On reduced forms of initialized Finite State Machines with timeouts

. Trace models such as Finite State Machines (FSMs) are widely used in the area of analysis and synthesis of discrete event systems. FSM minimization is a well-known optimization problem which allows to reduce the number of FSM states by deriving the canonical form that is unique up to isomorphism. In particular, the latter is a base for FSM-based ‘black-box’ test derivation methods such as W-method and its modifications. Since nowadays the behavior of many software and hardware systems significantly depends on time aspects, classical FSMs are extended by clock variables including input and output timeouts. The minimization of a Timed Finite State Machine (TFSM) includes both state and time aspects reduction. Existing approaches allow to derive the canonical representation for non-initialized deterministic TFSMs while for initialized TFSMs, i.e., TFSMs with the designated initial state, several pair-wise non-isomorphic minimal forms can exist. In this paper, we determine initialized TFSM classes for which the minimal form is unique up to isomorphism. cardinality of E . The transition relation of the reduced form is derived based on transitions between E classes. It is shown that the minimal form of an initialized FSM as well as of a non-initialized deterministic complete FSM is unique up to isomorphism.


Introduction
Finite State Machines (FSM) [1,2] are widely used for synthesis and analysis of discrete components of telecommunication and other hardware and software systems [3,4,5]. The complexity of solving many problems significantly depends on the number of states of an FSM that represents the system (component) specification; moreover, having the canonical form of a model usually simplifies solving these problems. For example, almost all FSM-based test derivation methods [6,7] with guaranteed fault coverage for telecommunication protocols and other control systems with deterministic behavior are developed for reduced FSMs, i.e., FSMs which have different behavior at any two different states and such a reduced machine is unique for any complete deterministic FSM. In the classical FSM theory, FSM minimization methods are well developed [1], i.e., given a deterministic complete FSM, it is well known how to derive a reduced form of the FSM that in fact is the canonical representation of a complete deterministic FSM. Nowadays time aspects become very important when describing the behavior of digital and hybrid systems, and, respectively, classical FSMs have been extended with time variables [see, for example, 8,9,10,11]. A timed FSM (TFSM) is an FSM annotated with a clock and extended by input/output timeouts and input/output timed guards [10,12]. Input timed guards describe the behavior at a given state for inputs which arrive during an appropriate time interval until timeout at the state expires. If no input is applied until the clock value reaches an (input) timeout then the system can spontaneously move to another state. An output timeout describes how long an applied input is processed at a given state. In the number of cases [10], an FSM with output timed guards is considered when an interval of possible output delays for processing each transition is given. In this paper, we assume that every output timeout is a non-negative integer. As a simple example, computers or mobiles can be considered when the devices move to a sleep mode if no button is pressed during an appropriate number of time units, i.e., no input is applied. When minimizing classical FSMs (and other trace models) most attention is paid to minimizing the number of states of the machine under investigation. Differently from classical FSMs, a timed FSM can have several non-isomorphic state reduced forms and time aspects should be also taken into account when minimizing a TFSM. In [13], the notion of a time and state reduced non-initialized FSM with timed guards and timeouts is introduced. The authors also show that such minimal form is unique up to isomorphism for a non-initialized complete TFSM. However, such minimal form is not unique for an initialized complete FSM with timeouts while such machines are widely used for modeling timed systems with a reliable reset signal. For example, a number of test derivation techniques are developed for initialized FSMs and the absence of the unique reduced form for Timed FSMs do not allow to directly apply W-methods and its derivatives to initialized TFSMs [14]. It is known that the reason for having several minimal forms is closely related to input timeouts [15], since for FSMs with timed guards there is the unique state and time reduced FSM with time guards [16]. In this paper, we determine classes of initialized FSMs with timeouts for which the unique minimal form can be derived. The structure of the paper is as follows. Section 2 contains the preliminaries for classical and timed FSMs. In Section 3, the related work on minimizing TFSMs is briefly described. In Section 4, we determine a class of initialized TFSMs for which the minimal form is unique up to isomorphism. In Section 5, we show how the unique form can be derived for an FSM with timeouts based on its transformation to an FSM with timed guards. Section 6 concludes the paper.

Preliminaries
This section contains basic definitions of classical and timed Finite State Machines.

