Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proving Programs Robust Swarat Chaudhuri 1,3 Sumit Gulwani 2 Roberto Lublinerman 1 Sara Navidpour 1 1 Pennsylvania State University 2 Microsoft Research.

Published byDavid Derrick Lawrence Modified over 8 years ago

Similar presentations

Presentation on theme: "Proving Programs Robust Swarat Chaudhuri 1,3 Sumit Gulwani 2 Roberto Lublinerman 1 Sara Navidpour 1 1 Pennsylvania State University 2 Microsoft Research."— Presentation transcript:

1 Proving Programs Robust Swarat Chaudhuri 1,3 Sumit Gulwani 2 Roberto Lublinerman 1 Sara Navidpour 1 1 Pennsylvania State University 2 Microsoft Research 3 Rice University

2 Uncertainty Uncertainty: stale satellite data, erroneous sensor measurements, … Does your program handle uncertainty robustly? FSE’11: Szeged, Hungary. 2 Proving programs robust

3 Robustness FSE’11: Szeged, Hungary. 3 Proving programs robust  Correctness in settings without uncertainty does not imply correctness in uncertain environments.

4 Before we “measure” robustness Proving programs robust FSE’11: Szeged, Hungary. 4 3.14159

5 How would we “measure” robustness? No “jumps” due to loops and branches Analytical continuity P Chaudhuri, Gulwani, Lublinerman. Continuity Analysis of Programs. POPL 2010. f(x) = e x

6 Quantitative robustness properties k-robustness: Change in output is bounded by K times the change in inputs. P FSE’11: Szeged, Hungary. 6 Proving programs robust

7 Distance on arrays Proving programs robust FSE’11: Szeged, Hungary. 7 42516 11031 51545 - = = 3 max

8 Distance on graphs Proving programs robust FSE’11: Szeged, Hungary. 8 3 1 2 2 1 5 2 4 1 1 12120 = 2max - = 22131 14251

9  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 9 You are here

10  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 10 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00        

11  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 11 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00   1  2   

12  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 12 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00  2 1 2 2   

13  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 13 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00 6.10 2 1 2 2   

14  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 14 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00 6 2 1 2 2 5  

15  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 15 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00 6 2 1 2 2 5 7 

16  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 16 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00 6 2 1 2 2 5 7 9

17  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 17 3.00 2.00 1.00 4.00 4.10 3.00 2.00 1.00 You are here 2.00 1.00 6 2 1 2 2 5 7 9 0.95 2.10

18  Robustness of shortest path Proving programs robust FSE’11: Szeged, Hungary. 18 3.00 1.00 4.00 4.10 3.00 2.00 0.95 You are here 2.00 1.00 6.05 1.95 0.95 1.95 2.10 5.10 7.10 9.05 2.10

19 k-robustness and classical problems ProblemInputOutputk-robustness Max of an array elements in the array maximum element of the array 1-robust Minimum spanning tree graphcostN-robust Sorting elements in the array sorted array1-robust FSE’11: Szeged, Hungary. 19 Proving programs robust

20 Robustness matrices R[y,x] = k  -variation in initial value of x produces at most a k  -variation in final value of y Proving programs robust FSE’11: Szeged, Hungary. 20

21 How do we prove k-robustness FSE’11: Szeged, Hungary. 21 Proving programs robust

22 How do we prove k-robustness FSE’11: Szeged, Hungary. 22 Proving programs robust

23 Proving k-robustness if B FT P1P1 P1P1 P2P2 P2P2 P 1. P 1 has robustness matrix R 1 2.P 2 has robustness matrix R 2 3.P is continuous *1 P has robustness matrix max(R 1, R 2 ) FSE’11: Szeged, Hungary. 23 Proving programs robust *1 Chaudhuri, Gulwani, Lublinerman. Continuity Analysis of Programs. POPL 2010.

24 Proving k-robustness P1P1 P1P1 P2P2 P2P2 P 1. P 1 has robustness matrix R 1 2.P 2 has robustness matrix R 2 P has robustness matrix R 2 R 1 FSE’11: Szeged, Hungary. 24 Proving programs robust Analogous to the “chain rule”

25 Proving piecewise k-robustness while B Q Q P 1. Q has robustness matrix R 2.N is the bound on loop iterations 3.P is continuous * 1 P has robustness matrix R N FSE’11: Szeged, Hungary. 25 Proving programs robust *1 Chaudhuri, Gulwani, Lublinerman. Continuity Analysis of Programs. POPL 2010.

