Simple Temporal Networks with Partially Shrinkable Uncertainty

∗

Andreas Lanz

, Roberto Posenato

, Carlo Combi

and Manfred Reichert

Institute of Databases and Information Systems, University of Ulm, Ulm, Germany

Department of Computer Science, University of Verona, Verona, Italy

Keywords:

Simple Temporal Constraint Network with Uncertainty, STNU, Controllability, Guarded Constraints.

Abstract:

The Simple Temporal Network with Uncertainty (STNU) model focuses on the representation and evaluation

of temporal constraints on time-pointvariables (timepoints), of which some (i.e., contingent timepoints) cannot

be assigned (i.e., executed by the system), but only be observed. Moreover, a temporal constraint is expressed

as an admissible range of delays between two timepoints. Regarding the STNU model, it is interesting to

determine whether it is possible to execute all the timepoints under the control of the system, while still

satisfying all given constraints, no matter when the contingent timepoints happen within the given time ranges

(controllability check). Existing approaches assume that the original contingent time range cannot be modiﬁed

during execution. In real world, however, the allowed time range may change within certain boundaries, but

cannot be completely shrunk. To represent such possibility more properly, we propose Simple Temporal

Network with Partially Shrinkable Uncertainty (STNPSU) as an extension of STNU. In particular, STNPSUs

allow representing a contingent range in a way that can be shrunk during run time as long as shrinking does

not go beyond a given threshold. We further show that STNPSUs allow representing STNUs as a special case,

while maintaining the same efﬁciency for both controllability checks and execution.

1 INTRODUCTION

For more than a decade, the temporal constraint com-

munity has focused on the concept of controllabil-

ity (Morris et al., 2001). Given a set of temporal

constraints, of which each is expressed as an admissi-

ble range of delays between two time-point variables

(timepoints for short), we distinguish two types of

constraints: contingent and requirement constraints.

The latter represent the standard temporal constraints,

where both timepoints are under control of the sys-

tem that “executes” the timepoints according to the

assigned constraints (i.e., the system ﬁxes the time-

points on the time line). This means that, during

execution, the range admissible for some timepoints

could be restricted by the system as it depends on

the execution of already executed timepoints. In turn,

contingent constraints are related to pairs of time-

points of which one (i.e., the contingent timepoint)

is not under control of the system. Contingent time-

points are either given by the environment (Morris

et al., 2001), i.e., they are related to uncontrollable,

but expected, events, or by an external agent (i.e.,

human or software) who may decide autonomously

when to execute the contingent timepoint. Consider-

ing this scenario, the attention of the temporal con-

∗

This paper is a short version. A more complete version

is described in a technical report (Lanz et al., 2014).

straint community has moved from the problem of

consistency, which consists of determining whether

there exists an execution of all timepoints satisfying

all given constraints (Dechter et al., 1991), to the prob-

lem of controllability; i.e., to determine whether it is

possible to execute all timepoints under the control of

the system, while satisfying all given constraints, no

matter when the contingent timepoints happen within

their given time ranges (Morris et al., 2001).

Most contributions from literature assume that the

original time range of a contingent constraint cannot

be modiﬁed during execution. Thus there is no differ-

ence between contingent timepoints given by the en-

vironment and the ones executed by external agents.

In the real world, however, it is quite common that

during execution the allowed time range may change,

although it cannot be completely shrunk. To represent

the behavior of external agents more properly, we may

assume that an agent accepts certain reductions (i.e.,

modiﬁcations) of the initial execution range, as long

as these do not go beyond a given threshold. In other

words, there is an unshrinkable range of execution

time the agent can always use. Further, this range is in-

cluded into a larger one, the system may shrink during

execution. The basic idea of our approach is to repre-

sent the fact that both the agent and the system are

aware that some timepoints of the larger time range

may be removed before starting the agent’s activity.

370

Lanz A., Posenato R., Combi C. and Reichert M..

Simple Temporal Networks with Partially Shrinkable Uncertainty.

DOI: 10.5220/0005200903700381

In Proceedings of the International Conference on Agents and Artiﬁcial Intelligence (ICAART-2015), pages 370-381

ISBN: 978-989-758-074-1

 2015 SCITEPRESS (Science and Technology Publications, Lda.)

T1 Biking

[5,20]

T2 Stretching

[10,40]

[1,5]

[25,50]

(a) Rigid temporal ranges

T1 Biking

[5,20]

T2 Stretching

[10,[15,20],40]

[1,5]

[25,50]

(b) Flexible temporal ranges

Figure 1: A simple physiotherapy. Range [x,y] represents

the minimum and maximum allowed duration (in minutes)

for the corresponding activity.

For example, consider a physiotherapy (cf. Fig. 1)

consisting of two subsequent activities, namely Biking

and Stretching, with one overall temporal constraint.

The ﬁrst activity has an allowed duration range, while

its actual duration is decided by the physiotherapist

according to the patient’s state. The second activ-

ity, i.e., the stretching exercise, is performed by the

patient over a time period, which is decided by an-

other therapist who considers both the state of the

patient and the goal of the therapy. Let us assume

that the given ranges are as depicted in Fig. 1 (a):

activities are visualized as rounded boxes and subse-

quent activities are linked to their predecessor through

a directed arc. Temporal constraints are represented

through arcs together with their related ranges. Ac-

tivities Biking and Stretching have possible durations

within ranges [5, 20] and [10,40], respectively, which

are autonomously decided by therapists. However,

the overall therapy must be within range [25,50], as-

suming that it may take between 1 and 5 time units to

start Stretching after ending Biking. Note that for this

scenario it can be easily veriﬁed that the correspond-

ing temporal network is not controllable, as there is

no way to ask the second activity to have a duration

depending on the actual duration of the ﬁrst activity.

As more realistic representation of this scenario,

the second therapist may accept that the allowed du-

ration range may be shrunk during execution, while

guaranteeing that the “core” range [15, 20] can be al-

ways applied when executing Stretching. This sce-

nario is depicted in Fig. 1 (b) where the range is

represented as [10,[15, 20],40], highlighting the non-

shrinkable part. One can easily observe that in this

case the network can be executed in a way satisfy-

ing all constraints, while still allowing the therapists

to autonomously choose the durations of the involved

activities.

