another of its problems is that these functions
should be relatively easy to compute in order to allow the
minimal time to elapse between two generations of the genetic
pool. This fact allows the system to have a bigger number
of generations, which takes us closer to nding an ideal
individual. Another of the problems is that there is no way
to know when to stop evolving the solution. This problem is
dependant on the specic problem, because there may be a
way to predict that we are not going to nd a better solution
than the one already present in the pool of candidate solutions.
Next, we present some denitions of the elements and
functions that will be used throughout the paper.
Denition 1: A non-deterministic observable nite state
machines (ndFSM from now on), is a mathematical representation of a system that has inputs and outputs and it is
composed of states and transitions between them. They are
represented through a tuple (S, I, O, s0 , st , T r) where:
S is a nite set of states.
I is the input alphabet.
O is the output alphabet.
st S is the target state.
T r is the set of transitions. A transition ti T r is a tuple
ti = (s1 , i, o, s2 ) where s1 , s2 S, i I, o O and it
i/o
s2 .
will be represented throughout the text by s1

We say that M is observable if there do not exist two
different transitions (s, x, y, s1 ) and (s, x, y, s2 ), with s1 = s2 .
Next, we dene d-reachibility. A state s is deterministically
reachable (see [3]), which is denoted by d-reachable, in the
context of a non-deterministic FSM when there exists an input
sequence that applied to the initial state can only return the
state we are looking for. Only a subset of the states are dreachable in a ndFSM . Our purpose is to use an adaptive
sequence that would allow to deterministically (univocally)
reach any state in the non-deterministic machine. This can
be achieved in two cases. One often appears when all the
leaves (end nodes) of the tree that forms the adaptive sequence
represent the target state of the ndFSM . The second case
arises when the tree is innite but every leaf that can be
reached after a nite sequence represents the target state. Of
course, since this perfect solution will seldomly appear, we
introduce the concept of a sequence d--reaching a state, being
the percentage of times that the adaptive sequence is able
to reach that target state.
We will dene a function such that given M =
(S, I, O, s0 , st , T r), computes the distance from every other
node to the target state by using Dijkstras shortest path
algorithm. The type of the function is dsMt : S IN {nil}
and it performs the following operations.
1) Create a graph G = (V, E), where V is the set of nodes
and E is the set of transitions, such that V will have
one element for each state contained in S. The set E
will have one transition for each transition contained in
T r with the peculiarity that it will be inverted, that is,
the end node will be switched with the start node. This
will create a graph that is an inversion of the original
machine M .
2) From the node in V representing the target node st S,
calculate the tree formed by the Dijkstra shortest path
algorithm, and store the distances to each node in dsMt .
Any node not appearing in this tree will have a value of
nil.
Let us note that the computational complexity associated
with this function is O(E + V log(V )).
We will next formally dene our adaptive sequences.
M
M
Denition 2: Given M = (S M , I, O, sM
0 , st , T r ),
=
an adaptive sequence for M is a tuple TM
(S, T r, s0 , SI , SO , SG , ) where:
S is the (possibly innite) set of states.
SI , SO and SG conform a partition of S, that is SI
SO SP = S and they are pairwise disjoint.
T r (SI I SO ) (SO O SI ) is the transition
relation.
is a function that maps the states from the adaptive
sequence to the states of ndFSM . : S S M such that
for all s, s , s S we have that s i s , s o s if
i/o
(s ).
and only if (s)
The transition relation and the sets of states fulll the following conditions:
SI is the set of input states. We have that s0 SI . For
all input state s SI there exist at most one outgoing
transition s i s T r. For this transition we have that
i I and s SO .
SO is the set of output states. For all output state s SO
we have that for all o O there exists a unique state
/ SO .
s such that s o s T r. In this case, s
Moreover, there do not exist i I and s S such that
i
s
s T r.
SG is the set of target states. In most cases this set will
be formed by a unique state. We say that these states are
terminal. That is, for all state s SG we have that there
do not exist a I O such that s a s T r.
We say that an adaptive input sequence is valid if the graph
induced by T r is a tree with root at the initial state s0 .

III. M ETHODOLOGY
One specic feature of our genetic algorithm is that it is not
based on a normal DNA bit sequence, but the DNA is itself
an adaptive sequence, that is, the DNA is a labeled tree.
We initially consider a population of 25 individuals. Each
individual has a parameter chosen at random between 0 and
0.5 that represents its tendency towards choosing a random or
a minimum distance node. This parameter does not evolve and
it is randomly selected at the creation of each individual. The
choice of these decisions was taken by following the results
of the comparisons between different GAs to be shown in
Section IV. Therefore, the denition of a candidate solution
of the population can be represented by a tuple in which, in
addition to the DNA and the tendency to choose randomly
new nodes (), we include its tness value, that is, cs =
(DN A, , value).
The mutation rate is set to one mutation, every generation
for each individual. Reproduction is done 10 times in each
generation, where two children per crossover are created.
The rst step for our algorithm, that will subsequently serve
us to compute the tness value of the individuals, is to compute
the distances from every state to the target state.
Note that computing an individual based in Dijkstras shortest path algoritm (a candidate solution that takes the shortest
path to the target) is not computationally costly, and this step,
according to our experimental results, increases the quality of
the population. We set one of the 25 candidate solutions of the
initial population to have the DNA formed by a shortest path to
the target. Through a similar reasoning, given that computing a
completely random individual is also made in linear time, and
that our experiments showed that most of the times random
outperformed the Dijkstra method, in each generation we add
a random individual to incorporate diversity into our genetic
pool.
We use two stop criterions. The rst one is that the population nds a perfect solution in which a 100% of the times
the target state is reached. If this is not achieved we will stop
the search after 500 seconds, although this time can of course
be increased with a subsequent improvement of the solution.
Next, we give more details about the algorithm that controls
our methodology.
A. Operators
We present here separately the three operators common to
every GA: mutation, reproduction and selection of the ttest.
1) Mutation: The mutation operator randomly either adds

or deletes an input/output tree to its DNA. In order to choose
which node to mutate, the algorithm randomly traverses the
DNA until we nd a state s S with no children. This
random traversal is done to choose a node in linear time.
Although it would be better to get all the end nodes of the
tree formed by the DNA, depending on the branching of the
ndFSM , this choice could produce an exponential explosion.
One positive outcome of our choice is that the DNA will
evolve by modifying the nodes that have a higher probability
of being the ones returned by applying the adaptive sequence
to the machine (nodes that are further away from the origin
are less likely to become the nal state). A drawback of this
method is that sometimes, mutation will try to mutate the target
node, in this case, no transformation is made to the DNA and.
therefore, mutation rate is lower than one for each generation
and for each individual.
If the chosen state is not the target state, mutation can
perform two operations, 50% of the times it will delete the
node and the rest of the times it will add a subtree to that
node. Since the node chosen will always belong to the set
SO , deleting it will cause the deletion of the chosen node, its
parent and all the children of its parent.
If, on the contrary, the algorithm chooses to add a subtree,
then it checks the subset of inputs available from (s) and
takes one of them. Depending on the parameter , some of
the times the node will be randomly chosen and the rest of the
times it will choose the closest node to the target. Therefore
mutation behaves like a hill-climbing algorithm, but it does
not always choose the same states in order to keep different
DNAs coexisting in the DNA pool.
Consider that the chosen input is i I and that the
algorithm adds a state s1 SO and a transition to T r
Figure 2.
Mutation operator.
Figure 3.
Crossover operator.
i/o
s i s1 , and for every transition sM

sM T rM ,

M
o
where sM S , adds states s2 SI and transitions
s1 o so2 .
In order to improve the efciency of the algorithm, in the
case that the creation of a subtree produces a node s such
that dsMt ((s )) = nil, meaning that there is no way to reach
the target node from s , the node is added to a special list
of nodes to be deleted in the next mutation, and the mutation
is preset for the next generation to automatically delete the
subtree that contains such node.
The mutation operator is graphically shown in Figure 2.
2) Reproduction: The methodology used to choose which
individuals to cross is roulette wheel selection, which adds
proportional probability of being chosen to the tness value
of an individual. Roulette wheel selection is a procedure where
individuals are added to a multiset, each is added a number of
times proportional to their tness value. Once the adding of
the candidate solutions is nished, one element is randomly
retrieved. In order to eliminate crossing over the same points,
and to produce two identical children, We decided to choose
the rst individual and then eliminate this candidate solution
from the roulette wheel before choosing the second individual.
In our setting crossover is complicated since we need to
nd a specic state in two DNAs that represent the same

state in the original specication. Therefore, this operation
randomly traverses the DNA of one of the candidate solutions
(the mother) and, for every state that it visits, makes another
random travel through the sequence of the father. In the case
of nding a non-initial state that is coincident through in the
set of states of M and such that the states belong to SI , then
it adds them to a set of possible crossover points. Later on,
it randomly chooses a state from that set of crossover points,
and exchanges the trees of both candidate solutions.
A graphical representation of this operator can be found in
Figure 3.
3) Selection of the ttest: In order to maintain the same
number of individuals in the population, after judging the
tness of each individual, the worst individuals are removed,
and the ttest one is passed to the next generation without
making any mutations to its DNA to be able to preserve the
best solution. This is usually referred in the literature as elitism
q0
B. Heuristic
Our tness function is given by a sampling method. We
use the DNAs of each candidate solution for a total of 100
iterations, and measure the number of times that we arrive
to the target state. This number of times is multiplied by a
coefcient to increase its relative importance. In our case
we have used = 100, this value should be equal to the
number of nodes (n), since the maximal distance from a node
to another is set by this limit, and doing so, we can be sure
that we are giving more importance to having the target node
in our adaptive sequence. In order to complete this heuristic,
every time that it ends up in a state that is not the target,
we subtract the distance from that state to the target from the
heuristic. Finally, if dsMt (s) = nil then we remove 50 points
(n/2) from the heuristic to penalize the choosing of that node.
Our GA creates adaptive sequences that either have all end
nodes as the target state, or it relegates them to a deeper part
of the tree. This provides a higher rate of success, since it
returns a bigger number of non-deterministic choices that takes
us to the goal state. Therefore, if we quantify the choices then,
probabilistically, we have a greater chance of arriving to the
target. In order to illustrate this, consider that we have Figure 4
where the ndFSM is depicted in the left, and in the right hand
side there are two possible adaptive sequences.
Our heuristic considers in a indirect manner, the size of the
graph, and the ratio of end nodes that are equivalent to the
searched state, and their relative position in the tree. Since the
heuristic measures the number of times that we hit the target
out of a hundred runs, we have a higher rate of success when
there are proportionally more end nodes that are the target and
when the end nodes are closer to the root. This is so because,
non-determinism probabilistically favors a shorter outcome.
One important fact to note is that our heuristic, since it
is a sampling method, does not give us an exact measure
of the number of times that our adaptive sequence reaches
the target. However, by taking a look at one of the graphs
(see for example Figure 7) we can observe that there exist
different amplitudes in the oscillation of the measure. Actually
the more consistent a measure is with the times measured
before, the higher rate of equal end nodes that our sequence
has. Therefore, the oscillation in the graph gives us an idea of
how close we are to having a perfect adaptive sequence (one
that will take us to the target each time).
IV. E XPERIMENTS
The implementation of our framework has been done in
Java JDK 1.6, with NetBeans as IDE. For the implementation we have used the graphic library from processing
(http://www.processing.org), together with the library traer
physics (http://www.cs.princeton.edu/traer/physics/) to help
ordering the states in the space, to represent the machines.
The executable application can be found in the address
http://www.carlosmolinero.com/reachState.zip.
We use for our experiments a randomly constructed
ndFSM s with one hundred nodes (that is, n = 100). In order
to make sure that it is connected we add a transition between
a
q0
1
q1
q0
a
q0
q0
1
a
q0
s0
a/0
a/1
s1
q1
q1
0
q0
a
q0
...
Figure 4. An observable ndFSM (left) in which we try to univocally reach

state s1 . And two possible adaptive sequences (center and right).
each node in a linear way (node si gets connected with node

si+1 ), and force a branching level of 3, which means that the
ndFSM makes 3n = 300 attempts to add random transitions
(in the case that the input and output is already present in
the state the transition is not added because the ndFSM is
observable). The set of inputs is I = {a, b} while the outputs
are O = {1, 2}.
We will use our rst experiment to narrate the differences
between our approach and other techniques. Experiment A is
represented through two charts, the rst chart, in Figure 7,
shows the tness values of the different methods, while the
second chart (Figure 8) represents the sizes of the adaptive
sequences.
As we can see in Figure 7, our GA performs better than the
rest of the methods, as it maximal representative (shown in
Figure 6) scores higher than any other method. Random is able
to reach very high levels of tness but never assuring it, and
Dijkstra is of a constant value since no updating of the adaptive
sequence is performed. The only method that is comparable
in quality to the GA is hillclimbing, but as we can see in
Figures 10 and 6, and in the chart given in Figure 8, the size
of the adaptive sequence created by the GA is much smaller
than the one created by hillclimbing. This characteristic not
only allows the GA to compute during more generations (the
size of the hillclimbing becomes unmanageable at some point)
but it also allows the GA to improve its tness value faster,
because having less nodes, allows that a small modication
of the tree notoriously improves it. Another thing that we can
observe in Figure 7, is that the oscillations in the value are also
an indirect effect of the size of the tree. They are produced
by the number of different nodes in the tree, together with the
measurement method of the tness value. Since a sampling
method is used, 100 executions return different nodes as the
end node, if all the end nodes of an adaptive sequence would
be equal, then no oscillation would be seen in the graph. Thus,
the smaller the adaptive sequence (for a given tness value)
the smaller that the oscillation will be, since the number of
1600
1200
SIZE
800
400

Experiment A, GA reaches the target 100% of the times.
end nodes equal to the target proportionally to the rest of the

end nodes, has to be larger. In Figure 5 we show the evolution
of the population from an initial step to its nal conguration.
Remember that the value of the tness function is based on
a sampling method. Therefore, even if it shows that the tness
value has reached a maximum, it does not mean that a perfect
solution has been found, but that all the times that the adaptive
sequence has run, it has reached the target.
Next we present a short explanation of the other methods
used to compare against our methodology. A random creation
of an adaptive sequence, a shortest path adaptive sequence
created using Dijkstras shortest path algorithm, and a hillcimbling approach.
A. Comparison against other techniques
In this section we present a number of techniques that will
be used to give the reader an idea of the relative quality of
the GA methodology presented in this paper.
1) Random: It creates an adaptive sequence by mutating a
random number of times, based in the number of states, with

******** **** **** ***** ********

***************
*** ****** ** ****** ********* ************

0
100
TIME (s)
Figure 8.
Figure 6.

********** ****** ** ****** ****

******* *** ***** **** *************

*********** **********

*** **** *****

** ******* ** ***
***
** * *
* ********* *
****************
** ** * **
* * **
* **
* * **
**
*** **

*
**
*
**
*
**
*
**
**
*
*
*
*

**

**
*** * ** **
*
**
*

Figure 5. Evolution of the whole population of the GA. An initial stage

(left) and the nal conguration (right).
Figure 9.

200

300
400
RANDOM
DIJKSTRA
HILLCLIMBING
* * GA
Graph representing the sizes in experiment A.
Experiment A, dijkstra reaches the target only 1% of the times.
= 0. The mutation operator for random only adds a tree,

never deletes.
2) Dijkstra: The Dijkstra individual is created by traversing
the non-deterministic FSM from the origin to the target, in
the fastest way possible using the Dijkstras shortest path
algorithm. An example of this is shown in Figure 9.
3) Hillclimbing: Hillclimbing as well as the GA, uses
Dijkstras individual as a starting point. From there on it
checks all the end nodes of the tree, chooses one of those
nodes and tries to add a subtree. If adding the subtree does
not improve the tness value, then it chooses another node
and performs the same operation. Since trying to check all
the possibilities can be exponential, the algorithm passes to
the next generation when it nds a new conguration that is
better than the last one. We can see an example of the adaptive
sequence created by hillclimbing in Figure 10.
Next, we comment on the results of our experiments. The
table shown in Figure 11 clearly shows that the level of
achievement of the GA is high in most cases. On average
it reaches the target state 83.18% of the times, although some
non-deterministic machines proved to be too complex to nd
a solution by any methodology (see experiment number 5 or
even 17). The image of the center of Figure 11, shows that
our technique had a good level of coverage, and outperforms
in almost any case the rest of the methodologies, it is usu-
* *********************************************************************************************************************************************************
**** * * * * *** *
* ** ******* ***********
*
** *

** * *
* ** * *** **

******** * ***** *************** *********

** * * * **
*

*

*

*

8000

4000
FITNESS VALUE
2000
0
*

** *
******* *
*

* *

* *

*

*

*

*
*

** *
** ** *** *

*

6000

2000

100

200

300

400

4000
TIME (s)

Figure 7.
Figure 11.
RANDOM
DIJKSTRA
HILLCLIMBING
* GA

Graph representing the tness value of the different individuals in experiment A.
Representation of the 20 experiments. Experimental results (left), tness values (center) and sizes of the resulting adaptive sequences (right).
ally dependant on the quality of the Dijkstra individual, but

examples like 1,2,4, and 9 defy this proposition, since it was
the random individual the one that helped the GA to nd a
solution. This was because the Dijkstra path contained a high
level of branching, and this fact probably opened up paths that
led to nodes with no connection to the target node, while there
was a path that was not the shortest but had less branching.
Therefore, the GA probably deleted the Dijkstra solution and
continued randomly. This capacity to use the best of both
worlds, including the Dijkstra individual as part of the starting
population and the use of randomness to go through the search
space and look for alternative paths is what makes the GA
more consistent, and able to nd a good solution through any
ndFSM . We can also see, that in one of the experiments,

number 10, the GA was able to nd a good solution, even
though the random and Dijkstra individuals scored poorly.
In the vast majority of our experiments, hillclimbing was
able to nd a solution, on average 71.37% of the times, 12%
under the results of the GA, and even in some experiments
(number 5, 8 and 16) the hillclimbing method ranks slightly
better than the GA. We might therefore think that the hillclimbing solution is as valid as the one produced by the GA
but as we can see on the right hand side of Figure 11, the
size of the hillclimbing solution is considerably larger than
the one of the GA, which makes it less worthy. Note that this
methodology was also highly dependent on the capability of
V. C ONCLUSIONS AND FUTURE WORK
Figure 10. Experiment A, hillclimbing reaches the target 70% of the times.
1
81.16
55.46
69.53
68.89
80.54
0
83.38
44.67
65.70
78.36
86.07
0.5
81.49
47.01
63.46
75.22
82.08
(0-0.5)
96.89
57.45
72.19
80.65
82.48
Comparison
tness value (%)
(0-1) (0.5-1)
60.68 76.90
44.09 44.03
67.54 65.32
75.50 75.11
81.69 82.48
(0-0.5)m
54.55
48.18
70.39
78.49
82.12
(0-1)m
70.89
59.65
68.47
77.10
80.06
(0.5-1)m
79.1
48.56
70.33
70.50
88.12
Figure 12. Table comparing several GAs with different random coefcients
and populations (labeled with m) in which this coefcient was hereditary.
the Dijkstra individual to nd a solution, and in some cases

