verifying fault tolerance in parameterised multi agent
play

Verifying Fault-tolerance in Parameterised Multi-Agent Systems Work - PowerPoint PPT Presentation

Nov 04, 2023 •467 likes •839 views

Verifying Fault-tolerance in Parameterised Multi-Agent Systems Work by Panagiotis Kouvaros 1,2 and Alessio Lomuscio 1 Presented by Edoardo Pirovano 1 1 Imperial College London, UK 2 University of Naples, Italy FRIDA 2017 - 16 October 2017 Based

  1. Verifying Fault-tolerance in Parameterised Multi-Agent Systems Work by Panagiotis Kouvaros 1,2 and Alessio Lomuscio 1 Presented by Edoardo Pirovano 1 1 Imperial College London, UK 2 University of Naples, Italy FRIDA 2017 - 16 October 2017 Based on material in: P. Kouvaros, A. Lomuscio. Verifying Fault-tolerance in Parameterised Multi-Agent Systems. Proceedings of the 26th Conference on Artificial Intelligence (IJCAI17). Melbourne, Australia. 288-294. AAAI Press.

  2. Outline 1 Introduction 2 Parameterised Model Checking Problem (PMCP) 3 Parameterised Fault Tolerance Problem (PFTP) 4 Solving PFTP by encoding it in PMCP 5 Implementation and Application 6 Conclusion

  3. Formal Verification of MAS Concerned with showing that a MAS is correct with respect to its specifications. Specifications formally expressed in temporal, epistemic, strategic languages. Considerable amount of work from 2000, both theoretical investigations (complexity, etc.) and practical algorithms. Implementations including MCMAS (Imperial), MCK (UNSW), Verics (Warsaw). Applications in robotics, services, security, etc. Limitation: number of agents fixed at design time. Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 3 / 36

  4. Robot Swarms Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 4 / 36

  5. Unbounded MAS Behaviourally identical agents following simple protocols. Agents may interact in subtle ways thereby displaying emergent properties that are difficult to predict, yet important to establish . Traditionally unbounded/open MAS are analysed via optimisation techniques and simulations. Both have limitations. Key question: Do specifications hold irrespective of the number of agents in the system? Theoretical challenge: Verifying unbounded MAS is undecidable. Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 5 / 36

  6. Parameterised Model Checking for MAS A technique to reason about MAS irrespective of the number of components . Parameterised Model Checking Problem: � ∀ n ≥ | J | : S ( n ) | = φ ( J ) J Originally introduced in analysis of networked systems and distributed systems. Several techniques recently studied in the context of MAS, including cutoffs [KL13] and counter-abstraction [KL15a]. Applications in robot swarms [KL15b, KL16a], security [BKL16], data-aware systems [BKL17]. Open source model checker MCMAS-P available for download. Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 6 / 36

  7. Limitations of PMC 1 Sound but incomplete techniques. 2 Undecidability hinders applicability in certain settings. 3 As with plain model checking, PMC can “only” formally assess the correctness of a system against a specification. But how can we assess the robustness of an unbounded MAS against faults, malfunctions, or unwanted behaviours of some of its components? Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 7 / 36

  8. Just “How Robust” is my MAS? PMC may enable us to show that the flock will remain connected irrespective of how many agents populate it. Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 8 / 36

  9. Just “How Robust” is my MAS? But what happens if one or more agents deviate from the expected behaviour? Introduction Verifying Fault-tolerance in Parameterised Multi-Agent Systems 9 / 36

  10. Outline 1 Introduction 2 Parameterised Model Checking Problem (PMCP) 3 Parameterised Fault Tolerance Problem (PFTP) 4 Solving PFTP by encoding it in PMCP 5 Implementation and Application 6 Conclusion Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 10 / 36

  11. Agents Definition (Agent Template) The agent template T = � L, ι, Act, P, t � defines a non-empty set of local states L , a unique initial state ι ∈ L , and a non-empty set of actions Act = A ∪ AE ∪ GS . Each action is either an asynchronous action ( A ) or an agent-environment action ( AE ) or a global-synchronous action ( GS ). The actions are performed in compliance with a protocol P : L → P ( Act ) that selects which actions may be performed at a given state. The evolution of the local states is characterised by a transition function t : L × Act → L returning the next local state given the current local state and the action performed at the state. Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 11 / 36