This paper discusses how to represent and deal

with the described extension of contingent constraints

in simple temporal constraint networks with uncer-

tainty (STNUs), i.e., temporal networks that allow

representing both requirement and contingent con-

straints (Morris et al., 2001). In addition to dynamic

controllability, we discuss that there are no alterna-

tive representations of such shrinkable contingent con-

straints based on compositions of standard require-

ment and contingent constraints. Moreover, we gen-

eralize shrinkable constraints to represent time ranges

having certain “guards” on their possible lower and

upper bounds.

2 BACKGROUND AND RELATED

WORK

A Simple Temporal Network (STN) (Dechter et al.,

1991) is a directed weighted graph where a node rep-

resents a time-point variable (timepoint), usually cor-

respondingto the start or end of activities, and an edge

represents a lower and an upper bound constraint on

the distance between the two timepoints it connects.

Each STN is associated with a distance graph, derived

from the upper and lower bound constraints, where a

constraint between a pair of timepoints X and Y is

represented as two edges: X

→ Y, representing the

constraint Y ≤ X + v, and X

−u

← Y, which stands for

Y ≥ X + u, u,v ∈ R. An STN is denoted as consistent

if it is possible to execute each node, i.e., to assign a

real value to each timepoint such that all temporal con-

straints are satisﬁed. The consistency property can be

veriﬁed by searching for negative loops in the graph.

It is well known that consistency checking as well as

determining the earliest/latest value of each timepoint

can be done in polynomial time (Dechter et al., 1991).

To represent events that cannot be executed,

but only observed, (Morris et al., 2001) intro-

duced Simple Temporal Networks with Uncertainty

(STNUs). STNUs augment Simple Temporal Net-

works (STN) (Dechter et al., 1991) with contingent

timepoints representing timepoints whose value is de-

cided by the environment. Each contingent timepoint

has one incoming edge, called contingent link, which

is labeled by a time range. Therefore, any contin-

gent timepoint may assume a value from a bounded

range, but the exact value is decided by the environ-

ment at run time. (Morris et al., 2001) provided a for-

mal semantics for the dynamic controllability, which

is discussed in detail in Sect. 2.1. Moreover, (Mor-

ris et al., 2001) presented a pseudo-polynomial-time

algorithm, called DC-checking algorithm, that deter-

mines whether a given STNU is dynamically control-

lable (DC). Further, (Morris and Muscettola, 2005)

SimpleTemporalNetworkswithPartiallyShrinkableUncertainty

371

proposed the ﬁrst polynomial DC-checking algorithm,

which operates in O(n

) time, where n is the number

of timepoints. In this paper, we denote this algorithm

as MM5. In turn, (Morris, 2006) and (Morris, 2014)

presented two interesting optimizations of the MM5

algorithm not further discussed in this paper.

(Lanz et al., 2013) showed how Conditional Sim-

ple Temporal Networks with Uncertainty (CSTNUs),

an extension of STNU considering alternative execu-

tion paths, can be applied in the context of time-aware

business processes in order to verify their controllabil-

ity at both design and run time. Concerning temporal

aspects of a business process, it is emphasized that ac-

tivity durations usually represent worst case estimates,

which are either based on the experience of a domain

expert or extracted from process logs; further, the ex-

ecution times of most activities can be shortened if

required. Accordingly, one may assume that an ac-

tivity has a ﬂexible maximum duration MaxD

that

may be restricted up to a contingent minimum and

maximum duration range [MinD

,MaxD

]. In other

words, they proposedand analyzed a mapping of time-

aware business processes to CSTNU in which activity

durations are expressed in terms of shrinkable time

intervals [[MinD

,MaxD

]MaxD

For a more extensive discussion of the related

work please refer to our technical report (Lanz et al.,

2014).

2.1 Dynamic Controllability of STNUs

As proposed by (Morris et al., 2001), an STNU is

a set of time-point variables (timepoints) and tempo-

ral constraints together with a set of contingent links.

Each contingent link has the form (A, x, y,C), where

A and C are timepoints and 0 < x < y < ∞ holds. A

is called the activation timepoint and C the contingent

timepoint. Once A is executed, C is guaranteed to be

executed such that C− A ∈ [x, y] holds. However, the

particular time at which C is executed is uncontrol-

lable since it is decided by the environment; i.e., it

can be only observed when it happens.

Let S = (T , C,L) be an STNU, with T being a

set of timepoints, C a set of constraints, and L a set of

contingent links. The corresponding graph for S has

the form (T ,E, E

ℓ

). Thereby, each timepoint in

T serves as a node in the graph; E is a set of ordinary

edges; E

ℓ

is a set of lower-case and E

a set of upper-

case edges (Morris and Muscettola, 2005):

• Each ordinary edge has the form X

Y, repre-

senting the constraint Y − X ≤ v.

• Each lower-case edge has the form A

c : x

C, repre-

senting the possibility that the contingent duration,

C− A, might take on its minimum value x.

• Each upper-case edge C

C:−y

A, represents the

possibility that the contingent duration, C − A,

might take on its maximum value y.

An STNU is dynamically controllable if there ex-

ists a strategy for executing its timepoints, in a way

guaranteeing that all constraints in the network can

be satisﬁed, no matter how the durations of the contin-

gent links actually turn out. The strategy is dynamic

since its execution decisions can react to observations

of contingent links that have already been completed,

while excluding those not completed yet.

This section presents preliminary notions and in-

troduces the dynamic controllability of an STNU as

deﬁned in (Morris et al., 2001) and subsequently ﬁxed

in (Hunsberger, 2009).

For an STNU, a situation speciﬁes ﬁxed durations

for all contingent links.

Deﬁnition 1 (Situations). Let S be an STNU

comprising k contingent links, (A

),. . .,

), with corresponding duration ranges

],. . .,[x

]. Then: Ω

= [x

] ×. .. ×[x

]

is called the space of situations for S. Any ω =

,. . .,d

) ∈ Ω

is called a situation. Where possi-

ble, we may write Ω instead of Ω

The concept of schedule formalizes the execution

of timepoints.

Deﬁnition 2 (Schedule). A schedule for an STNU is

a mapping ψ : T → R that assigns a real number to

each timepoint in T .