26 Example: Dijsktra’s shortest path algorithm FSE’11: Szeged, Hungary. 26 Proving programs robust procedure Dijkstra(G: graph, src: node): for each node v in G: d[v] =  d[src] = 0; W := edges of G while W is not empty remove G[w,v] from W s.t. d[w] is minimal z = d[w] + G[w,v] if z < d[v] d[v] = z; prev[v] = w

27 Example: Dijsktra’s shortest path algorithm FSE’11: Szeged, Hungary. 27 Proving programs robust procedure Dijkstra(G: graph, src: node): for each node v in G: d[v] =  d[src] = 0; W := edges of G while W is not empty remove G[w,v] from W s.t. d[w] is minimal z = d[w] + G[w,v] if z < d[v] d[v] = z; prev[v] = w d[0] =  d[src] = 0

28 Example: Dijsktra’s shortest path algorithm FSE’11: Szeged, Hungary. 28 Proving programs robust procedure Dijkstra(G: graph, src: node): for each node v in G: d[v] =  d[src] = 0; W := edges of G while W is not empty remove G[w,v] from W s.t. d[w] is minimal z = d[w] + G[w,v] if z < d[v] d[v] = z; prev[v] = w if d[v] > d[w] + G[w,v] TF d[v]=d[w] + G[w,v]

29 Example: Dijsktra’s shortest path algorithm FSE’11: Szeged, Hungary. 29 Proving programs robust procedure Dijkstra(G: graph, src: node): for each node v in G: d[v] =  d[src] = 0; W := edges of G while W is not empty remove G[w,v] from W s.t. d[w] is minimal z = d[w] + G[w,v] if z < d[v] d[v] = z; prev[v] = w while W not empty Q Q d is N-robust in G

30 Applications: Robustness Proofs for Embedded Systems FSE’11: Szeged, Hungary. 30 Proving programs robust

31 for i:= …. Approximate Computation: Trade accuracy for reduced cost FSE’11: Szeged, Hungary. 31 Proving programs robust P’

32 Approximate loop rewriting: Our static analysis can guide this sort of approximation Accuracy vs. Performance trade-off of loop perforation [Sidiroglou, Misailovic, Hoffman, Rinard FSE11] Applications: Approximate Computation FSE’11: Szeged, Hungary. 32 Proving programs robust for i := 1 to n by 1 z = f(x[i]) sum = sum + z 2

33 Differential privacy [Dwork] FSE’11: Szeged, Hungary. 33 Proving programs robust Applications: Privacy in Statistical Databases

34 Results Implemented the analysis in a tool. – use Z3 to discharge continuity judgments. Proved robustness for many classical algorithms Proving programs robust FSE’11: Szeged, Hungary. 34 Bubble sortDijkstraKnapsack Insertion sortBellman-fordSmall controller Selection sortKruskall Merge sortPrim

35 Related Work Work on interval polyhedra [Chen et al 2009] [Chen et al 2010] Continuity analysis of programs [Chaudhuri et al 2010] Testing for robustness [Majmudar et al 2010] Calculus for differential privacy [Reed and Pierce 2010] Proving programs robust FSE’11: Szeged, Hungary. 35

36 Conclusion Robustness is an important correctness property for programs operating under uncertainty. We provide a automated program analysis for robustness. k-robustness can be proved mechanically for many interesting programs. Applications in different domains. FSE’11: Szeged, Hungary. 36 Proving programs robust

37 14567 12456 Sorting 1-robust? Proving programs robust FSE’11: Szeged, Hungary. 37 42516 47516

Download ppt "Proving Programs Robust Swarat Chaudhuri 1,3 Sumit Gulwani 2 Roberto Lublinerman 1 Sara Navidpour 1 1 Pennsylvania State University 2 Microsoft Research."

Similar presentations

Lecture 15. Graph Algorithms

Lecture 15. Graph Algorithms
Algorithmic Mechanism Design: an Introduction VCG-mechanisms for some basic network optimization problems: The Minimum Spanning Tree problem Guido Proietti.

Algorithmic Mechanism Design: an Introduction VCG-mechanisms for some basic network optimization problems: The Minimum Spanning Tree problem Guido Proietti.
Lower Bound for Sparse Euclidean Spanners Presented by- Deepak Kumar Gupta(Y6154), Nandan Kumar Dubey(Y6279), Vishal Agrawal(Y6541)

Lower Bound for Sparse Euclidean Spanners Presented by- Deepak Kumar Gupta(Y6154), Nandan Kumar Dubey(Y6279), Vishal Agrawal(Y6541)
Optimization Problems in Optical Networks. Wavelength Division Multiplexing (WDM) Directed: Symmetric: Undirected: Optic Fiber.

Optimization Problems in Optical Networks. Wavelength Division Multiplexing (WDM) Directed: Symmetric: Undirected: Optic Fiber.
Algorithm Design Methodologies Divide & Conquer Dynamic Programming Backtracking.