Finite State Machines
The model of a Finite State Machine (FSM) [1] is used for describing the behavior of a system that moves from state to state under input stimuli and produces predefined output responses. If the system has a reliable reset then usually the system behavior is described by an initialized FSM, i.e., by an FSM with the designated initial state. Formally, an initialized FSM is a 5-tuple S = (S, I, O, hS, s0) where S is a finite non-empty set of states with the designated initial state s0, I and O are input and output alphabets, and hS ⊆ (S × I × O × S) is the transition (behavior) relation. A transition (s, i, o, s′) describes the situation when an input i is applied to S at the current state s and S moves to state s′ and produces the output (response) o. A trace or an Input/Output sequence α/γ of the FSM S at state s is a sequence of consecutive input/output pairs starting at the state s. There is a trace α/γ = i1/o1, i2/o2, …, in/on at state s of FSM S if and only if there exist transitions (s, i1, o1, s1), (s1, i2, o2, s2), …, (sn-1, in, on, sn). Given a trace α/γ, α is the input projection of the trace (input sequence) while γ is the corresponding output projection (output sequence), i.e., an output response of the FSM when the input sequence α is applied at state s. In this paper, if the converse is not explicitly stated, we consider complete and deterministic FSMs where for each state s and input sequence α there exists a single trace α/γ. Given an input sequence α of a deterministic complete FSM, state s' is the α-successor of state s in FSM S if S moves from state s to state s' when α is applied. Given an initialized FSM S, a trace α/γ is a trace of the FSM if it is a trace at the initial state of S.

Timed Finite State Machines
In this paper, a Timed FSM (TFSM) is an FSM with timeouts that can spontaneously move to another state when the timeout expires at a current state. Respectively, a TFSM is an FSM annotated with a clock (timed variable) and timeouts. A good example is a server implementation which can decline the connection when a client request is not applied within an appropriate timeout. Correspondingly, an initialized TFSM is a 6-tuple S = (S, I, O, hS, ΔS, s0) where S is a finite nonempty set of states with the designated initial state s0, I and O are input and output alphabets, hS ⊆ S × I × O × S × Z is the transition relation, ΔS is the timeout function and Z is a set of output delays which are nonnegative integers. We consider the timeout function ΔS: where N is the set of positive integers: for each state this function specifies the maximum time for waiting for an input. If no input is applied until an (input) timeout expires then the system can spontaneously move to another state. By definition, for each state of the TFSM exactly one timeout is specified. An output delay describes the number of ticks when an output has to be produced after applying an input. A transition (s, i, o, s′, d) describes the situation when an input i is applied to S Tvardovskii A., Yevtushenko N. On reduced forms of initialized Finite State Machines with timeouts. Trudy ISP RAN/Proc. ISP RAS, vol. 32, issue 2, 2020. pp. 125-134 128 at the current state s. In this case, the FSM moves to state s′, the clock value then is set to zero and S produces output o after d time units. Given state s of TFSM S such that ΔS(s) = (s', T), if no input is applied before the timeout T expires then the TFSM S moves to state s' while the clock value is set to zero. If ΔS(s) = (s', ∞) then s' = s; in other words, in this case, the TFSM can stay at state s infinitely long waiting for an input. In this work, we consider complete and deterministic TFSMs where for each pair (s, i) ∈ S × I, there exists a single transition (s, i, o, s′, d) ∈ hS. Similar to [7], for each state s of TFSM S we consider the function time(s, t) = s' that determines state s' that will be reached by the TFSM if no input is applied during t time units.
tn)/(on, dn) of consecutive pairs of timed inputs and timed outputs starting at the state s is a timed I/O sequence or a timed trace of TFSM S at state s. Similar to FSMs, α is an applied timed input sequence while γ is the corresponding output response of the TFSM to sequence α of applied inputs. The behavior of TFSM S at state s is the set of all timed traces at this state. For a timed input sequence α of TFSM S at state s the α-successor is defined similar to FSM. In order to determine the output response of the TFSM at state s to a timed input (i, t), state s' = time(s, t) is calculated first. State s' is a state where the TFSM moves from state s via timeout transitions such that the maximum sum Σ of all timeouts starting from state s is less than t and t − Σ < T, where ΔS(s) = (s''', T). At the second step, a transition (s', i, o, s'', d) is used and respectively, the machine produces the output (o, d) to a timed input (i, t) applied at state s and moves to the next state s''. Thus, the output response of the TFSM to a timed input sequence at state s is iteratively determined starting from state s. Similar to FSMs, the set of all timed traces at the initial state of the initialized TFSM determines the TFSM behavior. A timed input sequence α is a transfer sequence for state s or simply an s-transfer sequence in TFSM S if state s is the α-successor of the initial state of S. If for state s of TFSM S there exists a transfer timed input sequence α, then s is an input-reachable state, otherwise s is input-unreachable. By default, the initial state is input-reachable, since it is reachable by the empty input sequence. If for an input-unreachable state s' there exists a time instance t and input-reachable state s such that time(s, t) = s' then s' is time-reachable. The TFSM S is initially connected or simply connected if each state s ∈ S is input-or time-reachable. In this paper, we consider only connected TFSMs. Example. Consider a TFSM S in Figure 1 with the initial state a. This TFSM is connected but state b is input-unreachable.