Given a situation ω for an STNU, the replacement

of its contingent links by the durations speciﬁed in ω

determines a projection of the STNU onto situation ω.

Deﬁnition 3 (Situation Projection for an STNU). Sup-

pose S = (T , C ,L) is an STNU and ω = (d

,. . .,d

)

a situation. The projection of S onto ω—denoted as

sitPrj(S, ω)—is the STN (T , C

′

) with:

′

= C ∪ {(d

≤ C

− A

≤ d

) | 1 ≤ i ≤ k}

Given an STNU, multiple schedules may exist.

We are interested in ﬁnding a strategy that determines

schedules that satisfy all constraints in any situation.

Deﬁnition 4 (Execution Strategy for an STNU). Let

S = (T ,C ,L) be an STNU. An execution strategy for

S is a mapping σ : Ω → ψ such that for each situa-

tion ω ∈ Ω, σ(ω) is a (complete) schedule for the

timepoints in T . Furthermore, if for each situation ω

schedule σ(ω) is a solution for the situation projec-

tion sitPrj(S ,ω), then σ is called viable. In any case,

the execution time of timepoint X in schedule σ(ω) is

denoted as [σ(ω)]

A situation history for an STNU speciﬁes the du-

rations of all contingent links that have ﬁnished their

execution prior to a time t in schedule σ(ω).

ICAART2015-InternationalConferenceonAgentsandArtificialIntelligence

372

Table 1: Edge-generation rules of the MM5 algorithm.

Dashed edges are the generated ones.

No Case:

u+ v

Upper Case:

R : v

R : u+ v

Lower Case:

s : u

u+ v

Applicable if: v < 0 ∨ (v = 0 ∧ S 6≡ T)

Cross Case:

s : u

R : v

R : u+ v

Applicable if: R 6≡ S ∧ (v < 0∨ (v = 0 ∧ S 6≡ T))

Label Removal:

R : v

Applicable if: v ≥ −x, x is the lower

bound for the contingent link from T to R

Deﬁnition 5 (Situation History for an STNU). Let

S = (T , C, L) be any STNU, σ any execution strat-

egy for S, ω any situation, and t any real number. The

history of t in situation ω for strategy σ—denoted as

sitHst(t,ω, σ)—is deﬁned as follows:

sitHst(t,ω, σ) = {(A,C, [σ(ω)]

− [σ(ω)]

) |

∃x,y such that (A, x, y,C) ∈ L ∧ [σ(ω)]

< t}

Deﬁnition 6 (Dynamic Execution Strategy for an

STNU). An execution strategy σ for an STNU is

called dynamic if for any situations, ω

and ω

, and

any non-contingent timepoint X, it holds:

sitHst([σ(ω

)]

,ω

,σ) = sitHst([σ(ω

)]

,ω

,σ)

⇒ [σ(ω

)]

= [σ(ω

)]

Deﬁnition 7 (Dynamic Controllability of an STNU).

An STNU S is called dynamically controllable (DC)

if there exists an execution strategy for S that is both

viable and dynamic.

In order to determine whether an STNU is dynami-

cally controllable, (Morris and Muscettola, 2005) pro-

posed a polynomial-time checking algorithm, MM5,

which works by recursively generating new edges in

the STNU graph according to the rules from Table 1

and checking whether newly added edges determine

negative loops in the graph. For each rule, existing

edges are represented as solid arrows and newly ones

as dashed arrows. Each of the ﬁrst four rules takes two

existing edges as input and generates a single edge as

output. Finally, notation R 6≡ S expresses that R and

S must be distinct time-point variables, and does not

represent a constraint on the values of those variables.

We observe that the edge-generation rules from

Table 1 only generate ordinary or upper-case edges.

The upper-case edges generated by respective rules

represent conditional constraints, called waits (Mor-

ris et al., 2001). In particular, an upper-case edge

C:−v

A represents the following constraint: as long

as contingent timepoint C remains unexecuted, time-

point B must wait at least v units after the execution

of A, the activation timepoint for C.

Procedure: MM5-DC-Check(G).

Input: G = (T , C ,L): STNU graph instance to analyze.

Output: the controllability of G.

for 1 to |T |

+ |T ||L| +|L| do

if (AllMax matrix inconsistent) then return false;

Generate new edges using rules from Table 1;

if (no edges generated) then return true;

return false;

Procedure MM5-DC-Check shows the pseu-

docode of the MM5 DC-checking algorithm. Its time

complexity is O(n

) (Morris and Muscettola, 2005).

2.2 Alternative Characterization of an

Execution Strategy

As observed in (Hunsberger, 2009), the original deﬁ-

nition of dynamic execution strategy (DES) obscures

the real-time features of typical execution scenarios

and the kinds of execution decisions an execution sys-

tem may make. Therefore, (Hunsberger, 2009) pro-

posed an alternative characterization of a DES to not

only represent the conditions under which a system

must make real-time execution decisions, but also

the outcomes of those decisions. Two kinds of real-

time execution decisions (RTEDs) are deﬁned: WAIT

and (τ,χ), which can be described as: “Wait until

some contingent duration completes” or “If nothing

happens before τ, then execute the (executable) time-

points in χ.” The outcome of a RTED depends on

the situation and is represented by a partial sched-

ule that speciﬁes the execution of one or more addi-

tional timepoints. The outcome of a WAIT decision

solely involves the execution of contingent timepoints,

whereas the outcome of a (τ,χ) decision may involve

the execution of contingent as well as non-contingent

timepoints. An RTED-based strategy is deﬁned as

a mapping from partial schedules to real-time execu-

tion decisions. (Hunsberger, 2009) proved that RTED-

based strategies correspond one-to-one to DESs.

In more detail, givenan STNU and a partial sched-

ule ψ : T → R (i.e., the domain of ψ may be a subset

of T ), we denote by µ(ψ) = max{ψ(t) | t ∈ Dom(ψ)}

SimpleTemporalNetworkswithPartiallyShrinkableUncertainty

373

the maximum execution time of timepoints appearing

in ψ, by U(ψ) = {x | x 6∈ Dom(ψ)} the set of unex-

ecuted timepoints in ψ, by U

(ψ) ⊆ U(ψ) the set of

non-contingent unexecuted timepoints, by U

(ψ) ⊆

U(ψ) the set of contingent unexecuted timepoints,

and by U

(ψ) ⊆ U

(ψ) the set of contingent activated

unexecuted timepoints, respectively.

