We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byJulius Sweet
Modified about 1 year ago
© Imperial College LondonPage 1 Model checking and refinement checking for modal transition systems and their cousins MTS meeting 2007 Adam Antonik & Michael Huth imperial.ac.uk/quads
© Imperial College LondonPage 2 PART 1 REPORT ON PUBLISHED WORK ON MODEL CHECKING PARTIAL KRIPKE STRUCTURES
© Imperial College LondonPage 3 Partial Kripke structures Often need aggressive abstraction of model prior to model checking Partial state spaces facilitate this, as Kripke structures with 3-valued labeling [Bruns & Godefroid 1999]
© Imperial College LondonPage 4 Abstraction-based model checking Partial Kripke structures have abstraction & refinement notion System = Kripke structure Abstraction = Partial Kripke structure, refined by System Verification Problem: “Do all Kripke structure refinements of Abstraction satisfy formula of mu-calculus?” - If so, System will satisfy it, too. - If not, we may be no wiser.
© Imperial College LondonPage 5 Complexity, Soundness & Incompleteness Verification Problem: “Do all Kripke structure refinements of Abstraction satisfy formula of mu- calculus?” This is EXPTIME-complete in formula, quadratic in model [Bruns & Godefroid 2000] Approximate version of Verification Problem linear in formula/model [Bruns & Godefroid 1999] If approximate version verifies abstraction, system also verified (soundness) If approximate version doesn’t verify abstraction, system may still satisfy considered formula: under-approximation (incompleteness)
© Imperial College LondonPage 6 Refinement = Abstraction -1
© Imperial College LondonPage 7 Example Pointed Kripke structure (N,t1) refines pointed model (M,s1)
© Imperial College LondonPage 8 Formal Verification Problem (M,s) pointed model: M with initial state s holds iff all pointed Kripke structures that refine (M,s) satisfy holds iff some pointed Kripke structure refines (M,s) and satisfies
© Imperial College LondonPage 9 Example Judgment holds
© Imperial College LondonPage 10 Counterexample Doesn’t hold: (N,t1) is counterexample
© Imperial College LondonPage 11 Approximate versions of judgments Use semantics similar to labeling algorithm Compositionally evaluate sub-formulas Do this in pessimistic and in optimistic mode for Pessimistic mode: under-approximates Optimistic mode: over-approximates
© Imperial College LondonPage 12 Optimistic (o) and pessimistic (p) approximative semantics for mu-calculus Partial Kripke structure M = (S,R,L)
© Imperial College LondonPage 13 Formal soundness of approximation For sentence and for set Soudness as two, co-dependent, implications:
© Imperial College LondonPage 14 Incompleteness of approximation If L(s,q) = 1/2, then the tautology holds at state s, but the pessimistic semantics won’t verify this. But pessimistic semantics is complete for many practically relevant property patterns [Antonik & Huth 2006], e.g. “precedence chain: 2 stimuli, 1 response; globally, q and s precede r” patterns.project.cis.ksu.edu
© Imperial College LondonPage 15 Making imprecise patterns precise All patterns at patterns.project.cis.ksu.edu are either complete (already saw an example) or become complete after trivial adjustments: is incomplete for verification, but its semantically equivalent version is complete for verification
© Imperial College LondonPage 16 Semantic self-minimization Sentence pessimistically self-minimizing: Iff for all pointed models (M,s) Sentence optimistically self-minimizing: Iff for all pointed models (M,s)
© Imperial College LondonPage 17 Decision Problems OSM = set of optimistically self-minimizing sentences PSM = set of pessimistically self-minimizing sentences VAL = set of valid sentences UNSAT = set of unsatisfiable sentences Study this for mu-calculus, modal logic, and propositional logic.
© Imperial College LondonPage 18 Partition in a picture Negation maps pairs of sets into each other: OSM and PSM I and II III and IV V and itself VI and itself Also, VAL in OSM and disjoint from PSM. Dually, UNSAT in PSM and disjoint from OSM.