(see experiment number 9) in which the shortest path led to
high levels of branching, the hillclimbing method was not able
to nd an optimal solution.
In order to be able to study the effect of either choosing
randomly a node or choosing the best node, we have run
several experiments in which we tested different degrees of
randomness. The populations were initialized with the values
of 1, 0 or 0.5, we also added populations with coefcients in
the ranges (0-0.5), (0-1), (0.5-1). Finally, in order to be able to
discern which mechanism was better to obtain this coefcient
in a new individual, we decided to also test some versions in
which the coefcient was not randomly started when a new
children was created, but it was a hereditary characteristic,
these populations are labeled with a m (mixed). The results
shown in Figure 12 indicate that in most cases the best
population, and generally the one that had a good outcome in
the cases that was not the best (the most consistent population),
was the one initialized with the range of (0-0.5) and that did
not used the hereditary mechanism. This is because having
a mostly random population allows to explore a bigger part
of the landscape of the solution, this, added to keeping some
individuals choosing sometimes the closest node to the target,
allows the GA to nd a correct solution. Moreover, it also
helps the GA, since reproduction will be more useful when
crossing complete different individuals, like the ones that will
be formed by continuously taking random choices.
We have created an evolutionary approach based on genetic

algorithms, to solve an important problem in the world of testing. We have compared our methodology with other reasonable
approaches, and experimental results showed that our approach
is the most consistent and the one that found the best solution
in most of the cases (specically, out of 20 runs, there were 2
cases in which both methodologies found a perfect solution,
in 15 cases GA outperformed the hillclimbing algorithm and
in 3 cases, it was the hillclimbing methodology the one that
found the best solution). We envisage several paths for future
development. One of them would be to experiment on whether
using a GA, in which islands of different populations will
separately search from a different initial state, and we will
consider sub-target states or use different random coefcients
and then mix the best individuals from each solution. Another
line for future work will be directing mutation towards modifying the subtree with less tness value. Finally it is necessary
to test different types of non-deterministic machines, in order
to decide in which cases the GA methodology performs better.
R EFERENCES
[1] G. Myers, The Art of Software Testing, 2nd ed. John Wiley and Sons,
2004.
[2] P. Ammann and J. Offutt, Introduction to Software Testing. Cambridge
University Press, 2008.
[3] A. Petrenko, N. Yevtushenko, and G. v. Bochmann, Testing deterministic implementations from their nondeterministic FSM specications, in
9th IFIP Workshop on Testing of Communicating Systems, IWTCS96.
Chapman & Hall, 1996, pp. 125140.
[4] R. Hierons, Testing from a non-deterministic nite state machine using
adaptive state counting, IEEE Transactions on Computers, vol. 53,
no. 10, pp. 13301342, 2004.
[5] F. Ipate, Testing against a non-controllable stream X-machine using
state counting, Theoretical Computer Science, vol. 353, no. 1, pp. 291
316, 2006.
[6] R. Alur, C. Courcoubetis, and M. Yannakakis, Distinguishing tests for
nondeterministic and probabilistic machines, in 27th ACM Symp. on
Theory of Computing, STOC95. ACM Press, 1995, pp. 363372.
[7] R. Hierons, Adaptive testing of a deterministic implementation against
a nondeterministic nite state machine, The computer Journal, Oxford
Journals, vol. 41, no. 5, pp. 349355, 2008.
[8] , Reaching and distinguishing states of distributed systems, SIAM
Journal on Computing, vol. 39, no. 8, pp. 34803500, 2010.
[9] M. Gromov, N. Yevtushenko, and A. Kolomeets, On the synthesis of
adaptive tests for nondeterministic nite state machines, Programming
and Computer Software, vol. 34, pp. 322329, 2008.
[10] M.Harman and P.McMinn, A theoretical and empirical study of searchbased testing: Local, global, and hybrid search, IEEE Transactions on
Software Engineering, vol. 36, no. 2, pp. 226247, 2010.
[11] D. Fatiregun, M. Harman, and R. M. Hierons, Evolving transformation
sequences using genetic algorithms, in 4th IEEE Int. Workshop on
Source Code Analysis and Manipulation, SCAM04. IEEE Computer
Society Press, 2004, pp. 6574.
[12] Q. Guo, R. M. Hierons, M. Harman, and K. Derderian, Computing
unique input/ouput sequences using genetic algorithms, in 3rd Int.
Workshop on Formal Approaches to Software Testing, FATES03, LNCS
2931. Springer, 2004, pp. 169184.
[13] K. Derderian, R. Hierons, M. Harman, and Q. Guo, Automated Unique
Input Output sequence generation for conformance testing of FSMs,
Computer Journal, vol. 49, no. 3, pp. 331344, 2006.
[14] D. Goldberg, Genetic Algorithms in Search, Optimisation and Machine
Learning. Addison-Wesley, 1989.
[15] P. McMinn, Search-based software test data generation: a survey,
Software Testing Verication and Reliability, vol. 14, no. 2, pp. 105
156, 2004.
Experimental Comparison of Different Techniques to

Generate Adaptive Sequences
Carlos Molinero1, Manuel Nez1 and Robert M. Hierons2
1
Departamento de Sistemas Informticos y Computacin,

Universidad Complutense de Madrid, Madrid, Spain,
molinero@fdi.ucm.es, mn@sip.ucm.es
Department of Information Systems and Computing, Brunel University
Uxbridge, Middlesex, UB8 3PH United Kingdom,
rob.hierons@brunel.ac.uk
Abstract. The focus of this paper is to present the results of a set of experiments
regarding the construction of an adaptive sequence by a genetic algorithm and
other techniques in order to reach a goal state in a non-deterministic nite state
machine.
1 Introduction
Testing ([6,2]) is one of the most important tasks to be undertaken in software engineering. Its development and application covers a high percentage of the total cost of
development in any process of software engineering.
Reaching a specic state is a fundamental part of the testing process because it
allows the tester to move the implementation to that state and continue the testing of a
certain part of a system, such as a specic component of an embedded system. In the
case that the tester is confronted with a non-deterministic nite state machine (from
now on ndFSM ) this problem belongs to the EXPTIME complete category. Therefore,
heuristic methods are used to present a solution.
A non-deterministic nite state machine is, informally, a set of states and labeled
transitions with pairs input/output, the characteristic that makes it non-deterministic is
that from the same state there can be several transitions labeled with the same input. We
restrict our work to observable ndFSMs, that is, to machines in which two transitions
departing from the same state cannot have the same combination of input/output.
Adaptive sequences [4,3,1] is a method used to reach a state in a non-deterministic
setting. An adaptive sequence is a tree such that the unique edge that leaves its root will
be labeled by an input (to be applied to the ndFSM ), and it will reach a state such that
from this state outgoing edges labeled by outputs (returned from the ndFSM ) arrives
at one state each from where a new input will depart and so on.
We have presented in a previous work [5], the use of a genetic algorithm to create
an adaptive sequence to reach deterministically a goal state in a ndFSM . The interested
Research partially supported by the Spanish MICINN project TESIS (TIN2009- 14312-C0201), the UK EPSRC project Testing of Probabilistic and Stochastic Systems (EP/G032572/1),
and the UCM-BSCH programme to fund research groups (GR58/08 - group number 910606).
reader is referred to the aforementioned paper for a more complete understanding of our
approach, detailed explanations of the evolution of our GA and a formal denition of the
elements present in the system. The goal of this paper is to present a set of experiments
regarding the achievement of our genetic algorithm and some other techniques to an
extent in which we can assure its validity.
The rest of the paper is organized as follows. In Section 2 we summarize the main
aspect of the evolution of our GA. In Section 3 we show the results of our experiments
and in Section 4 we present our conclusions.
2 Description of our GA
In this section we summarize the main concepts behind the evolution of our genetic
algorithm. A more detailed description can be found in the aforementioned paper [5].
The inhabitants from the population create, based on their random coefcients, a
new adaptive sequence which is their DNA.
This DNA is mutated once every generation, the way this is achieved is by traversing
randomly the adaptive sequence and when the algorithm nds a node with no children
then it adds a subtree to the adaptive sequence, or deletes the subtree to which the node
belongs to (each with a 50% probability). The positive point about using this method to
select a node is that it has a similar probability of being chosen as when executing the
ndFSM . This allows to always modify the nodes that inuence in a greater extent the
overall functioning of the adaptive sequence.
Crossover is done by selecting the individuals with a higher heuristic value through
roullete wheel selection and then traversing randomly both instances to try to nd a node
that represents the same node in the ndFSM . If this node is found then the algorithm
exchanges the subtree of both adaptive sequences and creates two children that are
added to the population. If no node is found following this procedure, then no crossover
is performed.
In the beginning of the next generation, all the specimens are judged by a sampling
procedure (running 100 times its adaptive sequence), and the algorithm performs a selection of the ttest, maintaining a constant number in the population by eliminating
those individuals with the worst heuristic value. The selection of the ttest is an elitist
selection, which means that the best individual from the last generation is copied directly into the next one without any mutation or crossover, to make sure that the GA
does not lose the best solution found until that moment.
3 Experimental comparison
The number of experiments that we have conducted was established by taking into account the amplitude of the oscillation in the averaged heuristic values of the runs of
different GAs against a series of ndFSMs. This value tends to stabilize around 50 experiments. This is one of the main motivations for having extended our experimental
setup with respect to our previous work, since, before, we only performed 20 experiments and, as one can see in Figure 1, the value uctuates at that point greatly.
Fig. 1. Evolution of the average heuristic values for several techniques, including various kinds
of GAs. The hillclimbing methodology appears in dotted lines.
We were also able to increase the speed of the algorithm, which has led to a modication in the heuristic values and of the total size of the resulting specimens.
3.1 Description of the experimentation
The experiments were run in a Intel Core2 Duo CPU T7300 at 2.00GHz with 2 GB of
RAM.
The different techniques were given separate runs of 200 seconds each to nd a solution. The GA was started with a population of 50 individuals, a crossover rate of 25
(half of the population was reproducing and producing new offspring), and a mutation
rate of 1 (each individual was mutated once every generation). The highest individual was transferred into the next generation following the normal procedure for elitist
evolution.
The hillclimbing specimen mutates as many times as it needs in order to nd an
specimen with a higher value and then continue its evolution, adding new nodes to its
adaptive sequence.
The dijkstra individual is initiated once. In order to do so, rst the Dijkstras shortest
path algorithm is ran in the ndFSM in order to calculate the distance from each state to
the goal state. The algorithm as is proposed in this paper starts by creating a graph that
i/o
is an inverted copy of the ndFSM , that is, a graph in which for a transition si
sj
existing in the ndFSM there exist one transition sj
si in the inverted graph. Then
we use the goal state as the initial state and calculate Dijkstras shortest path algorithm.
The random individual mutates a random number of times between 0 and the total
number of states in the ndFSM .
The heuristic that is used is the same for every type of evolution present in the
system. The adaptive sequence of each specimen is used a hundred times to run the
ndFSM , then the ndFSM returns its current state and we apply add of n (where n is
the number of states), if it is the goal state, we subtract n/2 if it is a node from where the
goal is unreachable, or subtract the value of its distance to the goal in any other case.
Since the adaptive sequence is applied a hundred times, the total amount of heuristic
value that an individual can have is 10000 points, that is considered being 100% t,
which means that every reachable end node of its adaptive sequence is the goal state.
A drawback of this heuristic method is that using a sampling rating method, creates a
uctuation in the values for the same adaptive sequence, which makes evolution more
complicated.
3.2 Comparison between GAs
The rst set of experiments are focused on comparing different GAs, with different
random coefcients, and that traverse the ndFSM in a distinctive manner (the results
from the experiments are shown in Figure 2). The random coefcient is a number that
expresses how likely the GA will mutate using the shortest distance to the goal state.
A random coefcient of 0 will behave randomly, and a coefcient of 1 will traverse the
ndFSM using the minimum distance, between these values, the specimen will choose
some times at random and sometimes the closest node to the goal.
There are three ways of selecting the random coefcient for a new specimen. The
rst one is that every specimen in the population has a steady coefcient, for example
in GA 0.5 the whole population has 0.5 as its coefcient. The second manner is that it
is started randomly from an interval, which is for example the case for GA (0-0.5). And
the third approach consist in a hereditary option, in which it is the average of its parents
with a small amount of random added, which will be the case for GA (0-1)m. Every
population labeled with an m (mixed) behaves in this last manner.
The population that achieved better results was the one started in the range of (01)
with the hereditary coefcient (GA (0-1)m). This population created, in average, adaptive sequences that reached 70.32% of the times the goal state, and obtained the lowest
average distance
with respect to the maximum achieved by any other method ( = 9.41,
n
(xi max{11 techniquej }i )2
j=0
i=0
where =
). This behaves as expected since this
n
population tries every possible random coefcient value and, depending on the conguration of the ndFSM (how much non-determinism contains, how much branching
towards the goal following the shortest path) the individuals with highest results pass
their conguration to their offspring. The second best population is the one started in the
range (0-0.5), this is the population that appeared to behave best in the few experiments
that we presented in our previous paper.
The overall values are lower than in Section 3.3 because given the high number of
populations, we restricted highly the time that we allowed the populations to evolve.
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
x
1
93.86
54.47
84.38
56.35
71.88
58.98
84.54
41.81
75.16
45.66
37.42
70.06
32.8
68.17
81.42
73.17
91.77
49.78
56.06
34.66
76.68
96.89
75.86
100.0
15.22
31.68
66.05
80.33
94.74
50.88
92.7
59.04
76.79
87.69
75.04
75.13
25.43
63.92
100.0
42.03
63.9
100.0
57.66
59.53
50.08
43.0
55.69
100.0
91.68
64.2
71.01
75.34
91.7
87.52
76.2
67.7
56.52
54.1
66.55
74.69
55.95
86.48
60.0
33.02
67.05
12.61
0
92.77
42.05
43.95
52.47
71.91
59.41
92.78
59.18
93.38
48.21
42.52
59.52
35.45
59.0
79.46
65.68
96.93
54.23
59.24
39.88
79.94
97.94
97.94
100.0
14.3
31.88
71.37
64.73
91.75
47.65
90.64
61.49
67.46
79.42
80.73
56.26
28.58
60.53
86.49
48.09
76.38
100.0
66.83
54.29
51.91
39.63
64.75
100.0
93.8
61.01
56.26
74.22
76.8
82.2
61.8
65.53
61.6
36.59
58.43
64.15
49.47
80.08
43.24
20.77
64.76
15.25
0.5
93.85
50.09
74.3
51.35
80.17
56.27
86.11
60.58
70.02
47.12
47.91
46.87
42.12
49.87
75.17
81.31
88.7
44.37
53.38
31.36
76.95
93.76
100.0
100.0
19.72
34.59
73.07
79.23
94.72
44.58
91.65
56.16
86.4
81.57
72.69
58.42
30.52
63.42
100.0
37.8
80.41
100.0
63.96
59.53
51.29
36.09
63.74
100.0
93.8
67.49
56.72
89.7
86.55
80.06
72.98
67.71
57.58
53.28
59.45
70.35
55.47
86.48
43.35
27.09
66.39
13.61
(0-0.5)
88.6
51.5
64.62
53.57
85.38
56.29
90.73
39.64
85.5
65.26
44.68
52.12
59.73
71.18
86.54
63.52
100.0
56.12
61.2
45.75
86.34
94.84
100.0
100.0
20.84
39.65
72.77
74.24
92.66
55.89
85.41
52.56
54.64
89.7
65.61
64.52
30.72
59.46
100.0
46.55
71.12
100.0
54.41
57.81
44.86
41.25
56.68
100.0
94.82
62.89
75.15
92.85
89.62
78.14
59.72
66.52
58.02
59.99
60.44
76.8
50.53
85.45
57.56
25.49
67.63
12.69
Comparison
HEURISTIC VALUE (%)
(0-1) (0.5-1) (0-0.5)m (0-1)m
100.0 92.75 91.75
93.81
48.94 50.15 43.93
57.67
56.42 74.95 51.3
50.78
54.69 52.61 39.0
55.76
81.99 69.69 78.01
81.19
63.6 56.78 61.15
64.33
79.2 84.37 87.54
93.8
64.67 30.83 51.9
52.15
100.0 85.58 97.92
83.45
51.02 53.34 37.49
64.03
41.64 39.89 35.29
39.92
50.17 49.29 54.47
65.79
38.1 37.45 44.29
40.98
87.7 59.99 81.48
75.41
83.45 82.45 78.1
82.37
83.88 75.22 72.05
81.32
100.0 100.0 98.97
92.85
58.05 42.61 56.14
61.62
59.96 46.76 56.68
58.77
35.66 29.49 37.51
37.56
83.33 83.33 82.1
79.97
73.08 94.79 72.16
100.0
100.0 97.93 98.94
100.0
100.0 100.0 100.0
100.0
17.3 16.74 22.49
20.61
28.52 31.39 30.63
41.11
65.65 78.09 66.09
65.78
65.77 65.35 69.84
86.1
74.7 86.89 90.52
94.77
61.25 55.89 62.37
68.11
90.68 89.69 88.55
94.86
54.13 53.13 51.1
63.15
74.84 55.88 54.49
74.41
83.14 85.16 80.4
87.65
62.63 78.16 61.37
85.42
71.79 62.66 47.79
93.84
24.53 23.33 33.51
37.83
62.39 64.29 67.14
66.67
100.0 97.94 100.0
100.0
37.08 34.6 38.32
49.86
75.27 78.35 72.15
77.22
100.0 100.0 100.0
100.0
57.37 53.5 66.21
63.64
61.82 53.09 51.02
61.69
49.93 47.22 45.82
46.78
40.73 29.9 36.7
34.71
62.8 64.85 68.89
61.65
100.0 100.0 100.0
100.0
92.77 92.83 91.3
92.74
61.9 64.33 63.78
64.91
63.64 60.47 55.54
63.88
95.91 73.03 73.12
94.87
86.54 83.42 75.63
92.8
77.86 76.96 79.58
86.39
75.09 70.12 73.09
81.37
68.17 63.55 60.4
54.23
69.91 53.2 73.93
62.67
51.13 33.67 62.2
60.22
60.46 56.34 55.25
62.25
74.75 63.11 70.67
66.34
52.75 50.6 44.29
51.8
81.15 79.0 83.03
87.17
60.84 53.73 59.4
64.92
22.72 14.16 26.32
24.4
67.4 63.83 65.02
70.32
12.74 15.69 15.29
9.41
(0.5-1)m
87.71
52.16
49.46
50.65
77.05
54.11
79.29
61.57
77.74
58.78
38.08
58.47
31.24
48.3
73.88
76.28
100.0
52.7
54.78
33.95
82.2
95.84
100.0
100.0
12.41
23.06
70.42
78.13
91.64
51.91
89.58
55.32
53.83
84.15
52.11
51.51
26.62
59.75
93.75
49.79
72.2
100.0
63.74
66.75
52.01
32.36
48.44
100.0
92.7
67.53
64.35
72.19
89.63
89.6
63.79
63.48
61.52
49.14
59.36
78.87
45.05
89.59
55.56
27.98
64.75
15.99
HC
97.92
70.13
64.2
54.63
66.68
76.4
52.35
22.07
53.04
56.15
24.82
45.29
37.73
82.52
81.44
83.52
82.45
54.36
58.73
21.91
59.36
67.08
87.55
100.0
28.03
49.36
81.97
79.57
100.0
68.44
100.0
80.33
77.3
95.9
56.92
59.71
45.9
76.22
100.0
49.1
87.68
74.45
73.28
64.78
56.59
49.33
73.31
100.0
98.97
78.71
75.99
76.94
96.45
89.6
73.85
60.2
61.43
44.82
70.68
82.88
37.38
92.82
32.13
12.95
67.41
16.15
RD
67.86
27.23
21.0
31.43
64.56
27.57
55.84
19.34
64.83
29.27
21.93
25.19
22.71
30.83
65.67
44.19
100.0
23.23
32.8
18.4
62.13
39.94
69.59
100.0
5.61
10.25
44.25
48.22
75.25
39.0
58.54
42.71
40.29
71.28
34.73
33.62
8.35
35.57
100.0
12.55
41.44
100.0
37.7
38.42
29.83
18.3
44.74
82.53
85.54
38.62
42.08
48.37
52.58
65.62
51.35
42.78
35.57
23.62
38.33
26.74
30.43
67.44
36.29
10.56
43.98
35.95
DJ
53.5
18.05
17.34
-4.56
15.25
24.8
31.36
-13.26
19.57
4.95
6.25
-7.81
18.28
15.14
63.95
31.75
63.25
-2.32
15.07
-14.39
17.82
-1.02
59.05
100.0
-9.54
-18.26
15.1
20.68
52.0
12.19
64.3
24.85
21.25
47.5
-8.45
4.5
21.73
17.38
12.78
-21.52
34.3
19.41
35.52
27.12
21.52
20.2
36.77
66.01
63.6
33.85
-0.1
34.48
36.76
64.64
7.66
33.74
38.05
-9.34
5.35
35.1
35.23
63.6
-10.08
-4.58
23.08
57.69
Fig. 2. Heuristic values of the comparisons between different GA methodologies, hillclimbing,