Let ψ be a partial schedule for an STNU S and

ω = (ω

,. . .,ω

) a situation for S. ψ respects ω if for

each contingent link (A

,x, y,C

) one of the following

conditions holds: (1) neither A

nor C

appear in ψ;

(2) only A

appears in ψ, and ψ(A

) + ω

> µ(ψ); or

(3) both A

andC

appear in ψ, and ψ(A

)+ω

= ψ(C

ψ is called respectful if it respects at least one situa-

tion. If ψ is both respectful and partial, it is called

a respectful, partial schedule (RPS). A strategy σ is

respectful if for each ω, σ(ω) respects ω.

Let us recall the deﬁnition of WAIT and (τ, χ) de-

cisions.

WAIT Decision. Let ψ be some RPS for S such that

(ψ) is non-empty. Then WAIT is an admissible

RTED.

Outcome of a WAIT Decision. If U

(ψ) 6=

0 and ω

is a situation respected by ψ, then the time at which

the next contingent timepoint will execute is deﬁned

as tnc(ψ, ω) = min{ψ(A

) + ω

| C

∈ U

(ψ)}. With

(ψ,ω) = {C

∈ U

(ψ) | ψ(A

) + ω

= tnc(ψ,ω)},

we denote the non-empty set of contingent timepoints

that will be executed at time tnc(ψ, ω). Then, the out-

come of the WAIT decision for ψ in situation ω is de-

ﬁned to be the execution of contingent timepoints at

time tnc(ψ,ω): ψ ∪ {(C

,tnc(ψ, ω)) | C

∈ χ

(ψ,ω)}.

(τ,χ) Decision. Let ψ be some RPS for S such that

(ψ) 6=

0. If τ > µ(ψ) and χ is a non-empty subset

of U

(ψ), then (τ,χ) is an admissible RTED for ψ.

Outcome of a (τ, χ) Decision. Let ω be a situation

respected by ψ. The outcome of a (τ,χ) decision de-

pends on the relationship between tnc(ψ, ω) and in-

stant τ. For the sake of simplicity, let τ

= tnc(ψ,ω)

and χ

= χ

(ψ,ω) ifU

(ψ) 6=

0; otherwise, let τ

= ∞.

If τ

< τ, the outcome solely involves the execution

of the contingent timepoints in χ

. In turn, if τ < τ

the outcome solely involves the execution of the non-

contingent timepoints in χ. Finally, for τ

= τ, the

outcome involves the execution of the timepoints in

both χ

and χ.

(Hunsberger, 2009) proved that the original

dynamic execution strategy can be described

in terms of RTEDs as shown in procedure

RTEDExecutionStrategy. Thereby, function

RTExecutionDecision is used to determine the

the next RTED. For the sake of brevity, the RTED

WAIT is represented as (τ, χ) decision with τ := ∞

and χ :=

0 in the given context.

Function: RTExecutionDecision(S , ψ).

Input: S : STNU. ψ; partial schedule

Output: δ(ψ): real-time execution decision

if (U

(ψ) =

0) then // WAIT RTED!

δ(ψ) := (τ

,χ), where τ

:= ∞ and χ :=

else // (τ, χ) RTED!

foreach (x ∈ U

(ψ)) do

[m(x), M(x)] = current time-window for x;

W(x) := −∞;

foreach ((A

) | C

∈ U

(ψ) ∧ x

:−w

−→ A

) do

W(x) := max{W(x),ψ(A

) + w

};

floor(x) := max{m(x),W(x)};

go(x) := min{ floor(x), M(x)};

δ(ψ) := (τ

,χ), where τ

:= min{go(x) | x ∈ U

(ψ)}

and χ := {x ∈ U

(ψ) | τ

= go(x)};

return δ(ψ);

Procedure: RTEDExecutionStrategy(S).

Input: S : STNU.

ψ = {(Z, 0)}; // initial partial schedule

while (U(ψ) 6=

0) do

(τ

,χ) = RTExecutionDecision(S ,ψ);

if (nothing happens before time τ

) then

Execute the timepoints in χ;

else

Observe the contingent timepoints executed at

some τ

< τ

;

Update ψ to include the executed events;

Update S to include the corresponding constraints;

Starting with a partial schedule ψ = {(Z,0)},

which only ﬁxes the initial timepoint Z, proce-

dure RTEDExecutionStrategy iteratively determines

an RTED δ(ψ), considering two possibilities (cf.

function RTExecutionDecision). If all executable

timepoints have already been executed, δ(ψ) = (∞,

holds (i.e., RTED WAIT); otherwise, δ(ψ) = (τ

,χ)

with the values of τ

and χ being computed by con-

sidering all unexecuted timepoints and using an all-

pairs, shortest-path algorithm. floor(x) corresponds

to the earliest time, timepoint x may be executed with-

out violating its lower bound m(x) or any of its rele-

vant waits. go(x) is the same, except that it enforces

the constraint that x does not violate its upper bound

M(x). It is noteworthy that Morris and Muscettola

showed that a conﬂict between floor(x) and M(x)

is not possible for an STNU accepted by their algo-

rithm. After determining the RTED δ(ψ) = (τ

,χ),

procedure RTEDExecutionStrategy waits for the out-

come of δ(ψ) and then updates ψ and S accordingly.

If there are still unexecuted timepoints, the procedure

iterates, otherwise it terminates.

ICAART2015-InternationalConferenceonAgentsandArtificialIntelligence

374

3 GUARDED TEMPORAL

CONSTRAINTS

Regarding an STNU, the execution of a contingent

timepoint can be thought of as being completely out

of the control of the system that executes the network.

Typically, a system activates a contingent link (A, x,

y,C) by executing its activation timepoint A. After-

wards, the execution of C is out of the system’s con-

trol. However, the contingent timepoint C is guaran-

teed to execute such that C− A ∈ [x,y] holds.

