228 research outputs found
How long, O Bayesian network, will I sample thee? A program analysis perspective on expected sampling times
Bayesian networks (BNs) are probabilistic graphical models for describing
complex joint probability distributions. The main problem for BNs is inference:
Determine the probability of an event given observed evidence. Since exact
inference is often infeasible for large BNs, popular approximate inference
methods rely on sampling.
We study the problem of determining the expected time to obtain a single
valid sample from a BN. To this end, we translate the BN together with
observations into a probabilistic program. We provide proof rules that yield
the exact expected runtime of this program in a fully automated fashion. We
implemented our approach and successfully analyzed various real-world BNs taken
from the Bayesian network repository
Fifty years of Hoare's Logic
We present a history of Hoare's logic.Comment: 79 pages. To appear in Formal Aspects of Computin
Relatively Complete Verification of Probabilistic Programs: An Expressive Language for Expectation-Based Reasoning
We study a syntax for specifying quantitative “assertions” - functions mapping program states to numbers - for probabilistic program verification. We prove that our syntax is expressive in the following sense: Given any probabilistic program C, if a function f is expressible in our syntax, then the function mapping each initial state σ to the expected value of f evaluated in the final states reached after termination C on σ (also called the weakest preexpectation wp[C](f)) is also expressible in our syntax. As a consequence, we obtain a relatively complete verification system for verifying expected values and probabilities in the sense of Cook: Apart from a single reasoning step about the inequality of two functions given as syntactic expressions in our language, given f, g, and C, we can check whether g ≤ wp[C](f)
Certified Verification of Relational Properties
The use of function contracts to specify the behavior of functions often remains limited to the scope of a single function call. Relational properties link several function calls together within a single specification. They can express more advanced properties of a given function, such as non-interference, continuity, or monotonicity. They can also relate calls to different functions, for instance, to show that an optimized implementation is equivalent to its original counterpart. However, relational properties cannot be expressed and verified directly in the traditional setting of modular deductive verification. Self-composition has been proposed to overcome this limitation, but it requires complex transformations and additional separation hypotheses for real-life languages with pointers. We propose a novel approach that is not based on code transformation and avoids those drawbacks. It directly applies a verification condition generator to produce logical formulas that must be verified to ensure a given relational property. The approach has been fully formalized and proved sound in the Coq proof assistant
Programming Languages and Systems
This open access book constitutes the proceedings of the 28th European Symposium on Programming, ESOP 2019, which took place in Prague, Czech Republic, in April 2019, held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019
Scheduling of guarded command based models
Formal methods provide a means of reasoning about computer programs
in order to prove correctness criteria. One subtype of formal methods is
based on the weakest precondition predicate transformer semantics and uses
guarded commands as the basic modelling construct. Examples of such
formalisms are Action Systems and Event-B. Guarded commands can intuitively
be understood as actions that may be triggered when an associated
guard condition holds. Guarded commands whose guards hold are nondeterministically
chosen for execution, but no further control flow is present
by default. Such a modelling approach is convenient for proving correctness,
and the Refinement Calculus allows for a stepwise development method. It
also has a parallel interpretation facilitating development of concurrent software,
and it is suitable for describing event-driven scenarios. However, for
many application areas, the execution paradigm traditionally used comprises
more explicit control flow, which constitutes an obstacle for using the above
mentioned formal methods. In this thesis, we study how guarded command
based modelling approaches can be conveniently and efficiently scheduled in
different scenarios. We first focus on the modelling of trust for transactions
in a social networking setting. Due to the event-based nature of the scenario,
the use of guarded commands turns out to be relatively straightforward. We
continue by studying modelling of concurrent software, with particular focus
on compute-intensive scenarios. We go from theoretical considerations to the
feasibility of implementation by evaluating the performance and scalability
of executing a case study model in parallel using automatic scheduling performed
by a dedicated scheduler. Finally, we propose a more explicit and
non-centralised approach in which the flow of each task is controlled by a
schedule of its own. The schedules are expressed in a dedicated scheduling
language, and patterns assist the developer in proving correctness of the
scheduled model with respect to the original one
Dynamic Logic for an Intermediate Language: Verification, Interaction and Refinement
This thesis is about ensuring that software behaves as it is supposed to behave. More precisely, it is concerned with the deductive verification of the compliance of software implementations with their formal specification. Two successful ideas in program verification are integrated into a new approach: dynamic logic and intermediate verification language. The well-established technique of refinement is used to decompose the difficult task of program verification into two easier tasks
- …