  12. Environment Definition (Environment) The environment e = � L e , ι e , Act e , P e , t e � is associated with a non-empty set of local states L e , a unique initial state ι e ∈ L e , a non-empty set of actions Act e = A e ∪ AE ∪ GS , a protocol P e , and a transition function t e . Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 12 / 36

  13. Parameterised Interleaved Interpreted Systems A parametrised interleaved interpreted system (PIIS) is a finite number of agent templates, together with an environment and a labelling function that assigns which from a set of atomic propositions (each of which can be global or local , more on this later) are true at which states of the agent. PIISs describe an unbounded family of concrete IIS, each one obtained by setting the parameter prescribing to the number of agents in the system. Given a PIIS S with one agent template and an integer n ≥ 1 , the IIS S ( n ) of n agents is the result of the composition of n copies of the agent with the environment (we will describe this composition in more detail soon). Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 13 / 36

  14. Train-gate controller The scenario concerns a number of trains wishing to enter a tunnel (one at a time) and a controller that governs which trains can enter. Some trains are prioritised and can enter the tunnel whenever it is free. Normal trains, on the other hand, can only enter the tunnel when no prioritised trains are waiting. We will model the system by agent templates of two roles representing the two types of trains and an environment template representing the controller. Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 14 / 36

  15. Train-gate controller Figure: The PIIS for the train-gate controller. Note p_enter and p_exit are agent-environment actions, n_lock and p_lock are global-synchronous actions, and p_approach and n_approach are asynchronous actions. Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 15 / 36

  16. Global states and transitions Given a parametrised system and a number n ≥ 1 for each of the agent templates, we can build a concrete system representing the composition of these along with an environment. This global system performs one action at each step and it is either: Asynchronous: Precisely one agent or the environment changes state on its own. All others remain in the same state. Agent-environment: One agent and the environment perform the action at the same time and change state accordingly. The other agents remain in the same state. Global-synchronous: All agents and the environment perform the action at the same time and change state accordingly. The labelling function on global states has a predicate ( p, i ) hold if a local atomic proposition p is true for the local state of agent i in that global state. For a global atomic propositions q we instead require it to be true at the local state of all the agents. Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 16 / 36

  17. Syntax of IACTLK \ X Definition (IACTLK \ X formulae) Given a set IND of indices, a set L _ AP of local atomic propositions and a set G _ AP of global atomic propositions, IACTLK \ X formulae are defined by the following BNF grammar: φ ::= ( p, v ) | ¬ ( p, v ) | q | ¬ q | φ ∧ φ | φ ∨ φ | A ( φUφ ) | A ( φRφ ) | K v φ | ∀ v : φ where p ∈ L _ AP , q ∈ G _ AP , and v ∈ IND . An IACTLK \ X formula is said to be a sentence if every variable appearing the formula is in the scope of a universal quantifier. Hereafter we consider only sentences. Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 17 / 36

  18. Parameterised Model Checking Problem Definition (PMCP) Given a PIIS S and an IACTLK \ X formula φ , the parameterised model checking problem (PMCP) is the decision problem of determining whether the following holds: S ( n ) | = φ for every n > 1 . If this holds, then φ is said to be satisfied by S ; this is denoted by S | = φ . The PMCP is in general undecidable. Nevertheless restrictions can be imposed on the systems leading to decidable problems. Parameterised Model Checking Problem (PMCP) Verifying Fault-tolerance in Parameterised Multi-Agent Systems 18 / 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Roadmap for Section 10.1 The Notion of Fault-Tolerance Fault-Tolerance Support in NTFS Volume

Roadmap for Section 10.1 The Notion of Fault-Tolerance Fault-Tolerance Support in NTFS Volume

Unit OS10: Fault Tolerance Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 10.1 The Notion of Fault-Tolerance Fault-Tolerance Support in NTFS Volume Management - Striped

394 views • 25 slides
Parameterised Verification of Strategic Properties in Probabilistic Multi-Agent Systems Alessio

Parameterised Verification of Strategic Properties in Probabilistic Multi-Agent Systems Alessio

Parameterised Verification of Strategic Properties in Probabilistic Multi-Agent Systems Alessio Lomuscio and Edoardo Pirovano Verification of Autonomous Systems Group Imperial College London, UK https://vas.doc.ic.ac.uk/ AAMAS 2020