As motivated in Sect. 1, for real-world problems

this is often too strict. In many cases, the system may

exercise some control over the execution of the con-

tingent timepoint. As example consider a case where,

at an activation timepoint, the system transfers control

to an external agent. The agent is then responsible for

executing the corresponding contingent timepoint. In

turn, the system waits for the agent to complete its

task (i.e., to execute the contingent timepoint). When

transferring the control to the agent, the system may

inform the agent about the temporal constraints to be

met. The agent then adapts its plan in order to com-

ply with the additional constraints. At the same time,

the system must guarantee that it is able to meet the

commitment made, i.e., it needs to ensure that it can

deal with any decision the agent makes for executing

timepoint C based on the given constraints.

In many cases, the agent responsible for executing

timepoint C cannot completely control the execution

of C either (e.g., in case the agent is executing a net-

work itself). Particularly, he might only be able to pro-

vide a preferred duration range [x, y] as well as bounds

max

and y

min

to which x may be increased or y may

be decreased (i.e., x ≤ x

max

and y ≥ y

min

). In turn, the

system executing the network must ensure that, when

executing timepoint A (i.e., when activating the con-

straint between A and C), the agent responsible for

executing timepoint C has at least y

min

time units and

is not required to take more than x

max

time units to

execute C. We denote x

max

min

) as the guard of x

(y).

Note that this example addresses a common sce-

nario, i.e., to transfer execution control at run time

to another agent, which is responsible for executing a

complex task (e.g., another network).

The need to model constraints of this type requires

an extension of the STNU formalism, we denote as

Simple Temporal Network with Partially Shrinkable

Uncertainty (STNPSU). In particular, STNPSU ex-

tends contingent links of STNU to guarded links.

Deﬁnition 8 (STNPSU). A Simple Temporal Net-

work with Partially Shrinkable Uncertainty (STNPSU)

is a triple (T ,C ,G), where:

• T is a set of timepoints;

• C is a set of requirement constraints X

[u,v]

−→ Y (i.e.,

STN constraints); and

• G is a set of guarded links each having the form

(A,[x, x

max

],[y

min

,y],C) where A and C are time-

points, and 0 ≤ x ≤ y < ∞, x ≤ x

max

, 0 ≤ y

min

≤ y.

• If (A

,[x

max

],[y

min

],C

) as well as (A

max

],[y

min

],C

) are distinct guarded

links in G, then C

and C

are distinct timepoints.

Informally, we denote an STNPSU as dynamically

controllable if it is possible to execute it such that, no

matter how the execution of any guarded link turns

out, for any other guarded link (A,[x,x

max

],[y

min

,y],

C) the lower bound x never must be increased beyond

its guard x

max

and the upper bound y never must be

decreased below its guard y

min

in order to ensure con-

trollability of the network.

The execution semantics of STNPSU can be sum-

marized as follows: The basic execution semantics is

the same as for an STNU. However, when executing

an STNPSU, the outer bounds [x, y] of a guarded link

(A,[x, x

max

],[y

min

,y],C) may be restricted to [x

′

]

with x ≤ x

′

≤ x

max

, y

min

≤ y

′

≤ y, and x

′

≤ y

′

in or-

der to ensure controllability of the remaining network.

In turn, when executing the activation timepoint A of

a guarded link (A, [x, x

max

],[y

min

,y],C), the latter is ac-

tivated and its current bounds [x

′

] are ﬁxed. Partic-

ularly, the guarded link (A,[x, x

max

],[y

min

,y],C) is re-

placed by the strict guarded link (A,[x

′

],[y

′

],C).

The latter is equivalent to a contingent link of STNU.

As we will show in Sect. 3.3, this change does not

affect controllability of the network.

It is noteworthy that guarded links of STNPSU

may be used to represent two different types of con-

straints

Type 1: If x

max

< y

min

holds, a guarded link repre-

sents a partially contingent constraint. Particu-

larly, the guarded link represents a temporal con-

straint x ≤ C − A ≤ y with a contingent (i.e., un-

shrinkable) core [x

max

min

] ⊆ [x,y]. This repre-

sents an extension of the classical contingent links

of STNU. Moreover, if x = x

max

∧ y = y

min

hold,

the guarded link is equivalent to a contingent link

of STNU. We call this a strict guarded link.

Type 2: If x

max

≥ y

min

holds, a guarded link rep-

resents a partially shrinkable constraint with a

guarded core [y

min

max

]. In detail, this repre-

sents a temporal constraint x ≤ C − A ≤ y whose

bounds cannot be shrunk beyond a certain point

(i.e., x

max

and y

min

, respectively). As opposed to a

contingent link, x may be restricted to be greater

Please refer to our technical report (Lanz et al., 2014)

for a more detailed discussion.

SimpleTemporalNetworkswithPartiallyShrinkableUncertainty

375

than y

min

and y to be lower than x

max

. This rep-

resents an extension of the classical requirement

constraints.

As example of a Type 1 guarded link consider

guarded link (A,[10, 15],[20, 40],C), which repre-

sents the duration of activityStretching (cf. Fig. 1 (b)).

During execution, the outer bounds [10, 40] of this

guarded link may be shrunk in order to ensure con-

trollability of the remaining network. In the given

case, for example, they may be shrunk to (A,[7,15],

[20, 23],C) or (A, [5, 15],[20, 20],C). However, the

outer bounds may at most be shrunk to the contingent

core of the guarded link, i.e., the above guarded link

may at most be shrunk to (A,[15, 15],[20, 20],C).

In turn, an example of a Type 2 guarded link

is given by (A, [5,20], [10, 25],C). In this case, the

lower bound of the guarded link may at most be

increased to 20 and the upper bound may at most

be decreased to 10. Thus, (A,[15, 20],[10, 20],C),

(A,[20, 20],[10, 23],C), and (A,[5, 20], [10, 10],C) are

possible values this guarded link may be shrunk to.

Note that a Type 2 guarded link may also be shrunk

to a single value, e.g., (A,[15, 20],[10, 15],C). How-

ever, a Type 2 guarded link must always allow for

at least one value within its guarded core [y

min

max

]

(i.e., [10, 20]).

During execution, when activating a guarded link

of Type 1 or 2 (i.e., when executing its activation time-

point), the current outer bounds of the guarded link

are ﬁxed. This is to ensure that the outer bounds of

the guarded link cannot be modiﬁed while it is active.

