reactive synthesis
play

Reactive Synthesis Swen Jacobs <swen.jacobs@iaik.tugraz.at> - PowerPoint PPT Presentation

Sep 16, 2022 •220 likes •1.09k views

Reactive Synthesis Swen Jacobs <swen.jacobs@iaik.tugraz.at> VTSA 2013 Nancy, France 24.09.2013 u www.iaik.tugraz.at 2 End of Synthesis, Part I: Basics Synthesis as a Game General : LTL Synthesis Time-Efficient : GR(1)

  1. Reactive Synthesis Swen Jacobs <swen.jacobs@iaik.tugraz.at> VTSA 2013 Nancy, France 24.09.2013 u www.iaik.tugraz.at

  2. 2 End of Synthesis, Part I: Basics  Synthesis as a Game  General : LTL Synthesis  Time-Efficient : GR(1) Synthesis  Application : AMBA Bus Protocol  Space-Efficient : Bounded/Safraless Approaches VTSA 2013 Swen Jacobs

  3. 3 Synthesis, Part II: Advanced Topics  Lazy Synthesis  Distributed Synthesis  Parameterized Synthesis  Quantitative Specifications  Robustness VTSA 2013 Swen Jacobs

  4. 4 Lazy Synthesis VTSA 2013 Swen Jacobs

  5. Lazy Synthesis [VMCAI12] 5  Based on SMT-based Bounded Synthesis  Idea : instead of full translation to SMT, use lazy encoding in abstraction refinement approach  Integrates model checking approach to test candidate models and obtain counterexamples VTSA 2013 Swen Jacobs

  6. Lazy Synthesis: Overview 6 VTSA 2013 Swen Jacobs

  7. Partial Design 7  Part of system already implemented  Other part to be synthesized  Interface of processes given VTSA 2013 Swen Jacobs

  8. Lazy Synthesis: Overview 8 Outer Loop : Search for implementation of size 𝑜 , increment 𝑜 if  unrealizability is proved Synthesis Loop : For a given bound 𝑜 : 1. SOLVE: check satisfiability of constraints, obtain candidate implementation 2. CHECK: model check candidate and white-box with monitor automata 3. REFINE: if errors are reachable, construct constraints excluding error paths VTSA 2013 Swen Jacobs

  9. Lazy Synthesis: Solve Phase 9  Transition relation represented as function 𝑢𝑠𝑏𝑜𝑡: 𝔺 𝐽 × ℕ → ℕ , Outputs as functions of type ℕ → 𝔺   Initial constraints : size constraint, initial state  More constraints are added in subsequent calls  Check satisfiability of constraints and obtain model VTSA 2013 Swen Jacobs

  10. Lazy Synthesis: Check Phase 10 Translate assumptions & guarantees to safety automata Assumption: 𝐇𝐆 𝑆𝐹𝐵𝐸𝑍 Guarantee: 𝐇 𝐶𝑉𝑇𝑆𝐹𝑅𝑗 → 𝐆 𝑁𝐵𝑇𝑈𝐹𝑆 = 𝑗 Restriction to safety depends on size bound VTSA 2013 Swen Jacobs

  11. Lazy Synthesis: Check Phase 11  Model-check candidate + white-box + automata  If errors found, call Refine phase, otherwise candidate model satisfies full spec VTSA 2013 Swen Jacobs

  12. Lazy Synthesis: Refine Phase 12  If model checker finds errors, encode them into SMT constraints, forbid them  In BDD-based implementation, we can obtain tree of all error ∈? 𝐅𝟑 ∈ 𝐅𝟑 ∈ 𝐅𝟑 ∈ 𝐅𝟑 ∉ 𝐅𝟑 paths of minimum length  this tree can be translated into a constraint that forbids ∈? 𝐅𝟐 all minimal errors ∈? 𝐅𝟏 VTSA 2013 Swen Jacobs

  13. Lazy Synthesis: Refine Phase 13  Error tree translated to constraint that forbids all error paths , restricted to interface of black-box  For every path, the constraint expresses that at least one output needs to be different VTSA 2013 Swen Jacobs

  14. Lazy Synthesis: Overview 14 Outer Loop : Search for implementation of size 𝑜 , increment 𝑜 if  unrealizability is proved Synthesis Loop : For a given bound 𝑜 : 1. SOLVE: check satisfiability of constraints, obtain candidate implementation 2. CHECK: model check candidate and white-box with monitor automata 3. REFINE: if errors are reachable, construct constraints excluding error paths VTSA 2013 Swen Jacobs