289 views • 17 slides
Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in

Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in

Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in Action Jack Dongarra, Innovative Computing Laboratory University of Tennessee and Computer Science and Mathematics Division Oak Ridge National

422 views • 14 slides
General Principles of Fault- Tolerance Daniel Gottesman Perimeter Institute Whats Left For

General Principles of Fault- Tolerance Daniel Gottesman Perimeter Institute Whats Left For

General Principles of Fault- Tolerance Daniel Gottesman Perimeter Institute Whats Left For Fault-Tolerance? Reduce the overhead (in space and in time) needed for fault-tolerance Better fault-tolerance in 1D? Better magic state

556 views • 22 slides
Rigorous fault-tolerance thresholds Ben Reichardt UC Berkeley N gate circuit 0/1 N gate

Rigorous fault-tolerance thresholds Ben Reichardt UC Berkeley N gate circuit 0/1 N gate

Rigorous fault-tolerance thresholds Ben Reichardt UC Berkeley N gate circuit 0/1 N gate circuit Need error 1/N 1/0 Quantum fault-tolerance problem Classical fault-tolerance: Von Neumann (1956) 0/1 Fault-tolerant, larger C High

846 views • 63 slides
Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault

CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault

1 Tr n H i Anh Distributed System CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault tolerance 2. Process resilience 3. Reliable client-Server Communication 4. Reliable Group Communication 5.

966 views • 50 slides
Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi Distributed Systems Fault tolerance A system or a component fails due to a fault Fault tolerance means that the system continues to provide its

428 views • 40 slides
CSci 5105 Introduction to Distributed Systems Fault Tolerance Last Time Replication and

CSci 5105 Introduction to Distributed Systems Fault Tolerance Last Time Replication and

CSci 5105 Introduction to Distributed Systems Fault Tolerance Last Time Replication and Consistency Today Fault tolerance Chapter 8 TVS Fault Tolerance Basics Availability short time horizon e.g down 1 msec every hour

292 views • 27 slides
Challenging Malicious Inputs with Fault Tolerance Techniques Bruno Luiz Agenda Threats

Challenging Malicious Inputs with Fault Tolerance Techniques Bruno Luiz Agenda Threats

Challenging Malicious Inputs with Fault Tolerance Techniques Bruno Luiz Agenda Threats Fault Tolerance Fault Injection for Fault Tolerance Assessment Basic and classic techniques Decision Mechanisms Implementation

962 views • 61 slides
A Multi-Level Meta-Object Protocol for Fault- Tolerance in Complex Architectures Franois Taani

A Multi-Level Meta-Object Protocol for Fault- Tolerance in Complex Architectures Franois Taani

A Multi-Level Meta-Object Protocol for Fault- Tolerance in Complex Architectures Franois Taani ( * ) , Jean-Charles Fabre, Marc-Olivier Killijian LAAS-CNRS ( ( * ): Now at Lancaster University) DSN'2005, The International Conference on

741 views • 34 slides
Fault-Tolerance of Capillary Multi-Path Routing for Real-Time Multimedia Streaming with Forward

Fault-Tolerance of Capillary Multi-Path Routing for Real-Time Multimedia Streaming with Forward

Fault-Tolerance of Capillary Multi-Path Routing for Real-Time Multimedia Streaming with Forward Error Correction Emin Gabrielyan Roger D. Hersch EPFL and Switzernet Srl Swiss Federal Institute of Technology EPFL Lausanne, Switzerland

73 views • 6 slides
Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Class Overview Introduction

Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Class Overview Introduction

Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Class Overview Introduction Failure Model Fault Tolerance Models state machine primary-backup Distributed Systems - Fault Tolerance Introduction

146 views • 12 slides
Fibre bundle framework for unitary quantum fault tolerance Lucy Liuxuan Zhang University of

Fibre bundle framework for unitary quantum fault tolerance Lucy Liuxuan Zhang University of

Motivations and main idea Basics of quantum fault tolerance Geometric picture of QECCs and unitary fault tolerance Conclusion Fibre bundle framework for unitary quantum fault tolerance Lucy Liuxuan Zhang University of Toronto December 18,