Therefore, the current outer bounds of the guarded

link are set to be strict. For example, when execut-

ing timepoint A, the Type 2 guarded link (A,[15, 20],

[10, 20],C) is replaced by a strict guarded link (A,

[15, 15], [20, 20],C). The latter is equivalent to a con-

tingent link (A, 15,20,C) of STNU and ensures that

the agent responsible for executing timepoint C may

now choose any time in range [15, 20] to execute time-

point C.

3.1 Dynamic Controllability of STNPSU

This section presents preliminary deﬁnitions of basic

concepts required for the deﬁnition of dynamic con-

trollability of a STNPSU.

The set of core situations speciﬁes the contingent

core of all guarded links of Type 1 (partially contin-

gent guarded links), while the set of core settings spec-

iﬁes the guarded core of all guarded links of Type 2

(partially shrinkable guarded links).

Deﬁnition 9 (Core Situations and Core Settings).

Suppose S = (T , C ,G) is an STNPSU. Let G

= {g ∈

G|g = (A, [x,x

max

],[y

min

,y],C) ∧ x

max

< y

min

} be the

set of guarded links for which the guard x

max

of the

lower bound is lower than the guard y

min

of the upper

bound (i.e., Type 1). Further, let G

= G \ G

be the

set of guarded links for which y

min

≤ x

max

holds (i.e.,

Type 2).

If G

contains k guarded links, (A

,[x

max

min

],C

),. . .,(A

,[x

max

],[y

min

],C

), then

Ω

= [x

max

min

] × .. . × [x

max

min

] is called the

space of core situations for S. Any ω

= (d

,. . .d

) ∈

Ω

is called a core situation.

Further, if G

contains m guarded links, (A

max

],[y

min

],C

),. . .,(A

,[x

max

min

],C

), then Ω

= [y

min

max

] × .. . ×

min

max

] is called the space of core settings

for S.

Given the space of core situations Ω

and the

space of core settings Ω

of an STNPSU, a projection

of the STNPSU onto an STNU can be obtained as fol-

lows: First, each guarded link in G

is replaced by a

contingent link for the range speciﬁed in Ω

. Second,

each guarded link in G

is replaced by a requirement

constraint for the range in Ω

Deﬁnition 10 (Core STNU of an STNPSU). Let S =

(T , C, G) be an STNPSU.

Then: The projection of S onto its space of

core situations Ω

and its space of core settings Ω

—denoted as stnuPrj(S, Ω

,Ω

)—corresponds to an

STNU (T , C

′′

) with:

′′

= C ∪ {(y

min

≤ C

− A

≤ x

max

) | 1 ≤ i ≤ m,

Ω

=[y

min

max

] × .. . × [y

min

max

]}

′′

= {(A

max

min

) | 1 ≤ i ≤ k,

Ω

=[x

max

min

] × .. . × [x

max

min

]}

We denote the respective STNU as the core STNU of

STNPSU S.

Finally, this leads us to the dynamic controllabil-

ity of an STNPSU. We provide a formalization of the

dynamic controllability of an STNPSU based on the

dynamic controllability of an STNU. We choose this

approach since the formalization of dynamic control-

lability of STNU is robust and veriﬁed in literature.

Theorem 1 (Dynamic Controllability of STNPSU).

An STNPSU S = (T ,C ,G) is dynamically control-

lable (DC), if the core STNU that results from the

STNU Projection stnuPrj(S, Ω

,Ω

) of the STNPSU

is dynamically controllable.

Proof. ⇒ It is a matter of deﬁnitions to show that, if

the core STNU is DC (cf. Sect. 2.1), the correspond-

ing STNPSU is DC as well: each schedule being a

solution of the core STNU is also a solution of the

STNPSU. Indeed, it is always possible to restrict the

ICAART2015-InternationalConferenceonAgentsandArtificialIntelligence

376

STNPSU to its core situations. Thus, for each core sit-

uation of the STNPSU, a dynamic execution strategy

(DES), which is a viable DES for the STNU, is also a

viable DES for the STNPSU regarding its core situa-

tions. Hence, if the core STNU is DC, the STNPSU

will be DC as well.

⇐ If the core STNU is not DC (i.e., no viable DES

exists), at least one core situation ω

of the STNPSU

exists for which no DES exists within the core set-

tings. Hence, for core situation ω

, one of the partially

shrinkable guarded links must be restricted beyond its

guards to ﬁnd a DES which returns a solution. As this

is not possible, the STNPSU is not DC either.

3.2 DC-Checking for Guarded

Constraints

This section shows how the dynamic controllability

of an STNPSU may be checked without need to re-

strict the respective STNPSU to its core STNU. First,

we emphasize the close relationship between dynamic

controllability of STNU and the one of STNPSU (cf.

Theorem 1). In turn, this fosters the following graph-

based representation of an STNPSU, which is similar

to the one of an STNU.

Deﬁnition 11 (Graph of a STNPSU). The graph for

an STNPSU S has the form (T , E, E

ℓ

), where

each timepoint in T corresponds to a node in the

graph; E is a set of ordinary edges, E

ℓ

is a set of

lower-case edges, and E

is a set of upper-case edges:

• Each requirement constraint X

[u,v]

−→ Y is repre-

sented by two ordinary edges X

−→ Y and Y

−u

−→

• Each guarded link (A, [x, x

max

],[y

min

,y],C) is rep-

resented by

– two ordinary edges A

−→ C and C

−x

−→ A,

– one lower-case edge A

c:x

max

−→ C, and

– one upper-case edge C

C:−y

min

−→ A.

As example of this graph-based representation of

an STNPSU, consider the graph depicted in Fig. 2. It

shows the STNPSU corresponding to the activity se-

quence depicted in Fig. 1 (b). If multiple edges exist

between two nodes (e.g., an ordinary and an upper-

case edge), for the sake of readability, we draw only

one arrow between the nodes and annotate it with the

values of the respective edges. Further, we use bold

arrows to highlight edges representing a guarded link.