  15. Lazy Synthesis: AMBA Case Study 15 Reconsider AMBA case study, with partial implementation for deterministic parts: “ The arbiter indicates which bus master is currently the highest priority [...] by asserting the appropriate GRANTi signal. When the current transfer completes, as indicated by READY HIGH, then [...] the arbiter will change the MASTER[3:0] signals to indicate the bus master number.” [AMBA Specification (Rev 2.0), ARM Ltd.] VTSA 2013 Swen Jacobs

  16. Lazy Synthesis: AMBA Case Study 16 Other statements translated to LTL : “The arbitration mechanism is used to ensure that only one master has access to the bus at any one time.” ∀𝑗 ≠ 𝑘: 𝐇 𝑆𝐹𝐵𝐸𝑍 → ¬ 𝐻𝑆𝐵𝑂𝑈𝑗 ∧ 𝐻𝑆𝐵𝑂𝑈𝑘 Some statements modeled with auxiliary variables : “Normally the arbiter will only grant a different bus master when a burst is completing .” ∀𝑗: 𝐇 ¬𝐸𝐹𝐷𝐽𝐸𝐹 → 𝐻𝑆𝐵𝑂𝑈𝑗 ↔ 𝐘 𝐻𝑆𝐵𝑂𝑈𝑗 ( 𝐸𝐹𝐷𝐽𝐸𝐹 defined s.t. it is high when a burst completes) VTSA 2013 Swen Jacobs

  17. Lazy Synthesis: AMBA Case Study 17  AMBA with partial implementation for deterministic parts  crucial part synthesized: arbiter VTSA 2013 Swen Jacobs

  18. AMBA: Bounded size of implementations 18 Synthesis time still grows (double) exponentially! 1400 1200 KS 1000 Circuit size cofactors 800 new spec 600 manual 400 bounded/lazy 200 0 1 2 3 4 5 6 7 8 9 10 #masters More recent results go up to 16 masters VTSA 2013 Swen Jacobs

  19. AMBA: Bounded size of implementations 19 Synthesis time still grows (double) exponentially! bounded/lazy VTSA 2013 Swen Jacobs

  20. Lazy Synthesis: Challenges 20  SMT solving incremental, but Model Checking restarted every time  deep integration of incremental model checking?  interface and safety abstraction currently given by hand  automatically minimize interface?  automatic safety abstraction, or use liveness model checker?  Parallelize?  Extend to distributed case? VTSA 2013 Swen Jacobs

  21. 21 Distributed Synthesis VTSA 2013 Swen Jacobs

  22. Why Distributed Synthesis? 22  Many interesting systems are distributed:  multi-threaded programs  multi-core processors  communication protocols  distributed control  …  Both a prerequisite and a motivation for parameterized synthesis VTSA 2013 Swen Jacobs

  23. Distributed Synthesis 23  Several processes, each decides about subset of outputs  Easy case : all processes have full information; this reduces to standard synthesis problem  How so?  Every process has all inputs, but only subset of outputs  In worst case, synthesize full system for all processes and throw away unnecessary outputs VTSA 2013 Swen Jacobs

  24. Partial Information 24  Hard case : every process only has limited information about environment (and other processes)  Very hard , but decidable, for some architectures like pipelines VTSA 2013 Swen Jacobs

  25. Partial Information 25  Undecidable if there is an information fork [PnueliRosner90,FinkbeinerSchewe05] VTSA 2013 Swen Jacobs

  26. Partial Information: Bounded Synthesis 26 Semi-decision procedure possible, e.g. based on bounded synthesis. Model distributed systems by projection functions from a global state 𝑢 to local state 𝑒 𝑗 𝑢 of component 𝑗 Partial information then expressed by constraints of the form 𝑒 𝑗 𝑢 = 𝑒 𝑗 𝑢 ′ ∧ 𝐽 ∩ 𝐽 𝑗 = 𝐽 ′ ∩ 𝐽 𝑗 → 𝑒 𝑗 𝜐 𝑢, 𝐽 = 𝑒 𝑗 𝜐 𝑢 ′ , 𝐽 ′ (for every process 𝑗 ) VTSA 2013 Swen Jacobs

  27. 27 Parameterized Synthesis VTSA 2013 Swen Jacobs

  28. Parameterized Synthesis 28 [TACAS12,VMCAI13]  Many specifications are parametric in nature  AMBA, communication protocols, etc. Can we synthesize building blocks for arbitrary size systems? VTSA 2013 Swen Jacobs

  29. Parameterized Synthesis 29 Building blocks:  Distributed synthesis  of uniform processes  Decidability results for parameterized verification  particularly, cutoffs VTSA 2013 Swen Jacobs

