A PEX : An analyzer for open probabilistic programs Stefan Kiefer 1 - - PowerPoint PPT Presentation

a pex an analyzer for open probabilistic programs
SMART_READER_LITE
LIVE PREVIEW

A PEX : An analyzer for open probabilistic programs Stefan Kiefer 1 - - PowerPoint PPT Presentation

Apr 11, 2024 321 likes •434 views

A PEX : An analyzer for open probabilistic programs Stefan Kiefer 1 Andrzej S. Murawski 2 el Ouaknine 1 Jo orn Wachter 1 James Worrell 1 Bj 1 University of Oxford, UK 2 University of Leicester, UK CAV 2012, Berkeley 11 July 2012 Stefan

slide-1
SLIDE 1

APEX: An analyzer for

  • pen probabilistic programs

Stefan Kiefer1 Andrzej S. Murawski2 Jo¨ el Ouaknine1 Bj¨

  • rn Wachter1

James Worrell1

1University of Oxford, UK 2University of Leicester, UK

CAV 2012, Berkeley 11 July 2012

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-2
SLIDE 2

APEX Overview

  • pen = program may have unspecified variables or functions

APEX key technology: game semantics translates probabilistic programs to probabilistic automata automaton represents the

  • bservable behavior of an algorithm or protocol
  • bservable: input, output, maybe timing, . . .

unobservable: internal computation, maybe timing, . . . APEX can analyze: dining cryptographers Hibbard’s algorithm for random tree insertion Herman’s self-stabilization protocol . . .

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-3
SLIDE 3

Equivalence

Verification of open programs reduces to checking program equivalence. Theorem (Murawski, Ouaknine, CONCUR’05) Two open probabilistic program are equivalent if and only if the corresponding prob. automata are language equivalent. Language equivalence of prob. automata reduces to a linear algebra problem with efficient solutions, see [KMOWW, CAV’12] APEX also performs the language equivalence check. Provides a counterexample in case of inequivalence.

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-4
SLIDE 4

Example: The Grades Protocol

Students want to find out the sum of their grades. No student wants to reveal anything about her/his own grade. S1 S2 S3 S4 S5 S6 Each student announces (g + ℓ − r) mod N. The sum is telescoping equals the sum of grades (mod N). But maybe individual grades leak?

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-5
SLIDE 5

Example: The Grades Protocol

\\ Implementation const N := S * (G-1) + 1; grade:int%G, out:var%N |- var%(S+1) i; i := 0; var%N first; first := rand[N]; var%N r; r := first; while(i<S) do { var%N l; i := succ(i); i f (i=S) then l := first else l := rand[N];

  • ut := (grade + l) - r;

r := l; } \\ Specification const N := S * (G-1) + 1; grade:int%G, out:var%N |- var%S i; var%N total; i := 1; while(i) do { total := grade + total; var%N r; r := rand[N];

  • ut := r;

total := total - r; i := succ(i) };

  • ut := grade + total

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-6
SLIDE 6

Example: The Grades Protocol

Implementation:

0 grade : 1 write(1) out : 1 1 grade : 1 write(1) out : 1 write(0) out : 1 write(2) out : 1 0 grade : 1/3 1 grade : 1/3 1 grade : 1 1 grade : 1/3 write(2) out : 1 1 grade : 1/3 0 grade : 1/3 0 grade : 1/3 write(1) out : 1 write(0) out : 1 0 grade : 1 write(2) out : 1 write(0) out : 1 0 grade : 1 1 grade : 1

Specification:

1 grade : 1 write(1) out : 1/3 write(1) out : 1 write(0) out : 1/3 0 grade : 1 write(2) out : 1 1 grade : 1 0 grade : 1 0 grade : 1 write(0) out : 1 write(1) out : 1/3 0 grade : 1 write(0) out : 1/3 1 grade : 1 write(2) out : 1/3 write(2) out : 1/3 1 grade : 1

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-7
SLIDE 7

Example: The Grades Protocol

Implementation:

0 grade : 1 write(1) out : 1 1 grade : 1 write(1) out : 1 write(0) out : 1 write(2) out : 1 0 grade : 1/3 1 grade : 1/3 1 grade : 1 1 grade : 1/3 write(2) out : 1 1 grade : 1/3 0 grade : 1/3 0 grade : 1/3 write(1) out : 1 write(0) out : 1 0 grade : 1 write(2) out : 1 write(0) out : 1 0 grade : 1 1 grade : 1

Specification:

1 grade : 1 write(1) out : 1/3 write(1) out : 1 write(0) out : 1/3 0 grade : 1 write(2) out : 1 1 grade : 1 0 grade : 1 0 grade : 1 write(0) out : 1 write(1) out : 1/3 0 grade : 1 write(0) out : 1/3 1 grade : 1 write(2) out : 1/3 write(2) out : 1/3 1 grade : 1

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

APEX reports: Equivalent. anonymity

slide-8
SLIDE 8

APEX Architecture

Parser program 1 program 2 AST 1 AST 2 Automata Construction conditional while sequence ... automaton 1 automaton 2 Equivalence Checker yes no word

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs

slide-9
SLIDE 9

APEX Online Tool Demo

Try our online tool demo at cs.ox.ac.uk/apex

Stefan Kiefer, A.S. Murawski, J. Ouaknine, B. Wachter, J. Worrell APEX: An analyzer for open probabilistic programs