learning to prove safety over parameterised concurrent
play

Learning to Prove Safety over Parameterised Concurrent Systems - PowerPoint PPT Presentation

Oct 20, 2023 •141 likes •402 views

Learning to Prove Safety over Parameterised Concurrent Systems Yu-Fang Chen 1 Chih-Duo Hong 2 Anthony W. Lin 2 Philipp Pmmer 3 1 Academia Sinica, Taiwan 2 University of Oxford, UK 3 Uppsala University, Sweden September 14, 2017 Overview

  1. Learning to Prove Safety over Parameterised Concurrent Systems Yu-Fang Chen 1 Chih-Duo Hong 2 Anthony W. Lin 2 Philipp Pümmer 3 1 Academia Sinica, Taiwan 2 University of Oxford, UK 3 Uppsala University, Sweden September 14, 2017

  2. Overview Parameterised concurrent systems Infinite families F of finite-state concurrent systems parameterised by the number of processes. F = { systems with n processes : n ∈ N }

  3. Overview Parameterised concurrent systems Infinite families F of finite-state concurrent systems parameterised by the number of processes. F = { systems with n processes : n ∈ N } Checking safety for parameterised systems is undecidable in general.

  4. Overview Parameterised concurrent systems Infinite families F of finite-state concurrent systems parameterised by the number of processes. F = { systems with n processes : n ∈ N } Checking safety for parameterised systems is undecidable in general. In this talk, we will introduce a simple but effective heuristic to verify safety of parameterised systems based on automata learning.

  5. Symbolic Framework Modelling parameterised systems Configurations : represented as finite words Sets of configurations : represented as finite automata Transition relation : represented as a transducer

  6. Token Ring Example Configurations: 1000, 0100, 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  7. Token Ring Example Configurations: 1000 , 0100, 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  8. Token Ring Example Configurations: 1000 , 0100, 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  9. Token Ring Example Configurations: 1000 , 0100, 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  10. Token Ring Example Configurations: 1000, 0100 , 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  11. Token Ring Example Configurations: 1000, 0100 , 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  12. Token Ring Example Configurations: 1000, 0100 , 0010, 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  13. Token Ring Example Configurations: 1000, 0100, 0010 , 0001 � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � � 0 � � 0 � � 0 � � 0 � � 1 � Transitions: , , , . 0 1 0 0 0 0 1 0 0 0 0 1 1 0 0 0

  14. Token Ring Example 0 ∗ 1 0 ∗ Initial Configurations: (0 + 1) ∗ 1 0 ∗ 1 (0 + 1) ∗ Bad Configurations: ∗ � 1 ∗ ∗ � 1 � 0 � � � 0 � � 0 � � 0 � � 0 � � Transitions: + 0 0 1 0 1 0 0

  15. Regular Model Checking Safety verification Given I , T , and B , does T ∗ ( I ) ∩ B = ∅ hold?

  16. Regular Model Checking Safety verification Given I , T , and B , does T ∗ ( I ) ∩ B = ∅ hold? Proof rules A regular set A is called a (regular) proof for safety iff I ⊆ A A ∩ B = ∅ T ( A ) ⊆ A

  17. Regular Model Checking Safety verification Given I , T , and B , does T ∗ ( I ) ∩ B = ∅ hold? Proof rules A regular set A is called a (regular) proof for safety iff I ⊆ A A ∩ B = ∅ T ( A ) ⊆ A We exploit these proof rules and the L* learning algorithm to synthesise a regular proof.

  18. Learning Automata via Queries L* learning algorithm Proposed by Dana Angluin in 1987 to infer regular sets via querying. To infer a regular set R , L* makes two types of queries to an oracle: Membership query for a word w : Is w in R ? Equivalence query for a DFA A : Is L ( A ) = R ? If the answer is NO, L* will ask for a word w ∈ L ( A ) ⊖ R . Guaranteed to learn a minimal DFA A for R with a polynomial number of queries (in the size of A and the returned words).