random and dijkstra. Graphical representation of the heuristic values (upper right) and difference
of the best GA and hillclimbing (GA-HC) (lower right).
3.3 Results of the main techniques

Next, we will present and comment, the experiments conducted by applying the adaptive sequences, obtained by the main techniques, to ndFSMs of different sizes and
connection rates.
The connection rate species a maximum number of transitions, for example in
a ndFSM with a hundred states and a connection level of 3 the average number of
transitions is 255 and in a ndFSM with ve hundred states and a connection level of 3
the average number of transitions is 1280.
The experiments were run against ndFSMs of 100, 500 and 1000 states, and two
connection levels 3 and 4. The results for the connection level 4 are shown in Figure 3 and the results from connection level 3 can be found under http://www.
carlosmolinero.com/GAforAdapSeq.htm.
As we can see by taking a look at the averages (
x) and the average distances to the
maximum (), GA outperforms the rest of the methodologies. The value of the average
of the heuristic value (
x) depends highly on the number of states, and in a lower percentage in the connection rate. In fact, as expected, the higher the number of states and
therefore, of transitions, and the higher connection level (which also inuences in the
number of transitions) the more difcult it becomes to nd a valid adaptive sequence.
On the other hand, the distance to the maximum () remains a quasi-constant value for
each methodology no matter the ndFSM that it is applied to. The lower is, the larger
the number of times that the technique achieved the maximal heuristic value, it also
represents the difference in heuristic value that the technique had when it was not the
highest. For our GA = 3.1 in average (this average is computed taking into account
all the experiments performed) while the hillclimbing method had = 11.08.
After performing some scatter plots of the relationships between the heuristic values of the techniques, we realized that GA and hillclimbing has a positive correlation
with the random heuristic value. In the case of the GA that uses the random method
and the dijkstra method as specimens inside its population this was expected, but the
hillclimbing methodology never uses the random specimen, or a random approach, still
they have a correlation. In the case of hillclimbing the trendline is dened by the equation heurVal (random) 1.3 + 10 and in the case of GA the trendline responds to the
equation heurVal(random) 1.3 + 15. This scatter plots are presented in Figure 4.
Another thing that we can observe in the scatter plots, is that although hillclimbing
and GA behaved proportionally, the samples that are away from the trendline behave
differently, which is one of the factors that impact on its relative tness. In the case of
hillclimbing, those samples away from the trendline behave worst than expected (they
fall mostly in the right lower sector from the trendline) while in the GA they behave
better than expected (the locate in the upper left sector from the trendline)
4 Conclusions and future work

We have presented in this paper a series of experiments undertaken in the context of our
previous work [5]. The purpose of these experiments is to test whether a evolutionary
methodology composed of genetic algorithms is able to nd adaptive sequences that
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
x
Comparison
HEURISTIC VALUE (%)
GA HC RD DJ
GA
94.85 89.22 79.87 52.0 1158.0
87.44 92.82 59.1 36.16 1696.0
100.0 97.94 81.46 -0.26 12469.0
83.38 74.29 50.4 22.02 33972.0
97.95 96.44 82.92 32.08 789.0
97.93 87.26 49.81 -13.12 2996.0
59.24 51.45 32.88 10.92 2088.0
67.89 71.29 36.51 21.62 4990.0
91.73 98.98 65.39 24.08 1465.0
40.86 31.24 15.76 -11.77 40213.0
23.6 30.72 2.76 -16.14 1771.0
98.97 92.34 64.89 39.03 2295.0
57.85 57.37 40.66 35.69 6214.0
100.0 100.0 73.03 39.54 1205.0
63.37 58.5 19.71 6.82 5249.0
35.25 34.16 12.26 -17.09 4857.0
83.97 73.82 50.8 18.57 29354.0
100.0 85.04 75.24 12.1 931.0
95.82 73.63 41.17 3.25 17124.0
65.73 61.16 43.14 -2.14 24934.0
88.48 89.72 56.17 34.7 20182.0
79.35 77.47 41.91 3.48 6162.0
75.01 77.92 53.88 40.15 5688.0
82.26 75.76 62.67 35.56 54952.0
75.11 47.01 34.81 12.12 4207.0
76.07 70.59 42.27 15.71 4038.0
82.32 68.43 53.03 38.08 3796.0
72.08 51.55 37.13 10.82 59619.0
48.14 51.8 20.74 4.94 1331.0
55.1 44.85 25.88 20.33 12127.0
87.51 58.42 23.33 6.67 3637.0
82.21 77.67 52.99 -1.7
1359.0
69.86 62.48 26.7 4.8
23292.0
46.53 46.33 11.16 -13.8 6481.0
80.07 44.61 30.25 20.18 43219.0
73.05 69.37 45.39 -17.26 40626.0
90.75 79.53 49.21 7.35 6071.0
92.76 64.74 43.57 9.16 35659.0
100.0 100.0 90.7 36.4 1129.0
100.0 100.0 76.96 15.51 1328.0
100.0 100.0 100.0 64.64 1428.0
100.0 86.66 54.44 36.41 2182.0
100.0 85.6 75.19 20.21 2433.0
94.83 91.75 70.64 38.45 5342.0
95.88 83.21 55.83 21.61 32788.0
40.5 23.55 7.06 -23.96 3610.0
71.16 60.95 41.44 22.27 12694.0
73.39 82.49 38.43 21.34 1624.0
98.97 95.9 76.42 64.64 4848.0
89.53 64.41 48.12 -13.07 2116.0
79.34 71.81 48.48 16.58 11994.8
2.24 12.31 33.74 66.26 -
SIZES
HC
RD
8160.0 261.0
6948.0 265.0
2642.0 233.0
1214.0 257.0
7759.0 263.0
6723.0 266.0
7016.0 268.0
5223.0 265.0
7309.0 271.0
1244.0 277.0
7288.0 272.0
6196.0 265.0
5310.0 266.0
6775.0 260.0
3943.0 266.0
5221.0 271.0
1972.0 269.0
7769.0 276.0
2686.0 265.0
1902.0 267.0
2150.0 263.0
4523.0 267.0
5844.0 280.0
1003.0 262.0
5519.0 273.0
4839.0 267.0
5571.0 261.0
992.0 266.0
7590.0 271.0
4924.0 272.0
5668.0 278.0
7236.0 266.0
1848.0 267.0
4422.0 278.0
1286.0 272.0
1226.0 248.0
4404.0 269.0
1163.0 271.0
6709.0 257.0
7465.0 268.0
8079.0 263.0
6727.0 263.0
7034.0 269.0
5580.0 259.0
1839.0 264.0
6644.0 281.0
3254.0 276.0
7011.0 271.0
4201.0 252.0
6574.0 261.0
4892.5 266.4
-
DJ
2.0
9.0
8.0
8.0
9.0
15.0
17.0
10.0
12.0
14.0
20.0
9.0
13.0
11.0
15.0
17.0
10.0
12.0
10.0
25.0
13.0
12.0
7.0
9.0
10.0
12.0
7.0
11.0
13.0
12.0
14.0
13.0
14.0
16.0
12.0
11.0
15.0
8.0
9.0
10.0
6.0
7.0
10.0
11.0
10.0
24.0
10.0
12.0
4.0
14.0
11.7
-
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
x
Comparison
HEURISTIC VALUE (%)
GA HC RD DJ
GA
57.97 59.38 39.67 39.75 2335.0
82.1 63.45 40.85 1.69 1135.0
45.6 40.47 22.74 -13.97 1851.0
40.58 43.98 16.99 -4.04 2210.0
73.59 76.19 51.13 -4.71 983.0
57.77 51.24 30.36 15.48 1202.0
54.73 42.91 27.95 11.76 1363.0
45.79 45.04 23.67 -7.88 1219.0
70.33 80.09 43.12 36.26 1872.0
48.03 54.49 36.51 37.62 1278.0
36.16 44.48 19.6 5.86 1315.0
29.04 33.27 15.69 -15.87 1311.0
41.36 32.48 28.45 18.27 1356.0
82.3 83.52 67.31 21.91 867.0
49.56 41.1 24.14 -8.33 2660.0
45.54 54.21 31.72 17.2 2360.0
21.33 19.89 5.21 -17.45 1746.0
84.3 86.47 66.66 10.6 1133.0
63.36 70.87 39.84 42.09 1300.0
49.74 24.62 17.65 -8.0
2418.0
62.79 36.93 29.67 -12.25 929.0
55.35 37.5 34.99 11.64 12114.0
61.44 59.83 37.25 11.56 2288.0
55.72 49.96 32.73 22.82 1317.0
81.24 82.93 69.26 68.5 1053.0
41.72 50.61 25.06 2.82 1130.0
63.26 72.46 43.89 12.28 784.0
86.4 85.42 71.96 67.45 707.0
44.3 41.73 27.69 -0.04 1183.0
70.44 58.64 32.06 10.43 3888.0
82.04 66.02 67.91 5.21 955.0
40.02 27.37 19.3 -9.84 892.0
17.6 14.39 0.84 -16.62 1028.0
36.19 22.5 20.29 3.64 1652.0
32.36 35.66 19.81 19.14 1204.0
35.85 30.34 16.57 4.96 1159.0
35.54 35.81 16.48 10.64 1143.0
74.8 84.39 51.48 36.65 1753.0
57.39 56.07 35.28 22.2 2470.0
46.02 32.06 31.15 -12.67 1457.0
53.61 27.24 28.52 -17.42 12179.0
53.84 51.13 29.58 -6.26 5989.0
86.32 87.07 72.36 64.3 708.0
68.34 73.39 44.11 13.18 1689.0
67.62 79.35 47.22 39.81 1353.0
52.77 31.66 33.2 6.14 4991.0
39.84 41.64 18.11 15.91 1811.0
42.09 52.96 21.75 2.63 2199.0
43.21 27.67 14.38 9.8
9047.0
52.54 25.63 18.86 -21.39 1692.0
54.4 50.53 33.22 10.87 2253.6
4.33 10.46 24.56 49.25 -
SIZES
HC
RD
5701.0 1320.0
6800.0 1302.0
6345.0 1306.0
5490.0 1290.0
6930.0 1312.0
6533.0 1312.0
6358.0 1321.0
6462.0 1271.0
6265.0 1323.0
7141.0 1335.0
7006.0 1310.0
6081.0 1315.0
6538.0 1309.0
7554.0 1258.0
5631.0 1284.0
6593.0 1271.0
6474.0 1348.0
6762.0 1266.0
7057.0 1295.0
6164.0 1336.0
6811.0 1310.0
2858.0 1281.0
6669.0 1309.0
6467.0 1315.0
7806.0 1317.0
7073.0 1317.0
7214.0 1319.0
7867.0 1303.0
7099.0 1319.0
4823.0 1297.0
7364.0 1308.0
6564.0 1332.0
6936.0 1342.0
6045.0 1332.0
7082.0 1341.0
7150.0 1323.0
6423.0 1321.0
6356.0 1279.0
5151.0 1311.0
6658.0 1318.0
1992.0 1297.0
4624.0 1277.0
7824.0 1313.0
7223.0 1289.0
6963.0 1277.0
4080.0 1356.0
6771.0 1323.0
5827.0 1316.0
2434.0 1311.0
5942.0 1303.0
6279.6 13.1
-
DJ
11.0
15.0
14.0
16.0
15.0
18.0
15.0
19.0
15.0
13.0
15.0
21.0
12.0
10.0
17.0
12.0
22.0
17.0
7.0
17.0
16.0
10.0
15.0
12.0
2.0
18.0
17.0
8.0
16.0
11.0
18.0
17.0
21.0
18.0
12.0
16.0
15.0
7.0
16.0
28.0
17.0
17.0
4.0
13.0
9.0
16.0
10.0
16.0
15.0
27.0
14.8
-
#
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
x
Comparison
HEURISTIC VALUE (%)
GA HC RD DJ
GA
17.78 12.21 0.48 -6.14 2527.0
42.85 34.23 23.11 -35.1 7276.0
40.0 33.07 16.18 -14.87 2366.0
48.31 35.73 20.77 15.5 4518.0
22.76 17.35 4.45 -0.25 3790.0
60.18 60.52 49.8 39.58 1719.0
24.66 22.62 8.01 9.75 2459.0
53.6 52.46 36.75 19.96 2097.0
20.9 19.53 8.83 -1.1
2272.0
54.66 47.64 35.01 12.4 1780.0
28.53 28.9 15.2 -35.15 2899.0
80.11 82.65 61.27 65.76 1336.0
49.99 57.23 32.7 -10.4 2371.0
37.45 33.78 16.03 19.44 2886.0
28.55 16.23 11.78 -6.55 2445.0
42.87 30.32 25.81 1.64 2516.0
46.39 43.84 23.91 -2.56 7992.0
65.96 74.06 54.36 24.62 2363.0
100.0 100.0 100.0 100.0 850.0
57.56 52.16 44.97 -40.15 1657.0
40.59 48.57 23.57 23.12 1267.0
24.28 20.18 10.75 5.19 2361.0
46.48 31.53 18.75 -21.27 4118.0
20.54 23.66 11.76 1.37 2692.0
17.72 25.46 5.42 4.48 1904.0
40.59 43.62 19.28 -26.21 2591.0
50.71 57.1 32.17 -7.79 2372.0
46.99 35.34 21.26 2.85 2622.0
32.35 39.64 15.49 4.58 1552.0
45.77 34.45 31.86 19.36 3352.0
47.11 32.56 28.73 0.38 2400.0
29.26 25.05 5.14 -22.12 2102.0
40.43 35.34 16.96 10.37 14366.0
35.72 25.86 19.98 -27.36 3748.0
33.8 27.29 19.61 6.25 18806.0
45.4 44.15 27.5 -9.46 2287.0
57.84 44.55 34.53 -2.28 2347.0
36.11 18.76 8.56 -16.88 2324.0
70.36 62.78 32.87 14.82 7568.0
55.79 66.11 29.16 3.88 2196.0
22.03 32.42 7.7 -14.13 2399.0
70.04 63.44 45.17 6.79 2163.0
17.07 15.68 5.43 -4.24 2025.0
74.72 38.38 65.28 5.06 2367.0
34.59 28.27 12.84 4.7
2351.0
28.13 28.58 10.02 5.4
2421.0
17.75 15.99 9.17 -9.58 2153.0
56.97 68.18 37.12 -27.05 2179.0
41.92 47.05 25.98 1.16 2061.0
32.79 32.66 18.24 -11.45 2387.0
42.74 39.34 24.79 1.53 3271
3.82 8.49 20.95 47.97 -
SIZES
HC
RD
4578.0 2659.0
3181.0 2552.0
5254.0 2571.0
4804.0 2585.0
4340.0 2636.0
7089.0 2594.0
6113.0 2640.0
5131.0 2589.0
6802.0 2635.0
7121.0 2627.0
5528.0 2545.0
7455.0 2644.0
6047.0 2600.0
4510.0 2596.0
5443.0 2643.0
5466.0 2589.0
2765.0 2551.0
6280.0 2593.0
7.0
2590.0
6492.0 2567.0
6546.0 2597.0
5588.0 2641.0
3790.0 2579.0
6065.0 2646.0
6176.0 2625.0
5170.0 2619.0
6823.0 2630.0
4882.0 2626.0
5849.0 2582.0
4910.0 2619.0
4924.0 2585.0
4624.0 2645.0
1863.0 2624.0
4017.0 2614.0
1407.0 2546.0
6024.0 2649.0
6243.0 2573.0
5069.0 2633.0
2582.0 2581.0
6073.0 2570.0
6003.0 2591.0
7312.0 2620.0
5994.0 2632.0
6841.0 2659.0
5389.0 2637.0
5392.0 2639.0
5757.0 2644.0
6152.0 2612.0
6552.0 2579.0
6613.0 2611.0
5300.7 2608.3/
-
DJ
67.0
30.0
16.0
12.0
16.0
11.0
13.0
12.0
20.0
10.0
23.0
14.0
28.0
16.0
21.0
14.0
14.0
7.0
7.0
27.0
10.0
16.0
20.0
20.0
18.0
34.0
19.0
12.0
16.0
10.0
19.0
30.0
17.0
30.0
17.0
16.0
21.0
21.0
16.0
15.0
16.0
16.0
18.0
14.0
16.0
16.0
21.0
24.0
21.0
15.0
18.6
-
Fig. 3. Overview of the results obtained with ndFSMs with a connection level of 4, including a
set of ndFSMs with 100 states (left), 500 states (center) and 1000 states (right).
Fig. 4. Representation of the scatter plots of Hillclimbing with respect to Random, and of GA
with respect to Random.
allow to reach a certain goal state in a deterministic fashion in a non-deterministic

context.
The comparison with other methodologies such as the hillclimbing or random, was
satisfactory in the sense that GA showed a better general performance, and with a higher
consistency. In general we can say that the hillclimbing algorithm performs well in most
cases, but its results are less consistent than those of the genetic algorithm.
We have experimented with ndFSMs of different sizes and connection levels. As
the number of transitions increased there was a decrease in the heuristic values of
the adaptive sequences since a higher number of states with a high degree of nondeterminism, creates a high level of branching and the existence of a perfect solution
becomes more complicated, as well as its discovery.
References
1. R. Alur, C. Courcoubetis, and M. Yannakakis. Distinguishing tests for nondeterministic and
probabilistic machines. In 27th ACM Symp. on Theory of Computing, STOC95, pages 363
372. ACM Press, 1995.
2. P. Ammann and J. Offutt. Introduction to Software Testing. Cambridge University Press,
2008.
3. M. Gromov, N. Yevtushenko, and A. Kolomeets. On the synthesis of adaptive tests for nondeterministic nite state machines. Programming and Computer Software, 34:322329, 2008.
4. R.M. Hierons. Testing from a non-deterministic nite state machine using adaptive state
counting. IEEE Transactions on Computers, 53(10):13301342, 2004.
5. C. Molinero, M. Nez, and R.M. Hierons. Creating adaptive sequences with genetic algorithms to reach a certain state in a non-deterministic FSM. In IEEE Symposium on Articial
Life, ALIFE11 (to appear). IEEE Computer Society Press, 2011.
6. G.J. Myers. The Art of Software Testing. John Wiley and Sons, 2nd edition, 2004.
An Islands Model Genetic Algorithm to Test

