Learning Nominal Automata Joshua Moerman Matteo Sammartino , - - PowerPoint PPT Presentation

Learning Nominal Automata

POPL 2017 Paris

Joshua Moerman (Radboud University) Matteo Sammartino, Alexandra Silva (University College London) Bartek Klin, Michał Szynwelski (Warsaw University)

Active learning

Learner queries answers builds System black-box

S

automaton model of

S

1

Active learning

Learner queries answers builds System black-box

S

automaton model of

S

No formal specification available? Learn it!

1

set of system behaviors is a regular language Finite alphabet of system’s actions A

L ⊆ A

L* algorithm (D.Angluin ’87)

2

set of system behaviors is a regular language Finite alphabet of system’s actions A

L ⊆ A

L* algorithm (D.Angluin ’87)

Learner Teacher

L

2

set of system behaviors is a regular language Finite alphabet of system’s actions A

L ⊆ A

L* algorithm (D.Angluin ’87)

Learner Teacher

L

Q:w ∈ L? A: Y/N

2

set of system behaviors is a regular language Finite alphabet of system’s actions A

L ⊆ A

L* algorithm (D.Angluin ’87)

Learner Teacher

L

Q:w ∈ L? A: Y/N

L(H) = L?

Q: A: Y / N + counterexample H = hypothesis automaton

H

2

set of system behaviors is a regular language Finite alphabet of system’s actions A

L ⊆ A

L* algorithm (D.Angluin ’87)

Learner Teacher

L

Q:w ∈ L? A: Y/N Minimal DFA accepting L

L

builds L(H) = L?

Q: A: Y / N + counterexample H = hypothesis automaton

H

2

A = {a, b}

Observation table

a aa 1 a 1 b

• row: S ∪ S·A → 2E

S, E ⊆ A

S

∪ S·A  

E

row(s)(e) = 1 ⇐ ⇒ se ∈ L

3

A = {a, b}

Observation table

states = {row(s) | s ∈ S} {row(s) | s ∈ S, row(s)() = 1} final states = initial state = row()

row(s)

a

− → row(sa)

Hypothesis automaton{ transition function

a aa 1 a 1 b

• row: S ∪ S·A → 2E

S, E ⊆ A

S

∪ S·A  

E

row(s)(e) = 1 ⇐ ⇒ se ∈ L

3

A = {a, b}

Observation table

states = {row(s) | s ∈ S} {row(s) | s ∈ S, row(s)() = 1} final states = initial state = row()

row(s)

a

− → row(sa)

Hypothesis automaton{ transition function

a aa 1 a 1 b

• row: S ∪ S·A → 2E

S, E ⊆ A

S

∪ S·A  

E

row(s)(e) = 1 ⇐ ⇒ se ∈ L

Why is this correct?

3

Closed

Consistent

Table properties

∀t ∈ S · A ∃s ∈ S row(t) = row(s).

next state exists next state is unique

∀s1, s2 ∈ S row(s1) = row(s2) = ⇒ ∀a ∈ A row(s1a) = row(s2a)

4

Closed

Consistent

Table properties

∀t ∈ S · A ∃s ∈ S row(t) = row(s).

next state exists next state is unique

∀s1, s2 ∈ S row(s1) = row(s2) = ⇒ ∀a ∈ A row(s1a) = row(s2a)

row(s)

a

− → row(sa)

4

Closed

Consistent

Table properties

∀t ∈ S · A ∃s ∈ S row(t) = row(s).

next state exists next state is unique

∀s1, s2 ∈ S row(s1) = row(s2) = ⇒ ∀a ∈ A row(s1a) = row(s2a)

row(s)

a

− → row(sa)

4

A = {a, b}

Fixed by extending the table

Pros of L* …

Applications : Hardware verification, security/network protocols… Generalizations : Mealy machines, I/O automata, …

simple is beautiful

POWERFUL

&

6

… and shortcomings

What if program model needs to express data-flow? L* learns control-flow

• perations on data values

comparisons between data values

push(x) pop(y) FIFO y = front element

7

Automata over infinite alphabets (nominal automata)

8

L = {aa, bb, cc, dd, . . . }

A = {a, b, c, d, . . . }

infinite alphabet

Automata over infinite alphabets (nominal automata)

8

L = {aa, bb, cc, dd, . . . }

A = {a, b, c, d, . . . }

infinite alphabet

Automata over infinite alphabets (nominal automata)

infinite automaton

q0 qa qb q3 q4 . . .

a a b b ̸= a A ̸= b A

8

q0 qx q3 q4

8x2A x x A 6= x A

but with a finite representation

L = {aa, bb, cc, dd, . . . }

A = {a, b, c, d, . . . }

infinite alphabet

Automata over infinite alphabets (nominal automata)

infinite automaton

q0 qa qb q3 q4 . . .

a a b b ̸= a A ̸= b A

8

How to learn them?

