119 research outputs found
On the decidability of the existence of polyhedral invariants in transition systems
Automated program verification often proceeds by exhibiting inductive
invariants entailing the desired properties.For numerical properties, a
classical class of invariants is convex polyhedra: solution sets of system of
linear (in)equalities.Forty years of research on convex polyhedral invariants
have focused, on the one hand, on identifying "easier" subclasses, on the other
hand on heuristics for finding general convex polyhedra.These heuristics are
however not guaranteed to find polyhedral inductive invariants when they
exist.To our best knowledge, the existence of polyhedral inductive invariants
has never been proved to be undecidable.In this article, we show that the
existence of convex polyhedral invariants is undecidable, even if there is only
one control state in addition to the "bad" one.The question is still open if
one is not allowed any nonlinear constraint
The Hardness of Finding Linear Ranking Functions for Lasso Programs
Finding whether a linear-constraint loop has a linear ranking function is an
important key to understanding the loop behavior, proving its termination and
establishing iteration bounds. If no preconditions are provided, the decision
problem is known to be in coNP when variables range over the integers and in
PTIME for the rational numbers, or real numbers. Here we show that deciding
whether a linear-constraint loop with a precondition, specifically with
partially-specified input, has a linear ranking function is EXPSPACE-hard over
the integers, and PSPACE-hard over the rationals. The precise complexity of
these decision problems is yet unknown. The EXPSPACE lower bound is derived
from the reachability problem for Petri nets (equivalently, Vector Addition
Systems), and possibly indicates an even stronger lower bound (subject to open
problems in VAS theory). The lower bound for the rationals follows from a novel
simulation of Boolean programs. Lower bounds are also given for the problem of
deciding if a linear ranking-function supported by a particular form of
inductive invariant exists. For loops over integers, the problem is PSPACE-hard
for convex polyhedral invariants and EXPSPACE-hard for downward-closed sets of
natural numbers as invariants.Comment: In Proceedings GandALF 2014, arXiv:1408.5560. I thank the organizers
of the Dagstuhl Seminar 14141, "Reachability Problems for Infinite-State
Systems", for the opportunity to present an early draft of this wor
Weak Singular Hybrid Automata
The framework of Hybrid automata, introduced by Alur, Courcourbetis,
Henzinger, and Ho, provides a formal modeling and analysis environment to
analyze the interaction between the discrete and the continuous parts of
cyber-physical systems. Hybrid automata can be considered as generalizations of
finite state automata augmented with a finite set of real-valued variables
whose dynamics in each state is governed by a system of ordinary differential
equations. Moreover, the discrete transitions of hybrid automata are guarded by
constraints over the values of these real-valued variables, and enable
discontinuous jumps in the evolution of these variables. Singular hybrid
automata are a subclass of hybrid automata where dynamics is specified by
state-dependent constant vectors. Henzinger, Kopke, Puri, and Varaiya showed
that for even very restricted subclasses of singular hybrid automata, the
fundamental verification questions, like reachability and schedulability, are
undecidable. In this paper we present \emph{weak singular hybrid automata}
(WSHA), a previously unexplored subclass of singular hybrid automata, and show
the decidability (and the exact complexity) of various verification questions
for this class including reachability (NP-Complete) and LTL model-checking
(PSPACE-Complete). We further show that extending WSHA with a single
unrestricted clock or extending WSHA with unrestricted variable updates lead to
undecidability of reachability problem
Decidability and Synthesis of Abstract Inductive Invariants
Decidability and synthesis of inductive invariants ranging in a given domain
play an important role in many software and hardware verification systems. We
consider here inductive invariants belonging to an abstract domain as
defined in abstract interpretation, namely, ensuring the existence of the best
approximation in of any system property. In this setting, we study the
decidability of the existence of abstract inductive invariants in of
transition systems and their corresponding algorithmic synthesis. Our model
relies on some general results which relate the existence of abstract inductive
invariants with least fixed points of best correct approximations in of the
transfer functions of transition systems and their completeness properties.
