Controlled SANs for Real-Time Systems

• Controlled SANs are formal extensions of classical Stochastic Activity Networks that integrate explicit control actions with probabilistic and timed behaviors.
• They support both qualitative and quantitative analysis through hierarchical automata-theoretic semantics, bisimulation, and compositional design techniques.
• By generalizing CTMDPs and enabling robust model abstraction, Controlled SANs provide a rigorous framework for designing and verifying distributed real-time systems under uncertainty.

Controlled Stochastic Activity Networks (Controlled SANs) are a formal extension of classical Stochastic Activity Networks developed to systematically model distributed real-time systems exhibiting dynamic nondeterminism, probabilistic branching, and stochastic timing, with direct integration of explicit control actions. This framework introduces a rigorous mathematical and semantic foundation supporting compositional system design, model abstraction, and the precise specification, verification, and synthesis of dependable systems operating under uncertainty. Controlled SANs unify graphical notation, hierarchical automata-theoretic semantics, and a structured taxonomy of control policies, thus supporting both qualitative and quantitative analyses and generalizing legacy models such as continuous-time Markov decision processes (CTMDPs) (Movaghar, 17 Nov 2025).

1. Formal Specification of Controlled SANs

A Controlled SAN is formally defined as a 9-tuple: $$N = \left(P,\; IA,\; TA,\; CA,\; IG,\; OG,\; IR,\; IOR,\; TOR\right)$$ with the following components:

• $P$: finite set of places
• $IA$: finite set of instantaneous activities
• $TA$: finite set of timed activities
• $CA$: finite set of control actions
• $IG$: finite set of input gates; each gate $G$ with arity $m$ has an enabling predicate $g_G: \mathbb{N}^m \rightarrow \{true, false\}$ and a state-transform function $f_G: \mathbb{N}^m \rightarrow \mathbb{N}^m$
• $OG$: finite set of output gates; each gate $G$ has a function $f_G: \mathbb{N}^m \rightarrow \mathbb{N}^m$
• $IR$: set of input relations, mapping places, ports, gates, and activities
• $IOR$: set of instantaneous output relations
• $TOR$: set of timed output relations, indexed by timed activities, control actions, output gates, ports, and places

A marking $\mu: P \to \mathbb{N}$ denotes the state configuration. Activities are enabled in a marking according to the evaluation of each input gate’s enabling predicate on the relevant place values. The completion of activities (instantaneous or timed) triggers input transformations followed by output transformations, which for timed activities are governed by a control action selected under a policy.

2. Hierarchical Automata-Theoretic Semantics

Controlled SANs admit a layered automata-theoretic interpretation via stochastic labeled transition systems: $$\mathcal{S}(N, \mu_0) = \left(Q, A, C, \xrightarrow{N}, \xrightarrow{P}, \xrightarrow{T}, Q_0 \right)$$ where:

• $Q$ is the set of stable markings reachable from the initial marking $\mu_0$, with an added sink state $\Delta$ for Zeno behavior
• $A = TA$: timed activities
• $C = CA$: control-action alphabet
• $\xrightarrow{N}$: nondeterministic transitions
• $\xrightarrow{P}$: probabilistic transitions
• $\xrightarrow{T}$: timed transitions, encoding rates or duration distributions
• $Q_0$: initial stable states

For exponential-timed Controlled SANs, the framework maps precisely to CTMDPs through the transition rate function

$\lambda(q, a, c) = \rho(q, a)\, \alpha(q, a)$

and corresponding jump distribution

$$P(q, a, c, q') = \Pr\left[\text{next state} = q' \mid (q, a, c)\right]$$

Key rules allow encoding instantaneous probabilistic choice, timed nondeterministic steps under policy, and stochastic timing.