Minimization problem
There is a big body of work for minimizing a classical deterministic complete FSM based on the state equivalence [1]. We now remind the notion of equivalent states for deterministic complete (Timed) FSMs [1,12]. Given complete deterministic (Timed) FSMs S and P with their states s and p, states s and p are equivalent if (timed) output responses at these states coincide for each (timed) input sequence. If states s and p are not equivalent then they are distinguishable.

FSM Minimization
The minimal form of a (initialized) deterministic complete FSM S is defined as a (initialized) state reduced FSM which is equivalent to S. An algorithm for deriving the minimal form (or an FSM minimization algorithm) for classical deterministic complete FSMs has been proposed in [1] and is based on partitioning the state set into equivalence classes, i.e., subsets with pairwise equivalent states. The equivalence relation induces a partition E of the set of states of a complete deterministic FSM. Any two states of the same class of the partition E are equivalent; any two states of different classes of partition E are distinguishable. Respectively, states of the reduced form correspond to classes of the partition E, i.e., the number of states of the reduced form equals the cardinality of E. The transition relation of the reduced form is derived based on transitions between E classes. It is shown that the minimal form of an initialized FSM as well as of a non-initialized deterministic complete FSM is unique up to isomorphism.

TFSM Minimization
The notions of a state reduced TFSM and the partition into equivalent states are defined similar to those of classical FSMs. A state reduced form of an FSM with timeouts can be derived based on its FSM abstraction [13,15]. Moreover, in order to derive the unique minimal form up to isomorphism for a non-initialized FSM with timeouts, a so-called time reduced form should be also constructed. A non-initialized FSM with timeouts S is time reduced if for each state s such that ΔS(s) = (s', T), it holds that for each state s'' ∈ S and integer T' < T, TFSM S' which is obtained from S by replacing the timeout at state s to ΔS(s) = (s'', T'), is not equivalent to S. Minimal timeouts for states of TFSM S can be found based on its FSM abstraction [13]. In other words, when deriving a time reduced form of a non-initialized TFSM, the timeout for each state s should be set to the minimum value in such a way that the TFSM behavior at state s is not changed. In [13], the following theorem has been proven. Theorem 1. Two non-initialized deterministic complete state and time reduced FSMs with timeouts are equivalent if and only if they are isomorphic. Respectively, the minimal form of a non-initialized deterministic complete TFSM is unique up to isomorphism.

The uniqueness of the minimal form of initialized FSMs with timeouts
Unlike non-initialized Timed FSMs, a complete deterministic initialized FSM with timeouts can have several non-isomorphic state and time reduced forms. An example is shown in Figure 1 where two equivalent minimal initialized FSMs with timeouts are presented. However, those TFSMs are not isomorphic. The reason is that for non-initialized equivalent TFSMs, for each state of one machine there is an equivalent state of another machine and vice versa. For initialized machines it is not the case for input-unreachable states. In fact, there can exist some states in TFSMs which are only time-reachable, i.e., are not inputreachable, for example, state b of TFSM S (Figure 1). This input-unreachable state can be removed from the TFSM if the TFSM moves from state a to state c via a timeout transition. The corresponding Tvardovskii A., Yevtushenko N. On reduced forms of initialized Finite State Machines with timeouts. Trudy ISP RAN/Proc. ISP RAS, vol. 32, issue 2, 2020. pp. 125-134 130 TFSM P is presented in the Figure 1 on the right where the timeout of value two is used instead of two timeouts of value one. Therefore, the problem that a reduced form of an FSM with timeouts is not unique is closely related to states which are only time-reachable because for these states, the requirement for the one-to-one correspondence between states of initialized equivalent TFSMs does not need to necessarily hold. In this paper, we specify classes of initialized FSMs with timeouts for which the state and time reduced form is unique up to isomorphism.

