29 research outputs found
Liveness of Randomised Parameterised Systems under Arbitrary Schedulers (Technical Report)
We consider the problem of verifying liveness for systems with a finite, but
unbounded, number of processes, commonly known as parameterised systems.
Typical examples of such systems include distributed protocols (e.g. for the
dining philosopher problem). Unlike the case of verifying safety, proving
liveness is still considered extremely challenging, especially in the presence
of randomness in the system. In this paper we consider liveness under arbitrary
(including unfair) schedulers, which is often considered a desirable property
in the literature of self-stabilising systems. We introduce an automatic method
of proving liveness for randomised parameterised systems under arbitrary
schedulers. Viewing liveness as a two-player reachability game (between
Scheduler and Process), our method is a CEGAR approach that synthesises a
progress relation for Process that can be symbolically represented as a
finite-state automaton. The method is incremental and exploits both
Angluin-style L*-learning and SAT-solvers. Our experiments show that our
algorithm is able to prove liveness automatically for well-known randomised
distributed protocols, including Lehmann-Rabin Randomised Dining Philosopher
Protocol and randomised self-stabilising protocols (such as the Israeli-Jalfon
Protocol). To the best of our knowledge, this is the first fully-automatic
method that can prove liveness for randomised protocols.Comment: Full version of CAV'16 pape
Learning to Prove Safety over Parameterised Concurrent Systems (Full Version)
We revisit the classic problem of proving safety over parameterised
concurrent systems, i.e., an infinite family of finite-state concurrent systems
that are represented by some finite (symbolic) means. An example of such an
infinite family is a dining philosopher protocol with any number n of processes
(n being the parameter that defines the infinite family). Regular model
checking is a well-known generic framework for modelling parameterised
concurrent systems, where an infinite set of configurations (resp. transitions)
is represented by a regular set (resp. regular transducer). Although verifying
safety properties in the regular model checking framework is undecidable in
general, many sophisticated semi-algorithms have been developed in the past
fifteen years that can successfully prove safety in many practical instances.
In this paper, we propose a simple solution to synthesise regular inductive
invariants that makes use of Angluin's classic L* algorithm (and its variants).
We provide a termination guarantee when the set of configurations reachable
from a given set of initial configurations is regular. We have tested L*
algorithm on standard (as well as new) examples in regular model checking
including the dining philosopher protocol, the dining cryptographer protocol,
and several mutual exclusion protocols (e.g. Bakery, Burns, Szymanski, and
German). Our experiments show that, despite the simplicity of our solution, it
can perform at least as well as existing semi-algorithms.Comment: Full version of FMCAD'17 pape
Parameterized Synthesis with Safety Properties
Parameterized synthesis offers a solution to the problem of constructing
correct and verified controllers for parameterized systems. Such systems occur
naturally in practice (e.g., in the form of distributed protocols where the
amount of processes is often unknown at design time and the protocol must work
regardless of the number of processes). In this paper, we present a novel
learning based approach to the synthesis of reactive controllers for
parameterized systems from safety specifications. We use the framework of
regular model checking to model the synthesis problem as an infinite-duration
two-player game and show how one can utilize Angluin's well-known L* algorithm
to learn correct-by-design controllers. This approach results in a synthesis
procedure that is conceptually simpler than existing synthesis methods with a
completeness guarantee, whenever a winning strategy can be expressed by a
regular set. We have implemented our algorithm in a tool called L*-PSynth and
have demonstrated its performance on a range of benchmarks, including robotic
motion planning and distributed protocols. Despite the simplicity of L*-PSynth
it competes well against (and in many cases even outperforms) the
state-of-the-art tools for synthesizing parameterized systems.Comment: 18 page
On the analysis of stochastic timed systems
The formal methods approach to develop reliable and efficient safety- or performance-critical systems is to construct mathematically precise models of such systems on which properties of interest, such as safety guarantees or performance requirements, can be verified automatically. In this thesis, we present techniques that extend the reach of exhaustive and statistical model checking to verify reachability and reward-based properties of compositional behavioural models that support quantitative aspects such as real time and randomised decisions.
We present two techniques that allow sound statistical model checking for the nondeterministic-randomised model of Markov decision processes. We investigate the relationship between two different definitions of the model of probabilistic timed automata, as well as potential ways to apply statistical model checking. Stochastic timed automata allow nondeterministic choices as well as nondeterministic and stochastic delays, and we present the first exhaustive model checking algorithm that allows their analysis. All the approaches introduced in this thesis are implemented as part of the Modest Toolset, which supports the construction and verification of models specified in the formal modelling language Modest. We conclude by applying this language and toolset to study novel distributed control strategies for photovoltaic microgenerators