  19. Learning Automata via Queries

  20. Learning Automata via Queries

  21. Learning Automata via Queries

  22. Learning Automata via Queries We propose an oracle for L* to learn a regular proof for safety.

  23. An overview of Oracle ❖r❛❝❧❡ Mem ( w ) w ∈ T ∗ ( I )? ✏❙❛❢❡t② ❤♦❧❞s✑ yes ♦r no ▲✯ ✇✐t❤ ❛ ♣r♦♦❢ A ❀ ▲❡❛r♥✐♥❣ ♦r Equiv ( A ) ✏❙❛❢❡t② ✐s ✈✐♦❧❛t❡❞✑ ❆❧❣♦r✐t❤♠ I ⊆ A ? ✇✐t❤ ❛ ✇♦r❞ ✐♥ T ∗ ( I ) ∩ B A ∩ B = ∅ ? T ( A ) ⊆ A ? false , w

  24. Comparisons with Other Methods Methodology Complete Subclass Transition Relation Learning-based synthesis 1 T ∗ ( I ) is regular l.-p. / rational ⋆ SAT-based refinement 2 regular proof exists rational Widening / Accelerating 3 unknown length-preserving Predicate abs. refinement 4 unknown rational 1. Chen et al.’17, Vardhan’04, Habermehl and Vojnar’05 2. Neider and Jansen’13, Lin and Rümmer’16 3. Nilsson’00, Legay’08 4. Bouajjani et al.’06 ⋆ Without termination guarantee [Vardhan, Habermehl and Vojnar]

  25. Comparisons with Other Methods RMC problems Learning-based SAT refinement Widening PAR Name Time S inv T inv Time S inv T inv Time S inv T inv Time Bakery 0.0s 6 18 0.5s 2 5 0.0s 6 11 0.0s Burns 0.2s 8 96 1.1s 2 10 0.1s 7 38 0.0s Szymanski 0.3s 43 473 1.6s 2 21 2.0s 51 102 0.1s German 4.8s 14 8134 TO - - TO - - 10s Dijkstra 0.1s 9 378 1.7s 2 24 6.1s 8 83 0.3s Dijkstra, ring 1.4s 22 264 0.9s 2 14 TO - - 0.1s Dining Crypto. 0.1s 32 448 TO - - TO - - 7.2s Coffee Can 0.0s 3 18 0.2s 2 7 0.1s 6 13 0.0s Herman, linear 0.0s 2 4 0.2s 2 4 0.0s 2 4 0.0s Herman, ring 0.0s 2 4 0.4s 2 4 0.0s 2 4 0.0s Israeli-Jalfon 0.0s 4 8 0.1s 2 4 0.0s 4 8 0.0s Lehmann-Rabin 0.1s 8 48 0.5s 2 11 0.8s 19 105 0.0s LR Dining Philo. 0.0s 4 16 0.2s 2 6 0.1s 7 18 0.0s Mux Array 0.0s 5 30 0.4s 2 7 0.2s 4 14 0.0s Res. Allocator 0.0s 5 15 0.0s 1 3 0.0s 4 9 0.0s Kanban TO - - TO - - TO - - 3.5s Water Jugs 0.1s 24 264 TO - - TO - - 0.0s Timeout: 60 seconds

  26. Summary Regular model checking as symbolic framework Automata learning to synthesise “regular” proofs Simple but effective (50-line Java code based on existing learning and automata libraries) Full paper can be found at FMCAD’17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Why Risk Models Should be Why Risk Models Should be Parameterised Parameterised William Marsh,

Why Risk Models Should be Why Risk Models Should be Parameterised Parameterised William Marsh,

Why Risk Models Should be Why Risk Models Should be Parameterised Parameterised William Marsh, william@dcs.qmul.ac.uk Risk Assessment and Decision Analysis Research Group Acknowledgements Acknowledgements Joint work with George

491 views • 47 slides
Liveness of Randomised Parameterised Systems under Arbitrary Schedulers Anthony W. Lin and

Liveness of Randomised Parameterised Systems under Arbitrary Schedulers Anthony W. Lin and

Liveness of Randomised Parameterised Systems under Arbitrary Schedulers Anthony W. Lin and Philipp Ruemmer Summary of results Automatic method for proving liveness for randomised parameterised systems, e.g., Randomised Self-Stabilising

484 views • 45 slides
Residual Monitoring of Safety Properties Prove what you can and monitor the leftovers Matthew

Residual Monitoring of Safety Properties Prove what you can and monitor the leftovers Matthew

Residual Monitoring of Safety Properties Prove what you can and monitor the leftovers Matthew Dwyer joint work with Rahul Purandare, Sebastian Elbaum, Madeline Diep, and Alex Kinneer Department of Computer Science and Engineering Reality Check

1.84k views • 134 slides
Achieving a positive safety culture through leadership Concurrent Session 3 Suite 8, 295 Rokeby

Achieving a positive safety culture through leadership Concurrent Session 3 Suite 8, 295 Rokeby

