5,435 research outputs found
Multi-objective Robust Strategy Synthesis for Interval Markov Decision Processes
Interval Markov decision processes (IMDPs) generalise classical MDPs by
having interval-valued transition probabilities. They provide a powerful
modelling tool for probabilistic systems with an additional variation or
uncertainty that prevents the knowledge of the exact transition probabilities.
In this paper, we consider the problem of multi-objective robust strategy
synthesis for interval MDPs, where the aim is to find a robust strategy that
guarantees the satisfaction of multiple properties at the same time in face of
the transition probability uncertainty. We first show that this problem is
PSPACE-hard. Then, we provide a value iteration-based decision algorithm to
approximate the Pareto set of achievable points. We finally demonstrate the
practical effectiveness of our proposed approaches by applying them on several
case studies using a prototypical tool.Comment: This article is a full version of a paper accepted to the Conference
on Quantitative Evaluation of SysTems (QEST) 201
Synthesizing Short-Circuiting Validation of Data Structure Invariants
This paper presents incremental verification-validation, a novel approach for
checking rich data structure invariants expressed as separation logic
assertions. Incremental verification-validation combines static verification of
separation properties with efficient, short-circuiting dynamic validation of
arbitrarily rich data constraints. A data structure invariant checker is an
inductive predicate in separation logic with an executable interpretation; a
short-circuiting checker is an invariant checker that stops checking whenever
it detects at run time that an assertion for some sub-structure has been fully
proven statically. At a high level, our approach does two things: it statically
proves the separation properties of data structure invariants using a static
shape analysis in a standard way but then leverages this proof in a novel
manner to synthesize short-circuiting dynamic validation of the data
properties. As a consequence, we enable dynamic validation to make up for
imprecision in sound static analysis while simultaneously leveraging the static
verification to make the remaining dynamic validation efficient. We show
empirically that short-circuiting can yield asymptotic improvements in dynamic
validation, with low overhead over no validation, even in cases where static
verification is incomplete
A Map-Reduce Parallel Approach to Automatic Synthesis of Control Software
Many Control Systems are indeed Software Based Control Systems, i.e. control
systems whose controller consists of control software running on a
microcontroller device. This motivates investigation on Formal Model Based
Design approaches for automatic synthesis of control software.
Available algorithms and tools (e.g., QKS) may require weeks or even months
of computation to synthesize control software for large-size systems. This
motivates search for parallel algorithms for control software synthesis.
In this paper, we present a Map-Reduce style parallel algorithm for control
software synthesis when the controlled system (plant) is modeled as discrete
time linear hybrid system. Furthermore we present an MPI-based implementation
PQKS of our algorithm. To the best of our knowledge, this is the first parallel
approach for control software synthesis.
We experimentally show effectiveness of PQKS on two classical control
synthesis problems: the inverted pendulum and the multi-input buck DC/DC
converter. Experiments show that PQKS efficiency is above 65%. As an example,
PQKS requires about 16 hours to complete the synthesis of control software for
the pendulum on a cluster with 60 processors, instead of the 25 days needed by
the sequential algorithm in QKS.Comment: To be submitted to TACAS 2013. arXiv admin note: substantial text
overlap with arXiv:1207.4474, arXiv:1207.409
Combining Forward and Backward Abstract Interpretation of Horn Clauses
Alternation of forward and backward analyses is a standard technique in
abstract interpretation of programs, which is in particular useful when we wish
to prove unreachability of some undesired program states. The current
state-of-the-art technique for combining forward (bottom-up, in logic
programming terms) and backward (top-down) abstract interpretation of Horn
clauses is query-answer transformation. It transforms a system of Horn clauses,
such that standard forward analysis can propagate constraints both forward, and
backward from a goal. Query-answer transformation is effective, but has issues
that we wish to address. For that, we introduce a new backward collecting
semantics, which is suitable for alternating forward and backward abstract
interpretation of Horn clauses. We show how the alternation can be used to
prove unreachability of the goal and how every subsequent run of an analysis
yields a refined model of the system. Experimentally, we observe that combining
forward and backward analyses is important for analysing systems that encode
questions about reachability in C programs. In particular, the combination that
follows our new semantics improves the precision of our own abstract
interpreter, including when compared to a forward analysis of a
query-answer-transformed system.Comment: Francesco Ranzato. 24th International Static Analysis Symposium
(SAS), Aug 2017, New York City, United States. Springer, Static Analysi
Workshop on Verification and Theorem Proving for Continuous Systems (NetCA Workshop 2005)
Oxford, UK, 26 August 200
Temporalized logics and automata for time granularity
Suitable extensions of the monadic second-order theory of k successors have
been proposed in the literature to capture the notion of time granularity. In
this paper, we provide the monadic second-order theories of downward unbounded
layered structures, which are infinitely refinable structures consisting of a
coarsest domain and an infinite number of finer and finer domains, and of
upward unbounded layered structures, which consist of a finest domain and an
infinite number of coarser and coarser domains, with expressively complete and
elementarily decidable temporal logic counterparts.
We obtain such a result in two steps. First, we define a new class of
combined automata, called temporalized automata, which can be proved to be the
automata-theoretic counterpart of temporalized logics, and show that relevant
properties, such as closure under Boolean operations, decidability, and
expressive equivalence with respect to temporal logics, transfer from component
automata to temporalized ones. Then, we exploit the correspondence between
temporalized logics and automata to reduce the task of finding the temporal
logic counterparts of the given theories of time granularity to the easier one
of finding temporalized automata counterparts of them.Comment: Journal: Theory and Practice of Logic Programming Journal Acronym:
TPLP Category: Paper for Special Issue (Verification and Computational Logic)
Submitted: 18 March 2002, revised: 14 Januari 2003, accepted: 5 September
200
Contracts and Behavioral Patterns for SoS: The EU IP DANSE approach
This paper presents some of the results of the first year of DANSE, one of
the first EU IP projects dedicated to SoS. Concretely, we offer a tool chain
that allows to specify SoS and SoS requirements at high level, and analyse them
using powerful toolsets coming from the formal verification area. At the high
level, we use UPDM, the system model provided by the british army as well as a
new type of contract based on behavioral patterns. At low level, we rely on a
powerful simulation toolset combined with recent advances from the area of
statistical model checking. The approach has been applied to a case study
developed at EADS Innovation Works.Comment: In Proceedings AiSoS 2013, arXiv:1311.319
Proving Safety with Trace Automata and Bounded Model Checking
Loop under-approximation is a technique that enriches C programs with
additional branches that represent the effect of a (limited) range of loop
iterations. While this technique can speed up the detection of bugs
significantly, it introduces redundant execution traces which may complicate
the verification of the program. This holds particularly true for verification
tools based on Bounded Model Checking, which incorporate simplistic heuristics
to determine whether all feasible iterations of a loop have been considered.
We present a technique that uses \emph{trace automata} to eliminate redundant
executions after performing loop acceleration. The method reduces the diameter
of the program under analysis, which is in certain cases sufficient to allow a
safety proof using Bounded Model Checking. Our transformation is precise---it
does not introduce false positives, nor does it mask any errors. We have
implemented the analysis as a source-to-source transformation, and present
experimental results showing the applicability of the technique
- …