towards automatic inference of inductive invariants
play

Towards Automatic Inference of Inductive Invariants Haojun Ma , Aman - PowerPoint PPT Presentation

Mar 22, 2023 •199 likes •390 views

Towards Automatic Inference of Inductive Invariants Haojun Ma , Aman Goel, Jean-Baptiste Jeannin Manos Kapritsos, Baris Kasikci, Karem A. Sakallah University of Michigan Distributed systems are subtle 1 The alternative: formal verification

  1. Towards Automatic Inference of Inductive Invariants Haojun Ma , Aman Goel, Jean-Baptiste Jeannin Manos Kapritsos, Baris Kasikci, Karem A. Sakallah University of Michigan

  2. Distributed systems are subtle 1

  3. The alternative: formal verification Formal specification or property Proving the system maintains the property Successful on distributed systems Drawback: Manual effort 2

  4. Existing verification approaches Verdi(Coq) IronFleet(Dafny) Ivy I4 Manual Effort Person-years Person-months Person-hours Automated All existing approaches require the human to find an inductive invariant We want to automatically find inductive invariants 3

  5. Formal verification in 2 minutes Goal: prove that the safety property holds at all times An execution: Initial . . . 0 1 2 k k+1 state Inductive proof Base case: prove initial state is safe ● Inductive step: if state k is safe, prove state k+1 is safe ● 4

  6. Safety property vs. inductive invariant All states Inductive Reachable invariant states Safe states 5

  7. Lock server protocol Client0 Server0 Safety property: no two clients can be linked to the same server Client1 Server1 Client2 6

  8. Finding an inductive invariant using Ivy Automatically checks if an invariant is inductive (Screenshot from Ivy) Requires the human to find an inductive invariant Existing approaches rely on lock_hold manual effort and human intuition Safety property Strengthening assertion 7

  9. Outline I4: a new approach Design of I4 Evaluation Future work 8

  10. I4: a new approach Goal: Find an inductive invariant without relying on human intuition. Insight: Distributed protocols exhibit regularity . • Behavior doesn’t fundamentally change as the size increases • E.g. lock server, Paxos, … Implication: We can use inductive invariants from small instances to infer a generalized inductive invariant that holds for all instances. 9

  11. Leveraging model checking Model checking J Fully automated L Doesn’t scale to distributed systems I4 applies model checking to small, finite instances … … and then generalizes the result to all instances. 10

  12. Outline Design of I4 Evaluation Future work 11

  13. Overview Invariant generation on Invariant Correct a finite instance generalization Protocol.ivy ✓ (Model Checking) (Ivy) Increase Size 12

  14. Invariant generation on a finite instance Debug Counterexample (manually) Invariant Protocol.v Create Small Model Correct generalization Protocol.ivy ✓ (Finite) Instance Checker (Ivy) Protocol.finv Increase Size 13

  15. Invariant Generalization Debug Strengthening Counterexample Weaken (manually) Assertion Violation Protocol.v Create Small Model Correct Protocol.ivy Protocol_inv.ivy Ivy ✓ (Finite) Instance Checker Safety Protocol.finv Generalize Property Violation Increase Size 14

  16. Outline Evaluation Future work 15

  17. Evaluation Lock Server Leader Election Distributed lock 1 server 3 nodes 2 nodes 2 clients 3 IDs 4 epochs ~3s ~8s ~12s ✓ ✓ ✓ 16

  18. Outline Future work 17

  19. Future work More automation Scalability to larger protocols Verification of Implementations 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Inductive Definitions with Inference Rules 1 / 25 Outline Introduction Specifying inductive

Inductive Definitions with Inference Rules 1 / 25 Outline Introduction Specifying inductive

Inductive Definitions with Inference Rules 1 / 25 Outline Introduction Specifying inductive definitions Inference rules in action Judgments, axioms, and rules Reasoning about inductive definitions Direct proofs Admissibility Rule induction

498 views • 25 slides
Small Inductive Safe Invariants Alexander Ivrii, Arie Gurfinkel, Anton Belov Introduction

Small Inductive Safe Invariants Alexander Ivrii, Arie Gurfinkel, Anton Belov Introduction

Small Inductive Safe Invariants Alexander Ivrii, Arie Gurfinkel, Anton Belov Introduction Consider a verification problem (INIT, TR, P) In the case that P holds, a Model Checker may produce a proof in terms of a safe inductive

538 views • 32 slides
Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of

Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of

Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of Recurrence Sets via Constraint Solving Andreas Podelski January 17, 2012 1 Program Verification and Constraints Reasoning about program

422 views • 28 slides
Hindley-Milner Type Checking Automatic Type Inference What can be inferred about type of f or x

Hindley-Milner Type Checking Automatic Type Inference What can be inferred about type of f or x