3. Taxonomy and Expressiveness of Control Policies

Control policies in Controlled SANs range by history and computational memory:

• Memoryless policies: $\pi: Q \to C$
• Finite-memory policies: Embedded automaton $(M, m_0, \delta, \gamma)$ manages memory state evolution and control selection
• Stack-augmented policies: Use a finite stack ($\Gamma, \bot$) for higher expressive power
• Tape-augmented policies: (Turing-complete) maintain a read/write tape

Any history-dependent policy is a function

$\pi: (Q \times A)^* \longrightarrow C$

Class acceptance is organized into a strict hierarchy mirroring the Chomsky classification: $$L_0(S) \subset L_F(S) \subset L_{\mathrm{Stack}}(S) \subset L_{\mathrm{Tape}}(S) \subset L_{H}(S)$$ These hierarchies are formalized for both local and global language classes, with each layer strictly more expressive than its predecessor.

4. Behavioral Equivalences and Isomorphism

Several forms of behavioral equivalence facilitate model abstraction and correctness analysis:

• Bisimulation ($\sim_b$): A relation $\mathcal{R}$ on state spaces of controlled automata ensures mutual simulation of transitions under matched control actions and activities. Isomorphism is characterized by bijective bisimulation.
• Probabilistic bisimulation ($\sim_s$): Ensures preservation not only of transitions but also of transition probabilities, generalized for stochastic automata by requiring equality of rates and distributions.

These equivalences support compositional system reasoning, equivalence checking, and semantic-preserving abstraction for scalable analyses.

5. Relationship to Classical CTMDPs

Controlled SANs strictly generalize CTMDPs. When all timed activities are exponentially distributed and control policies resolve nondeterminism, the Markovian controlled stochastic automaton corresponding to a Controlled SAN can be encoded as a CTMDP $(Q, C, Q_0, \lambda, P')$ via: $\lambda(q,c) = \sum_{a\in A}\rho(q,a)\,\alpha(q,a)$

$$P'(q, c, q') = \frac{ \sum_{a\in A} \rho(q,a)\,\alpha(q,a)\,P(q,a,c,q') }{ \sum_{a\in A} \rho(q,a)\,\alpha(q,a) }$$

This strictly encompassing relationship allows Controlled SANs to subsume classical MDP and CTMDP synthesis and analysis approaches.

6. Abstraction Mechanisms and Compositional Reasoning

Controlled SANs support structured abstraction and composition:

• Bisimulation quotienting and GSMP/SMDP unfolding enable mapping complex models to simpler representations with preserved operational semantics.
• Composition operators like disjoint union ($S_1 \uplus S_2$) and synchronous product ($S_1 \otimes S_2$) provide closure properties for language families, supporting modular system design.
• Algebraic laws establish relationships among policy-driven languages, permitting set-theoretic manipulations (union, intersection, complement) within deterministic and memoryless fragments.

7. Analysis Techniques and Applications

Controlled SANs enable both qualitative and quantitative analysis:

• Qualitative verification (reachability/emptiness): Decidable in PTIME for memoryless/finite-memory policies; pushdown algorithms for stack-augmented; undecidable for tape/general history-driven policies.
• Quantitative analysis: MDP abstraction and value/policy iteration facilitate reward optimization; continuous-time synthesis (expected/discounted total-reward) executable via linear programming or fixed-point iteration. Time-bounded reachability is PSPACE-complete, sometimes requiring richer policy classes.
• General Controlled SANs (non-exponential): Embedding into generalized semi-Markov processes (GSMPs) and discretization enables computation of $\varepsilon$-optimal policies via contraction mappings and value iteration.
• PAC-optimality: Reinforcement learning algorithms yield, with high probability, $\varepsilon$-optimal policies for finite-state MDPs, with guarantees extending to CTMDPs and Controlled SANs by uniformization and discretization.

Controlled SANs therefore provide a compositional, policy-sensitive, and semantically layered framework for modeling and analyzing distributed real-time systems under uncertainty, enabling rigorous design and verification of safety-critical systems where control, timing, and stochasticity are tightly coupled (Movaghar, 17 Nov 2025).