Algorithms for Synthesizing Priorities in Component-based Systems

We present algorithms to synthesize component-based systems that are safe and deadlock-free using priorities, which define stateless-precedence between enabled actions. Our core method combines the concept of fault-localization (using safety-game) and fault-repair (using SAT for conflict resolution). For complex systems, we propose three complementary methods as preprocessing steps for priority synthesis, namely (a) data abstraction to reduce component complexities, (b) alphabet abstraction and #-deadlock to ignore components, and (c) automated assumption learning for compositional priority synthesis.

💡 Research Summary

The paper addresses the automatic synthesis of priorities for component‑based systems modeled in the BIP (Behavior‑Interaction‑Priority) framework, with the goal of guaranteeing safety and deadlock‑freedom. Priorities are stateless precedence relations of the form σ₁ ≺ σ₂ that restrict the execution of enabled interactions: when two interactions are simultaneously enabled, the one with higher priority may proceed while the lower‑priority one is suppressed. Because priorities are stateless and operate only on interaction labels, they are easy to implement in a distributed setting.

The authors propose a two‑phase synthesis methodology that mirrors the classic fault‑localization + fault‑repair paradigm. In the first phase, fault‑localization, they treat the safety requirement as a two‑player safety game. Starting from the set of risk configurations (bad states), they compute the attractor – the set of states from which the environment can force the system into a risk state regardless of the controller’s choices. Using a symbolic safety‑game algorithm, they identify a “fault‑set”: states from which an erroneous interaction would inevitably lead into the attractor, while an alternative safe interaction exists. These fault‑set states are the precise locations where the system must be constrained.

In the second phase, fault‑repair, the algorithm generates candidate priority relations that prevent the system from taking the unsafe interaction at each fault‑set state. The candidate set is encoded as a Boolean formula and handed to a SAT solver. The SAT encoding captures (i) the requirement that at any state where both σ₁ and σ₂ are enabled, σ₁ ≺ σ₂ must forbid σ₁, (ii) transitivity and irreflexivity of the priority relation, and (iii) the avoidance of conflicts that could re‑introduce deadlocks. The solver returns a minimal (or at least a feasible) subset of priorities P⁺ that, when added to the existing priority set P, guarantees that the system never reaches the attractor and thus remains safe and deadlock‑free.

To make the approach scalable for large systems, the paper introduces three complementary preprocessing techniques:

1. Data abstraction – each component’s data variables are abstracted to a Boolean domain, collapsing many concrete valuations into a single abstract state. This reduces the size of the product state space without sacrificing the correctness of priority synthesis.

2. Alphabet abstraction and “#‑deadlock” – the interaction alphabet Σ is partitioned, and components whose interactions are deemed irrelevant for a particular safety property are replaced by a special “#” action. The notion of “#‑deadlock” ensures that ignoring these components does not introduce spurious deadlocks in the abstract model.

3. Automated assumption learning – for compositional synthesis, the authors employ automata‑learning (e.g., L* algorithm) to infer assumptions about the behavior of other components. These assumptions serve as contracts that allow each component to be synthesized independently, after which the local priority sets are combined.

The symbolic encoding of the system is based on a two‑stage transition relation that mirrors the BIP engine’s execution cycle: (Stage 0) the environment raises all enabled interactions, and (Stage 1) the controller selects one enabled interaction respecting the priority relation and updates component states. Boolean variables encode the current stage, interaction enablement, component locations (binary‑encoded), and data variables. Algorithms 1 and 2 construct the stage‑0 and stage‑1 transition predicates, respectively. The encoding allows the use of Binary Decision Diagrams (BDDs) for efficient existential quantification and substitution, and a variable‑ordering heuristic further improves performance.

The authors prove that priority synthesis is NP‑complete in the size of the product graph (|R_S| + |Σ|), confirming the inherent difficulty of the problem. Nevertheless, their incomplete search framework—guided by fault‑localization and SAT‑based repair—solves many practical instances far more efficiently than a naïve exhaustive search.

Implementation and evaluation are performed within the VISSBIP tool (the authors’ predecessor to D‑Finder). Experiments on benchmark systems, including a distributed communication example, demonstrate that the synthesized priorities are often local (involving only actions of a single component), which is advantageous for distributed deployment. Alphabet abstraction enables scaling to models with thousands of components, while assumption learning yields compositional synthesis for behavioral safety properties (those expressed as regular languages).

In summary, the paper contributes a comprehensive algorithmic framework that combines game‑theoretic fault localization, SAT‑based conflict resolution, and several abstraction techniques to automatically generate priority relations guaranteeing safety and deadlock‑freedom in component‑based systems. The approach is theoretically grounded, symbolically encoded for efficiency, and validated on realistic case studies, advancing the state of the art in automated synthesis for distributed, component‑oriented software and hardware designs.