195 research outputs found
Learning-Based Synthesis of Safety Controllers
We propose a machine learning framework to synthesize reactive controllers
for systems whose interactions with their adversarial environment are modeled
by infinite-duration, two-player games over (potentially) infinite graphs. Our
framework targets safety games with infinitely many vertices, but it is also
applicable to safety games over finite graphs whose size is too prohibitive for
conventional synthesis techniques. The learning takes place in a feedback loop
between a teacher component, which can reason symbolically about the safety
game, and a learning algorithm, which successively learns an overapproximation
of the winning region from various kinds of examples provided by the teacher.
We develop a novel decision tree learning algorithm for this setting and show
that our algorithm is guaranteed to converge to a reactive safety controller if
a suitable overapproximation of the winning region can be expressed as a
decision tree. Finally, we empirically compare the performance of a prototype
implementation to existing approaches, which are based on constraint solving
and automata learning, respectively
Computer Aided Verification
This open access two-volume set LNCS 13371 and 13372 constitutes the refereed proceedings of the 34rd International Conference on Computer Aided Verification, CAV 2022, which was held in Haifa, Israel, in August 2022. The 40 full papers presented together with 9 tool papers and 2 case studies were carefully reviewed and selected from 209 submissions. The papers were organized in the following topical sections: Part I: Invited papers; formal methods for probabilistic programs; formal methods for neural networks; software Verification and model checking; hyperproperties and security; formal methods for hardware, cyber-physical, and hybrid systems. Part II: Probabilistic techniques; automata and logic; deductive verification and decision procedures; machine learning; synthesis and concurrency. This is an open access book
Data-Driven Inference of Representation Invariants
A representation invariant is a property that holds of all values of abstract
type produced by a module. Representation invariants play important roles in
software engineering and program verification. In this paper, we develop a
counterexample-driven algorithm for inferring a representation invariant that
is sufficient to imply a desired specification for a module. The key novelty is
a type-directed notion of visible inductiveness, which ensures that the
algorithm makes progress toward its goal as it alternates between weakening and
strengthening candidate invariants. The algorithm is parameterized by an
example-based synthesis engine and a verifier, and we prove that it is sound
and complete for first-order modules over finite types, assuming that the
synthesizer and verifier are as well. We implement these ideas in a tool called
Hanoi, which synthesizes representation invariants for recursive data types.
Hanoi not only handles invariants for first-order code, but higher-order code
as well. In its back end, Hanoi uses an enumerative synthesizer called Myth and
an enumerative testing tool as a verifier. Because Hanoi uses testing for
verification, it is not sound, though our empirical evaluation shows that it is
successful on the benchmarks we investigated.Comment: 18 Pages, Full version of PLDI 2020 pape
Learning-based inductive invariant synthesis
The problem of synthesizing adequate inductive invariants to prove a program correct lies at the heart of automated program verification. We investigate, herein, learning approaches to synthesize inductive invariants of sequential programs towards automatically verifying them. To this end, we identify that prior learning approaches were unduly influenced by traditional machine learning models that learned concepts from positive and negative counterexamples. We argue that these models are not robust for invariant synthesis and, consequently, introduce ICE, a robust learning paradigm for synthesizing invariants that learns using positive, negative and implication counterexamples, and show that it admits honest teachers and strongly convergent mechanisms for invariant synthesis. We develop the first learning algorithms in this model with implication counterexamples for two domains, one for learning arbitrary Boolean combinations of numerical invariants over scalar variables and one for quantified invariants of linear data-structures including arrays and dynamic lists. We implement the ICE learners and an appropriate teacher, and show that the resulting invariant synthesis is robust, practical, convergent, and efficient.
In order to deductively verify shared-memory concurrent programs, we present a sequentialization result and show that synthesizing rely-guarantee annotations for them can be reduced to invariant synthesis for sequential programs. Further, for verifying asynchronous event-driven systems, we develop a new invariant synthesis technique that constructs almost-synchronous invariants over concrete system configurations. These invariants, for most systems, are finitely representable, and can be thereby constructed, including for the USB driver that ships with Microsoft Windows phone
- …