Non-Deterministic Finite State Machines
[Submitted to the Track: Search-Based Software Engineering]
Carlos Molinero
Manuel Nez
Robert M. Hierons
Departamento de Sistemas
Informticos y Computacin
Facultad de Informtica.
Universidad Complutense
Madrid, Spain
Departamento de Sistemas
Informticos y Computacin
Facultad de Informtica.
Universidad Complutense
Madrid, Spain
Department of Information
Systems and Computing
Brunel University
Uxbridge, Middlesex, UB8
3PH United Kingdom
molinero@fdi.ucm.es
mn@sip.ucm.es
rob.hierons@brunel.ac.uk
ABSTRACT
q0
We propose an islands model genetic algorithm that creates adaptive sequences. An adaptive sequence is a tree of inputs and outputs that gathers the behaviours of a non-deterministic Finite State
Machine (in short, ndFSM ). Adaptive sequences are derived by
having in mind to reach a certain state of the original ndFSM . We
use adaptive sequences to create a testing algorithm for ndFSMs
and show experimentation regarding its behaviour and comparison
with other techniques.
I.2.8 [Computing Methodologies]: Articial Intelligence, Problem Solving, Control Methods, and SearchHeuristic Methods;
D.2.5 [Software Engineering]: Testing and Debugging
General Terms
Experimentation, Algorithms, Verication
q0
1
q1
q0
2
1
q2
q1
2
q2
b/1
a
q2
s0
Categories and Subject Descriptors
q0
a/ 1
s1
a/ 1
a/ 2
b/1
q1
b/1
s2
q1
q2
a/ 1
Figure 1: An ndFSM (left) and two possible adaptive sequences: trying to univocally reach state s 1 (center) and
state s 2 (right).
Keywords
genetic algorithms; islands model; testing of non-deterministic systems
1.
INTRODUCTION
Testing [8] is one of the more complex tasks, in terms of resources

devoted to it, to be undertaken in the development of new applications or machinery. If we consider a formal testing approach [5],
test suites are extracted from specications and applied to implementations. One of the most used formalisms to represent speciPermission to make digital or hard copies of part or all of this
work for personal or classroom use is granted without fee provided
that copies are not made or distributed for prot or commercial advantage and that copies bear this notice and the full citation on the
rst page. Copyrights for components of this work owned by others
than ACM must be honored. Abstracting with credit is permitted.
To copy otherwise, to republish, to post on servers or to redistribute
to lists, requires prior specic permission and/or a fee. GECCO11.
cations is the Finite State Machines paradigm. If we are to handle non-determinism, then our specication will be provided in the
form of a non-deterministic Finite State Machine (in short, ndFSM ).
Non-determinism may arise in several ways, as when proposing
several parallel development possibilities for the system or when
abstracting data or time in protocols. Testing this kind of systems
is particularly difcult and has been widely studied, being state
counting [9, 4, 6] a widely applied technique.
Informally, an adaptive sequence [4, 3] is a tree that captures the
behaviour of a non-deterministic machine. For every input in this
adaptive sequence, the tree creates a child for every possible output
that the ndFSM has. Figure 1 graphically shows what an ndFSM
is and how adaptive sequences look like.
This paper is an extension of our recent work [2] that facilitated the
creation of adaptive sequences through genetic algorithms. One of
the main features left to be explored in that paper was the use of an
islands model which we felt could enhance the overall tness of the
candidate solutions of our genetic pool. Experimentation regarding
this subject is presented in this paper and we show that separately
evolving populations with different behaviours helps indeed to nd
better adaptive sequences.
The islands model for genetic algorithms [10, 11, 1, 7] allows the
parallel evolution of several genetic populations or demes. There-
fore, it is possible to preserve a wider range of genetic diversity

while migration between the populations allows the demes to exchange the most valid candidate solutions and converge to a global
maximum. Our approach will keep separate genetic algorithms
running and propose other islands in which we store and evolve
the best solutions from each different genetic pool. The differences
that exist between our populations are marked by the different evolution parameters set to each of them. This allows us to explore a
larger space of the tness landscape and to reach a higher success
in the creation of adaptive sequences. Depending on the kind of migration applied there exist several similar models, like the stepping
stone model, or if it is implemented using a distributed architecture we can refer to parallel or distributed GAs. The islands model
improves the efciency of a normal GA when implemented in a
parallel architecture because of being able to perform more computations, but even if implemented in a serial architecture, as it is
our case, it can improve the solution found by a simple GA because
of exploring in different ways the tness landscape.
In this paper we provide an approach to test ndFSMs based on creating adaptive sequences and a very simple greedy algorithm. Our
testing methodology is based on the concept of r-equivalence [9, 4,
6] which states that an implementation conforms to a specication
if the traces of the former are a subset of the traces of the latter.
We propose the application of a greedy algorithm that tries to cover
all the transitions of an ndFSM . If the algorithm reaches a state
without further transitions to be applied then it uses adaptive sequences, computed with the previously explained islands mode, to
reach a new state to continue the search.
The rest of the paper is organized as follows. In Section 2 we
introduce some auxiliary notation and concepts. In Section 3 we
present the methodology of evolution for our genetic algorithm. In
Section 4 we will present an algorithm that uses the adaptive sequences for the testing of ndFSMs and present an experimental
comparison with other techniques. Finally, in Section 5 we present
the conclusion reached in this paper.
2.
PRELIMINARIES
In this section we introduce some concepts that will be used throughout the rest of the paper. These denitions are taken from our previous work [2] and longer explanations can be found there.
D EFINITION 1. A non-deterministic observable nite state machines (in short, ndFSM ), is a tuple (S, I, O, s0 , st , T r) where:
We restrict ourselves to observable ndFSM s since the approach

is simpler to implement and it is well known that any ndFSM
can be transformed into an equivalent observable ndFSM . Let
us remark that observable machines allow a certain degree of nondeterminism, as long as two different transitions outgoing from a
state and labelled by the same input must be labelled by different
outputs. Next, we will formally introduce the concept of adaptive
sequence.
M
M
D EFINITION 2. Given M = (S M , I, O, sM
0 , st , T r ), an
adaptive sequence for M is a tuple TM = (S, T r, s0 , SI , SO , SG , )
where:
S is the (possibly innite) set of states.

SI , SO and SG conform a partition of S, that is SI SO
SP = S and they are pairwise disjoint.
: S S M is a function that maps the states from the
adaptive sequence to the states of ndFSM , that is, for all
i
s , s o s if and only if

s, s , s S we have that s
i/o
(s ).
(s)
The transition relation and the sets of states fulll the following
conditions:
SI is the set of input states. We have that s0 SI . For all
input state s SI there exist at most one outgoing transition
i
s
s T r. For this transition we have that i I and

s SO .
SO is the set of output states. For all output state s SO
we have that for all o O there exists a unique state s such
/ SO . Moreover, there
that s o s T r. In this case, s
i
do not exist i I and s S such that s
s T r.
SG is the set of target states. In most cases this set will be
formed by a unique state. We say that these states are terminal. That is, for all state s SG we have that there do not
exist a I O such that s a s T r.
T r (SI I SO ) (SO O SI ) is the transition
relation.
We say that an adaptive input sequence is valid if the graph induced
by T r is a tree with root at the initial state s0 .
S is a nite set of states.

I is the input alphabet.
A state s of M is deterministically reachable if there exists an input

sequence that applied to the initial state can only return that state.
Since, usually, only a subset of the states of M are d-reachable,
we introduce the concept of d--reaching a state with an adaptive
sequence, which means that we reach a state an % of the times by
applying the adaptive sequence.
O is the output alphabet.

st S is the goal state.
T r is the set of transitions. A transition ti T r is a tuple
ti = (s1 , i, o, s2 ) where s1 , s2 S, i I, o O and it will
i/o
s2 .
be represented throughout the text by s1
We say that M is observable if there do not exist two different transitions (s, x, y, s1 ) and (s, x, y, s2 ), with s1 = s2 .
We will also use a function m that, in a set of experiments, will

calculate the average distance of a certain technique to the maximum obtained by any other population. Formally,

n
p
j 2
m
i=0 (xi max{j=0 xi })
m =
n
where m is the population that we are measuring, i is the number of

each experiment, n is the total number of experiments, p is the total
number of populations and xji is the value obtained by population
j at experiment i.
cause an increase in the size of the rest of the demes in order to

keep the overall number of candidate solutions constant.
3.1.5 Heuristic
An islands model is a modication of a normal Genetic Algorithm

in which several populations are allowed to separately evolve to
later introduce some kind of migration, transfer of candidate solutions from one population to another, in order to mix the best
solutions found by each population.
Our tness function is a sampling method. We take the adaptive

sequence generated by each candidate solution and then confront
it with the ndFSM by executing it. If the state reached after the
application of the adaptive sequence is the goal state then we add
100 points; if the reached state has no connection to the goal state
then we subtract 50 points; otherwise, we subtract the distance to
the goal state. This process is repeated 100 times per candidate
solution and per generation.
3.1 Evolution of a single population
3.2 Explanation of our approach
3.
ISLANDS MODEL BASED GENETIC ALGORITM
This subsection is a summary of what can be found in our aforementioned paper [2] and we refer the interested reader to that paper
in order to nd a longer explanations. The rst step to compute our
adaptive sequences is to apply Dijkstras shortest path algorithm to
a graph such that it is an inversion of the original ndFSM , that is, a
graph that the initial and end states of every transition are inverted.
3.1.1 DNA
The DNA in our work is an adaptive sequence, that is, a tree of
inputs and outputs. This makes our GA problem specic.
3.1.2 Mutation
The mutation operator randomly adds or deletes a subtree from the
DNA, having as base node one of the end nodes of the tree that
represents its adaptive sequence. The way an individual mutates is
directed by its random coefcient. This coefcient ranges between
0 and 1, where values closer to 1 tend to choose the state closer in
distance to our goal state and values closer to 0 tend to randomly
choose a state.
In this work we have added a population that mutates by following
a different behaviour: it tries to choose the input for which less nondeterminism is created. In the case that this restriction if fullled
by several available inputs, then it chooses the state in the same
way as any other population.
3.1.3 Reproduction
The selection of the parents for reproduction is done through using roulette wheel selection. Reproduction has to choose a point
to cross individuals, in both adaptive sequences, that represent the
same state from the original ndFSM . This is done by randomly
traversing the tree from the rst candidate solution and for every
node doing another traversal in the second parent until a node that
represents the same state in the ndFSM is found. These nodes
are relegated to a set of possible crossover points. Later on, one
of these points is chosen to inter-exchange the subtrees from the
parents and create two different children. If no possible crossover
point is found, then this operation is cancelled. We reproduce half
of the population, creating 2 children per crossover.
We propose to keep several different populations that will have different random coefcients.
The random coefcient, as understood in this paper, indicates how
likely is the mutation operator of an individual to choose the next
state from the ndFSM based on the distances towards the goal
state or just simply choose a random state. In our past work we
compared several types of populations with different random coefcients, but we did not add their solutions: we restricted ourselves to choosing the one that seemed more likely of nding an
optimal solution. In this work we complete these populations with
an entirely new one that tries to reach the goal state creating the
minimum non-determinism along its path, that is, choosing when
possible the input that does not create non-determinism.
Random coefcients will be, for each population, randomly initialized within a range that can be either inherited from its parents or
generated from a x value. Several kinds of population with several ranges and different methods for its selection are included in
the islands model. This is what creates genetic diversity between
the different demes.
The populations that are present in our system are based in the random coefcients 0, 0.5, 1, (0 1), (0.5 1), (0 0.5), (0 1)m
and the low determinism population, plus the two demes that gather
the best specimens as explained in the paragraphs below. The populations that had a general best achievement in our past results have
been the ones started in the range of (0 0.5) and (0 1)m, where
m stands for hereditary random coefcient (mixed).
We restrict the population to the best solutions up to a prexed

maximum population size. We keep the best solutions for the next
generation, without applying any mutation to them. This is referred
in the literature as elitism
When we started to develop the islands model and compare it with

our former (simpler) genetic model, we were not able to nd relevant improvements in the results. This was due to a slower processing capability of the islands model. Actually, it was better to
have 50 solutions in one population than to evolve 10 solutions in
5 populations and then mix them, because each population had too
few candidate solutions to really explore a wide range of the tness
landscape. Furthermore, when we tried to increase the number of
candidate solutions in each population, it was still better to have 50
individuals in one population than 50 individuals in 5 populations,
because the rst algorithm was allowed to evolve for a higher number of generations per time unit, and thus, it found a better solution.
We also explored a typical migration pattern in which the best specimens of each population were added to the rest of the populations.
This led to an early convergence, having the best partial solution
imposing over the rest and getting stuck in local maxima.
Our islands model GA has a variable size of each population. As

the model evolves, some populations will disappear. This fact will
We nally overcame these problems by initiating the algorithm

with 10 individuals in each population and then selecting each 10
3.1.4 Selection of the ttest
generations the less promising demes and removing them from the
algorithm distributing their candidate solutions among the other
populations. In this way, we were able to initially explore a large
portion of the tness landscape. Afterwards, we can focus on obtaining a higher number of specimens and a higher number of generations per time unit to the demes achieving a higher tness. This
approach also allows us to have a higher consistency over different
types of ndFSMs, since depending on their congurations, different types of random coefcients evolve better than others. In order
to avoid the aforementioned problem regarding that migration produced stagnation in local maxima, we modied migration by separately evolving the different populations. In each generation we
took the best candidate solution and migrates it towards a new population that is conformed by the best specimens and that evolves
these solutions (we name this population mixBest). Furthermore,
we created another population in which we only inserted the global
best candidate solution (we name this population absBest). Out of
these two idealized populations, one was better than the other depending on the conguration of the ndFSM . In machines with 100
states, the mixBest achieved a higher overall tness, that is, population mixBest obtained mixBest = 5.24, while absBest = 10.91,
where denotes the average distance to the maximum, therefore,
the lower this coefcient the better the population is. However, this
tendency changed when the number of states was increased to 500
since mixBest = 10.34 while absBest = 10.66. These two populations evolved with the parameters that we found to behave better
in a set of 300 experiments, which was to initiate the population in
the range of (0 1)m. It is worth to mention that this set of experiments was performed before we started to produce this paper. We
can see a comparison between these two populations in Figure 2.
be present in order to assure the reaching of a maximum.
4. TESTING OF A NON-DETERMINISTIC
FINITE STATE MACHINE USING ADAPTIVE SEQUENCES
Our implementation relations is based on r-equivalence and consists in considering that the traces of the implementation conforms
to those of the specication. Therefore, we will consider our implementation under test (IUT) to fulll our specication (SPEC) when
the traces of the IUT are contained in those of the SPEC.
4.1 Explanation of the testing methodologies

In order to be able to nd an error in an IUT we propose the following methodology, which is very simple to implement and behaves
consistently.
The algorithm precalculates, by using the islands model GA, an
adaptive sequence to reach every state of the SPEC from its initial
state.
The process starts by running a greedy algorithm that tries to nd
the fault in the IUT and keeps a list of non-traversed transitions.
The algorithm explores the states that are 1-reachable (reachable in
one step) from the current state of the SPEC, and selects a transition
that is in the list of non-traversed transitions. Then, it applies the input of this transition to the IUT and mirrors the output in the SPEC
to keep track of the theoretical state that the IUT is currently in. If at
some point the algorithm nds that from the current state there is no
transitions or there is not a non-traversed transition, then it gets the
ip /oh
3.3 Experimental results

Figure 3 shows the comparison between the tness values of the
adaptive sequence obtained with the islands model GA and the one
obtained by the simple GA. The rst 50 experiments were carried
out on different one hundred states ndFSMs. Afterwards, the number of states was increased to 500, with the subsequent worsening
in the average of the tness results. We found that applying the
islands model improved our previous results by 3.65% in average
and that, in general, it was more consistent, behaving even better (in
relation to our previous GA) when the number of states increased.
Figure 4 shows the evolution of the islands model GA, of the simple
GA and of the hillclimbing methodologies. In order to increase
readability of the chart, we have kept only the best population of
the islands methodology. It is worth to note that in their rst steps
the islands model methodology and the simple GA have a similar
behaviour. After a while, the islands model started to obtain better
tness values. This is due to the populations with different random
coefcients (the simple GA is started in the range of (0 1)m)
nding a better candidate solution, in particular, in this example it
was the population with a random coefcient (0 0.5).
As we can observe in Figures 2 and 3, the simple GA achieves very
similar results to the mixBest deme. However, if the absBest population from the islands model GA is the winning deme then the
islands model GA outperforms the simple GA methodology. The
reason for this behaviour is that by allowing too much migration
from the different demes together with an elitist selection strategy
makes the algorithm to fall into local optima, with a candidate solution governing over the others. Still, since this deme has achieved
better results than the population absBest where less migration is
performed, we can only conclude that both types of migration must
rst element from the transition list ti = sj sk , takes the

initial state of that transition sj , resets the IUT and the SPEC and
retrieves and applies the precalculated adaptive sequence that takes
the SPEC to the aforementioned initial state. After having reached
sj , it applies the input of the previously obtained transition ip , and
then continue with the greedy algorithm. If at any application of
an input, the combination input/output returned by the IUT is not
present in the traces of the SPEC then a fault is found and we stop
the search. Since non-determinism is present, if the error is not
found but all the transitions are traversed, we should reset all the
transitions to non-traversed in order to start again, until an error is
found or a timeout is reached. This algorithm behaves as presented
in Figure 5.
In order to validate the testing methodology that uses the islands
model GA (islandGA), we have developed three alternative techniques.
The rst one (methodA) is a technique based on the same algorithm as our approach but adaptive sequences are not used to leave
a state when the algorithm gets stuck in a local maximum. Instead,
it calculates Dijkstras shortest path from the initial state to the
rst transition of the non-traversed list. Then, it executes a greedy
methodology that applies inputs trying to always move closer to
the goal. Since non-determinism is present, the returned nal state
after reaching a transition will not always be the one expected by
the algorithm. In this case, it would have not progressed towards its
goal, which can make it fall into a loop for some amount of time.
We can nd the pseudo-code for this methodology in Figure 6.
The second technique (methodA) is a modication of the rst greedy
methodology but when the algorithm is stuck, because there do not
exist non-traversed transitions outgoing from the current state, it
Figure 2: Comparison between the tness results of the two Figure 3: Comparison between the tness results of the nal
kinds of migrated populations over the 79 different ndFSMs. solutions of the GA and the islands model GA over 79 different
ndFSMs.