  30. Parameterized Verification 30 Parameterized verification is decidable for certain systems Asynchronous System : No global clock, a subset of processes are allowed to make a move in every global step (decided by external scheduler). Token Ring : Processes only communicate by passing single (value-less) token in ring architecture. Always exactly one process is scheduled, except for token passing steps. VTSA 2013 Swen Jacobs

  31. Parameterized Verification 31 Parameterized verification is decidable for certain systems Theorem [EmersonNamjoshi95]: In token rings with fair token passing, a given process implementation satisfies parameterized specification 𝜒 in LTL\X iff it satisfies 𝝌 in a ring of small size : 2 processes for 𝜒 = ∀𝑗: 𝑔 𝑗 Corollary : For parameterized synthesis 3 processes for 𝜒 = ∀𝑗: 𝑔(𝑗, 𝑗 + 1) in token rings, it is sufficient to synthesize a process implementation satisfying 𝜒 in 4 processes for 𝜒 = ∀𝑗, 𝑘: 𝑔 𝑗, 𝑘 a ring of size 2 – 5. 5 processes for 𝜒 = ∀𝑗, 𝑘: 𝑔 𝑗, 𝑗 + 1, 𝑘 VTSA 2013 Swen Jacobs

  32. (Un)Decidability 32 Does decidability of parameterized verification make synthesis decidable ? No , since even for two uniform processes in a token ring, distributed synthesis is undecidable . A reduction result from Clarke et al. [CTTV04] shows that parameterized synthesis for formulas ∀𝑗: 𝜒 𝑗 reduces to synthesis of one process, which is decidable. VTSA 2013 Swen Jacobs

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Guided Reactive Synthesis with Soft Requirements Reactive Synthesis from QDDC Specify the

Guided Reactive Synthesis with Soft Requirements Reactive Synthesis from QDDC Specify the

Guided Reactive Synthesis with Soft Requirements Reactive Synthesis from QDDC Specify the input-output behaviour in a high-level language e.g. a temporal logic (QDDC) Problem Statement : Given an interface definition and temporal spec

434 views • 18 slides
Verification and Synthesis of Reactive Programs Overview of System Synthesis. Amir Pnueli

Verification and Synthesis of Reactive Programs Overview of System Synthesis. Amir Pnueli

Lecture 1: Overview of System Synthesis A. Pnueli Lectures Outline Verification and Synthesis of Reactive Programs Overview of System Synthesis. Amir Pnueli Fair Discrete Systems and their Computations. Model Checking Invariance and

309 views • 19 slides
Symbolic Encodings of Bounded Synthesis Saarland University Peter Faymonville 1 , Bernd Finkbeiner

Symbolic Encodings of Bounded Synthesis Saarland University Peter Faymonville 1 , Bernd Finkbeiner

Symbolic Encodings of Bounded Synthesis Saarland University Peter Faymonville 1 , Bernd Finkbeiner 1 , Markus N. Rabe 2 , Leander Tentrup 1 1 Reactive Systems Group 2 UC Berkeley Reactive synthesis Synthesis realizable unrealizable bound

468 views • 33 slides
as * . . FFIMS Singapore ifip meeting September 2016 REACTIVE SYNTHESIS Classical

as * . . FFIMS Singapore ifip meeting September 2016 REACTIVE SYNTHESIS Classical

ASSUME ADMISSIBLE SYNTHESIS . Francois Raskin Jean Libre de Bruxelles Universit ' as * . . FFIMS Singapore ifip meeting September 2016 REACTIVE SYNTHESIS Classical setting Sys t Enr ? is the winning objective for Sgs

576 views • 29 slides
Reactive Synthesis Competition SYNTCOMP 2015 Swen Jacobs Saarland University Roderick Bloem TU

Reactive Synthesis Competition SYNTCOMP 2015 Swen Jacobs Saarland University Roderick Bloem TU

Reactive Synthesis Competition SYNTCOMP 2015 Swen Jacobs Saarland University Roderick Bloem TU Graz 18 July 2015 SYNT Workshop SYNTCOMP: Goals - Establish benchmark format - Collect benchmark library - Make synthesis tools comparable -

381 views • 34 slides
LOW TEMPERATURE SYNTHESIS OF Al-B-C MULTI-PHASE COMPOSITES VIA REACTIVE SINTERING OF B 4 C AND Al

LOW TEMPERATURE SYNTHESIS OF Al-B-C MULTI-PHASE COMPOSITES VIA REACTIVE SINTERING OF B 4 C AND Al

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS LOW TEMPERATURE SYNTHESIS OF Al-B-C MULTI-PHASE COMPOSITES VIA REACTIVE SINTERING OF B 4 C AND Al M.C. Kim, Y.M. Eun, J. H. Han., K.H. Han* School of Materials Science and Engineering,