This approach allows us to derive decidability and synthesis results for
abstract inductive invariants which are applied to the well-known Kildall's
constant propagation and Karr's affine equalities abstract domains. Moreover,
we show that a recent general algorithm for synthesizing inductive invariants
in domains of logical formulae can be systematically derived from our results
and generalized to a range of algorithms for computing abstract inductive
invariants
Remedies for building reliable cyber-physical systems
Cyber-physical systems (CPS) are systems that are tight integration of computer programs as controllers or cyber parts, and physical environments. The interaction is carried out by obtaining information about the physical environment through reading sensors and responding to the current knowledge through actuators. Examples of such systems are autonomous automobile systems, avionic systems, robotic systems, and medical devices. Perhaps the most common feature of all these systems is that they are all safety critical systems and failure most likely causes catastrophic consequences. This means that while testing continues to increase confidence in cyber-physical systems, formal or mathematical proofs are needed at the very least for the safety requirements of these systems.
Hybrid automata is the main modeling language for cyber-physical systems. However, verifying safety properties is undecidable for all but very restricted known classes of these automata. Our first result introduces a new subclass of hybrid automata for which bounded time safety model checking problem is decidable. We also prove that unbounded time model checking for this subclass is undecidable which suggests this is the best one can hope for the new class. Our second result in this thesis is a counter-example guided abstraction refinement algorithm for unbounded time model checking of non- linear hybrid automata. Clearly, this is an undecidable problem and that is the main reason for using abstraction refinement techniques. Our CEGAR framework for this class is sound but not complete, meaning the algorithm never incorrectly says a system is safe, but may output unsafe incorrectly. We have also implemented our algorithm and compared it with seven other tools.
There are multiple inherent problems with traditional model checking approaches. First, it is well-known that most models do not depict physical environments precisely. Second, the model checking problem is undecidable for most classes of hybrid automata. And third, even when model checking is decidable, controller part in most models cannot be implemented. These problems suggest that current methods of modeling cyber-physical systems and problems might not be the right ones. Our last result focuses on robust model checking of cyber-physical systems. In this part of the thesis, we focus on the implementability issue and show how to solve four different robust model checking problem for timed automata. We also introduce an optimal algorithm for robust time bounded safety model checking of monotonic rectangular automata
Reachability and liveness in parametric timed automata
We study timed systems in which some timing features are unknown parameters.
Parametric timed automata (PTAs) are a classical formalism for such systems but
for which most interesting problems are undecidable. Notably, the parametric
reachability emptiness problem, i.e., whether at least one parameter valuation
allows to reach some given discrete state, is undecidable.
Lower-bound/upper-bound parametric timed automata (L/U-PTAs) achieve
decidability for reachability properties by enforcing a separation of
parameters used as upper bounds in the automaton constraints, and those used as
lower bounds.
In this paper, we first study reachability. We exhibit a subclass of PTAs
(namely integer-points PTAs) with bounded rational-valued parameters for which
the parametric reachability emptiness problem is decidable. Using this class,
we present further results improving the boundary between decidability and
undecidability for PTAs and their subclasses such as L/U-PTAs.
We then study liveness. We prove that:
(1) the existence of at least one parameter valuation for which there exists
an infinite run in an L/U-PTA is PSPACE-complete;
(2) the existence of a parameter valuation such that the system has a
deadlock is however undecidable;
(3) the problem of the existence of a valuation for which a run remains in a
given set of locations exhibits a very thin border between decidability and
undecidability.Comment: This manuscript is an extended version of two conference papers
published in the proceedings of ICFEM 2016 and ACSD 201
Report on "Geometry and representation theory of tensors for computer science, statistics and other areas."
This is a technical report on the proceedings of the workshop held July 21 to
July 25, 2008 at the American Institute of Mathematics, Palo Alto, California,
organized by Joseph Landsberg, Lek-Heng Lim, Jason Morton, and Jerzy Weyman. We
include a list of open problems coming from applications in 4 different areas:
signal processing, the Mulmuley-Sohoni approach to P vs. NP, matchgates and
holographic algorithms, and entanglement and quantum information theory. We
emphasize the interactions between geometry and representation theory and these
applied areas
- …