FITNESS VALUE

2000

4000

6000

8000

40
80
120
160
2000
4000
TIME (s)
Figure 4: Graph representing experiment number 41.

ISLAND GA
SIMPLE GA
HILLCLIMBING
while (errorNotFound and notTimeOut)
if (There exists a transition not traversed outgoing from the current state)
Apply the input.
Apply the input.
Mark the transition as traversed.
if (Traces of the transition are not included in the SPEC)

Error found.
Error found.
endIf
endIf
else
else
Choose a non-traversed transition.
Choose a non-traversed transition.
Reset and use the pre-calculated adaptive sequences to get to the initial state
of the transition (mark every transition used in this process as traversed).
Reset.
calculate Dijkstras shortest path to reach the initial state of the transition.
Apply the input.
while (stateNotReached and errorNotFound)
From the available transitions at the current state, choose the state that
has a lower distance to the goal.
Apply the input that moves the machine to that state.
Mark transitions as traversed.
Error found.
endIf
if (the current state of the machine has no connection to the goal state)
Reset.
endIf

Error found.
endIf
endIf
if (all transitions are traversed)
Mark all transition as non-traversed.
endIf
endWhile
endWhile
Apply the input of the previously selected non-traversed transition.

Figure 5: Pseudo-code of our approach.

Error found.
endIf
takes a random step and continues the processing. We can nd its

pseudo-code in Figure 7.
endIf
The last technique (Random) is a completely random search through

the graph. When no transitions are outgoing from the current state,
it resets and continues until an error is found or a timeout is reached.
We can nd its pseudo-code in Figure 8.

endIf
endWhile
4.2 Experimental comparison

We randomly generated a one hundred states ndFSM to be used
as SPEC and created IUTs from the SPEC by adding one error. We
consider two types of errors. The rst one consists in the substitution of an output of the original SPEC by another one while the
second kind of error consists in adding a new transition to a state of
the original SPEC so that more non-determinism is created. Only
one of these types of errors is present in each IUT.
We generated a set of 3566 IUTs from the same SPEC and tested
every methodology separately measuring the amount of time that
each approach consumed.
The results of the cumulated time that it took to test the implementations are shown in Figure 10. These results include the time
that the GA took to precalculate all the sequences. As this chart
shows, although our technique takes for each test less than any of
the others that we are using (see the individual times for each test
in Figure 11), it is only worth to use our methodology when we are
testing a high number of IUTs derived from the same SPEC. This
is because the precalculation times are very high. In order to calculate the minimum number of IUTs for which it is useful to apply
our technique, we can use a simple ecuation:
tprep
GA
minNumIUT =
tmethodA tGA
prep
where t
represents the preparation time and t is the average
time for each test over the whole set of IUTs.
Figure 6: Pseudo-code of methodA.
The rst two methodologies (islandGA and methodA) were equally

successful in unmasking every fault in the IUTs. While methodA
scored a little bit lower, Random was the worst, nding 75 errors
less than the other approaches. These results are given in Figure 9.
In this table, t is the average time per test, tprep is the preparation
time, ttest is the cumulated time to perform the test, ttotal is the
total time including the tprep , r is the average number of resets, e
is the average number of errors found and e is the total number of
errors found. Let us note that all time values are given in ms.
Figure 10 shows that the slope of the curve corresponding to our
approach is very small. The reason for this apparently weird behaviour is that all the adaptive sequences that the islands model
GA created have a high rate of success in reaching the desired state.
Specically, the adaptive sequences reached the goal state 96.96%
of the times, with a standard deviation of 6.72. 1 This allows the
approach to reach any state, in linear time, from the initial state and
without performing resets. This is the reason why our technique
Let us note that this average, 96.96%, is higher than the one
presented in the previous section because the tested ndFSM is
less non-deterministic. Specically, the ndFSM of the previous
section had a non-deterministic coefcient of 0.8 while the one
presented here is only 0.3 (a non-deterministic coefcient equal
to 1 would mean that every state has one input that produces nondeterminism).
1

Apply the input.
Error found.
endIf
else
if (there exist a transition outgoing from the current state)
Apply a random input from the available inputs.
Error found.
endIf
t
tprep
ttests
ttotal
r
e
e
IslandsGA
4.11
160612
15329.8
175941.8
1.19
1
3566
Comparison
methodA methodA
148.35
166.01
0
0
529034
645609
529034
645609
1
15.04
1
0.99
3566
3541
Random
155.27
0
601394.9
601394.9
13.37
0.98
3491
Figure 9: Table comparing statistics for the different methodologies.
else Reset.
non-determinism directs it towards a state with no connection to

the goal state.
endIf
endIf
endIf
endWhile
Figure 7: Pseudo-code of methodA.

if (There exist a transition outgoing from the current state)
Apply a random input from the available inputs.
5. CONCLUSIONS AND FUTURE WORK

We have presented a modied GA methodology in which the islands model has been used to nd adaptive sequences for ndFSM .
This modication has led to an improvement over our GA methodology presented in [2], mostly in its consistency along different
types of ndFSMs. The reason for this improvement is that the
algorithm is able to initially explore a wide range of the tness
landscape by using several different demes, with different parameters of mutation that led them to choose different paths through the
ndFSM . A second phase devotes all the computing resources to
the development of the population that has a higher tness level.

Error found.
endIf
else Reset.
endIf
endWhile
Figure 8: Pseudo-code of the Random method.

never has peaks of processing time. We can also notice that the
methodA has an usual slope, similar to the one of our algorithm.
However, in some cases the greedy algorithm that drives the IUT
from the initial state to the state from which to execute a transition falls into loops, due to non-determinism, and has peaks of time
as high as 20000ms while the usual value is less than 1ms (see
Figure 11). The other methodologies share a common continuous
slope because of the inuence of the randomness in both of them,
with some peaks up to 10000ms.
The number of resets that each technique produces is also relevant
since it can add a high amount of time in case the machine takes a
long time to be restarted. As we can see in Figure 12, the methodologies that tended to get stuck and perform several resets per test
are the ones that have a higher amount of randomness (methodA
and Random). Since the ndFSM that was represented by the SPEC
had a high level of connectivity, the other methodologies were able
to nd a path to the state to be tested without performing resets. As
the machine becomes less connected, the islands model GA still
maintains a low number of resets per test, because in the precalculation of the adaptive sequences the paths that lead to states with no
connection to the goal would have been removed (as possible). In
contrast, while methodA would increase its number of resets when
This new GA has been applied to developing a testing algorithm for

ndFSMs that has a high fault detection capability and that, in the
long run, has a very small average time of application. The reason
that lays under this small application time is that in a precalculation
phase we gather a set of very t adaptive sequences. This allows us
to reach, in linear time, any state of the ndFSM .
Despite its good properties, it is important to remark that our testing methodology, based on the previous computation of adaptive
sequence with an islands model GA, is intended to test the conformity of a high number of IUTs with respect to the same SPEC. Otherwise, other methods (for example methodA) are suggested since
they do not need any preprocessing. Actually, both methodologies
achieved the same number of faults detected and a similar number
of resets had to be applied during the testing process. Therefore,
their main difference is processing time, which depending on the
number of IUTs, one will perform better than the other and it will
be up to the tester to choose the righteous methodology for each
specic case.
6. REFERENCES
[1] E. Cant-Paz. A survey of parallel genetic algorithms.
Calculateurs Paralleles, 10, 1998.
[2] J. Doe1, J. Doe2, and J. Doe3. Creating adaptive sequences
with genetic algorithms to reach a certain state in a
non-deterministic FSM. In IEEE Symposium on Articial
Life, ALIFE11 (to appear). IEEE Computer Society Press,
2011.
[3] M. Gromov, N. Yevtushenko, and A. Kolomeets. On the
synthesis of adaptive tests for nondeterministic nite state
machines. Programming and Computer Software,
34:322329, 2008.
Figure 10: Cumulated time for 3566 IUTs of the different techniques including the precalculation time for the islands model
GA.
[4] R. Hierons. Testing from a non-deterministic nite state

machine using adaptive state counting. IEEE Transactions on
Computers, 53(10):13301342, 2004.
[5] R. Hierons, K. Bogdanov, J. Bowen, R. Cleaveland,
J. Derrick, J. Dick, M. Gheorghe, M. Harman, K. Kapoor,
P. Krause, G. Luettgen, A. Simons, S. Vilkomir,
M. Woodward, and H. Zedan. Using formal methods to
support testing. ACM Computing Surveys, 41(2), 2009.
[6] F. Ipate. Testing against a non-controllable stream
X-machine using state counting. Theoretical Computer
Science, 353(1):291316, 2006.
[7] Z. Konfrst. Parallel genetic algorithms: advances, computing
trends, applications and perspectives. In 18th Int. Parallel
and Distributed Processing Symposium, IPDPS04, pages
162170. IEEE Computer Society Press, 2004.
[8] G. Myers. The Art of Software Testing. John Wiley and Sons,
2nd edition, 2004.
[9] A. Petrenko, N. Yevtushenko, and G. v. Bochmann. Testing
deterministic implementations from their nondeterministic
FSM specications. In 9th IFIP Workshop on Testing of
Communicating Systems, IWTCS96, pages 125140.
Chapman & Hall, 1996.
[10] C. Pettey, M. Leuze, and J. Grefenstette. A parallel genetic
algorithm. In 2nd Int. Conf. on Genetic algorithms and their
application, pages 155161. L. Erlbaum Associates Inc.,
1987.
[11] D. Whitley, S. Rana, and R. Heckendorn. The island model
genetic algorithm: On separability, population size and
convergence. Journal of Computing and Information
Technology, 7:3347, 1998.
Figure 11: Time for each test of the 3566 IUTs with the different techniques.
Figure 12: Number of resets for each test of the 3566 IUTs with
the different techniques.
Automation in Construction 20 (2011) 12271241
Contents lists available at ScienceDirect
Automation in Construction
j o u r n a l h o m e p a g e : w w w. e l s ev i e r. c o m / l o c a t e / a u t c o n
Planning of work schedules through the use of a hierarchical multi-agent system

Carlos Molinero , Manuel Nez
Dept. Sistemas Informticos y Computacin, Facultad de Informtica, Universidad Complutense de Madrid, 28040 Madrid, Spain
a r t i c l e
i n f o
Article history:
Accepted 11 May 2011
Available online 15 June 2011
Keywords:
MAS
Agents
Scheduling
Critical path graph
a b s t r a c t
We propose a methodology to simulate every small task of a site-work with a multi-agent system. These
agents handle resources as a way to perform transformations on their world. The system will simulate the
construction of a building through the denition of the atomic elements of the system and the automatic
recombination of these elements. This allows us to foresee parallel and sequential tasks and handle the
creation of a graph, in the form of a Petri net, that facilitates the task of accurately planning the schedule of the
site-work.
2011 Elsevier B.V. All rights reserved.
1. Introduction
Construction success highly depends on the capacity of the project
manager to handle multiple teams with a wide variety of tasks and
with different needs. These teams must be correctly orchestrated
during the realization of their labor since the total cost of the
construction depends on the total amount of time the building takes
to be constructed. Therefore, parallelization of tasks is highly
desirable, although this is not always achievable. Different tasks
cannot be executed before a certain amount of resources has already
been created or before the team in charge of executing the task is free
to start its implementation.
It is therefore mandatory to create a timed organizational structure
of the planned work. The instruments more commonly used to handle
this need are Gantt diagrams and Critical Path graphs. Although good
planning is usually achieved through the experience gathered by the
project manager, a number of elements are always left out.
Imperfections are therefore left in the schedule of the work site and
these sometimes lead to undesired time delays. We present in this
paper a computational system that, through the use of agents,
simulates the resources created or exchanged by every agent in the
construction site and that self-organizes these agents to dene a
possible sequential frame in which every task is to be executed. More
specically, our goal is to provide a system that automatically
constructs a graph, in the form of a Petri net [1], representing the
sequence of jobs to be undertaken during a construction process.
Actually, one of the main advantages of Petri nets is that there exist
several formal methods for analyzing them.
Corresponding author.
E-mail addresses: molinero@fdi.ucm.es, mn@sip.ucm.es (C. Molinero).
0926-5805/$ see front matter 2011 Elsevier B.V. All rights reserved.
doi:10.1016/j.autcon.2011.05.006
Our methodology uses a system of agents that recreates the

construction process in a simulated manner. Because of the
modularity of this approach, once an agent is designed, it can take
part in any new project that handles similar needs. Therefore, the
system is scalable and further increments in complexity of the project
do not need to increase computation times. The methodology also
allows parallelization of the tasks, which helps to model up to a high
level of detail any construction process. Furthermore, since every
agent represents a real world agent of the construction process, it is
easy to translate the characteristics of the system to the construction
site.
We use two types of agents: atomic and complex. Atomic agents are
a metaphor of work force. These agents are in charge of the actual
transformation of resources. A complex agent is similar to the leader
of a team. These agents are used to gather atomic agents (and/or other
complex agents) to reunite and conglomerate their individual
properties, and arrange the order in which they will start working.
Agents simulate the procedure of the construction of a building by
exchanging resources. This is done through destroying and creating
new types of resources. In that sense, when using our methodology
one has to think a little bit different from the real world. For example,
an agent painting a wall, destroys a non-painted wall and creates a
painted one.
Agents can be reincorporated from other projects that we have
dealt with before, that is, we do not need to reconstruct every agent
each time that we want to plan a new construction site. What we need
to do is either to incorporate new complex agents through the use of
petitions or to dene the new needs of our project in terms of
resources. The system will recongure itself to be able to handle the
demands.
Agents are introduced into a cell structure. This structure
maintains close those agents that are related in terms of the kind of
1228
C. Molinero, M. Nez / Automation in Construction 20 (2011) 12271241
transformations that they perform. This is useful in computational

means since messages between agents ow more directly. This
structure has the form of a tree, each cell acting as a parent of its
children's cells. Agents are naturally arranged in terms of complexity
in the sense that simpler agents are inserted in the lower level cells
and when complex agents are formed they are inserted in a higher
level. A complex agent will be inserted in a cell that is the father of
each of the cells that hold the agents that it is going to use. For
example, if we have a complex agent that needs to call agentA and
agentB to fulll its task, and agentA belongs to cell1, while agentB
belongs to cell2, then the complex agents have to be inserted in a cell
that is a common father of cell1 and cell2. If such father does not exist,
then a new cell is created in the tree and the complex agent is inserted
in it. This assures that messages from the complex agent to other ones
can just be sent downwards into the tree structure. This process is
automated, needing no interaction from part of the user. The interface
of the user with the system is based on the use of petitions that
denes the needs and the restrictions that the user desires.
The simulation of the user preferences is achieved through the
implementation of a utility function. These functions assign a value to
each basket of resources. This allows us to measure the quality of a
certain combination of resources. For more information on utility
functions, their properties, and their relation with other mechanisms
used in microeconomics, the interested reader is referred to the paper
[2].
The rest of the paper is structured as follows. In Section 2 we will
briey summarize some of the recent developments made in the
multi-agent research eld and its application to project management.
In Section 3 we will focus on some efforts to apply computer-aided
project management. In Section 4 we will describe our methodology.
In Section 5 we will propose a general construction site as an example
of our methodology. In Section 6 we will summarize and present our
conclusions. In the appendix of the paper we will present the
mathematical methodology behind our system, as well as discuss
other details of the approach. This appendix is meant for completeness since users of our methodology do not need to know the formal
framework underlying it. Finally, let us remark that we have
developed a tool that implements our approach and that can be
found at http:\\www.carlosmolinero.com\hierarchicalAgents.zip.
2. Multi-agents systems
Multi-agent system (in short, MAS) is a eld of growing interest in
research [3,4]. The number of applications to which agents can be
applied is endless due to its distributed and exible computational
power. These characteristics are derived from the nature of a MAS: it
is composed of several agents that communicate and work together in
an environment (application eld or problem). Each of these agents is
designed to give an answer to a specic problem and, depending on
the kind of society formed by them, they will come to act in a specic
moment of time. The power of these systems comes, therefore, from
the combination of separate and multiple viewpoints to confront a
problem.
Another of its important features is that a MAS can be a simple
translation of real world organizations and, therefore, conforms a
model (an abstraction) of that system. Similarly, it is always benecial
to have a computational tool that resembles the real organization.
Some of the work in this line consists in the assignation of roles to
agents by using organizational rules [5].
Other approaches use agents in a completely different manner:
agents are separate entities reacting to real world responses and
without a xed role [6]. The role implicitly appears by the kind of
conditions that activate the agent to act upon its behavior. This kind of
systems belongs to a category called subsumption architectures. They
work in a layered fashion, constructing in a bottom up manner a
complex behavior made from the interaction of several agents that
react to different stimuli coming from the outside world. The