795 views • 16 slides
Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis

Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis

Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis Distributed Systems Fred B. Schneider, Cornell University SOSP, 1995 Problem Fault tolerance

2.97k views • 8 slides
Adaptability and Fault Tolerance Adaptability and Fault Tolerance Rog rio rio de Lemos de

Adaptability and Fault Tolerance Adaptability and Fault Tolerance Rog rio rio de Lemos de

Adaptability and Fault Tolerance Adaptability and Fault Tolerance Rog rio rio de Lemos de Lemos Rog University of Kent, UK University of Kent, UK Context: self-* and dependability; Focus: adaptability and fault tolerance;

640 views • 19 slides
using the RDF Data Cube Vocabulary Sebastian Bayerl, Michael Granitzer Department of Media

using the RDF Data Cube Vocabulary Sebastian Bayerl, Michael Granitzer Department of Media

Data-Transformation on historical data using the RDF Data Cube Vocabulary Sebastian Bayerl, Michael Granitzer Department of Media Computer Science University of Passau SWIB15 Semantic Web in Libraries 22.10.2015 2 Overview Motivation

330 views • 20 slides
Digital Philology, World Literature and Sustainable Global Culture Gregory Crane Alexander von

Digital Philology, World Literature and Sustainable Global Culture Gregory Crane Alexander von

Digital Philology, World Literature and Sustainable Global Culture Gregory Crane Alexander von Humboldt Professor of Digital Humanitjes Universitt Leipzig Professor of Classics Winnick Family Chair of Technology and Entrepreneurship Tufus

1.61k views • 128 slides
, iaie . with - . . EAYI.tw/newArynee.n.ndersoni99s example : / . - tree : Red - Black and

, iaie . with - . . EAYI.tw/newArynee.n.ndersoni99s example : / . - tree : Red - Black and

r - Some history : simpler to code as binary 3- node AA - Trees Encoding : - No null pointers : Bayer 1972 : create tree node 2-3 Trees a ' Black node Sentinel node , nil , and all : Guibasa Red - black Trees - i . Red node 1978 ( a binary

825 views • 3 slides
Building My Product on Android Open Source Project Android Builders Summit 2015 Rafael Coutinho

Building My Product on Android Open Source Project Android Builders Summit 2015 Rafael Coutinho

Building My Product on Android Open Source Project Android Builders Summit 2015 Rafael Coutinho - Software Engineer Phi Innovations 1 Agenda Motivation Build System Overview Simple Build Product Customization Structure

684 views • 54 slides
Key questions Why do people join political parties and why don't they? How do party

Key questions Why do people join political parties and why don't they? How do party

07/07/2016 McDougall Trust Workshop, 7 July 2016, London Why do people join political parties, and what do they do for them? Paul Webb , University of Sussex Monica Poletti , Queen Mary University of London Tim Bale , Queen Mary University of

376 views • 8 slides
This presentation is a recap of one we gave to DOE- OHEP in March. Our most recent

This presentation is a recap of one we gave to DOE- OHEP in March. Our most recent

This presentation is a recap of one we gave to DOE- OHEP in March. Our most recent successes are therefore not included. This is a meta-talk -- I'm going to switch back and forth between explaining concepts and explaining

703 views • 25 slides
Small Isochronous Ring (SIR) project at NSCL, MSU Eduard Pozdeyev NSCL, Michigan Sate University

Small Isochronous Ring (SIR) project at NSCL, MSU Eduard Pozdeyev NSCL, Michigan Sate University

Small Isochronous Ring (SIR) project at NSCL, MSU Eduard Pozdeyev NSCL, Michigan Sate University Talk Outline Isochronous regime in accelerators, application to Isochronous Cyclotrons Space charge effects in the isochronous regime

526 views • 27 slides
Designing Robot Collectives by Kirstin Petersen July 2017 Collective Embodied Intelligence Lab

Designing Robot Collectives by Kirstin Petersen July 2017 Collective Embodied Intelligence Lab

Designing Robot Collectives by Kirstin Petersen July 2017 Collective Embodied Intelligence Lab Collective Embodied Motivatio ion Intelligence Lab Distance to Mars: 34-250M miles Jan anuary 200 2004 Travel time: 39-289 days Cost: $1B

543 views • 22 slides

More recommend