Algorithm Design Methodologies Divide & Conquer Dynamic Programming Backtracking.
1 Discrete Structures & Algorithms Graphs and Trees: III EECE 320.

1 Discrete Structures & Algorithms Graphs and Trees: III EECE 320.
Programming Abstractions for Approximate Computing Michael Carbin with Sasa Misailovic, Hank Hoffmann, Deokhwan Kim, Stelios Sidiroglou, Martin Rinard.

Programming Abstractions for Approximate Computing Michael Carbin with Sasa Misailovic, Hank Hoffmann, Deokhwan Kim, Stelios Sidiroglou, Martin Rinard.
Discussion #33 Adjacency Matrices. Topics Adjacency matrix for a directed graph Reachability Algorithmic Complexity and Correctness –Big Oh –Proofs of.

Discussion #33 Adjacency Matrices. Topics Adjacency matrix for a directed graph Reachability Algorithmic Complexity and Correctness –Big Oh –Proofs of.
Graph Traversals Visit vertices of a graph G to determine some property: Is G connected? Is there a path from vertex a to vertex b? Does G have a cycle?

Graph Traversals Visit vertices of a graph G to determine some property: Is G connected? Is there a path from vertex a to vertex b? Does G have a cycle?
Randomized Accuracy Aware Program Transformations for Efficient Approximate Computations Sasa Misailovic Joint work with Zeyuan Allen ZhuJonathan KelnerMartin.

Randomized Accuracy Aware Program Transformations for Efficient Approximate Computations Sasa Misailovic Joint work with Zeyuan Allen ZhuJonathan KelnerMartin.
Lifting Abstract Interpreters to Quantified Logical Domains Sumit Gulwani, MSR Bill McCloskey, UCB Ashish Tiwari, SRI 1.

Lifting Abstract Interpreters to Quantified Logical Domains Sumit Gulwani, MSR Bill McCloskey, UCB Ashish Tiwari, SRI 1.
Lecture 5: Linear Time Sorting Shang-Hua Teng. Sorting Input: Array A[1...n], of elements in arbitrary order; array size n Output: Array A[1...n] of the.

Lecture 5: Linear Time Sorting Shang-Hua Teng. Sorting Input: Array A[1...n], of elements in arbitrary order; array size n Output: Array A[1...n] of the.
Data Structures Heaps and Graphs i206 Fall 2010 John Chuang Some slides adapted from Marti Hearst, Brian Hayes, or Glenn Brookshear.

Data Structures Heaps and Graphs i206 Fall 2010 John Chuang Some slides adapted from Marti Hearst, Brian Hayes, or Glenn Brookshear.
CSE 421 Algorithms Richard Anderson Dijkstra’s algorithm.

CSE 421 Algorithms Richard Anderson Dijkstra’s algorithm.
Shortest Paths Definitions Single Source Algorithms –Bellman Ford –DAG shortest path algorithm –Dijkstra All Pairs Algorithms –Using Single Source Algorithms.

Shortest Paths Definitions Single Source Algorithms –Bellman Ford –DAG shortest path algorithm –Dijkstra All Pairs Algorithms –Using Single Source Algorithms.
Spring 2010CS 2251 Graphs Chapter 10. Spring 2010CS 2252 Chapter Objectives To become familiar with graph terminology and the different types of graphs.

Spring 2010CS 2251 Graphs Chapter 10. Spring 2010CS 2252 Chapter Objectives To become familiar with graph terminology and the different types of graphs.
Chapter 9 Graph algorithms Lec 21 Dec 1, 2010. Sample Graph Problems Path problems. Connectedness problems. Spanning tree problems.

Chapter 9 Graph algorithms Lec 21 Dec 1, Sample Graph Problems Path problems. Connectedness problems. Spanning tree problems.
Utrecht, february 22, 2002 Applications of Tree Decompositions Stan van Hoesel KE-FdEWB Universiteit Maastricht 043-3883727

Utrecht, february 22, 2002 Applications of Tree Decompositions Stan van Hoesel KE-FdEWB Universiteit Maastricht
DAST 2005 Tirgul 12 (and more) sample questions. DAST 2005 Q.We’ve seen that solving the shortest paths problem requires O(VE) time using the Belman-Ford.

DAST 2005 Tirgul 12 (and more) sample questions. DAST 2005 Q.We’ve seen that solving the shortest paths problem requires O(VE) time using the Belman-Ford.
1 Parallel Algorithms III Topics: graph and sort algorithms.

1 Parallel Algorithms III Topics: graph and sort algorithms.

Similar presentations

Ads by Google