Achieving a positive safety culture through leadership Concurrent Session 3 Suite 8, 295 Rokeby Road Subiaco 6008 Tel: 08 9489 3900 Who Are We? Marisa Mills & Meghann Croome Industrial Psychology and Safety Culture Change

483 views • 14 slides
Econom ic incentives to im prove occupational safety and health Dr. Dietmar Elsler

Econom ic incentives to im prove occupational safety and health Dr. Dietmar Elsler

Econom ic incentives to im prove occupational safety and health Dr. Dietmar Elsler Project Manager Working Environment Information Unit Project organisation European Strategy 2007-2012 Reduce accidents by 25 % European Agency Project

442 views • 8 slides
CONCURRENT COLLECTIONS 2 5/24/11 Concurrent Collec9ons

CONCURRENT COLLECTIONS 2 5/24/11 Concurrent Collec9ons

1 5/24/11 Concurrent Collec9ons CONCURRENT COLLECTIONS 2 5/24/11 Concurrent Collec9ons Acknowledgements Slides and material from Kathleen Knobe (Intel)

865 views • 20 slides
Safety & Liveness Properties DM519 Concurrent Programming 1 Chapter 6 Repetition:

Safety & Liveness Properties DM519 Concurrent Programming 1 Chapter 6 Repetition:

Chapter 7 Safety & Liveness Properties DM519 Concurrent Programming 1 Chapter 6 Repetition: Deadlock DM519 Concurrent Programming 2 Concepts, Models, And Practice u Concepts l deadlock (no further progress) l 4x necessary

1.02k views • 76 slides
Designing Concurrent Algorithms 15-110 Friday 3/27 Learning Goals Recognize certain

Designing Concurrent Algorithms 15-110 Friday 3/27 Learning Goals Recognize certain

Designing Concurrent Algorithms 15-110 Friday 3/27 Learning Goals Recognize certain problems that arise while multiprocessing, such as difficulty of design, deadlock, and message passing Create pipelines to increase the efficiency of

552 views • 31 slides
Concurrent Enrollment A Guide for Parents and Students What is Concurrent Enrollment? Concurrent

Concurrent Enrollment A Guide for Parents and Students What is Concurrent Enrollment? Concurrent

Concurrent Enrollment A Guide for Parents and Students What is Concurrent Enrollment? Concurrent enrollment allows high school students to enroll in college courses and receive college credit. The College and Career Access Pathways (CCAP) program

555 views • 21 slides
What Works? (What Does Not)? in the control of violent crime and how do you prove it? A

What Works? (What Does Not)? in the control of violent crime and how do you prove it? A

What Works? (What Does Not)? in the control of violent crime and how do you prove it? A presentation to the Illinois Crime Summit Meeting, Springfield, Ill. June 25, 2007 Technology Investments in Public Safety in Illinois and IT Performance

686 views • 27 slides
Parameterised Electromagnetic Scattering Solutions for a Range of Incident Wave Directions P.D.

Parameterised Electromagnetic Scattering Solutions for a Range of Incident Wave Directions P.D.

ETH Zrich Parameterised Electromagnetic Scattering Solutions for a Range of Incident Wave Directions P.D. Ledger, J. Peraire , K. Morgan MASCI Net Workshop Z urich May 2003 Aeronautics and Astronautics M.I.T. Civil and

574 views • 23 slides
A Concurrent Deep Learning Model to Remove Reflections Boxin Shi and Renjie Wan

A Concurrent Deep Learning Model to Remove Reflections Boxin Shi and Renjie Wan

A Concurrent Deep Learning Model to Remove Reflections Boxin Shi and Renjie Wan shiboxin@pku.edu.cn, wanpeoplejie@gmail.com Collaborators: Ling-Yu Duan, Ah-Hwee Tan, and Alex C. Kot Outline 2 Problem background Two-stage framework based

654 views • 44 slides
Early Childhood Conference2019 Beyond the Classroom: T aking Learning Outdoors Concurrent

Early Childhood Conference2019 Beyond the Classroom: T aking Learning Outdoors Concurrent

Early Childhood Conference2019 Beyond the Classroom: T aking Learning Outdoors Concurrent Workshop: Traditional and Celebratory Dance - Impact of AISSProgramme - Sustainability in application of arts inthe curriculum Presenter Name:

517 views • 12 slides
CS70: Lecture 2. Outline. Today: Proofs!!! 1. By Example (or Counterexample). 2. Direct. (Prove P

CS70: Lecture 2. Outline. Today: Proofs!!! 1. By Example (or Counterexample). 2. Direct. (Prove P

CS70: Lecture 2. Outline. Today: Proofs!!! 1. By Example (or Counterexample). 2. Direct. (Prove P = Q . ) 3. by Contraposition (Prove P = Q ) 4. by Contradiction (Prove P .) 5. by Cases Quick Background and Notation. Integers closed

693 views • 16 slides
ON THE PARAMETERISED COMPLEXITY OF CUTTING A FEW VERTICES FROM A GRAPH Fedor V. Fomin 1 Petr A.