subsumption model has been used to dene a way to create the
corresponding chain of events that trigger a certain agent [7].
In the work [8] we can nd an overview of the current approaches
taken in the eld of MAS in respect to construction automation. This
paper provides, a general explanation of what MAS is, the problems
that are yet to be solved, and the insights of the most relevant work in
this eld are explained.
3. Approaches to computer assisted project management
Next we review some of the work on automation of project
management tasks.
The task based modeling method (TBM) for modeling processes in
project management [9]. The underlying idea is to build a process
model, by using the task components as the basic building blocks, in
order to improve project efciency and productivity. Since it is
difcult to adapt and customize the standard process, the authors
propose a new way to dene common management tasks as the basic
reusable software components. For its achievement, each task must
have its function and corresponding data structure correctly dened.
Moreover, instead of trying to standardize a business process, TBM
intends to focus on standardizing lower level management tasks,
having each the characteristics of independency, encapsulation,
completeness and consistency. The basic structure for a task in this
methodology has three features: an action (a verb that characterizes
the task), a method (a manner to perform the task) and an object
(needed in the case of transitive verbs as a direct object).
The ABSM (agent-based modeling and simulation) technique has
been applied to construction in isolation or in combination with
traditional simulation methodologies [10]. Until now, most approaches for the study of complex systems (like CPM, PERT,
productivity delay models, etc.) use a discrete event approach,
while ABSM can add to those techniques continuous simulation to
further understand the underlying complex system. Moreover, the
use of agents can explain the construction discipline better than a
central control approach [11]. The agent-based modeling and
simulation test bed can be used to mimic the construction
environment. The authors propose two main domains in which this
technique will be of a straightforward use: the application to the study
of the safety environment of the workers and the reduction of the
time applied to the cycle of eradication of the waste. The paper
concludes by stating that ABMS combined with the traditional
discrete event approach provides added exibility in modeling of
complex construction systems.
MAS can be used to improve the trafc ows in a construction site
[12]. Since one of the main characteristics of trafc ow in a
construction site is its dynamic behavior, the use of a system of
agents is the most suitable. The authors use the MAS as a simulation
system to predict possible problems and develop a cost-effective and
quick construction process.
Petri nets have been previously used to specify the processes of
construction [13]. The approach provides an accurate, precise and
exible mechanism to specify the work-ow processes in construction and, by doing so, to determine the weak points of the procedure
and correct them. The authors use a colored, timed and hierarchical
Petri net. The proposed methodology will take place in several stages:
draw the Petri net for the actual state of the process, simulate the
process to study where the problems reside, and redesign the Petri
net, checking its correctness.
The case handling paradigm can be used to support the
construction process [14]. This paradigm establishes several concepts.
For each case there exist activities. An activity is the logical unit of
work and corresponds to atomic pieces of work. Each activity is
executed by one worker, while a worker can have many roles, an
activity has only one; the worker that is capable of executing that
activity is a worker with that role. Case handling is driven both by

control ow and data ow and each case has a collection of data
objects which can be classied into mandatory or restricted. For each
process and each activity, three roles need to be specied: the execute
role, the redo role and the skip role (all of them can be set to no-one or
everybody).
The paper [15] proposes a conceptual model that is composed of 4
sub-models: the task model, the context model, an organization
model and a case model plus its interrelationships. The task model
includes 4 major concepts: task, group task, simple task and
compound task. The context model is a ternary relation of decision,
condition and task. The organization model contains role, resource,
group, individual, project team, organization and project. Finally, the
case model handles concepts like case, supporting document,
classication and existing project information.
Petri nets can be used to produce construction schedules [16]. A
work task is given by the combination of an input place, a transition
and an output place. In this work, the authors also consider important
to provide the construction schedule with the ability to represent a
hierarchical breakdown of the tasks. This is achieved using hierarchical Petri nets, the incorporation of uncertainty in the activities,
represented through probabilistic transitions, and the modeling of
dynamic resource allocation, which is realized by using colored Petri
nets where each color represents a different kind of resource, and an
extension of Petri nets, called fusion places, that allows to consider
several places appearing in the network as a single place with the
same type and number of tokens. These concepts are applied to the
modeling of a concrete production plant [17].
Genetic algorithms (GA) [18] have been also used for the
assignment of tasks to the available resources [19]. The technique of
genetic algorithms is based on the laws proposed by Darwin for the
evolution of the species. They use mutation, crossover and selection of
the ttest, as the means to achieve an optimal solution to a specic
problem. In this approach, the DNA of each inhabitant uses a 2D array,
with one dimension for tasks and another one for resources, to codify
this specic problem. The project management strategy is applied to
the production of software, using an estimation of the cost of
producing the software based on the COCOMO model [20]. The user
of the system needs to specify a task precedence graph, a database of
employees, including skills and salary, and an objective function.
Genetic algorithms can be applied to project management using a
two phase model in which resources are limited [21]. Therefore, they
impose a boundary on the order of execution of tasks. This model
considers time-cost trade-off and dependence relationships between
the different tasks. Tasks are given an execution mode which
determines the set of resources, duration of the task and its possibility
of being parallelized. The approach considers four subsystems: Input
subsystem, time-cost trade-off subsystem, resource scheduling subsystem and the output subsystem. This division facilitates that the
precedence relationships, resource constraints and interruption/
overlap conditions are met. A similar technique [22] focused on
projects that have repetitive aspects and, therefore, uses the same
resources in different periods of time. The approach considers project
duration and project costs, plus constrains of precedence relationships
between activities and resource work continuity.
Ant colony optimization (ACO) [23] can be also used to nd a
solution to the optimization of the schedule [24]. ACO is an
evolutionary technique in which a set of articial ants (the colony)
is located into a graph and they move in the beginning randomly
leaving a trace of pheromones proportional to the length of the path
that have taken them from the nest to the goal. In the next turns, ants
are drawn by these existing pheromone traces and eventually the
colony nds the minimum length of the path from the nest to the goal.
The work [25] shows through experimental research that the
technique based on representing the CPM as an activity on node
graph with the inclusion of dummy activities (activities with zero
1229
time/resources consumption, used to mark precedence relationships)

attains a solution in a 100% of the cases and in less time than other
methods based in activity on arc graphs [26]. Ants are also used in
other problems relative to construction management such as the use
of a maxmin ant system to solve the construction site layout
planning problem [27].
Also the swarm particle system optimization [28] (PSO) method
has been used to create critical path graphs for the execution of a sitework [29]. PSO is a technique that uses the movement of a set of
particles imitating a ock of birds with local and global velocities. Each
particle adapts itself to the positions and velocities of their local
neighbors and to the global velocity of the whole ock. Every particle
tries to attain an improvement of their position in the tness
landscape. Thus, by adapting to its neighbors every particle eventually
arrives to a maximum. A comparison between the PSO approach and
SOMO (self organizing map based optimization) points out that even
though both techniques provide promising results, SOMO outperformed PSO in the cases studied [30].
Other approaches focus on the virtual construction of the site
work. The work [31] proposes a system based on MD CAD (multidimensional CAD) to be implemented in the AutoCAD program,
followed by an optimization of the work schedule based on a GA,
while the work [32] uses a method based on virtual prototyping of the
site-work. This process simulates resources, such as space, equipment
and crew to foresee the implications of the construction environment.
MAS has been also used to formalize a negotiation methodology
for the problem of distributed project schedule optimization [33]. The
motivation of this work is based on the necessity to coordinate all the
desires of the different organizations involved in the construction site.
Coordination of projects has increased in complexity due to the
appearance of an ever increasing number of sub-constructors. This
technique represents each of the agents involved in the construction
site, that is, each sub-constructor, with its own utility functions. Each
agent in the MAS is given negotiation capabilities, in a process of
synchronous negotiation, coupled with another negotiation mechanism called recursive negotiation used in the negotiation between two
specic agents.
A MAS has been also used to mimic all the participants in a
management system and the distributed localization of the resources
[34]. The approach uses several kinds of agents. Among these agents
we can nd macro-agents, that are intended to be a functional
grouping of one or more computers, interconnected through a local
area network and devoted to local resources managing. Agents that
are englobed into these macro-agent categories can be of several
types: facilitators, chiefs, supervisors, personnel, machinery, stock
manager, supporting materials manager, and acquisition manager.
The approach also has a planning agent and negotiation protocols that
consider depreciation costs, operations costs, operator costs, and
prots. Finally, it is possible to form coalitions and to consider
modications for the negotiation process.
There already exist some systems that handle MAS applied to
creating a schedule for a construction process. One of these systems is
the Stroboscope Simulation Environment, which can be found at
http://www.cem.umich.edu/Ioannou/StrobWeb/. It is very complete,
allowing the user to propose stochastic actions. This environment
uses a system of pre and post conditions to concatenate the agents.
The only drawback is that the user needs to dene every small aspect
of the process to be handled by the agents and its main connections,
which is a problem that we intend to tackle in our approach.
4. Denition of our methodology
In this section we present our approach to specify complete
systems as well as all the agents taking part in them. We claim that
our framework is useful even if the user does not know the underlying
formalism. Therefore, we will omit the explanation of the formal
1230
elements that compose the language which will be presented in the

appendix of this paper.
We start by showing how to represent our agents. We can
distinguish between complex and atomic agents. Atomic agents
assume the responsibility of actually implementing tasks, and complex
agents cluster and delegate in the ulterior ones to accomplish complex
tasks. Complex agents represent a planning of the works accomplished by the atomic agents.
Agents have unique identiers assigned. These identiers can be
seen as a word that denotes the concept that the agents represent.
Agents also contain a buffer for the reception of messages from other
agents and a Petri net that marks its execution procedure.
Informally, a Petri net is a state-diagram consisting of places,
transitions, tokens and directed arcs. Places are connected by arcs to
transitions, and transitions are connected to places by arcs. Each Petri
net contains a marking, which is the position of the tokens in the
places at a certain moment. The Petri nets used along this paper are by
construction 1-safe, which means that at most one token will be in a
place at a certain moment. Depending on the topology of the statediagram, several transitions may be red simultaneously. This
happens, for example, when a place is connected to multiple
transitions. The formalism also allows us to represent process
synchronization by connecting several places to one transition. This
transition will only re when a token from every place is received. The
ring of a transition removes a token from its input places and puts
one in the output places. Our framework deals with time in the Petri
net, although its conception is slightly different to what is usually
considered in timed Petri nets. Usually, a timed Petri net has intervals
of time in the transitions, to represent when this transition can be
red and tokens have an age, that is augmented by a clock, and reset
each time the token goes through a transition. Our approach does not
impose an interval of time for the transition to re, but it adds age to
the tokens, this age is not set to 0 at the ring of a transition, and time
evolves not by a global clock but by the traversal of the arcs. It is
important to remark that the user of our methodology does not need
to know how to formally dene a Petri net since it is a graphical
formalism and our tool allows the user to represent them (the
interested reader is referred to [1] for further details).
The conguration of the Petri net varies depending on whether we
are dealing with an atomic agent or a complex one. In the rst case,
the Petri net will just consist of two places and a transition. The arc
from the rst place to the transition will contain an identier of the
agent in charge of executing the transformation of resources. In the
case of an atomic agent, this identier will coincide with the identier
of the agent forcing the agent to act upon the environment creating its
transformation of resources. In the case of a complex agent, the Petri
net can have as many places, transitions and arcs as necessary to
dene all the calls that will be done asking other agents to start
working. This Petri net is able to dene parallel or sequential calling of
agents, depending on the kind of resources involved in the petition.
Example 1. As a means to understand the difference between atomic
and complex agents we propose a simple example depicted in Fig. 1.
There exists an atomic agent, called agent0, that creates 2 units of the
resource of type A and agents agent1 and agent2 consume 1 unit of the
resource of type A and create 1 unit of the resource of type B. Then, if
we consider that the system has 2 units of the resource of type A, and
we ask for 2 units of the resource of type B, the system will create
complex agent3 placing in parallel calls to agents 1 and 2. Another
possibility is that the system has no resources and we ask for 1 unit of
type B, then the system will use agent0 and agent1 (or agent2) placing
them sequentially, creating complex agent4. The last possibility is that
the system has no resources and asks for 2 units of the resource of
type B. Then, it will create complex agent5 and use agent0 followed by
parallel calls to agent1 and agent2.
Cells serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents. Abstractly, a cell is
the macro-concept that holds the set of related instances (agents).
Cells are organized following a tree structure.
A cell holds a set of agents that are inserted inside it. They also have
an identier and pointers to the cells that are under it as sons, and to
its father in the tree structure. Cells also have a buffer to hold the
messages that they receive.
Example 2. Continuing with the previous example, and to better
illustrate the cell concept, we will insert two cells in our system. In the
rst cell we insert agent0 and in the second cell we insert agents 1 and
2. This is shown in the left part of Fig. 2.
Next, we introduce a petition in which we demand the system to
provide us with 2 units of resource of type B. The system constructs a
complex agent that rst uses agent0 to get one resource of A, and then
uses agent1 and agent2, in parallel, that consume the resource and
provide one resource of type B. Since the atomic agents that the
complex agent will use are located in different cells, in order to
maintain a coherent cell structure for the sending of the messages, the
system introduces a new cell that will be a common parent to both
cells and locates the complex agent in that cell. This is shown in the
right part of Fig. 2.
The cell structure is principal to the passing of the messages. By
construction, it allows a cell to send STARTJOBs messages downwards
to its sons until it nds the specied agent. Since the cell structure was
automatically constructed by the system having in consideration that
a complex agent is inserted in a cell that is a common parent to all the
agent 5
agent 4
agent 0
agent 1
agent 2
agent 3
Fig. 1. Atomic agents 0, 1 and 2 (left), a complex agent that executes agents 1 and 2 in parallel (center left), a complex agent that executes 0 and 1 sequentially (center right) and a
complex agent that executes agent 0 followed by executing in parallel agents 1 and 2 (right).
1231
0
0
Initialcell
Initialcell
Fig. 2. Cell structure in which two cells where atomic agents are inserted (left) and a petition is made that creates a complex agent composed of the three atomic agents (right).
cells that hold agents inserted into the complex agent, these messages
will follow the shortest path possible. An example of the passing of the
messages is shown in Fig. 3. The system can send two families of
messages. The rst one is used during the creation of a new complex
agent through a petition. These messages are either a BROADCAST,
used to ask for the creation of resources to every agent in the system
or a REPLIES, sent back by the agents that are capable of partially
fullling the petition. The second family is used during the execution
of a complex agent and they can be of type STARTJOB, used to ask an
agent to start its procedure, and FINISHEDJOB, sent back by the agent
when its tasks have been accomplished.
The system contains in a tree-like structure, implicitly dened by
the fatherson relationship, the cells that conform the whole system.
This structure allows the user to have a hierarchical organization of
concepts. In order to completely dene a system we need to dene the
resources that it holds, the origin cell and a threshold value that will
be used to discriminate between good and bad values of the utility
functions dened through the user petition. Resources are represented by a tuple. Any negative number in that tuple indicates that the
system needs to be provided with that specic resource.
There are two ways to create agents. The rst one is to insert an
atomic agent during the creation of the system. The second one is
Fig. 3. Passing one STARTJOB message.
through petitions to the system, being the system in charge of

recombining atomic and/or complex agents already embedded in the
system to create a new complex agent. In order to dene a petition we
need to specify what resources we need to obtain and what utility
function is to be considered. We can understand petitions as the
means that the user has to interact with the agent.
4.1. Steps of a petition

Next we present how petitions are handled in our approach.
1. A user inserts a petition in the system asking for the combination of
resource objective of the petition. In addition the user denes a
utility function that encodes his preferences.
2. The system creates a new agent with a temporal conguration,
including a new Petri net.
3. In the next step the system discriminates depending on the
number of negative resources (resources to be fullled). In the case
that more than one resource is negative, it subdivides the petition
into different sub-petitions. This renement is performed to allow
parallelization of tasks.
4. The system sends messages between the agents through the
structure of cells, asking for agents that are able to cover the
negative resources of the petition, that is, they are able to create the
resources that are currently negative.
5. The agent receives all the responses from the other agents and
congures its Petri net for the calling of other agents upon its
execution. If for the same call, there exists more than one agent
capable of fullling the call, parallelization of these agents is
performed as long as the utility function does not eliminate one of
them using the threshold dened in the world.
6. The transformation functions of all the agents involved are added
and if any resource is negative another search in the system is
performed with the new needs. This execution stops when every
negative resource is covered.
7. If after this process the number of agents responding to the petition
is just one then the agent is not created because there already
exists one agent capable of responding to the petition without the
need of adding a new agent in the system. Otherwise, the agent is
inserted into a cell that is a common father to every agent that will
be executed upon execution of this agent. In the case that no cell
exists with such properties (being the least upper bound of all the
agents in the Petri net) a new cell is created and the structure of the
cell tree is modied so that the father of all the cells that hold
agents will be addressed to the new cell.
1232
Fig. 4. Insertion of the agents in the cell tree.
4.2. Execution of an agent

The execution of an agent essentially consists in the execution of
its Petri net. Every transition will make a call to the agent that it
withholds asking it to start working, so that they implement the
transformation of resources.
When a transition is red, the system checks whether the
identier of the transition coincides with the identier of the agent
to which the Petri net belongs to. Two things may happen:
If these two identiers are the same, then the system executes the
transformation of resources, modifying the resources in the world.
If the agent in charge of the transition is different from the one that
calls it, then a message is sent to the aforementioned agent so that
its execution starts.
5. Case study: denition of a site work
In this section we will make use of all the capabilities of our
framework to model a simplied construction site. Obviously, in a real
planning, every phase should be further subdivided, by the use of
more agents. However, a reduced version will allow the reader to
better understand how our approach works to model complex
systems. We will also illustrate the use of our tool to support our
methodology.
In this section some terminology from the formal framework will
be used (for further reference refer to the appendix of this paper).
formwork(10), concrete-pouring(11), structure-nished(12), masonry-facade(13), carpentry-windows(14), facade-nished(15), interiors