Input-connected FSM with timeouts
Since the existence of several state and time reduced equivalent but non-isomorphic initialized FSMs with timeouts is closely related to time-reachable states, we first consider TFSMs without such states. An FSM with timeouts S is input-connected if each state s ∈ S is input-reachable. In other words, given a state s of an input-connected initialized FSM with timeouts, there exists a transfer timed input sequence from initial state to state s. For input-connected TFSMs, the following proposition can be proven. Proposition 1. Two deterministic complete state and time reduced initialized input-connected FSMs with timeouts are equivalent if and only if they are isomorphic. Proof. Let deterministic complete state and time reduced initialized input-connected FSMs S and P with timeouts be equivalent. Since the TFSMs are equivalent then α-successors s and p of initial states TFSMs S and P respectively are equivalent for any timed input sequence α. Moreover, since S and P are state reduced then one-to-one correspondence Hi: S → P can be established such that p = Hi(s) is an input-reachable state of TFSM P which is equivalent to the input-reachable state s. Similar to [13] Since isomorphic TFSMs coincide up to state renaming, isomorphic TFSMs are equivalent. Corollary. The minimal (state and time reduced) form of an input-connected initialized FSM with timeouts is unique up to isomorphism. However, there exist FSMs with timeouts which have time-reachable states, i.e., are not inputconnected. We next consider such TFSMs and discuss when the unique minimal form for TFSMs with input-unreachable states can be derived.

Minimization procedure using FSMs with timed guards
Given an FSM with timeouts, according to the corollary to Proposition 1, if this FSM has a state and time reduced input-connected form, then this form is unique up to isomorphism. However, just now we do not know whether such a minimal form exists for any FSM with timeouts. On the other hand, FSMs with timed guards can be considered as another type of the minimal form and such TFSMs are input-connected. It is known [12] that there exists a class of FSMs with timeouts which can be represented by a corresponding FSM with timed guards. Respectively, in this section, we show that if for an FSM with timeouts there exists a minimal form with timed guards then such minimal form is unique up to isomorphism.

FSM with timed guards
An initialized FSM with timed guards is a 5-tuple S = (S, I, O, s0, hS) where I and O are input and output alphabets, S is the finite non-empty set of states with the designated initial state s0, hS ⊆ (S × I × O × S × Π × Ζ) is the transition relation with the set of input timed guards Π. An input timed guard g ∈ Π describes the time domain when a transition can be executed and is given in the form of interval min, max from [0; ∞), where  ∈ {(, [}, ∈{), ]}. The transition (s, i, o, s′, g, d) ∈ S × I × O × S × Π × Ζ means that TFSM S being at state s accepts an input i applied at time t ∈ g measured from the moment when TFSM S entered state s; the clock then is set to zero, S produces output o and moves to state s′ after d time units. The state reduced form for FSM with timed guards can be derived based on its FSM abstraction [13] or by the algorithm presented in [16]. Moreover, an FSM with timed guards is time reduced if for each two transitions (s, i, o, s', g1, d), (s, i, o, s', g2, d) ∈ hS it holds that timed guards g1 and g2 cannot be merged into a single guard. Thus, in order to derive the time reduced form for an FSM with timed guards, transitions under the same input with the same output and output delay, between the same states, the timed guards which can be merged should be replaced by a single transition. The uniqueness of the minimal form of a non-initialized FSM with timed guards has been proven in [13] and next we formulate a similar proposition for initialized TFSMs. Proposition 2. Two deterministic complete time and state reduced initialized connected FSMs with timed guards are equivalent if and only if they are isomorphic. Proof. Let deterministic complete time and state reduced initialized connected FSMs with timed guards S and P be equivalent. Since TFSMs S and P are equivalent, the α-successors s and p of initial states of these TFSMs are also equivalent for each α, i.e., at these states there are the same output responses for each timed input sequence. Moreover, since S and P are state reduced then the one-toone correspondence H: S → P can be established such that p = H(s) is a state of TFSM P which is equivalent to state s. We now show that for each transition (s1, i, o, s2, g, d) ∈ λS there exists a transition (p1, i, o, p2, g, d) ∈ λP, where p1 = H(s1) and p2 = H(s2). Let there exist (s1, i, o, s2, g, d) ∈ λS, but (H(s1), i, o, H(s2), g, d) ∉ λP. Since s1 and p1 are equivalent, the behavior of P at state p1 in time interval g coincides with that of the TFSM S at state s1. Respectively (p1, i, o, p2, g', d) ∈ λP, where g ⊂ g', because P is state and time reduced. However, the behavior of TFSM S for the same input i at state s for time instances in g differs from that in adjacent intervals since S is state and time reduced. Thus, there exists t ∈ g' \ g, such that the output responses to (i, t) at states s and p do not coincide. In a similar way, we can show that for each transition (H(s1), i, o, H(s2), g, d) ∈ λP there exists a transition (s1, i, o, s2, g, d) ∈ λS and thus, S and P are isomorphic. Since isomorphic TFSMs coincide up to state renaming, isomorphic TFSMs are equivalent. Thus, the minimal (state and time reduced) form of an initialized FSM with timed guards is unique up to isomorphism and next we show how FSM with timeouts can be represented by a TFSM with timed guards in some cases.