228 views • 6 slides
Symbolic synthesis of state based reactive programs Diploma Thesis Nico Wallmeier 18.03.03

Symbolic synthesis of state based reactive programs Diploma Thesis Nico Wallmeier 18.03.03

Symbolic synthesis of state based reactive programs Diploma Thesis Nico Wallmeier 18.03.03 Structure 1. Background 2. Infinite games over a finite game graph 3. Transformation to the symbolic state space 4. Applications 18.03.03 Nico

962 views • 36 slides
Symbolic Bounded Synthesis R udiger Ehlers Saarland University, Reactive Systems Group CAV

Symbolic Bounded Synthesis R udiger Ehlers Saarland University, Reactive Systems Group CAV

Symbolic Bounded Synthesis R udiger Ehlers Saarland University, Reactive Systems Group CAV 2010 July 18, 2010 R udiger Ehlers (SB) Symbolic Bounded Synthesis CAV 2010 July 18, 2010 1 / 20 Synthesis of reactive systems -

848 views • 35 slides
Strategy Synthesis for Linear Arithmetic Games Azadeh Farzan 1 Zachary Kincaid 2 1 University of

Strategy Synthesis for Linear Arithmetic Games Azadeh Farzan 1 Zachary Kincaid 2 1 University of

January 12, 2018 Strategy Synthesis for Linear Arithmetic Games Azadeh Farzan 1 Zachary Kincaid 2 1 University of Toronto 2 Princeton University Functional synthesis Reactive synthesis Many problems in formal methods can be formulated as

842 views • 65 slides
Reactive Synthesis Problems Ayrat Khalimov SYNT 2015 Simple arbiter g r Every request

Reactive Synthesis Problems Ayrat Khalimov SYNT 2015 Simple arbiter g r Every request

Specification Format for Reactive Synthesis Problems Ayrat Khalimov SYNT 2015 Simple arbiter g r Every request should be granted: ( ) No spurious grants Lets specify spurious grants in RE:

363 views • 25 slides
Reactive Synthesis Swen Jacobs &lt;swen.jacobs@iaik.tugraz.at&gt; VTSA 2013 Nancy, France

Reactive Synthesis Swen Jacobs &lt;swen.jacobs@iaik.tugraz.at&gt; VTSA 2013 Nancy, France

Reactive Synthesis Swen Jacobs &lt;swen.jacobs@iaik.tugraz.at&gt; VTSA 2013 Nancy, France 24.09.2013 u www.iaik.tugraz.at 2 Property Synthesis (You Will Never Code Again) VTSA 2013 Swen Jacobs Construct Correct Systems Automatically 3

1.08k views • 62 slides
Not Quite There Yet: The Quest for the Right Environment Player Model in Games for Reactive

Not Quite There Yet: The Quest for the Right Environment Player Model in Games for Reactive

Not Quite There Yet: The Quest for the Right Environment Player Model in Games for Reactive Synthesis R udiger Ehlers University of Bremen Dagstuhl Seminar 17111, March 2017 Using joint preliminary work done together with Roderick Bloem,

757 views • 34 slides
Distributed Synthesis for Well Connected Architectures Paul Gastin, Nathalie Sznajder and Marc

Distributed Synthesis for Well Connected Architectures Paul Gastin, Nathalie Sznajder and Marc

Distributed Synthesis for Well Connected Architectures Paul Gastin, Nathalie Sznajder and Marc Zeitoun March 13th 2006 ACI Cortos Persee Versydis Synthesis of a reactive system inputs from E outputs to E Specification Open system S

1.07k views • 87 slides
1 Recent Advances in Reactive Planning: Past Approaches to Planning BDD-based Universal Planning

1 Recent Advances in Reactive Planning: Past Approaches to Planning BDD-based Universal Planning

Massachusetts Institute of Technology Motivation for Reactive Planning Factored Symbolic Approach to Reactive Planning Seung H. Chung Brian C. Williams Reason for Planning Reason for onboard reactive planning Anomalies June 7,

80 views • 7 slides
Reactive design patterns for microservices on multicore Reactive summit - 22/10/18

Reactive design patterns for microservices on multicore Reactive summit - 22/10/18

Reactive Software with elegance Reactive design patterns for microservices on multicore Reactive summit - 22/10/18 charly.bechara@tredzone.com Outline Microservices on multicore Reactive Multicore Patterns Modern Software Roadmap 2 1

1.14k views • 69 slides
QoS and Energy Management Coordination using Discrete Controller Synthesis . . . . . Nol