CSE340 Principles of Programming Languages Hindley-Milner Type Checking Automatic Type Inference What can be inferred about type of f or x from this definition? f(x) = x Automatic Type Inference f(x) = x f is a function that takes a single

1.31k views • 73 slides
Leveraging Program Invariants to Promote Population Diversity in Search-Based Automatic Program

Leveraging Program Invariants to Promote Population Diversity in Search-Based Automatic Program

Leveraging Program Invariants to Promote Population Diversity in Search-Based Automatic Program Repair Zhen Yu Ding , Yiwei Lyu , Christopher S. Timperley , Claire Le Goues University of Pittsburgh, Carnegie Mellon

991 views • 64 slides
The Practical Assessment of Test Sets with Inductive Inference Techniques Neil Walkinshaw

The Practical Assessment of Test Sets with Inductive Inference Techniques Neil Walkinshaw

The Practical Assessment of Test Sets with Inductive Inference Techniques Neil Walkinshaw Department of Computer Science University of Leicester September 4, 2010 B ACKGROUND Test Adequacy Assessing the ability of a test set to identify

295 views • 25 slides
GLMC Connecting ACL2 with Hardware Model Checkers Proving Invariants in Hardware Verification

GLMC Connecting ACL2 with Hardware Model Checkers Proving Invariants in Hardware Verification

GLMC Connecting ACL2 with Hardware Model Checkers Proving Invariants in Hardware Verification Inductive invariants are easy to prove Provable by SAT for finite state machines In ACL2, can use GL. Downsides:

596 views • 12 slides
Prediction and Solomonoff Pter Gcs Boston University Quantum Foundations worshop, August

Prediction and Solomonoff Pter Gcs Boston University Quantum Foundations worshop, August

Prediction and Solomonoff Pter Gcs Boston University Quantum Foundations worshop, August 2014 Inductive inference Much of the discussion on the first day of the workshop dealt with the problem of inductive inference in generalquantum

571 views • 8 slides
Towards Automatic Inference of Task Hierarchies in Complex Systems Haohui Mai Chongnan Gao

Towards Automatic Inference of Task Hierarchies in Complex Systems Haohui Mai Chongnan Gao

Overview Design & Implementation Case Study Conclusion Acknowledgment References Towards Automatic Inference of Task Hierarchies in Complex Systems Haohui Mai Chongnan Gao Xuezheng Liu Xi Wang Geoffrey M. Voelker

566 views • 22 slides
Automatic Inference of Structural Changes for Matching Across Program Versions Miryung Kim,

Automatic Inference of Structural Changes for Matching Across Program Versions Miryung Kim,

Automatic Inference of Structural Changes for Matching Across Program Versions Miryung Kim, David Notkin, Dan Grossman Computer Science & Engineering University of Washington Foo.mA(float) Foo.mA() Foo.mB(float) Foo.mB() Foo.mC()

730 views • 52 slides
Automatic Posterior Transformation for Likelihood-free Inference David S Greenberg Marcel

Automatic Posterior Transformation for Likelihood-free Inference David S Greenberg Marcel

Automatic Posterior Transformation for Likelihood-free Inference David S Greenberg Marcel Nonnenmacher Jakob H Macke Technical University of Munich Computational Neuroengineering Department of Electrical and Computer Engineering For many

270 views • 8 slides
Safety Proofs using Appearance and Behaviours Sumanth Prabhu S, Kumar Madhukar, R Venkatesh

Safety Proofs using Appearance and Behaviours Sumanth Prabhu S, Kumar Madhukar, R Venkatesh

Safety Proofs using Appearance and Behaviours Sumanth Prabhu S, Kumar Madhukar, R Venkatesh TRDDC, Pune July 20, 2018 Safe Inductive Invariants: x y x y x int x = y = 0 while (*) { x = x + 1 y = y + x } assert(y >= 0) Inductive

605 views • 43 slides
Towards Automatic Inference of Kernel Object Semantics from Binary Code Junyuan Zeng, and Zhiqiang

Towards Automatic Inference of Kernel Object Semantics from Binary Code Junyuan Zeng, and Zhiqiang

Introduction A RGOS Design Experimental Results Discussions & Related Work Summary & References Towards Automatic Inference of Kernel Object Semantics from Binary Code Junyuan Zeng, and Zhiqiang Lin Department of Computer Science

738 views • 53 slides
Automatic physical inference with information maximising neural networks Physical Review D 97 ,

Automatic physical inference with information maximising neural networks Physical Review D 97 ,

Automatic physical inference with information maximising neural networks Physical Review D 97 , 083004 arXiv:1802.03537 github:information_maximiser Tom Charnock Institut dAstrophysique de Paris charnock@iap.fr DOI 10.5281/zenodo.1175196