(16), nishes(17), and built-house(18).
Time is the only special resource in the sense that the amount that
we add at the start represents the time the agent takes to accomplish
the petition. In fact, although time is not an actual resource, it is
included as the rst element of the resource tuple to simplify notation,
and so that it resembles the interface the user receives in the program.
In this sense, if the resources are represented by x, the tuple
represented throughout this example will be (time, x1, x2, ots, xn).
5.2. Denition of the atomic agents
The rst step will be to create the tree that contains the cells that
will locate the agents. The system has already created the cell c0 and
we will add 7 sons to it, to be able to classify the different types of
atomic agents correctly (Fig. 4).
Cell c1 will be used to hold agents related to terrain movement. We
add a rst atomic agent that when executed will consume 10 time
units and 100 money units and create a unit of terrain-movement. The
rest of the agent denitions are similar and will be shown in the table
portrayed in Table 1 (all of the agents are atomic), including
information about the cell where they are inserted and what
resources will they consume and produce (Fig. 5).
5.3. First petition: prepare the site to be built
5.1. Denition of the resources of the system
We will introduce a petition in the system that prepares the site to

be built (Fig. 6). We consider a petition pet = f u ; o; Apet where:
In order to complete the foreseen tasks, the system needs to have a

certain amount of resources. We will therefore begin by adding a
collection of resources. In this case, they have been assimilated as raw
materials. The resources that we are adding (and its places in the tuple
of resources) are: time(1), money(2), concrete(3), metal(4), wood
(5), and bricks(6).
The rest of the tuple of resources will be applied to the following
concepts: Terrain-movement(7), concrete-bed(8), site-ready(9),
f u = 2 x1 + 1 x2 +.3 x3 + 1 x7 + 1 x8 is the utility function (all

values 0 xn are not represented). This utility function indicates the
proportional importance that we give in our petition to each of the
resources represented in it. That is, we value twice the amount of
time that it takes to be fullled than the money, and three times
more the amount of concrete used to implement this transformation
of resources, we also give importance to the creation of the terrain
movement and to the creation of the concrete-bed.
1233
Table 1
Values of the agents.
CELL
c1
s 1
100,
s 2
= [
= [
10,
c2
8,
50,
0,
100,
0,
0,
0,
1,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
1,
1,
1,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0
0
]
]
]
c3
s 3
= [
2,
10,
0,
0,
100,
0,
0,
0,
0.5,
1,
0,
0,
0,
0,
0,
0,
0,
c3
s 4
= [
2,
10,
0,
0,
100,
0,
0,
0,
0.5,
1,
0,
0,
0,
0,
0,
0,
0,
c4
s 5
= [
30,
120,
0,
0,
0,
0,
2,
1,
1,
0,
0,
0,
0,
0,
c5
s 6
= [
10,
60,
c5
s 7
= [
10,
60,
c5
s 8
= [
10,
c5
s 9
= [
c5
s 10
c5
100,
0,
0,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0.333,
1,
0,
0,
0,
0,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0.333,
1,
0,
0,
0,
0,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0.333,
1,,
0,
0,
0,
0,
7,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0,
= [
7,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0,
s 11
= [
7,
60,
0,
0,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0,
c6
s 12
= [
4,
70,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.5,
0.5,
0,
c6
s 13
= [
4,
70,
0,
100,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.5,
0.5,
0,
c7
s 14
= [
2,
30,
0,
20,
0,
0,
0,
0,
0,
0,
0,
0,
0,
c7
s 15
= [
2,
30,
0,
0,
20,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0.334 ]
c7
s 16
= [
2,
30,
0,
0,
20,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0,
0.333,
0.334,
0.334 ]
0,
= (0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0). This means that we

are asking for the creation of a concrete-bed, the system will have to
look also for another agent that is capable of creating the terrainmovement, as it is a prerequisite for the application of the concretebed.
Apet = fg is the set of agents that are used by the petition (empty in
the beginning).
The system sends the message with the petition and nds a2 that
supplies one unit of the resource where the negative value of the
petition is. Thus, it adds agent a2 to the petition so that Apet = fa2 g.
Next, it creates agent a17, adds a place, a transition connected to that
place, and another place that connects to the transition in which agent
a2 is referenced to be executed in its turn.
0,
0.333,
0.334,
0.334 ]
Now, agent a2 has added a new negative value in another position

of the resources tuple, because in order to create the concrete-bed, it
needs to be supplied a unit of the resource terrain-movement (in a
physical meaning, it is the representation that before proceeding
with the application of the concrete bed, the site needs to nish the
terrain-movement). The petition sends a new message and agent a1
replies. The petition adds agent a1 so that Apet = fa2 ; a1 g, adds
another transition and another place with a connection that
references a1. Since resources 0, the petition nishes and adds a
token to the last place created. We compute the least upper bound of
the cells that hold the agents that we are using, that is, {ci|ci
C a Apet a Aci}. Since it is undened, a new cell is created, and
agent a17 is inserted in it. The transformation of resources from
agent a17 is s17 = a Apet sa.
Fig. 5. Close up of one of the cells, showing some atomic agents.
1234
Fig. 6. Preparing to create the rst complex agent: site is ready to build.
= (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0).
the beginning).
The result can be observed in Fig. 7.

5.4. Second petition: create structure
Now we insert a new petition into the system, to construct
the

structure of the building. We consider a petition pet = f u ; o; Apet
where:
f u = 2 x1 + 1 x2 +.3 x3 + 1 x10 + 1 x11 is the utility function (all
values 0 xn are not represented).
First, we nd agent a5 and re-send the petition after adding its

resources. Next, we nd two similar agents that are able to provide the
new resource needed. Since both agents have identical utility
functions, it does not choose between them but uses both of them
in parallel to handle the petition quicker. If one of the agents would
have a bad utility function, that is, if faui b max(f u)a3, a4, a5, then the
Fig. 7. Creation of the rst complex agent: site is ready to build.
1235
Fig. 8. Creation of the second complex agent, creation of the structure.
system would have to decide whether it was under a certain threshold

and, in this case whether it was better not to use it. Since in this case
all utility functions fulll faui max(f u)a3, a4, a5, then they are
parallelized. Next, we create two places with two connections that
start in parallel and hold agents a4 and a3. Then, we re-send the
petition and use the just created complex agent a17 as a starting
point. The petition now looks for the lub (least upper bound) of the
cells. Since it does not nd it, it creates a new cell and inserts agent
a 18 . Again, the transformation of resources is given by s
=
18
a Apet sa, such that a = (id, ib, PN, sa). Let us be reminded that
now we have Apet = fa5 ; a4 ; a3 ; a17 g. Fig. 8 represents graphically
this petition.
Fig. 9. Creation of the third complex agent, the facade is nished.
1236
Fig. 10. Final phase, the house is created.
5.5. Third petition: create the facade

Next, we want to create the facade of the building. We insert a new
petition into the
system to construct the facade. Let us consider a
petition pet = f u ; o; Apet where:
f u = 2 x1 + 1 x2 +.3 x3 + 1 x4 + 1 x6 + 1 x13 + 1 x14 is the utility function (all values 0 xn are not represented).
= (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0).
the beginning).
The petition sends its messages, receives agents Apet = fa12 ; a13 ;
a6 ; a7 ; a8 ; a18 g, and creates a cell and agent a19 and inserts it. Fig. 9
represents the result of this process.
Fig. 11. Close up of the nal agent a20.
11
2
0
12
1237
14
10
15
16
Fig. 12. Resulting Petri net.
5.6. Fourth petition: interiors and nishes

Finally, we will base ourselves on the agents we were creating
above and nish the building by adding the interior
walls and the

nishes. To do so, let us consider a petition pet = f u ; o; Apet , where:
f u = 2 x1 + 1 x2 +.3 x3 + 1 x4 + 1 x6 + 1 x15 + 1 x16 + 2 x17 +
1 x18 is the utility function (all values 0 xn are not represented).
= (0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0).
Apet = fg is the set of agents that are used by the petition (as usual,
the set is empty in the beginning).
The petition sends its messages, receives the responses from
agents Apet = fa15 ; a14 ; a11 ; a10 ; a9 ; a19 g, creates a new cell and inserts
the newly created agent a20 in it. Agent a20 already provides the built
house. So, if at any other moment in time we need to construct a
house with the same characteristics, we will just need to call upon
agent a20 and it will make all subsequent calls to every other agent.
Fig. 10 and Fig. 11 represents the insertion of this last agent.
5.7. Resulting Petri net from the whole process
If we were to expand subsequently all the complex agents into a
complete Petri net of the whole process we would obtain the Petri net
graphically depicted in Fig. 12. This expanded version is equivalent to
the one that agent a20 reects and corresponds to insert all the atomic
agents and then performs a petition in which we ask the house to be
directly created. This is similar to consider an agent of the construction
process in charge of personally calling every other person involved in
constructing the house and telling them what to do, without intermediaries. This complex agent will be inserted in a new cell, that has
every other cell as its children, and the passing of messages would
behave as any other complex agent, through the cell structure.
6. Conclusions
We have dened a multi-agent system that allows the user to
dene a hierarchical structuring of the tasks that these agents perform.
Our framework provides a natural way to plan a schedule of tasks and
permits parallel and sequential calling of the agents, forming a
structure similar to a critical path graph, that would allow a project
manager to ease the denition of this part of the project. Our goal is to
provide a system that automatically constructs a graph, in the form of a
Petri net [1], representing the sequence of jobs to be undertaken
during a construction process, forming a critical path graph.
We are aware that our formalism is difcult to understand since
there is a lot of mathematical machinery underlying the denition of
our systems. Thus, we have decided to build a tool that fully
implements our methodology. In this way, a user of our methodology
does not need to pay attention to the formal details and can
concentrate on dening the appropriate hierarchical structure.
Our approach allows the user to model systems that will expand
with every use. Declaring all the possible atomic tasks that a system
can perform as outputs allows the system to complete any petition
that the user can foresee. This is done through recombining atomic
agents. We continue to add complex agents in every interaction with
the tool. Thus, the system is able to perform more complex tasks with
each use, that will not need to be re-computed. Let us note that the
distinction between atomic and complex agents is fundamental since
without this separation, every behavior of the system would need to
be pre-implemented before needing it.
We had presented a previous version of the formalism [35,36]. It
has been through working on these papers that we realized some
details that, when resolved, would create a more complete and
exible approach. This led to the substitution of paths by Petri nets
and nding a way to automatically create the cell tree. The use of Petri
nets, in the enhanced model, has been a great advance in relation with
the published papers since it has added the possibility of parallelizing
tasks (agents). This does not only allow us to shorten execution time,
but in some cases even creates new emerging behaviors. Also, the
automatic creation of the cell tree, due to the computation of the least
upper bound of a cell set, is a big advantage. It allows us to keep an
order, a conceptual structure, of how agents are inserted into the tree.
Thus, with this advance, the system is able to save time in its searches.
This feature depends on the way the system sends the messages,
through its cells, and from them down to each of their sons. Moreover,
keeping close in the hierarchy agents that perform similar tasks is an
automated feature. Therefore, this represents an improvement with
respect to a manual procedure for the insertion of agents, in which
agents could have been inserted anywhere.
Acknowledgements
We would like to thank Csar Andrs with whom we developed
the initial formal language that led, after several transformations and
improvements, to the actual framework and language.
We would like to thank the anonymous reviewers for the careful
reading and their useful comments.
Research partially supported by the Spanish MEC project TESIS
(TIN2009-14312-C02-01).
Appendix
In this appendix we will present the formal framework of our
approach. We will begin by outlining some preliminary notation
regarding Petri nets and message communication in Appendix A
and then present the formal denition of the framework itself in
Appendix B.
Appendix 1. Preliminaries
In this Section we briey comment on the variant of the Petri nets
formalism that we use in our approach and dene the messages that
we allow to be exchanged between agents. Along the appendix we
will consider a set ID a that contains all the possible agent identiers.
1238
0
1
Denition 2. We denote by ID m the set of identiers for messages and

by M the set of all messages.
Messages from the rst family are tuples in ID m ID t ID a IR n.
Therefore, if we have a message m = idm ; tact ; ao ; r then:
idm {BROADCAST, REPLIES} denotes the nature of the message.

tact ID t is the identier of the actual transition of the Petri net that
originated the BROADCAST MESSAGE (see Appendix 2 for an
extended explanation).
ao ID a is the agent that originates the message.
r is the tuple of resources needed in the BROADCAST message and
the one that can supply the agent origin of the REPLIES message.
5
5
Messages from the second family are in m ID m ID a ID a.

Therefore, if we have a message m = (idm, a0, af) then:
Fig. 13. A complex agent used to show how time evolves in the Petri net.
Denition 1. In this work, a Petri net is a tuple PN = (P, T, F, M0, FP)

where:
P = {p1, p2, , pj} is a set of places.
T = {t1, t2, , ti} is a set of transitions.
F : (P T ID a) (T P) {0, 1} assigns a weight of one (or zero if the
connection does not exist) to every connection between places and
transitions and vice versa. It also adds an agent identier to the
connection between a place and a transition.
M0 : P IN { 1} is the original marking. In this work, the Petri net
is, by construction 1-safe, that is, there is at most one token in each
place. Let us note that the marking is returning the token age, not
the number of tokens in the place. If there is not a token in the place,
the marking returns 1. Initially all tokens are set to 0.
FP p P is the set of nal places that will be considered as nal places,
that is, when one of these places is reached the execution of the
Petri net nishes.
Let t T be a transition. We dene the post set of t as t = {pi| fi =
(t,pi): F(fi)= 1}. We dene the preset of t T as t= {pi| fi = (pi,t, ):
F(fi) =1}.
Next, we dene the evolution of the Petri net, as follows. We
consider that there exists a function : ID a IN that returns the time
that an agent with identier id takes to fulll its task. This function is
formally introduced in Denition 3.
The ring of a transition t, denoted by M PN, t, idM, may happen if
p t, M(p) 1 and M fullls the following conditions
- p t, M(p) = 1
- p t , M(p) = max{M(p) + (id)|F(p, t, id) = 1}
We write M PN M if there exist t and id such that M PN, t, id M.
Example 3. We will introduce a simple example to show the time

evolution of the Petri net. The number in the places represent the age
the token would have when the evolution takes it to that place, and
the numbers in the arcs represent the time that the corresponding
atomic agents take to fulll its tasks. The example is shown in Fig. 13.
The following denition introduces the different kinds of messages
that can be sent in our framework.
There exist two different kinds of messages, depending if they are
used during the phase of the creation of the petition, or during the
execution of the Petri net.
The rst family of messages corresponds to the BROADCAST and
REPLIES identiers.
The second family of messages corresponds to the STARTJOB and
FINISHEDJOB identiers.
idm {STARTJOB, FINISHEDJOB} denotes the nature of the message.

a0 ID a is the agent origin of the message.
af ID a is the agent objective of the message.
Appendix 2. Denition of the formalism

A transformation of resources is represented by a tuple sIRn .
Intuitively, a positive component of the tuple denotes that the
agent produces si units of the i-th resource while a negative
component denotes that the transition consumes sj units of the j-th
resource.
Next we show how to represent the agents. We can distinguish
between complex and atomic agents. Atomic agents assume the
responsibility of actually implementing tasks, and complex agents
cluster and delegate in the ulterior ones to accomplish complex
tasks. Agents have unique identiers assigned. These identiers can
be seen as a word that denotes the concept that the agents
represent.
Denition 3. An agent is a tuple a = id; ib; PN; s; ti where:
id ID a is the agent identier.
ib p M is the input buffer.
PN = (P, T, F, M0, FP) is a Petri net.
s is the overall transformation of resources that the agent
accomplishes. For an atomic agent this vector will be equal to the
transformation induced by the connection from the rst place to its
transition and for a complex agent this vector will be the addition of
the vectors of all the agents nested into itself.
ti IN is the time that the agent needs to complete its tasks. The
time that an atomic agent takes to complete its task is dened at the
time of creation of the agent. In contrast, the time for a complex
agent is the age of the token in the nal place, once a simulated run
from its Petri net has nished. This is the time returned by the
function.
An agent is called atomic if it is in charge of executing a single task.

Formally, for all a = ida ; ib; PN; s; ti is atomic, if PN = (P, T, F, M0, FP),
and f1 = (p1, t1, idf), such that F(f1) = 1, then a is an atomic agent if the
following restrictions hold: |P| = 2, |T| = 1, and idf = ida.
We denote by A the set of all agents.
Let us note that we do not store the order in which messages are
received in the buffer. That is why we dene a buffer as a set. Let us
also note that the notion of atomic agent means that the agent is itself
in charge of executing the transformation of resources.
Cells serve as baskets of agents to reunite, organize, conglomerate
and handle petitions as well as calls to the agents. Abstractly, a cell is
1239
the macro-concept that holds the set of instances (agents) related in

between them.
of resources. Subsequently, it creates an agent in the way described

below.
Denition 4. A cell is a tuple Acell ; id; Sons; Father; ib where
Denition 8. The function constrAg : PETA, that creates

an agent

from a specic petition, is dened as follows. Let pet = f u ; o; Apet be a
petition. Then, constrAgpet = id; ib; PN; s; ti, where id is a fresh agent
identier (created by the function newIdAgent) and ib is an empty new
buffer. The resulting agent will have a connection between a place and a
transition in PN for each agent in the set Apet . An invocation of this agent
will generate a call to each of those agents to execute their associated
tasks. The transformation of resources that this agent will accomplish is
s = ai Apet sai , where for each agent in the set Apet we have ai = (ida, iba,
PNa,
s ia, tii). Finally ti will be calculated by making a simulated run of the
Petri net, in which no resources are transformed, and assigning the value
of the age of the token in the nal place.
Before we insert the new agent into the tree structure, we must
dene how to compute the least upper bound of a set of agents.
Acell pIDa is the set of agents that belong to the cell.

id ID c is a unique identier for this cell. This can be seen as the
concept that it represents.
Sons p ID c is the set of identiers of the sons of this cell. If Sons =
then we are in a node cell.
Father ID c is the identier of the cell that is father of this cell. If
Father=nil then we are in the initial cell, from which all other cells
are dened.
ibp M is the input buffer where messages will be stored.
We denote by C the set of all cells.
Next, we dene the whole system that contains in a tree like

structure implicitly dened by the fatherson relationship, the cells
that conform the whole system. This allows a hierarchical structuring
of concepts.
Denition 5. A system is a tuple w = c0 ; x; , where
c0 is the origin cell.
xIRn is the set of available resources in the system.
is a threshold value that is used to discriminate between good and
bad values of the utility functions.
All agents that are not atomic are complex. There are two ways to
create agents. One is to insert an atomic agent during the creation of
the system and the other is through petitions to the system, being the
system in charge of recombining atomic and/or complex agents
already embedded in the system to create a new complex agent.
Denition
6. Let w = c0 ; x; be a system. A petition is a tuple

pet = f u ; o; Apet , where
f u F is a utility function.
n
IR
is the objective of the transitions, that is, the vector of
resources that we expect to have after performing the petition.
Apetp IDa is the set of agents capable of answering the petition.
Initially this set is empty, and the petition lls it as it searches
through the system.
We denote by PET the set of all petitions. We say that a petition

pet = f u ; o; Apet is fullled when
a
si + o + x0
ai Apet
where for each agent belonging to the set Apet we have ai = (id, ib, PN,
s ia, ti).
Next, we dene a function GF that will be used to climb through

the cell tree, until we reach a cell that has a father c0.
Denition 7. Let c = Acell ; id; Sons; Father; ibC, and w = c0 ; x;
be a system. We dene GF : C C as:

GF c =
c
If Father = c0 or Father = nil
GF Father Otherwise
A petition deepens into the cell tree structure looking for a

combination of agents capable of handling the needed transformation
Denition 9. The least upper bound (in short, lub) of a set of agents,
given by a function : P C C, is induced by the following order
relation: a b if there exists a descending path through the cell tree
that goes from b to a. We dene the lub as the lowest cell (in terms of
the level in the tree) that remains a common path to reach all the cells
in the set.
u Insertion
of an agent: Let w = c0 ; x; be a system and pet =
f ; o; Apet be a petition, let cellspet = fcjc : c = Acell ; id; Sons;
Father; ibCa : aApet aAcell g be a set of cells, and anew =
constrAg(pet) be the agent to be inserted. The anew agent is inserted
into a cell as follows:
If there exists (cellspet) and (cellspet) c0, then insert anew in
(cells).
Otherwise, let us consider the set Fcells = {GF(c)|c cellspet}, we
insert anew into cnew = ({anew}, newIdCell(w), Fcells, c0, ib) where ib is
an empty buffer. In addition, for every element belonging to Fcells,
change the father to be cnew.
Appendix 2.1. Steps of a petition

Next we formally present how petitions are handled in our
approach.