QoS and Energy Management Coordination using Discrete Controller Synthesis . . . . . Nol

. . QoS and Energy Management Coordination using Discrete Controller Synthesis . . . . . Nol De Palma Gwenal Delaval Eric Rutten Grenoble University, INRIA Grenoble nov. 29, 2010 GCM 2010, Bangalore Motivation Reactive systems

738 views • 39 slides
GDPR and Microchipping Compliant or Complacent? Your Presenters Karis Brummitt CMO Microchip

GDPR and Microchipping Compliant or Complacent? Your Presenters Karis Brummitt CMO Microchip

GDPR and Microchipping Compliant or Complacent? Your Presenters Karis Brummitt CMO Microchip Central Nick Brummitt Founder / Director Microchip Central Richard Fry Founder / Director MicroID Dis isclaimer This is NOT legal advice No

496 views • 35 slides
The New Standard Model (NSM) [pg. 23] Neutrino oscillaFons require that neutrinos must come

The New Standard Model (NSM) [pg. 23] Neutrino oscillaFons require that neutrinos must come

The New Standard Model (NSM) [pg. 23] Neutrino oscillaFons require that neutrinos must come with different masses, implying that at least two of them must have masses that are not zero. This discovery consFtutes the first change in several

198 views • 3 slides
What the GDPR means for HR 1 hour Gary Shipsey | Managing Director May 2017 Choose one of

What the GDPR means for HR 1 hour Gary Shipsey | Managing Director May 2017 Choose one of

Tick this data protection box? What the GDPR means for HR 1 hour Gary Shipsey | Managing Director May 2017 Choose one of the following audio options Your computer audio Your telephone When the webinar begins, you will be connected to

779 views • 38 slides
Impacts of Migration on Community Resilience and Service Delivery in Hounslow MHCLG, Controlling

Impacts of Migration on Community Resilience and Service Delivery in Hounslow MHCLG, Controlling

Impacts of Migration on Community Resilience and Service Delivery in Hounslow MHCLG, Controlling Migration Fund project Trends emerging 1) Hounslows East-West divide, seems to be widening, with higher scoring areas clustered in the East

108 views • 10 slides
Australian Telehealth Conference 2018 Dr Avnesh Ratnanesan CEO, Energesse @energesse

Australian Telehealth Conference 2018 Dr Avnesh Ratnanesan CEO, Energesse @energesse

TRANSFORMING THE PATIENT EXPERIENCE IN THE WORLD OF DIGITAL HEALTH Australian Telehealth Conference 2018 Dr Avnesh Ratnanesan CEO, Energesse @energesse PATIENT EXPERIENCE. CONSUMER ENGAGEMENT. OUTCOMES Western Sydney Local Health District

717 views • 36 slides
Updates on protoDUNE detector calibration based on cathode piercing cosmic muons Ajib Paudel 1 ,

Updates on protoDUNE detector calibration based on cathode piercing cosmic muons Ajib Paudel 1 ,

Updates on protoDUNE detector calibration based on cathode piercing cosmic muons Ajib Paudel 1 , Tingjun Yang 2 , Glenn Horton-Smith 1 1 Kansas State University 2 Fermi National Accelerator Laboratory 6/27/2018 1 Br Brie ief revi view: :

397 views • 18 slides
!&quot;#$%&quot;$&amp;'(')*$+&quot;,-$./0*$$ 19,1J9$&quot;7$&amp;'&amp;B9=&quot;&amp;$ !

!&quot;#$%&quot;$&amp;'(')*$+&quot;,-$./0*$$ 19,1J9$&quot;7$&amp;'&amp;B9=&quot;&amp;$ !

!&quot;#$%&amp;'($)*$+,-./0,1$)&amp;2$3456$ )&amp;7&amp;89$:,;-$&lt;&quot;=9$&amp;/$&amp;$&gt;9/9&amp;-'09-$ C0,$&amp;=$GH$ ! )2$-9/9&amp;-'0$ $ I&amp;'.8-,;7B$ C,-./0,1$ ! )&amp;7&amp;8&quot;78$F=9$&amp;7B$

654 views • 5 slides
Pr Prog ogram am Mana Managing Expenditur ging Expenditures and es and Avoiding oiding

Pr Prog ogram am Mana Managing Expenditur ging Expenditures and es and Avoiding oiding

HUD Housing Counseling HUD Housing Counseling Pr Prog ogram am Mana Managing Expenditur ging Expenditures and es and Avoiding oiding Reca ecaptur pture of e of Housing Housing Counseling Counseling Funds W Funds Webinar binar

645 views • 38 slides

More recommend