© Imperial College LondonPage 19 Set OSM, hardness result Sentence in OSM iff its negation is in PSM So OSM and PSM have same complexity Deciding OSM at least as hard as deciding validity of logic: where x atomic proposition not occuring in This is desired reduction to VAL:
© Imperial College LondonPage 20 Set OSM, upper bound for mu-calculus For mu-calculus, OSM in 2EXPTIME From construct two alternating tree automata - exponential blowup in worst case - and then do language inclusion check for these automata - exponential in size of these automata [Godefroid & Huth 2005]: This language inclusion checks “completeness half” of for all pointed models (M,s)
© Imperial College LondonPage 21 Set OSM, upper bound for modal logic For modal logic, OSM in EXPSPACE From construct two two alternating tree automata as before, and again check Both automata cannot distinguish trees at depths greater than size of (so called “shallow model property” of modal logic) So the above check is in PSPACE in the size of the automata
© Imperial College LondonPage 22 Set OSM, exact bound for propositional logic Already showed OSM is coNP-hard Show PL - OSM in NP:
© Imperial College LondonPage 23 Summary of results for mu-calculus
© Imperial College LondonPage 24 Summary of results for modal logic
© Imperial College LondonPage 25 Summary of results for propositional logic
© Imperial College LondonPage 26 PART 2 REPORT ON WORK ON REFINEMENT CHECKING OF MODAL TRANSITION SYSTEMS
© Imperial College LondonPage 27 Common implementations For k > 1 pointed modal transition systems (M i,s i ) there is least-fixed point algorithm on their product state space for deciding whether these k models have a common refinement This algorithm is polynomial for fixed k This problem becomes NP-hard for k=2 already if we can name states uniquely with propositions (i.e. “nominals” in “hybrid logic”) This seems to be EXPTIME-complete in k [UNPUBLISHED] There does not exist a unique “most abstract” common refinement in general.
© Imperial College LondonPage 28 Proof sketch for EXPTIME-hardness [unpublished] Relies on EXPTIME = APSPACE Takes alternating-time Turing machine A that computes some EXPTIME-complete problem There is a polynomial P such that each input s of A has circular tape of length P(|s|) For each input s of A, construct k > 1 modal transition systems where k and size of models are polynomial in |s| Show: these k models have common refinement iff A has an accepting run for input s
© Imperial College LondonPage 29 Extensional refinement checking Let (M 1,s 1 ) and (M 2,s 2 ) be pointed modal transition systems. We write I(M i,s i ) for the class of pointed labeled transition systems that refine (M i,s i ). Deciding whether I(M 1,s 1 ) is contained in I(M 2,s 2 ) appears to be PSPACE-hard in the sum of the sizes of M 1 and M 2. [UNPUBLISHED]
© Imperial College LondonPage 30 Proof sketch for PSPACE-hardness [unpublished] QCNF, closed quantified Boolean formulas whose propositional bodies are in conjunctive normal form, e.g. x y z[ (x&!y) || !z || (!x&z)] Computing truth values of QCNF is PSPACE- complete problem Given in QCNF, construct two modal transition systems N[ ] and M[ ] such that is false iff I(N[ ],t ) I(M[ ],s ) This reduction works also for strict inclusion I(M 1,s 1 ) I(M 2,s 2 ), seems to work for disjunctive modal transition systems, but may not work for I(M 1,s 1 ) = I(M 2,s 2 )
© Imperial College LondonPage 31 Thank you.
