Complexity of Decision Problems for Mixed and Modal Specifications

International audienceWe present a new algorithm for solving Simple Stochastic Games (SSGs). This algorithm is based on an exhaustive search of a special kind of positional optimal strategies, the f-strategies. The running time is , where and are respectively the number of vertices, random vertices and edges, and the maximum bit-length of a transition probability. Our algorithm improves existing algorithms for solving SSGs in three aspects. First, our algorithm performs well on SSGs with few random vertices, second it does not rely on linear or quadratic programming, third it applies to all SSGs, not only stopping SSGs

Weighted Modal Transition Systems

Specification theories as a tool in model-driven development processes of component-based software systems have recently attracted a considerable attention. Current specification theories are however qualitative in nature, and therefore fragile in the sense that the inevitable approximation of systems by models, combined with the fundamental unpredictability of hardware platforms, makes it difficult to transfer conclusions about the behavior, based on models, to the actual system. Hence this approach is arguably unsuited for modern software systems. We propose here the first specification theory which allows to capture quantitative aspects during the refinement and implementation process, thus leveraging the problems of the qualitative setting. Our proposed quantitative specification framework uses weighted modal transition systems as a formal model of specifications. These are labeled transition systems with the additional feature that they can model optional behavior which may or may not be implemented by the system. Satisfaction and refinement is lifted from the well-known qualitative to our quantitative setting, by introducing a notion of distances between weighted modal transition systems. We show that quantitative versions of parallel composition as well as quotient (the dual to parallel composition) inherit the properties from the Boolean setting.Comment: Submitted to Formal Methods in System Desig

Refinement for Transition Systems with Responses

Motivated by the response pattern for property specifications and applications within flexible workflow management systems, we report upon an initial study of modal and mixed transition systems in which the must transitions are interpreted as must eventually, and in which implementations can contain may behaviors that are resolved at run-time. We propose Transition Systems with Responses (TSRs) as a suitable model for this study. We prove that TSRs correspond to a restricted class of mixed transition systems, which we refer to as the action-deterministic mixed transition systems. We show that TSRs allow for a natural definition of deadlocked and accepting states. We then transfer the standard definition of refinement for mixed transition systems to TSRs and prove that refinement does not preserve deadlock freedom. This leads to the proposal of safe refinements, which are those that preserve deadlock freedom. We exemplify the use of TSRs and (safe) refinements on a small medication workflow.Comment: In Proceedings FIT 2012, arXiv:1207.348

Sciduction: Combining Induction, Deduction, and Structure for Verification and Synthesis

Even with impressive advances in automated formal methods, certain problems in system verification and synthesis remain challenging. Examples include the verification of quantitative properties of software involving constraints on timing and energy consumption, and the automatic synthesis of systems from specifications. The major challenges include environment modeling, incompleteness in specifications, and the complexity of underlying decision problems. This position paper proposes sciduction, an approach to tackle these challenges by integrating inductive inference, deductive reasoning, and structure hypotheses. Deductive reasoning, which leads from general rules or concepts to conclusions about specific problem instances, includes techniques such as logical inference and constraint solving. Inductive inference, which generalizes from specific instances to yield a concept, includes algorithmic learning from examples. Structure hypotheses are used to define the class of artifacts, such as invariants or program fragments, generated during verification or synthesis. Sciduction constrains inductive and deductive reasoning using structure hypotheses, and actively combines inductive and deductive reasoning: for instance, deductive techniques generate examples for learning, and inductive reasoning is used to guide the deductive engines. We illustrate this approach with three applications: (i) timing analysis of software; (ii) synthesis of loop-free programs, and (iii) controller synthesis for hybrid systems. Some future applications are also discussed

Automating control system design via a multiobjective evolutionary algorithm

This chapter presents a performance-prioritized computer aided control system design (CACSD) methodology using a multi-objective evolutionary algorithm. The evolutionary CACSD approach unifies different control laws in both the time and frequency domains based upon performance satisfactions, without the need of aggregating different design criteria into a compromise function. It is shown that control engineers' expertise as well as settings on goal or priority for different preference on each performance requirement can be easily included and modified on-line according to the evolving trade-offs, which makes the controller design interactive, transparent and simple for real-time implementation. Advantages of the evolutionary CACSD methodology are illustrated upon a non-minimal phase plant control system, which offer a set of low-order Pareto optimal controllers satisfying all the conflicting performance requirements in the face of system constraints

Decision Problems for Partial Specifications: Empirical and Worst-Case Complexities

Partial specifications allow approximate models of systems such as Kripke structures, or labeled transition systems to be created. Using the abstraction possible with these models, an avoidance of the state-space explosion problem is possible, whilst still retaining a structure that can have properties checked over it. A single partial specification abstracts a set of systems, whether Kripke, labeled transition systems, or systems with both atomic propositions and named transitions. This thesis deals in part with problems arising from a desire to efficiently evaluate sentences of the modal μ-calculus over a partial specification. Partial specifications also allow a single system to be modeled by a number of partial specifications, which abstract away different parts of the system. Alternatively, a number of partial specifications may represent different requirements on a system. The thesis also addresses the question of whether a set of partial specifications is consistent, that is to say, whether a single system exists that is abstracted by each member of the set. The effect of nominals, special atomic propositions true on only one state in a system, is also considered on the problem of the consistency of many partial specifications. The thesis also addresses the question of whether the systems a partial specification abstracts are all abstracted by a second partial specification, the problem of inclusion. The thesis demonstrates how commonly used “specification patterns” – useful properties specified in the modal μ-calculus, can be efficiently evaluated over partial specifications, and gives upper and lower complexity bounds on the problems related to sets of partial specifications

Modal Interface Automata

De Alfaro and Henzinger's Interface Automata (IA) and Nyman et al.'s recent combination IOMTS of IA and Larsen's Modal Transition Systems (MTS) are established frameworks for specifying interfaces of system components. However, neither IA nor IOMTS consider conjunction that is needed in practice when a component shall satisfy multiple interfaces, while Larsen's MTS-conjunction is not closed and Bene\v{s} et al.'s conjunction on disjunctive MTS does not treat internal transitions. In addition, IOMTS-parallel composition exhibits a compositionality defect. This article defines conjunction (and also disjunction) on IA and disjunctive MTS and proves the operators to be 'correct', i.e., the greatest lower bounds (least upper bounds) wrt. IA- and resp. MTS-refinement. As its main contribution, a novel interface theory called Modal Interface Automata (MIA) is introduced: MIA is a rich subset of IOMTS featuring explicit output-must-transitions while input-transitions are always allowed implicitly, is equipped with compositional parallel, conjunction and disjunction operators, and allows a simpler embedding of IA than Nyman's. Thus, it fixes the shortcomings of related work, without restricting designers to deterministic interfaces as Raclet et al.'s modal interface theory does.Comment: 28 page

Bounded Reachability for Temporal Logic over Constraint Systems

We present CLTLB(D), an extension of PLTLB (PLTL with both past and future operators) augmented with atomic formulae built over a constraint system D. Even for decidable constraint systems, satisfiability and Model Checking problem of such logic can be undecidable. We introduce suitable restrictions and assumptions that are shown to make the satisfiability problem for the extended logic decidable. Moreover for a large class of constraint systems we propose an encoding that realize an effective decision procedure for the Bounded Reachability problem