ON THE PARAMETERISED COMPLEXITY OF CUTTING A FEW VERTICES FROM A GRAPH Fedor V. Fomin 1 Petr A.

ON THE PARAMETERISED COMPLEXITY OF CUTTING A FEW VERTICES FROM A GRAPH Fedor V. Fomin 1 Petr A. Golovach 1 Janne H. Korhonen *,2 1 University of Bergen, Norway 2 University of Helsinki, Finland INTRODUCTION MIN CUTS AND SIZE CONSTRAINTS

1.04k views • 73 slides
Learning theorem proving through self-play Stanisaw Purga The goal Learn to prove theorems

Learning theorem proving through self-play Stanisaw Purga The goal Learn to prove theorems

Learning theorem proving through self-play Stanisaw Purga The goal Learn to prove theorems without: any proofs any theorems What we get: a list of axioms defining the logic 1 Overview AlphaZero (briefly) Proving game

660 views • 43 slides
Redesign the Grid Decentralized blockchain ecosystem for energy storage and utilization. Makes

Redesign the Grid Decentralized blockchain ecosystem for energy storage and utilization. Makes

Redesign the Grid Decentralized blockchain ecosystem for energy storage and utilization. Makes power purchasing simpler, stabilizes the Grid. Now anyone can trade the electricity through the blockchain, being a virtual power plant. BUFFERING

528 views • 20 slides
UNDERSTANDING WS-FEDERATION Agenda WS-Trust and WS-Federation Fundamentals Enterprise

UNDERSTANDING WS-FEDERATION Agenda WS-Trust and WS-Federation Fundamentals Enterprise

Specification features in selected application scenarios UNDERSTANDING WS-FEDERATION Agenda WS-Trust and WS-Federation Fundamentals Enterprise Scenario Request for Proposal Healthcare Scenario Patient Record Access 2 6/6/2007

833 views • 27 slides
Maach et online A one-stop shop for all your business- related administrative formalities +simple

Maach et online A one-stop shop for all your business- related administrative formalities +simple

Maach et online A one-stop shop for all your business- related administrative formalities +simple +quick +user-friendly +safe Why choose MyGuichet.lu ? Accessible through Guichet.lu, MyGuichet.lu ofgers a single space for a wide range of

486 views • 16 slides
Crafting Reality Advanced Techniques in Tabletop Game Prototyping Knowledge to be Dispensed

Crafting Reality Advanced Techniques in Tabletop Game Prototyping Knowledge to be Dispensed

Crafting Reality Advanced Techniques in Tabletop Game Prototyping Knowledge to be Dispensed Into Your Brains When you should make a physical prototype. What your prototype should look like vs. who it is geared towards. A shopping

342 views • 16 slides
Register-Bounded Synthesis Ayrat Khalimov Orna Kupferman Universite libre de

Register-Bounded Synthesis Ayrat Khalimov Orna Kupferman Universite libre de

Register-Bounded Synthesis Ayrat Khalimov Orna Kupferman Universite libre de Bruxelles Hebrew University Belgium Israel Why study bounded synthesis from universal automata? why

422 views • 29 slides
AnotherWayToChain: NSDS DanKaminsky ChiefScien9st

AnotherWayToChain: NSDS DanKaminsky ChiefScien9st

AnotherWayToChain: NSDS DanKaminsky ChiefScien9st RecursionVentures TheGoodNews TheDNSRootisbeingsigned! DNShasscaledmagnificentlyfor25yearsbythere

179 views • 16 slides
rts t tsr r

rts t tsr r

rts t tsr r tr trt t PP str r r

416 views • 29 slides
Inside Virtual Synchrony Prepared by: Steven Dake 7/12/05 Definitions Group Messaging

Inside Virtual Synchrony Prepared by: Steven Dake 7/12/05 Definitions Group Messaging

Inside Virtual Synchrony Prepared by: Steven Dake 7/12/05 Definitions Group Messaging Sending messages from 1 sender to many receivers. Processor The entity responsible for executing group messaging and membership

299 views • 17 slides

More recommend