At this point, we want to emphasize important dif-

ferences between the graph of an STNU and the one

of an STNPSU:

• In an STNU, the value of any lower-case edge

c:x

max

−→ C always corresponds to the negativevalue

20; b

−5; B

:−20

−1

40; b

:15

−10; B

:−20

−25

= Start of Biking; B

= End of Biking;

= Start of Stretching; S

= End of Stretching

Figure 2: STNPSU corresponding to the activity sequences

from Fig. 1 (b).

y; s:x

max

−x; S:−y

min

Figure 3: Guarded Link.

of the ordinary edge C

−x

−→ A pointing in the op-

posite direction (i.e., x = x

max

). Similarly, the

value of any upper-case edge C

C:−y

min

−→ A always

corresponds to the negativevalue of ordinary edge

−→C (i.e., y = y

min

). For an STNPSU, this does

not apply. Particularly, we only require x ≤ x

max

and y ≥ y

min

• In an STNU, the value of a lower-case edge

c:x

max

−→ C always is lower than the negative value

of the upper-case edge C

C:−y

min

−→ A pointing in the

opposite direction (i.e., x

max

< y

min

). Note that for

an STNPSU this is not required.

In our technical report (Lanz et al., 2014), we

show that, except one minor change regarding one

of the edge generation rules (cf. Table 1), proce-

dure MM5-DC-Check may be reused in order to

check dynamic controllability of a STNPSU. Partic-

ularly, we analyze all possible combinations of edges

between three nodes of an STNPSU graph (i.e., all

possible triangles). Based on this, it can be shown

that the resulting distance graph of the STNPSU has

no negative loops if and only if the distance graph of

the core STNU has no negative loops as well.

Consider the single guarded link depicted in Fig. 3.

It comprises two triangles S-Q-S and Q-S-Q. Note

that it is a matter of applying the edge-generation

rules to these two triangles (i.e., the No Case rule

to S-Q-S and the No Case, Upper Case, Lower Case,

and Label Removal rules to Q-S-Q) to ascertain that

a valid guarded link does not contain a negative loop.

In case of a partially shrinkable guarded link (Type 2),

in addition, the Label Removal (cf. Table 1) rule may

be applied to the upper-case edge between S and Q,

replacing it with a requirement edge. This poses no

problem for checking dynamic controllability, but it

is undesired as it obscures some of the properties of

the guarded link. Thus, we restrict the Label Removal

SimpleTemporalNetworkswithPartiallyShrinkableUncertainty

377

rule to R 6≡ S to prevent this. Note that this change

does not inﬂuence the applicability of the rule to an

STNU. Regarding an STNU, for R ≡ S it holds that

v < −x (i.e., x

max

< y

min

; cf. Table 1), i.e., for an

STNU, the rule will never be applied if R ≡ S holds.

3.3 Executing STNPSUs

This section shows how an STNPSU may be exe-

cuted by means of an appropriate extension of pro-

cedure RTEDExecutionStrategy (cf. Sect. 2.2).

Consider procedure ExRTEDExecutionStrategy.

The ﬁrst part of the procedure executes the same

actions as procedure RTEDExecutionStrategy (cf.

Sect. 2.2). The second part activates all guarded links

,[x, x

max

],[y

min

,y],C

) whose activation timepoint

has just been executed. The guarded link seman-

tics requires to allow each of them, once it is acti-

vated, to use any possible value in the range deﬁned

by the current outer bounds, i.e., [x, y]. By construc-

tion and due to the fact that the network is DC, for a

Type 1 guarded link the possibility of using any pos-

sible value in the range is guaranteed only for the

core range [x

max

min

], while for a Type 2 guarded

link only the possibility of using at least one value in

the range [y

min

max

] is guaranteed. Particularly, the

execution of some other timepoints before the occur-

rence of C

may modify the bounds of these guarded

links making the network not controllable. Therefore,

the procedure has to suitably update the bounds of the

guarded links (lines 14–20) before transforming them

into strict ones (lines 21–27). Finally, the execution

goes back to the ﬁrst part until there are no more un-

executed timepoints.

The key point of the procedure consists in the ex-

ecution of timepoints subjected to guarded links as

contingent timepoints with suitable ranges; this al-

lows for the exploitation of the correctness proof of

RTEDExecutionStrategy (Hunsberger, 2009). In or-

der to show that this transformation preserves the con-

trollability of the network, it is sufﬁcient to show

that the transformation of any guarded link—during

runtime—into a strict one with a suitable range is al-

ways possible and preserves the dynamic controllabil-

ity of the rest of network (i.e., the unexecuted subnet-

work).

Theorem 2. Suppose S is a dynamically controllable

STNPSU, ψ is a respectful, partial schedule, and (A,

[x,x

max

],[y

min

,y],C) is a guarded link of S. Let us

assume that A has just been executed and that the

outer bounds x and y of the guarded link AC have

been updated as described in lines 13–25 of proce-

dure RTEDExecutionStrategy to the values x

′

and y

′

Then: The new values x

′

and y

′

satisfy x

′

≤ x

max

and

Procedure: ExRTEDExecutionStrategy(S ).

Input: S: STNPSU.

1 ψ = {(Z,0)}; // initial partial schedule

2 while (U(ψ) 6=

0) do

3 (τ

,χ) = RTExecutionDecision(S ,ψ);

4 if (nothing happens before time τ

) then

5 execute the time-points in χ;

6 else

7 observe the contingent timepoints executed at

some τ

< τ

;

8 χ = set of executed contingent timepoints;

9 Update ψ to include the execution events in χ;

10 Update S to include the corresponding

constraints;

11 foreach (A

∈ χ) do // Activate guarded links

12 foreach ((A

,[x, x

max

], [y

min

,y],C

) ∈ G) do

13 [x

′

] = current outer bounds of guarded

;

14 repeat // Prepare the guarded link for execution

// Determine its maximum controllable range

15 range(A

) = min{v− u | a ∈

U(ψ)!∧a

−→ C

∧v ≥ 0∧(C

−u

−→

a∨C

:−u

−→ a)};

// Update its bounds to observe max. controll.

range

16 y

′

=min{y

′

,max{y

min

′

range(A

)}};

// x

′

is update only if the update y

′

is not

sufﬁcient

17 x

′

= max{x

′

− range(A

)};

18 if x

′

or y

′

is modiﬁed then

19 Update S to include the

modiﬁed outer bounds of the

guarded link;

20 until neither x

′

nor y

′

is modiﬁed;

// Consider the max possible wait constraint for C

21 W(A

) := −∞;

22 foreach

((A

)|C

∈ U

(ψ)∧C

:−w

−→ A

)do

23 W(A

) := max{W(A

),w

};

24 floor(A

) := max{x

′

,W(A

)};

25 x

′

:= min{ f loor(A

),y

′

};

26 Transform the guarded link to the strict

guarded link (A

,[x

′

], [y

′

],C

);

27 Update S to include the new constraint;

min

≤ y

′

and the STNPSU S

′

resulting after the trans-

formation of the guarded link (A, [x

′

max

],[y

min

′

C) into the strict one (A, [x

′

],[y

′

],C) is dynami-

cally controllable as well.