Transformation of an FSM with timeouts into an FSM with timed guards
An FSM with timeouts S is timeout loop-free [12] if there is no cycle of transitions labeled with timeouts. A timeout loop-free FSM can be represented as an FSM with timed guards by the algorithms proposed in [12].  132 Return S = (S, I, O, hS, s0). Proposition 3 [12]. Given a complete deterministic initialized timeout loop-free FSM S', let S be an FSM with time guards returned by Algorithm 1 for S'. TFSM S is a complete deterministic initialized FSM with timed guards that is equivalent to S'. Let S be an FSM with timed guards that is returned by Algorithm 1 for a timeout loop-free FSM S'. Note that each time-reachable state of TFSM S' becomes unreachable from the initial state of TFSM S and, respectively, can be removed since the behavior at this state does not affect the machine behavior at the initial state. As an example, for the timeout loop-free FSM S in Figure  1 the corresponding FSM with timed guards Q is presented in Figure 2. State b of TFSM Q becomes unreachable from the initial state a and can be removed without changing the initialized TFSM behavior. The following proposition can be proven based on Proposition 2 and results from [12]. Given an initialized timeout loop-free FSM S, the state and time reduced form can be derived for S as such a form for a corresponding FSM with timed guards. Respectively, the unique minimal form for FSM with timed guards or timeouts P can be derived by the following algorithm. Algorithm 2: Deriving the minimal form of an initialized FSM with timed guards or timeouts Input: An initialized FSM with timed guards or an initialized FSM with timeouts S Output: The minimal FSM with timed guards S' Step 1. If S is an FSM with timeouts then Step 2, else Step 3.
Step 2. If S is a timeout loop-free FSM then call Algorithm 1 for deriving a corresponding FSM with timed guards and Step 3, else the unique minimal form as an FSM with timed guards cannot be derived.
Step 3. The unique minimal form with timed guards S' is derived as described in [16]. Proposition 5. Let P be a TFSM returned by the Algorithm 2 for a complete deterministic initialized timeout loop-free FSM or an FSM with timed guards S. TFSM P is a complete deterministic initialized state and timed reduced FSM with timed guards which is equivalent to S. Given an FSM with timed guards or timeouts, we next determine a corresponding class of TFSMs with the unique minimal form in the following way. Theorem 2. Given two deterministic complete FSMs with timed guards or timeouts S and P which are initialized connected timeout loop-free TFSMs, S and P are equivalent if and only if their time and state reduced forms of corresponding FSMs with timed guards are isomorphic.

Conclusion
In this work, we have investigated the uniqueness of the minimal form for initialized FSMs with timeouts. We determine two TFSM classes for which the minimal form is unique up to isomorphism. The first class contains initialized TFSMs for which all states are reachable from initial state under a timed input sequence. The second class contains TFSMs which are timeout loop-free, i.e., their transition diagrams have no loops labeled with timeouts.
We also note that the uniqueness of the minimal form for Timed FSMs allows to directly adapt classical W-based test derivation methods for TFSMs. These methods are based on checking the equivalence relation by checking the isomorphism (or possibly another relation for nondeterministic TFSMs) between the specification and an implementation under test. We also plan to study the possibility of deriving homing and synchronizing sequences for FSMs with timeouts based on their minimal forms.