75 views • 6 slides
Automatic Inference of High-Level Network Intents by Mining Forwarding Patterns Ali Kheradmand

Automatic Inference of High-Level Network Intents by Mining Forwarding Patterns Ali Kheradmand

Automatic Inference of High-Level Network Intents by Mining Forwarding Patterns Ali Kheradmand University of Illinois at Urbana-Champaign 1 SOSR, March 2020 Typical network configuration procedure Mostly manual in todays networks

667 views • 25 slides
Inductive types in Coq Wessel van Staal November 23, 2012 Inductive types Inductive nattree :

Inductive types in Coq Wessel van Staal November 23, 2012 Inductive types Inductive nattree :

Inductive types in Coq Wessel van Staal November 23, 2012 Inductive types Inductive nattree : Set := leaf : nat -> nattree | node : nattree -> nattree -> nattree. Adds constant or function with final type Prop , Set or Type to

325 views • 14 slides
Low temperatures behavior: S(T) > 0 for Ce ions Arrows mark specific heat coefficient.

Low temperatures behavior: S(T) > 0 for Ce ions Arrows mark specific heat coefficient.

Theory of thermoelectricity in intermetallic compounds with Ce, Eu, and Yb ions V. Zlati , Institute of Physics, Zagreb Motivation, introduction, problem setting Microscopic description Thermopower and entropy Conclusions With

989 views • 58 slides
Binding in Crystals (Kittel Ch. 3) Physics 460 F 2006 Lect 6 1 Binding of atoms to form

Binding in Crystals (Kittel Ch. 3) Physics 460 F 2006 Lect 6 1 Binding of atoms to form

Binding in Crystals (Kittel Ch. 3) Physics 460 F 2006 Lect 6 1 Binding of atoms to form crystals A crystal is a repeated array of atoms Why do they form? What are characteristic bonding mechanisms? How do particular mechanisms lead

2.19k views • 30 slides
1 1.2 Ionic bonding Electrons Transferred Big differences in E.N. values; Metals reacting

1 1.2 Ionic bonding Electrons Transferred Big differences in E.N. values; Metals reacting

1.2-1.3 Bonding Atoms trying to attain the stable configuration of a noble (inert) gas often referred to as the octet rule 1.2 Ionic Bonding Electrons Transferred 1.3 Covalent Bonding Electrons Shared type of bond that is formed is

675 views • 19 slides
Chapter 13: Phenomena Phenomena: Scientists measured the bond angles of some common molecules. In

Chapter 13: Phenomena Phenomena: Scientists measured the bond angles of some common molecules. In

Chapter 13: Phenomena Phenomena: Scientists measured the bond angles of some common molecules. In the pictures below each line represents a bond that contains 2 electrons. If multiple lines are drawn together these are double or triple bonds and

669 views • 32 slides
Distributed Memory and Cache Consistency Distributed Memory and Cache Consistency (some slides

Distributed Memory and Cache Consistency Distributed Memory and Cache Consistency (some slides

Distributed Memory and Cache Consistency Distributed Memory and Cache Consistency (some slides courtesy of Alvin Lebeck) Software DSM 101 Software DSM 101 Software-based distributed shared memory (DSM) provides an illusion of shared memory on

236 views • 23 slides
Present and Future of Angular with Ivy Template ViewEngine Ivy Compiler Gen Gen Gen

Present and Future of Angular with Ivy Template ViewEngine Ivy Compiler Gen Gen Gen

Present and Future of Angular with Ivy Template ViewEngine Ivy Compiler Gen Gen Gen @SiddAjmera 3 Ivy is an enabler @SiddAjmera Design Goals OPTIMIZABILITY INCREMENTALITY FLEXIBILITY Only pay for

827 views • 33 slides
c pentaquark channels Ur sa Skerbi s ursa.skerbis@ijs.si in collaboration with: Sa sa

c pentaquark channels Ur sa Skerbi s ursa.skerbis@ijs.si in collaboration with: Sa sa

J / -nucleon scattering in P + c pentaquark channels Ur sa Skerbi s ursa.skerbis@ijs.si in collaboration with: Sa sa Prelov sek Lattice 2018 East Lansing, July 27 th , 2018 1 / 14 Motivation In 2015 charmed pentaquark

322 views • 15 slides
Welcome (Open forum in the Harvard Physics Department, to discuss issues of Equity, Diversity,

Welcome (Open forum in the Harvard Physics Department, to discuss issues of Equity, Diversity,

Welcome (Open forum in the Harvard Physics Department, to discuss issues of Equity, Diversity, Inclusion, and belonging. Held on June 7, 2018.) This is a safe space to share your experiences, ideas, and expectations for a new committee on

109 views • 10 slides

More recommend