Sketch of the proof. Due to the lack of space, we only

give a outline of the complete proof.

Let us assume that, before the execution of lines

ICAART2015-InternationalConferenceonAgentsandArtificialIntelligence

378

13–25, the guarded link AC is given as (A,[x, x

max

min

,y],C). Instructions of lines 13–25 update the

outer bounds [x,y] to [x

′

]. Let us assume that the

guarded link is of Type 1.

Since the network is

DC before line 13 and the core range [x

max

min

] is

a contingent range, the update made in lines 13–25

cannot reduce [x,y] to [x

′

] such that x

′

> x

max

′

< y

min

holds. Hence, the updated range [x

′

] con-

tains (possibly in a weak way) the core range of (A,

[x,x

max

],[y

min

,y],C). Thus, there are 4 possible cases:

(1) x

′

= x

max

∧ y

′

= y

min

, (2) x

′

= x

max

∧ y

′

> y

min

, (3)

′

< x

max

∧ y

′

= y

min

, and (4) x

′

< x

max

∧ y

′

> y

min

. In

case (1) the guarded link is already strict and, hence,

it is not changed by the procedure. Case (4) is a com-

bination of cases (2) and (3).

Hence, let us consider case (2) and (3). In

case (2), by contradiction, suppose that the changing

of the guarded link (A, [x

max

],[y

min

′

],C) into

the strict one (A, [x

max

],[y

′

],C) makes the re-

maining network not dynamically controllable. This

means that there exists at least one negative loop in-

volving timepoints A, C, and some B, where B has

not yet executed (i.e., it has to occur after A), but has

to be executed before C. All other timepoints, i.e.,

unexecuted ones that have to be executed after C, can-

not contribute to form a negative loop since each of

them—by deﬁnition of controllability—must have at

least one possible execution time for each possible ex-

ecution time of C in the range [ψ(A) + x

max

,ψ(A) +

′

Now, instead of considering the distance graph and

negative loops in it, let us reason in term of ranges

and their spans

. Given the dynamic controllabil-

ity of the network before the transformation, it is a

fact that B has at least one possible execution time

for each possible execution time of C in the range

[ψ(A) + x

max

,ψ(A) + y

min

], i.e., with such range there

is no negative loop involving A, B, and C. Equiva-

lently, the span of the constraint between B and C

is greater or equal to the span y

min

− x

max

+ 1 of the

contingent core of the guarded link between A and C.

Therefore, a negative loop can only emerge when the

new bound y

′

is considered, or, equivalent, when the

span of the constraint between B and C is less than the

span y

′

− x

max

+ 1 of the outer bounds of the guarded

link between A and C.

However, when preparing the guarded link for ex-

ecution, y

′

is determined such that the span of range

max

′

] of the link between A and C is lower than or

equal to the span of the constraint between B and C.

Thus, there cannot exist any negative loop involving

The case of a guarded link of Type 2 can be discussed

in a similar way.

The span of a range [a,b] is b−a+ 1.

−x

:− y

−x

Figure 4: STNU pattern representing a shrinkable duration

range [x

,[x

+ f,y

], y

] (0 ≤ x

≤ x

+ f ∧ x

≤ y

≤

+ f).

A, B, and C.

Case (3) can be shown in a similar way taking also

into account any possible wait constraint that may in-

crease the value of x

′

4 ON THE EXPRESSIVENESS OF

GUARDED CONSTRAINTS

This section informally discusses the expressiveness

of STNPSUs. Further, we show that most guarded

links cannot be represented in STNUs by other solu-

tions.

Consider again the physiotherapy session scenario

from Fig. 1 (b): Activity Stretching has a duration

range of [10, 40], which may be shrunk to a core du-

ration range of [15,20] during run time according to

the actual duration of activity Biking. Fig. 2 depicts

the temporal aspects of the session in terms of an

STNPSU: each of the two activities is represented

through a pair of timepoints, of which one represents

the starting instant of the activity and the other one

the ending instant. The allowed duration of activity

Stretching is represented as guarded link (S

,[10, 15],

[20, 40], S

) while the contingent duration of activity

Biking is represented as strict guarded link (B

,[5, 5],

[20, 20], B

). Based on the results from Sect. 3 one

can easily verify that the STNPSU is dynamically con-

trollable, i.e., for each possible execution time of ac-

tivity Biking, the system is able to determine a suit-

able duration range for activity Stretching containing

the core range [15, 20] such that each possible execu-

tion time in this range satisﬁes the overall duration

constraint [25, 50].

Let us discuss some of the limitations that arise

when representing the temporal aspects of the physio-

therapy session in terms of an STNU. The main prob-

lem is how to represent the temporal constraints of

activity Stretching. One option to be considered is

the pattern depicted in Fig. 4. It constitutes a general-

ization of the pattern proposed by (Lanz et al., 2013).

This pattern is composed of three timepoints A

, A

and A

connected by a contingent link and two re-

quirement constraints. More precisely, timepoints A

and A

represent the starting and ending timepoint of

the respective activity. In turn, A

is an internal time-

SimpleTemporalNetworkswithPartiallyShrinkableUncertainty

379

point that is only used for checking dynamic control-

lability of the STNU, but is not considered when exe-

cuting the activity. The values of the three constraints

guarantee that the overall duration range of the pat-

tern lies in range [x

] and the upper bound y

can

be shrunk to y

at run time. Moreover, the lower

bound x

may be shrunk to x

+ f as well. Hence,

the overall constraint represented by this pattern is