48 research outputs found
Checking NFA equivalence with bisimulations up to congruence
16pInternational audienceWe introduce bisimulation up to congruence as a technique for proving language equivalence of non-deterministic finite automata. Exploiting this technique, we devise an optimisation of the classical algorithm by Hopcroft and Karp. We compare our algorithm to the recently introduced antichain algorithms, by analysing and relating the two underlying coinductive proof methods. We give concrete examples where we exponentially improve over antichains; experimental results moreover show non negligible improvements on random automata
Bisimilarity via unique-solution techniques
International audienc
The Proof Technique of Unique Solutions of Contractions
International audienceWe review some recent work aimed at understanding proof techniques for behavioural equivalence on processes based on the concept of unique solution of equations. The schema of equations is refined to that of contraction, based on partial orders rather than equalities
Symbolic Algorithms for Language Equivalence and Kleene Algebra with Tests
We first propose algorithms for checking language equivalence of finite
automata over a large alphabet. We use symbolic automata, where the transition
function is compactly represented using a (multi-terminal) binary decision
diagrams (BDD). The key idea consists in computing a bisimulation by exploring
reachable pairs symbolically, so as to avoid redundancies. This idea can be
combined with already existing optimisations, and we show in particular a nice
integration with the disjoint sets forest data-structure from Hopcroft and
Karp's standard algorithm. Then we consider Kleene algebra with tests (KAT), an
algebraic theory that can be used for verification in various domains ranging
from compiler optimisation to network programming analysis. This theory is
decidable by reduction to language equivalence of automata on guarded strings,
a particular kind of automata that have exponentially large alphabets. We
propose several methods allowing to construct symbolic automata out of KAT
expressions, based either on Brzozowski's derivatives or standard automata
constructions. All in all, this results in efficient algorithms for deciding
equivalence of KAT expressions
Learning to Prove Safety over Parameterised Concurrent Systems (Full Version)
We revisit the classic problem of proving safety over parameterised
concurrent systems, i.e., an infinite family of finite-state concurrent systems
that are represented by some finite (symbolic) means. An example of such an
infinite family is a dining philosopher protocol with any number n of processes
(n being the parameter that defines the infinite family). Regular model
checking is a well-known generic framework for modelling parameterised
concurrent systems, where an infinite set of configurations (resp. transitions)
is represented by a regular set (resp. regular transducer). Although verifying
safety properties in the regular model checking framework is undecidable in
general, many sophisticated semi-algorithms have been developed in the past
fifteen years that can successfully prove safety in many practical instances.
In this paper, we propose a simple solution to synthesise regular inductive
invariants that makes use of Angluin's classic L* algorithm (and its variants).
We provide a termination guarantee when the set of configurations reachable
from a given set of initial configurations is regular. We have tested L*
algorithm on standard (as well as new) examples in regular model checking
including the dining philosopher protocol, the dining cryptographer protocol,
and several mutual exclusion protocols (e.g. Bakery, Burns, Szymanski, and
German). Our experiments show that, despite the simplicity of our solution, it
can perform at least as well as existing semi-algorithms.Comment: Full version of FMCAD'17 pape
Completeness and Incompleteness of Synchronous Kleene Algebra
Synchronous Kleene algebra (SKA), an extension of Kleene algebra (KA), was
proposed by Prisacariu as a tool for reasoning about programs that may execute
synchronously, i.e., in lock-step. We provide a countermodel witnessing that
the axioms of SKA are incomplete w.r.t. its language semantics, by exploiting a
lack of interaction between the synchronous product operator and the Kleene
star. We then propose an alternative set of axioms for SKA, based on Salomaa's
axiomatisation of regular languages, and show that these provide a sound and
complete characterisation w.r.t. the original language semantics.Comment: Accepted at MPC 201
Automata Language Equivalence vs. Simulations for Model-based Mutant Equivalence: An Empirical Evaluation
International audienceMutation analysis is a popular technique to assess the effectiveness of test suites with respect to their fault-finding abilities. It relies on the mutation score, which indicates how many mutants are revealed by a test suite. Yet, there are mutants whose behaviour is equivalent to the original system, wasting analysis resources and preventing the satisfaction of the full (100%) mutation score. For finite behavioural models, the Equivalent Mutant Problem (EMP) can be addressed through language equivalence of non-deterministic finite automata, which is a well-studied, yet computationally expensive, problem in automata theory. In this paper, we report on our assessment of a state-of-the-art exact language equivalence tool to handle the EMP against 12 models of size up to 15,000 states on 4710 mutants. We introduce random and mutation-biased simulation heuristics as baselines for comparison. Results show that the exact approach is often more than ten times faster in the weak mutation scenario. For strong mutation, our biased simulations are faster for models larger than 300 states. They can be up to 1,000 times faster while limiting the error of misclassifying non-equivalent mutants as equivalent to 8% on average. We therefore conclude that the approaches can be combined for improved efficiency
An Elementary Proof of the FMP for Kleene Algebra
Kleene Algebra (KA) is a useful tool for proving that two programs are
equivalent by reasoning equationally. Because it abstracts from the meaning of
primitive programs, KA's equational theory is decidable, so it integrates well
with interactive theorem provers. This raises the question: which equations can
we (not) prove using the laws of KA? Moreover, which models of KA are complete,
in the sense that they satisfy exactly the provable equations? Kozen (1994)
answered these questions by characterizing KA in terms of its language model.
Concretely, equivalences provable in KA are exactly those that hold for regular
expressions.
Pratt (1980) observed that KA is complete w.r.t. relational models, i.e.,
that its provable equations are those that hold for any relational
interpretation. A less known result due to Palka (2005) says that finite models
are complete for KA, i.e., that provable equivalences coincide with equations
satisfied by all finite KAs. Phrased contrapositively, the latter is a finite
model property (FMP): any unprovable equation is falsified by a finite KA.
These results can be argued using Kozen's theorem, but the implication is
mutual: given that KA is complete w.r.t. finite (resp. relational) models,
Palka's (resp. Pratt's) arguments show that it is complete w.r.t. the language
model.
We embark on a study of the different complete models of KA, and the
connections between them. This yields a fourth result subsuming those of Palka
and Pratt, namely that KA is complete w.r.t. finite relational models. Next, we
put an algebraic spin on Palka's techniques, which yield an elementary proof of
the finite model property, and by extension, of Kozen's and Pratt's theorems.
In contrast with earlier approaches, this proof relies not on minimality or
bisimilarity of automata, but rather on representing the regular expressions
involved in terms of transformation automata