HIER ERATIC WP5: D5 D5.1: New aggregati tion str trate tegies - PowerPoint PPT Presentation

HIER ERATIC WP5: 
 
 D5 D5.1: New aggregati tion str trate tegies identi tified 
 and implemente ted in PRISM University of Birmingham: Computer Science & Maths Chris Good, Nishan Kamaleson, Dave Parker, 
 Mate Puljiz, Jon Rowe HIERATIC review meeting, Brussels, December 2014

Introduction • PRISM: tool for probabilistic verification − formal models of probabilistic systems, e.g. Markov chains − verification of formally specified quantitative properties − e.g. trigger → P ≥ 0.999 [ F ≤ 20 deploy ] - “the probability of the airbag deploying within 20 milliseconds is at least 0.999” • Terminology (in probabilistic verification) − coarse graining = bisimulation − aggregation = lumping = bisimulation minimisation • This talk: − novel implementations of bisimulation minimisation in PRISM − 1. full bisimulation minimisation − 2. finite-horizon bisimulation minimisation

Bisimulation minimisation • Probabilistic bisimulation 0.1 0.2 − preserves stepwise behaviour and labels 1 s 0 s 1 s 2 s 3 1 0.4 − (and thus all properties of interest) 1 1 0.1 1 • Bisimulation minimisation: 0.3 {err} 0.9 s 4 s 5 − finds coarsest bisimulation preserving s 6 0.7 all labels of interest 0.3 − builds quotient Markov chain B 1 0.1 • Based on partition refinement 0.2 1 s 0 s 1 s 2 s 3 1 0.4 • Initial partition is generated 
 1 1 0.1 on labels of Markov chain 1 0.3 {err} 0.9 s 4 s 5 s 6 0.7 • Π 0: B 1 ={s 0 ,s 1 ,s 2 ,s 3 ,s 4 ,s 5 }, B 2 ={s 6 } 0.3 3 B 2

Bisimulation minimisation • Partition repeatedly refined (split) until no longer possible • final partition and quotient model gives bisimulation 0.1 0.2 1 Π : { {s 0 ,s 4 }, {s 1 ,s 5 }, {s 6 }, {s 2 ,s 3 } } s 0 s 1 s 2 s 3 1 0.4 1 1 0.1 0.3 1 0.3 {err} 1 0.9 s 1 ,s 5 s 6 s 2 ,s 3 s 0 ,s 4 s 4 s 5 s 6 1 0.7 1 1 0.7 {err} 0.3 • Two approaches to implementation of splitting: • signature or splitter based 4

Implementing bisimulation minimisation [ Derisavi, 2007 ] Bisimulation Minimisation Signature [Valmari & Franceschinis, PMC & Sorting 2010] Splitter Splay Tree [Derisavi et al., 2003]

Implementing bisimulation minimisation • Generates signature for each state s ∈ S Bisimulation Minimisation Signature - i.e. outgoing probabilities from s to each block B in the current partition Π PMC & Sorting Splitter Splay Tree • Selects potential splitter B s ∈ Π - a splitter B s is a block such that probability of going to B s differs for some states in block B - i.e. ∃ s i ,s j ∈ B . P(s i , B s ) ≠ P(s j , B s )

Splitter vs. Signature • Implemented signature/splitter based algorithms in PRISM − tested on standard PRISM benchmarks PMC Splay Signature Model (ms) (ms) (ms) Brp [N=16, Max=2] 29 28 42 Crowds [TotalRuns=3, CrowdSize=5] 27 27 20 Egl [N=5, L=2] 81 80 475 Nand [N=20, K=1] 570 547 15769 • Splitter-based algorithm performs much better − signature-based considers all states in every iteration 7

Finite-horizon minimisation • Consider a finite-horizon property like P =? [ F ≤ k err ] - "what is the probability of an error 
 occurring within k steps?" • On this model: 0.1 0.2 1 s 1 s 2 s 3 s 4 1 0.3 0.6 1 1 0.1 s 0 0.4 1 0.4 0.9 {err} s 5 s 6 s 7 0.7 0.3 • Do we need to perform full bisimulation minimisation? 8

Finite-horizon minimisation • No: Performing k (step-wise) splitting iterations suffices • Reduced model now preserves behaviour within k time steps • Example model (for time horizon k = 2) B 2 0.1 0.2 1 s 1 s 2 s 3 s 4 1 0.3 0.6 1 1 0.1 s 0 0.4 1 0.4 0.9 {err} s 5 s 6 s 7 0.7 B 3 0.3 B 1 B 0 9

Finite-horizon minimisation Initialise • Initial partition generated based on labels Partition • Split step-wise for k iterations Splitting − signature-based is straightforward − splitter-based algorithm requires finite-horizon adaptation Construct the • Markov chain generated from the Markov chain split states 10

Finite-horizon coarse graining • Instance of more general framework from WP1 Markov chain P previous 
 final 
 initial 
 partition Π k-1 partition Π k partition Π 0 11 (k = N)

Implementation and results • Finite-horizon minimisation implemented in PRISM − signature and splitter variants are implemented • Results for one benchmark: − Nand [N=20, K=1] − with property P =? [ F <=50 (s=4 & z/N<0.1) ] Full bisimulation Finite-horiz. Results Saved minimisation minimisation Computation (ms) 312 34 278 Minimisation (ms) 411 120 291 Number of states 39982 3526 36456 12

Results : Time Nand Nand 2000 1800 1600 1400 e(ms) ) 1200 Time(m 1000 Finite Horizon Tim 800 Full Bisimulation Minimisation 600 400 200 0 1 31 61 91 121 151 181 211 241 Num of Ite terati tions (k) Crowds Crowd s Brp Brp Egl Eg 40 80 120 100 30 60 e(ms) ) ) e(ms) e(ms) ) 80 Time(m Time(m Time(m 20 40 60 Tim Tim Tim 40 10 20 20 0 0 0 1 5 9 13 17 1 21 41 61 81 1 4 7 10 13 16 19 22 25 28 31 13 Num of Ite terati tions (k) Num of Ite terati tions (k) Num of Ite terati tions (k)

Results : Space Nand Nand 45000 40000 35000 tes tate 30000 Num of Sta 25000 20000 15000 10000 5000 0 1 21 41 61 81 101 121 141 161 181 201 221 241 Num of Ite terati tions (k) Brp Brp Egl Eg Crowd Crowds s 400 250 50 tes tes tes 200 tate tate 40 300 tate Num of Sta Num of Sta 150 Num of Sta 30 200 100 20 50 100 10 0 0 0 1 4 7 10 13 16 19 22 25 28 31 1 21 41 61 81 1 3 5 7 9 11 13 15 17 Num of Ite terati tions (k) Num of Ite terati tions (k) 14 Num of Ite terati tions (k)

Current work • Current work: larger, more complex models • For example: NTOP reaction network (see WP7) 15

Summary (WP5) • Probabilistic bisimulation − implemented several variants in PRISM − splitter based algorithm performs significantly better • Finite-horizon bisimulation minimisation − performs k (step-wise) splitting iterations − answers finite horizon reachability questions − saves space and time over normal bisimulation • Future work − more efficient/scalable algorithms and implementations − currently, we construct the full model prior to minimisation − key aim: avoid construction via on-the-fly model reduction 16