© Imperial College LondonPage 32
© Imperial College LondonPage 33 “Experimental” data Used Perl script to randomly generate “all” formulas of propositional logic for sizes 1 to 5 Size = number of occurrences of logical connectives in formula Brute-force decision of membership: in OSM (~75%), in set VI (~50%), and in NP-complete set V (~2.45%) Less formulas seem to be in set VI as number of logical operators in formula increases
2012: J Paul GibsonTSP: Mathematical FoundationsMAT7003/Logic.1 MAT 7003 : Mathematical Foundations (for Software Engineering) J Paul Gibson, A207
Copyright 1999, 2003 G.v. Bochmann CN-FM ch.2 1 Course Notes on Formal Methods for the Development of Distributed Real-Time Applications Gregor v. Bochmann.
© Fachgebiet Softwaretechnik, Heinz Nixdorf Institut, Universität Paderborn 5. Model Checking Modellbasierte Softwareentwicklung
1 Introduction to Model Checking Ken McMillan Cadence Berkeley Labs
© 2002 Franz J. Kurfess Logic and Reasoning 1 CPE/CSC 481: Knowledge-Based Systems Dr. Franz J. Kurfess Computer Science Department Cal Poly.
NP CS 4102: Algorithms Spring 2011 Aaron Bloomfield 1.
1 Evaluating Reasoning Systems: Ontology Languages Michael Grunginger, U. Toronto Conrad Bock, U.S. NIST February 22 nd, 2007.
Complexity ©D.Moshkovitz 1 Reductions. Complexity ©D.Moshkovitz 2 Motivation Reductions are our main tool for comparison between problems.
1 Prolog Programming CM20019-S1 Y2006/07. 2 Prolog = programming in logic Main advantages ease of representing knowledge natural support of non-determinism.
1 Logic Inference Chapter 7.5, 9 CMSC 471 Adapted from slides by Tim Finin and Marie desJardins. Some material adopted from notes by Andreas Geyer-Schulz,
Analysis of Algorithms NP & NP-Complete Prof. Muhammad Saeed.
An ISO 9001:2008 Certified Organization PCTI Group Artificial Intelligence.
Discovering Missing Background Knowledge in Ontology Matching Pavel Shvaiko 17th European Conference on Artificial Intelligence (ECAI06) 30 August 2006,
Lecture 1Discrete Structures 1 1 u Introduction to sets and set notation (5.1, 5.3) u Visualizing sets: Venn diagrams (5.1) u Axiom of extension (5.1)
1 NP-Completeness Zeph Grunschlag. 2 Announcement HW9 Due Now HW Amnesty I’ll drop your lowest hw score.
Preparation for Calculus P. Graphs and Models P.1.
CS4026 Formal Models of Computation Part III Computability & Complexity Part III-A – Computability Theory.
1 A Short Introduction to Logic Summer School on Proofs as Programs 2002 Eugene (Oregon) Stefano Berardi Università di Torino
Completeness and Expressiveness. Consistency: a syntactic definition, related to the proof system. A set of formulas is consistent if there is no formula.
Combinatorial Problems I: Finding Solutions Ashish Sabharwal Cornell University March 3, nd Asian-Pacific School on Statistical Physics and Interdisciplinary.
Model Checking and Testing combined Doron Peled, University of Warwick.
The Birth of Model Checking Edmund M. Clarke Department of Computer Science Carnegie Mellon University.
1 P, NP, and NP-Complete Dr. Ying Lu RAIK 283 Data Structures & Algorithms.
Abbas Edalat Imperial College London Contains joint work with Andre Lieutier (AL) and joint work with Marko Krznaric (MK) Data Types.
Computational Complexity. Problem complexity vs. algorithmic complexity Upper bounds vs. lower bounds Exact solutions vs. approximate solutions Deterministic.
Program Verification using Probabilistic Techniques Sumit Gulwani Microsoft Research Invited Talk: VSTTE Workshop August 2006 Joint work with George Necula.
Lehrstuhl für Informatik 2 Gabriella Kókai: Maschine Learning 1 Computational Learning Theory.
1 Relational Algebra Chapter 4, Part A. 2 Relational Query Languages Query languages: Allow manipulation and retrieval of data from a database. Relational.
© 2016 SlidePlayer.com Inc. All rights reserved.