Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Learning Mealy Machines with Timers Bengt Jonsson Frits Vaandrager Uppsala University and Radboud University Nijmegen IPA Fall Days, Nunspeet, November 2017 Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Goal active automaton learning Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Minimally adequate teacher (Angluin) input sequences MQ output sequences Learner Teacher hypothesis EQ counterexample Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Black box checking (Peled, Vardi & Yannakakis) MQ SUL TQs CT EQ Learner Teacher Learner: Formulate hypotheses Conformance Tester (CT): Test correctness hypotheses Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work LearnLib Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Research method Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Research method This talk: THEORY Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Research method This talk: THEORY (motivated by earlier applications) Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Bugs in protocol implementations Standard violations found in implementations of major protocols, e.g., TCP (CAV’16, FMICS’17), TLS (Usenix Security’15), SSH (Spin’17). Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Bugs in protocol implementations Standard violations found in implementations of major protocols, e.g., TCP (CAV’16, FMICS’17), TLS (Usenix Security’15), SSH (Spin’17). These findings led to several bug fixes in implementations. Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Learned model for SSH implementation Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work SSH model checking results Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work For background and applications see CACM review article Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Motivation for work presented today Timing behavior plays a crucial role in applications of model learning, but existing algorithms and tools cannot handle it. There is some work on algorithms for learning timed systems: Grinchtein, Jonsson & Leucker. Learning of event-recording automata. TCS, 2010. Mens & Maler. Learning Regular Languages over Large Ordered Alphabets. LMCS, 2015. Caldwel, Cardell-Oliver & French. Learning time delay Mealy machines. IEEE TASE, 2016. but this is not so practical because of high complexity and/or limited expressivity. Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Timing Behavior in Network Protocols Sender alternating-bit protocol, adapted from Kurose & Ross, Computer Networking: in / send0 start timer ( 3sec ) timeout / send0 q 0 q 1 start start timer (3 sec ) ack1 / void ack0 / void stop timer stop timer timeout / send1 q 3 q 2 start timer ( 3sec ) in / send1 start timer ( 3sec ) Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Idea Develop learning algorithm for Mealy machines with timers!!! Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Idea Develop learning algorithm for Mealy machines with timers!!! Occurrence of timing dependent behavior fully determined by previous behavior Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work MMTs Assume an unbounded set X of timers x , x 1 , x 2 , etc. For a set I , write ˆ I = I ∪ { to [ x ] | x ∈ X } . Definition A Mealy machine with timers (MMT) is a tuple M = ( I , O , Q , q 0 , X , δ, λ, π ), where I and O are finite sets of input and output events Q is a finite set of states with q 0 ∈ Q the initial state X : Q → P fin ( X ), with X ( q 0 ) = ∅ δ : Q × ˆ → Q is a transition function, I ֒ λ : Q × ˆ → O is an output function, I ֒ π : Q × ˆ → N > 0 ) is a timer update function → ( X ֒ I ֒ (satisfying some natural conditions) Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Operations on timers i / o ,ρ → q ′ if δ ( q , i ) = q ′ , λ ( q , i ) = o and π ( q , i ) = ρ . − − − Write q Basically, four things can happen: 1 If x ∈ X ( q ) \ X ( q ′ ) then input i stops timer x . 2 If x ∈ X ( q ′ ) \ X ( q ) then i starts timer x with value ρ ( x ). 3 If x ∈ X ( q ) ∩ dom( ρ ) then i restarts timer x with value ρ ( x ). 4 Finally, if x ∈ X ( q ′ ) \ dom( ρ ) then timer x is unaffected by i . Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Timed Semantics (1) A configuration of an MMT is a pair ( q , κ ) of a state q and a valuation κ : X ( q ) → R ≥ 0 of its timers. When time advances, all timers decrease at the same rate; a timeout occurs when value of some timer becomes 0. A timed run of an MMT is a sequence i 1 / o 1 i k / o k d 1 d 2 → ( q 0 , κ ′ − − − − → ( q 1 , κ 1 ) − → · · · − − − → ( q k , κ k ) ( q 0 , κ 0 ) 0 ) of configurations, nonzero delays, and discrete transitions. Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work Timed Semantics (2) A timed word describes an observation we can make on an MMT: d 1 i 1 o 1 d 2 i 2 o 2 · · · d k i k o k , w = where d j ∈ R > 0 , i j ∈ I ∪ { to } , and o j ∈ O . To each timed run α we associate a timed word tw ( α ) by forgetting the configurations and names of timers in timeouts. Definition MMTs M and N are timed equivalent, denoted M ≈ timed N , iff they have the same timed words. Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work “Uncontrollable” Nondeterminism q 0 start i / o , x := 1, y := 1 to [ x ] / o ′ q 2 q 1 q 3 to [ y ] / o ′′ Accepts timed words 1 i o 1 to o ′ and 1 i o 1 to o ′′ . Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work “Uncontrollable” Nondeterminism q 0 start i / o , x := 1, y := 1 to [ x ] / o ′ q 2 q 1 q 3 to [ y ] / o ′′ Accepts timed words 1 i o 1 to o ′ and 1 i o 1 to o ′′ . ⇒ We assume at most one timer can be updated per transition. Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work “Controllable” Nondeterminism to [ y ] / o ′′ , y := 1 i / o , x := 2 i / o , y := 1 q 0 q 1 q 2 start to [ x ] / o , x := 2 to [ x ] / o ′ , x := 1 Accepts timed words 7 i o 1 i o 1 to o ′ and 7 i o 1 i o 1 to o ′′ . Jonsson and Vaandrager Learning Mealy Machines with Timers
Introduction Mealy machines with timers Untimed semantics Learning algorithm Conclusions and future work “Controllable” Nondeterminism to [ y ] / o ′′ , y := 1 i / o , x := 2 i / o , y := 1 q 0 q 1 q 2 start to [ x ] / o , x := 2 to [ x ] / o ′ , x := 1 Accepts timed words 7 i o 1 i o 1 to o ′ and 7 i o 1 i o 1 to o ′′ . ⇒ During learning we will simply avoid these race conditions. Jonsson and Vaandrager Learning Mealy Machines with Timers
Recommend
More recommend