9

How to learn them?

Ad-hoc algorithm? NO!

9

How to learn them?

Ad-hoc algorithm? NO!

∀s1, s2 ∈ S row(s1) = row(s2) = ⇒ ∀a ∈ A row(s1a) = row(s2a)

∀t ∈ S · A ∃s ∈ S row(t) = row(s).

Challenges:

• table needs to be infinite
• code operates on infinite sets

9

How to learn them?

Ad-hoc algorithm? NO!

∀s1, s2 ∈ S row(s1) = row(s2) = ⇒ ∀a ∈ A row(s1a) = row(s2a)

∀t ∈ S · A ∃s ∈ S row(t) = row(s).

Challenges:

• table needs to be infinite
• code operates on infinite sets

Everything is “finitely representable”

9

Nominal automata theory (change category from Set to Nom) (finite) sets (orbit-finite) nominal sets functions equivariant functions

Mikolaj Bojanczyk, Bartek Klin, Slawomir Lasota: Automata with Group Actions. LICS 2011

Nominal Programming languages

Bartek Klin, Michal Szynwelski: SMT Solving for Functional Programming over Infinite

• Structures. MSFP 2016

A paradigm shift

10

Nominal automata theory (change category from Set to Nom) (finite) sets (orbit-finite) nominal sets functions equivariant functions

Mikolaj Bojanczyk, Bartek Klin, Slawomir Lasota: Automata with Group Actions. LICS 2011

Nominal Programming languages

Bartek Klin, Michal Szynwelski: SMT Solving for Functional Programming over Infinite

• Structures. MSFP 2016

Nominal L*

A paradigm shift

10

Nominal automata theory (change category from Set to Nom) (finite) sets (orbit-finite) nominal sets functions equivariant functions

Mikolaj Bojanczyk, Bartek Klin, Slawomir Lasota: Automata with Group Actions. LICS 2011

Nominal Programming languages

Bartek Klin, Michal Szynwelski: SMT Solving for Functional Programming over Infinite

• Structures. MSFP 2016

Nominal L*

First non-trivial application of a new programming paradigm (NLambda)

A paradigm shift

10

Nominal automata theory (change category from Set to Nom) (finite) sets (orbit-finite) nominal sets functions equivariant functions

Mikolaj Bojanczyk, Bartek Klin, Slawomir Lasota: Automata with Group Actions. LICS 2011

Nominal Programming languages

Bartek Klin, Michal Szynwelski: SMT Solving for Functional Programming over Infinite

• Structures. MSFP 2016

Nominal L*

Works with any (suitable) data domain First non-trivial application of a new programming paradigm (NLambda)

A paradigm shift

10

Nominal automata theory (change category from Set to Nom) (finite) sets (orbit-finite) nominal sets functions equivariant functions

Mikolaj Bojanczyk, Bartek Klin, Slawomir Lasota: Automata with Group Actions. LICS 2011

Nominal Programming languages

Bartek Klin, Michal Szynwelski: SMT Solving for Functional Programming over Infinite

• Structures. MSFP 2016

Eryk Kopczynski, Szymon Torunczyk: LOIS: syntax and semantics. POPL 2017

Nominal L*

Works with any (suitable) data domain First non-trivial application of a new programming paradigm (NLambda)

A paradigm shift

10

Correctness and termination

11

Correctness and termination

NLambda guarantees that each line of code terminates

11

Correctness and termination

Algorithm correctness and termination from scratch? NLambda guarantees that each line of code terminates

11

Correctness and termination

Algorithm correctness and termination from scratch? Not really Set-based proofs as guidelines L* enjoys a nice category-theoretic generalization

Bart Jacobs, Alexandra Silva Automata Learning: A Categorical Perspective, Horizons of the Minds 2014

NLambda guarantees that each line of code terminates

11

What we’ve done

• Nominal L*
• More in the paper: variations, Nominal NL*
• NLambda (Haskell) Implementation
• Experimental results

12

What’s next…

• Improve NLambda
• Other active learning algorithms
• Other optimizations
• Applications: large-scale software, crypto

protocols…

13

Try it yourself

https://www.mimuw.edu.pl/~szynwelski/nlambda/ https://github.com/Jaxan/nominal-lstar

• n

• m

• c

• R

*

E v a l u a t e d

* P O P L *

A r t i f a c t

* A E C