HIER ERATIC WP5: D5 D5.1: New aggregati tion str trate tegies - - PowerPoint PPT Presentation

HIER ERATIC WP5:


D5 D5.1: New aggregati tion str trate tegies identi tified
 and implemente ted in PRISM

HIERATIC review meeting, Brussels, December 2014

University of Birmingham: Computer Science & Maths

Chris Good, Nishan Kamaleson, Dave Parker,
 Mate Puljiz, Jon Rowe

Introduction

• PRISM: tool for probabilistic verification

− formal models of probabilistic systems, e.g. Markov chains − verification of formally specified quantitative properties − e.g. trigger → P≥0.999 [ F≤20 deploy ] - “the probability of the airbag deploying within 20 milliseconds is at least 0.999”

• Terminology (in probabilistic verification)

− coarse graining = bisimulation − aggregation = lumping = bisimulation minimisation

• This talk:

− novel implementations of bisimulation minimisation in PRISM − 1. full bisimulation minimisation − 2. finite-horizon bisimulation minimisation

3

Bisimulation minimisation

• Based on partition refinement
• Initial partition is generated 

• n labels of Markov chain
• Π0: B1={s0,s1,s2,s3,s4,s5}, B2={s6}

s1 s0

1

s2 s3

1

{err}

s5 s4 s6

1 0.2 0.1 0.3 0.4 1 1 0.3 0.7 0.1 0.9

B2 B1

s1 s0

1

s2 s3

1

{err}

s5 s4 s6

1 0.2 0.1 0.3 0.4 1 1 0.3 0.7 0.1 0.9

• Probabilistic bisimulation

− preserves stepwise behaviour and labels − (and thus all properties of interest)

• Bisimulation minimisation:

− finds coarsest bisimulation preserving all labels of interest − builds quotient Markov chain

4

Bisimulation minimisation

Π : { {s0,s4}, {s1,s5}, {s6}, {s2,s3} }

s0,s4 1 s6 {err}

1 0.3 1 0.7

s1,s5 s2,s3

1

s1 s0

1

s2 s3

1

{err}

s5 s4 s6

1 0.2 0.1 0.3 0.4 1 1 0.3 0.7 0.1 0.9

• Partition repeatedly refined (split) until no longer possible
• final partition and quotient model gives bisimulation
• Two approaches to implementation of splitting:
• signature or splitter based

Implementing bisimulation minimisation

Bisimulation Minimisation

Signature Splitter PMC & Sorting Splay Tree

[Derisavi, 2007]

[Derisavi et al., 2003] [Valmari & Franceschinis, 2010]

Implementing bisimulation minimisation

Bisimulation Minimisation

Signature Splitter PMC & Sorting Splay Tree

• Selects potential splitter Bs ∈ Π
• a splitter Bs is a block such that probability of going to Bs

differs for some states in block B

• i.e. ∃si,sj∈B . P(si, Bs) ≠ P(sj, Bs)
• Generates signature for each state s∈S
• i.e. outgoing probabilities from s to

each block B in the current partition Π

7

Splitter vs. Signature

• Implemented signature/splitter based algorithms in PRISM

− tested on standard PRISM benchmarks

• Splitter-based algorithm performs much better

− signature-based considers all states in every iteration Model PMC (ms) Splay (ms) Signature (ms)

Brp [N=16, Max=2] 29 28 42 Crowds [TotalRuns=3, CrowdSize=5] 27 27 20 Egl [N=5, L=2] 81 80 475 Nand [N=20, K=1] 570 547 15769

8

• Consider a finite-horizon property like

P=? [ F≤k

err ] - "what is the probability of an error


• ccurring within k steps?"
• On this model:
• Do we need to perform full bisimulation minimisation?

Finite-horizon minimisation

s2 s1

1

s3 s4

1

{err}

s6 s5 s7

1 0.2 0.1 0.3 1 0.4 0.7 0.1 0.9

s0

0.6 0.4 0.3 1

9

• No: Performing k (step-wise) splitting iterations suffices
• Reduced model now preserves behaviour within k time steps
• Example model (for time horizon k = 2)

Finite-horizon minimisation

B1 B2 B3

s2 s1

1

s3 s4

1

{err}

s6 s5 s7

1 0.2 0.1 0.3 1 0.4 0.7 0.1 0.9

s0

0.6 0.4 0.3 1

B0

10

Finite-horizon minimisation

Initialise Partition Splitting Construct the Markov chain

• Initial partition generated based on labels
• Split step-wise for k iterations

− signature-based is straightforward − splitter-based algorithm requires finite-horizon adaptation

• Markov chain generated from the

split states

11

Finite-horizon coarse graining

• Instance of more general framework from WP1

Markov chain P final
 partition Πk (k = N) previous
 partition Πk-1 initial
 partition Π0

12

Implementation and results

• Finite-horizon minimisation implemented in PRISM

− signature and splitter variants are implemented

• Results for one benchmark:

− Nand [N=20, K=1] − with property P=? [ F<=50 (s=4 & z/N<0.1) ] Results Full bisimulation minimisation Finite-horiz. minimisation Saved Computation (ms)

312 34 278

Minimisation (ms)

411 120 291

Number of states

39982 3526 36456

13

Results : Time

200 400 600 800 1000 1200 1400 1600 1800 2000 1 31 61 91 121 151 181 211 241 Tim Time(m e(ms) ) Num of Ite terati tions (k)

Nand Nand

Finite Horizon Full Bisimulation Minimisation

10 20 30 40 1 5 9 13 17 Tim Time(m e(ms) ) Num of Ite terati tions (k)

Crowd Crowds s

20 40 60 80 1 21 41 61 81 Tim Time(m e(ms) ) Num of Ite terati tions (k)

Brp Brp

20 40 60 80 100 120 1 4 7 10 13 16 19 22 25 28 31 Tim Time(m e(ms) ) Num of Ite terati tions (k)

Eg Egl

14

Results : Space

10 20 30 40 50 1 3 5 7 9 11 13 15 17 Num of Sta tate tes Num of Ite terati tions (k)

Crowd Crowds s

100 200 300 400 1 21 41 61 81 Num of Sta tate tes Num of Ite terati tions (k)

Brp Brp

50 100 150 200 250 1 4 7 10 13 16 19 22 25 28 31 Num of Sta tate tes Num of Ite terati tions (k)

Eg Egl

5000 10000 15000 20000 25000 30000 35000 40000 45000 1 21 41 61 81 101 121 141 161 181 201 221 241 Num of Sta tate tes Num of Ite terati tions (k)

Nand Nand

15

Current work

• Current work: larger, more complex models
• For example: NTOP reaction network (see WP7)

16

Summary (WP5)

• Probabilistic bisimulation

− implemented several variants in PRISM − splitter based algorithm performs significantly better

• Finite-horizon bisimulation minimisation

− performs k (step-wise) splitting iterations − answers finite horizon reachability questions − saves space and time over normal bisimulation

• Future work

− more efficient/scalable algorithms and implementations − currently, we construct the full model prior to minimisation − key aim: avoid construction via on-the-fly model reduction