1. Let w = c0 ; x; be our system. Let pet = f u ; o; Apet be our
petition:
First we use a temporal vector of resources z that originally is
assigned the value of , that is, zo.
The petition
creates a temporal
agent, constrAg(pet),

apet = idpet ; ibpet ; PNpet ; spet ; ti , where we have PNpet = (P, T, F,
M0, FP). The petition creates and inserts a place (p0) in this newly
created Petri net, that is, P = P {p0}. This place will also be
added to the nal place set: FP = FP {p0}. It also creates and
adds a transition t0, T = T {t0}. Finally the petition creates a
connection between the transition and the place, that is,
F = F {((t0, p0), 1)}.
We will also consider a special transition tact initially assigned as
t0 that represents the actual transition to which the places in the
next turn must be linked.
2. Next, the petition must discriminate depending on the number of
negative resources in z:
We consider a function : IR n IN that returns the number of
negative resources.
If z = 1, then the petition sends a message m =
BROADCAST; tact ; ; z to the input buffer of every cell in thetree.
If z N 1, then we would use another function : IRn P IRn
that subdivides the resources from the petition in a collection of
1240
vectors of resources in which only one negative resource is

allowed. This operation allows us to create parallel calling of the
agents in the resulting Petri net and sends the corresponding
messages. As an example let us consider that z = 2 and
z = fz1 ; z2 g. Then messages m1 = (BROADCAST, tact, , z1) and
m2 = (BROADCAST, tact, , z2) will be sent simultaneously.
3. The cells retrieve the message from their input buffers (Choose
(ib)) and retransmit the message in their input buffer to the
agents that they withhold. So, for every agent in the set
fai = ida ; iba ; PN; s; tijai Acell g retransmit the message to its
input buffer, that is, to iba.
4. The agents handle the message from the input buffer as follows: Let
ai = ida ; iba ; PN; s; ti be the agent that is handling the message
and let m = BROADCAST; tact ; ; z be the message being handled,
if the agents internal transformation creates a resource that is
negative in the resources of the petition, that is there exists i
such that si N 0, zi b 0 considering si as the i-th element of s and zi as
the i-th element of z, then the agent sends back a message saying
that he can fulll the petition: m = REPLIES; tact ; ai ; s.
5. If the number of REPLIES messages with the same tact is greater than
one, then the petition uses the utility function to discriminate
between the different possibilities. The way this is handled is by
using a threshold value 0 b phi b 1, dened in the system
(w = c0 ; x; ), we calculate the utility functions of all the agents
involved and using the maximal value max(f u) = max(f u(s1a), ,
f u(sna)), where n is the number of agents that have answered
with a REPLIES message: In the case where one agent's utility
function is below the multiplication of this threshold by the
maximal utility function f u(sia) b max(f u) with 0 b i n then
agent ai is discarded from the set. All other agents are
parallelized, as follows:
We create a transition tj.
Add tj to the transition set: T = T {tj}.
Afterwards for every agent ai = ida ; ib; PN; s; ti, we do:
(a) We update the set Apet = Apet {ai}.
(b) We create a new place pi with 0 b i n, where n is the
number of agents
(c) P = P {pi}.
(d) F = F {(pi, tact, ida, 1), ((tj, pi), 1)} where ida the identier of
the agent.
(e) We recalculate the resources needed by the petition,
zz + s.
(f) We check if the petition is already fullled. Let our system be
w = c0 ; x; , then:
- If z + x0, then we add a token in M0 to the post set of tj,
that is, M0(tj ) = 1. And stop adding agents. Delete tj,
that is, T = T \ {tj} and for every connection in F such that
fi = (tj, ) we set F(fi) = 0. Afterwards we insert the agent
in its cell, as explained under these lines.
- Otherwise, we update tact tj. and re-send a message with
the following information, m = BROADCAST; tact ; id; z.
6 Last, if |T| = 1 then we just call execution of the agent in charge of
that transition. That is because, it means that there is already an
agent capable of handling the petition in the system. In any other
case, we calculate the lub of the cells that hold the agents, that is,

c jc : c = Acell ; id; Sons; Father; ibCa : aApet aAcell as
explained in its denition, and create a new cell if it does not exist.
We insert the agent in the cell and execute it.
Appendix 2.2. Execution of an agent
Let w = c0 ; x; be a system, a = id; ib; PN; s; ti be the agent that
we are executing, let PN = (P, T, F, M0, FP) be its Petri net, we dene the
function execute(id) as:
1. For all p such that F(p, t, id2) = 1 M0(p) N 1 performs the

following steps:
8
If id2 = id then a is an atomic agent:
>
>
>
>
>
>
Therefore; we transform the resources
>
>
<
of the system : xx + s:
(a)
>
>
>
>
>
Otherwise; we call upon executeid2 ; by
>
>
>
:
sending m = STARTJOB; id; id2 :
(b) If either id = id2 or there exists m = (FINISHEDJOB, id2, id) ib,
then we continue the evolution of the Petri net and delete the
message from ib (the buffer of id).
2. Next, we check whether the execution of the Petri net is nished.
If for all pi FP, we have M0(pi) = 1, then we nish the execution
and if there exists m = (STARTJOB, id, id2) ib, then the system
will send a message m = (FINISHEDJOB, id2, id), and delete the
former message from the buffer of id2.
Otherwise we return to step 1 and continue.
References
[1] T. Murata, Petri nets: properties, Analysis, and Applications, Proceedings of the
IEEE 77 (4) (1989) 541580.
[2] A. Mas-Colell, M. Whinston, J. Green, Microeconomic Theory, Oxford University
Press, Oxford, United Kingdom, 1995.
[3] M. Wooldridge, An Introduction to MultiAgent Systems, John Wiley & Sons Ltd,
New York, NY, USA, 2002.
[4] Y. Shoham, K. Leyton-Brown, Multiagent Systems: Algorithmic, Game-Theoretic,
and Logical Foundations, Cambridge University Press, New York, NY, USA, 2008.
[5] F. Zambonelli, N. Jennings, M. Wooldridge, Organisational rules as an abstraction
for the analysis and design of multi-agent systems, Journal of Software
Engineering and Knowledge Engineering 11 (3) (2001) 303328.
[6] R. Brooks, Elephants don't play chess, Robot. Auton. Syst. 6 (1990) 315.
[7] P. Maes, The dynamics of action selection, 11th Int. Joint Conf. on Articial
Intelligence, IJCAI'89, Morgan Kaufmann, 1989, pp. 991997.
[8] Z. Ren, C. Anumba, Multi-agent systems in construction: state of the art and
prospects, Autom. Constr. 13 (3) (2004) 421434.
[9] J. Wang, X. Liu, A task-based modeling method for process modeling and
automation in project management, 4th Int. Conf. on Wireless Communications,
Networking and Mobile Computing, WiCOM'08, IEEE Computer Society Press,
2008, pp. 14.
[10] A. Sawhney, H. Bashford, K. Walsh, A. Mulky, Agent-based modeling and
simulation in construction, 35th Winter Simulation Conf, IEEE Computer Society
Press, Washington, DC, USA, 2003, pp. 15411547.
[11] G. Howel, White Paper for Berkeley/Stanford CE&M Research Workshop, www.ce.
berkeley.edu/tommelein/CEMworkshop/Howell.pdf 1999.
[12] K. Kim, K.J. Kim, Multi-agent-based simulation system for construction operations
with congested ows, Autom. Constr. 19 (7) (2010) 867874.
[13] H. Li, Petri net as a formalism to assist process improvement in the construction
industry, Autom. Constr. 7 (4) (1998) 349356.
[14] W. van der Aalst, M. Stoffele, J. Wamelink, Case handling in construction, Autom.
Constr. 12 (3) (2003) 303320.
[15] Y. Zhu, G. Augenbroe, A conceptual model for supporting the integration of interorganizational information processes of AEC projects, Autom. Constr. 15 (2)
(2006) 200211.
[16] A. Sawhney, Petri net based simulation of construction schedules, 29th Winter
Simulation Conf., IEEE Computer Society, Washington, DC, USA, 1997, pp. 11111118.
[17] A. Sawhney, O. Abudayyeh, T. Chaitavatputtiporn, Modeling and analysis of a
concrete production plant using Petri nets, Journal of Computing in Civil
Engineering 13 (3) (1999) 178186.
[18] D. Goldberg, Genetic Algorithms in Search, Optimisation and Machine Learning,
Addison-Wesley, Boston, MA, USA, 1989.
[19] C. Chang, M. Christensen, T. Zhang, Genetic algorithms for project management,
Annals of Software Engineering 11 (1) (2001) 107139.
[20] B. Boehm, Software Engineering Economics, Prentice Hall, Upper Saddle River, NJ,
USA, 1981.
[21] P.-H. Chen, H. Weng, A two-phase GA model for resource-constrained project
scheduling, Autom. Constr. 18 (4) (2009) 485498.
[22] L. Long, A. Ohsato, A genetic algorithm-based method for scheduling repetitive
construction projects, Autom. Constr. 18 (4) (2009) 499511.
[23] M. Dorigo, V. Maniezzo, A. Colorni, The ant system: optimization by a colony of
cooperating agents, IEEE Transactions on Systems, Man and Cybernetics B 26 (1)
(1996) 2941.
[24] S. Christodoulou, Construction imitating ants: resource-unconstrained scheduling
with articial ants, Autom. Constr. 18 (3) (2009) 285293.
[25] Q. Duan, T.W. Liao, Improved ant colony optimization algorithms for determining
project critical paths, Autom. Constr. 19 (6) (2010) 676693.
[26] H. Abdallah, H. Emara, H. Dorrah, A. Bahgat, Using ant colony optimization
algorithm for solving project management problems, Expert Systems with
Applications 36 (6) (2009) 1000410015.

[27] X. Ning, K. Lam, M.-K. Lam, Dynamic construction site layout planning using max
min ant system, Autom. Constr. 19 (1) (2010) 5565.
[28] J. Kennedy, R. Eberhart, Particle swarm optimization, IEEE Int. Conf. on Neural
Networks, ICNN'95, 1995, pp. 19421948.
[29] M. Lu, H.-C. Lam, F. Dai, Resource-constrained critical path analysis based on
discrete event simulation and particle swarm optimization, Autom. Constr. 17 (6)
(2008) 670681.
[30] J.-H. Chen, L.-R. Yan, M.-C. Su, Comparison of SOM based optimization and particle
swarm optimization for minimizing the construction time of a secant pile wall,
Autom. Constr. 18 (6) (2009) 844848.
[31] C.-W. Feng, Y.-J. Chen, J.-R. Huang, Using the MD CAD model to develop the timecost integrated schedule for construction projects, Autom. Constr. 19 (3) (2010)
347356.
1241
[32] H. Li, N. Chan, T. Huang, H. Guo, W. Lu, M. Skitmore, Optimizing construction

planning schedules by virtual prototyping enabled resource analysis, Autom.
Constr. 18 (7) (2009) 912918.
[33] K. Kim, J. Paulson, J. Petrie, V. Lesser, Compensatory Negotiation for Agent-Based
Project Schedule Coordination, , 2000.
[34] J. Fonseca, E.D. Oliveira, A. Steiger-Garao, A DAI based resource management
system, Applied Articial Intelligence 11 (6) (1997) 525550.
[35] C. Andrs, C. Molinero, M. Nez, A formal methodology to specify hierarchical agentbased systems, 4th Int. Conf. on Signal-Image Technology & Internet-based Systems,
SITIS'08, IEEE Computer Society Press, Washington, DC, USA, 2008, pp. 169176.
[36] C. Andrs, C. Molinero, M. Nez, A hierarchical methodology to specify and simulate
complex computational systems, 9th Int. Conf. on Computational Science, ICCS'09,
LNCS 5544, Springer, Berlin, Heidelberg, Germany, 2009, pp. 347356.

Federwin - Sip.ucm - Es Sic Investigacion Publicaciones Pdfs Tesis CarlosMolinero

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Federwin - Sip.ucm - Es Sic Investigacion Publicaciones Pdfs Tesis CarlosMolinero

Caricato da

Copyright:

Formati disponibili

Dos aplicaciones de los mtodos formales

para el desarrollo y testing de sistemas

Departamento de Sistemas Informticos y Computacin

Director: Manuel Nez Garca

testing formal, que esencialmente consiste en la aplicacin de un

agentes simples y agentes complejos. Los agentes simples

clulas, creando un rbol que regula el paso de mensajes.

adaptive sequences which are trees of inputs that allow us to reach a

certain state, in a univocal manner, in a non-deterministic nite state machine.

Discusin integradora y objetivos . . . . . . . . . . . . . . . . . . . . . . . . .

Integration discourse and objectives . . . . . . . . . . . . . . . . . . . . . . . .

3. Estado del arte: testing formal

Relaciones formales entre procesos

IOCO: input output conformance . . . . . . . . . . . . . . . . . . . . .

Tcnicas clsicas de testing formal

Las secuencias UIO (secuencias nicas de input/output) . . . . . . . .

4. Estado del arte: mtodos de bsqueda heursticos

Los algoritmos genticos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Codicacin de la secuencia del ADN . . . . . . . . . . . . . . . . . . .

Juzgar y seleccionar a la especie

Otras tcnicas heursticas

Algoritmos basados en la optimizacin de colonias de hormigas

Inteligencia de enjambres (swarm intelligence) . . . . . . . . . . . . . .

Formacin dinmica de ros

Tcnicas de bsqueda heursticas para testear sistemas . . . . . . . . . . . . .

Uso de algoritmos genticos en testing

Mtodos heursticos para explorar grandes espacios de estados

Optimizacin automtica de tests mediante un modelo bacteriolgico .

Heursticas para diagnosticar fallos . . . . . . . . . . . . . . . . . . . .

Aplicacin de algoritmos genticos para la asignacin de recursos

5. Estado del arte: sistemas multi-agente

Especicacin formal de los sistemas multi-agentes

Organizacin de sistemas multi-agente

MAS aplicados a la construccin

6. Conclusiones y trabajo futuro

7. Conclusions and future work

A.2. Repaso de lenguajes comnmente usados . . . . . . . . . . . . . . . . . . . . .

A.2.1. lgebras de procesos . . . . . . . . . . . . . . . . . . . . . . . . . . . .

A.2.2. Sistemas etiquetados de transiciones

A.2.4. Stream X-Machines . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

A.2.5. Autmatas de Bchi . . . . . . . . . . . . . . . . . . . . . . . . . . . .

A.2.6. Autmatas con pila . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

A.2.7. Mquinas de Turing

A.2.3. Mquinas de estados nitos

A.2.8. Redes de Petri

Paisajes de diferentes funciones heursticas.

Mutacin de un gen del ADN. . . . . . . . . . . . . . . . . . . . . . . . . . . .

Variacin de la concentracin de feronomas en caminos que evitan un obstculo. 38

Diversas inicializaciones del algoritmo de escalada simple en dos paisajes

A.1. Una red de Petri (izquierda) y el resultado de su ejecucin.

A formal approach to the specication of hierarchical multi-agent systems

planicadores estaba limitado a la expresividad del lenguaje elegido. Esta deciencia

adquiridos en el Mster de Investigacin en Informtica sobre algoritmos genticos y teniendo

estndar, fuimos llegando a un modelo que presentaba una demostrable

La presente tesis doctoral se presenta en formato publicaciones, de acuerdo con el

y habiendo sido raticados tras los

1.1. Discusin integradora y objetivos

por parte del usuario

1.1. Discusin integradora y objetivos

A formal methodology to specify hierarchical agent-based systems. Publicado en 4th

Computer Science Conference Ranking (basado en Estimated Impact

of Conference, EIC, 2009) y aparece tambin catalogada con la categora B en la lista

Web-Based Information Technologies

certain state, in a univocal manner, in a non-deterministic nite state machine.

Codicacin de la secuencia del ADN . . . . . . . . . . . . . . . . . . .

Especicacin formal de los sistemas multi-agentes

A.2.3. Mquinas de estados nitos

A formal approach to the specication of hierarchical multi-agent systems

planicadores estaba limitado a la expresividad del lenguaje elegido. Esta deciencia

y habiendo sido raticados tras los

An islands model genetic algorithm to test non-deterministic nite state machines

posibilidad de que una sencilla denicin de pre/post-condiciones permitiera la aparicin

mutacin de especicaciones [CS94]. Esta tcnica surgi

La primera modicacin importante del formalismo para describir un sistema de agentes

En el siguiente artculo de la serie [MNH11b] se analiza experimentalmente la ecacia del

specication of hierarchical multi-agent systems [Mol09]. The biggest diculties encountered

Experimental Comparison of Dierent Techniques to Generate Adaptive Sequences

An islands model genetic algorithm to test non-deterministic nite state machines

implementacin no coinciden con las de la especicacin,

un input de la implementacin nos lleva a un estado distinto que el de la especicacin o