15,741 research outputs found
SAT-Based Synthesis Methods for Safety Specs
Automatic synthesis of hardware components from declarative specifications is
an ambitious endeavor in computer aided design. Existing synthesis algorithms
are often implemented with Binary Decision Diagrams (BDDs), inheriting their
scalability limitations. Instead of BDDs, we propose several new methods to
synthesize finite-state systems from safety specifications using decision
procedures for the satisfiability of quantified and unquantified Boolean
formulas (SAT-, QBF- and EPR-solvers). The presented approaches are based on
computational learning, templates, or reduction to first-order logic. We also
present an efficient parallelization, and optimizations to utilize reachability
information and incremental solving. Finally, we compare all methods in an
extensive case study. Our new methods outperform BDDs and other existing work
on some classes of benchmarks, and our parallelization achieves a super-linear
speedup. This is an extended version of [5], featuring an additional appendix.Comment: Extended version of a paper at VMCAI'1
Validity-Guided Synthesis of Reactive Systems from Assume-Guarantee Contracts
Automated synthesis of reactive systems from specifications has been a topic
of research for decades. Recently, a variety of approaches have been proposed
to extend synthesis of reactive systems from proposi- tional specifications
towards specifications over rich theories. We propose a novel, completely
automated approach to program synthesis which reduces the problem to deciding
the validity of a set of forall-exists formulas. In spirit of IC3 / PDR, our
problem space is recursively refined by blocking out regions of unsafe states,
aiming to discover a fixpoint that describes safe reactions. If such a fixpoint
is found, we construct a witness that is directly translated into an
implementation. We implemented the algorithm on top of the JKind model checker,
and exercised it against contracts written using the Lustre specification
language. Experimental results show how the new algorithm outperforms JKinds
already existing synthesis procedure based on k-induction and addresses
soundness issues in the k-inductive approach with respect to unrealizable
results.Comment: 18 pages, 5 figures, 2 table
Learning-Based Synthesis of Safety Controllers
We propose a machine learning framework to synthesize reactive controllers
for systems whose interactions with their adversarial environment are modeled
by infinite-duration, two-player games over (potentially) infinite graphs. Our
framework targets safety games with infinitely many vertices, but it is also
applicable to safety games over finite graphs whose size is too prohibitive for
conventional synthesis techniques. The learning takes place in a feedback loop
between a teacher component, which can reason symbolically about the safety
game, and a learning algorithm, which successively learns an overapproximation
of the winning region from various kinds of examples provided by the teacher.
We develop a novel decision tree learning algorithm for this setting and show
that our algorithm is guaranteed to converge to a reactive safety controller if
a suitable overapproximation of the winning region can be expressed as a
decision tree. Finally, we empirically compare the performance of a prototype
implementation to existing approaches, which are based on constraint solving
and automata learning, respectively
Low-Effort Specification Debugging and Analysis
Reactive synthesis deals with the automated construction of implementations
of reactive systems from their specifications. To make the approach feasible in
practice, systems engineers need effective and efficient means of debugging
these specifications.
In this paper, we provide techniques for report-based specification
debugging, wherein salient properties of a specification are analyzed, and the
result presented to the user in the form of a report. This provides a
low-effort way to debug specifications, complementing high-effort techniques
including the simulation of synthesized implementations.
We demonstrate the usefulness of our report-based specification debugging
toolkit by providing examples in the context of generalized reactivity(1)
synthesis.Comment: In Proceedings SYNT 2014, arXiv:1407.493
Chaining Test Cases for Reactive System Testing (extended version)
Testing of synchronous reactive systems is challenging because long input
sequences are often needed to drive them into a state at which a desired
feature can be tested. This is particularly problematic in on-target testing,
where a system is tested in its real-life application environment and the time
required for resetting is high. This paper presents an approach to discovering
a test case chain---a single software execution that covers a group of test
goals and minimises overall test execution time. Our technique targets the
scenario in which test goals for the requirements are given as safety
properties. We give conditions for the existence and minimality of a single
test case chain and minimise the number of test chains if a single test chain
is infeasible. We report experimental results with a prototype tool for C code
generated from Simulink models and compare it to state-of-the-art test suite
generators.Comment: extended version of paper published at ICTSS'1
Sciduction: Combining Induction, Deduction, and Structure for Verification and Synthesis
Even with impressive advances in automated formal methods, certain problems
in system verification and synthesis remain challenging. Examples include the
verification of quantitative properties of software involving constraints on
timing and energy consumption, and the automatic synthesis of systems from
specifications. The major challenges include environment modeling,
incompleteness in specifications, and the complexity of underlying decision
problems.
This position paper proposes sciduction, an approach to tackle these
challenges by integrating inductive inference, deductive reasoning, and
structure hypotheses. Deductive reasoning, which leads from general rules or
concepts to conclusions about specific problem instances, includes techniques
such as logical inference and constraint solving. Inductive inference, which
generalizes from specific instances to yield a concept, includes algorithmic
learning from examples. Structure hypotheses are used to define the class of
artifacts, such as invariants or program fragments, generated during
verification or synthesis. Sciduction constrains inductive and deductive
reasoning using structure hypotheses, and actively combines inductive and
deductive reasoning: for instance, deductive techniques generate examples for
learning, and inductive reasoning is used to guide the deductive engines.
We illustrate this approach with three applications: (i) timing analysis of
software; (ii) synthesis of loop-free programs, and (iii) controller synthesis
for hybrid systems. Some future applications are also discussed
Synthesis of Switching Protocols from Temporal Logic Specifications
We propose formal means for synthesizing switching protocols that determine the sequence in which the modes of a switched system are activated to satisfy certain high-level specifications in linear temporal logic. The synthesized protocols are robust against exogenous disturbances on the continuous dynamics. Two types of finite transition systems, namely under- and over-approximations, that abstract the behavior of the underlying continuous dynamics are defined. In particular, we show that the discrete synthesis problem for an under-approximation can be formulated as a model checking problem, whereas that for an over-approximation can be transformed into a two-player game. Both of these formulations are amenable to efficient, off-the-shelf software tools. By construction, existence of a discrete switching strategy for the discrete synthesis problem guarantees the existence of a continuous switching protocol for the continuous synthesis problem, which can be implemented at the continuous level to ensure the correctness of the nonlinear switched system. Moreover, the proposed framework can be straightforwardly extended to accommodate specifications that require reacting to possibly adversarial external events. Finally, these results are illustrated using three examples from different application domains
A multi-paradigm language for reactive synthesis
This paper proposes a language for describing reactive synthesis problems
that integrates imperative and declarative elements. The semantics is defined
in terms of two-player turn-based infinite games with full information.
Currently, synthesis tools accept linear temporal logic (LTL) as input, but
this description is less structured and does not facilitate the expression of
sequential constraints. This motivates the use of a structured programming
language to specify synthesis problems. Transition systems and guarded commands
serve as imperative constructs, expressed in a syntax based on that of the
modeling language Promela. The syntax allows defining which player controls
data and control flow, and separating a program into assumptions and
guarantees. These notions are necessary for input to game solvers. The
integration of imperative and declarative paradigms allows using the paradigm
that is most appropriate for expressing each requirement. The declarative part
is expressed in the LTL fragment of generalized reactivity(1), which admits
efficient synthesis algorithms, extended with past LTL. The implementation
translates Promela to input for the Slugs synthesizer and is written in Python.
The AMBA AHB bus case study is revisited and synthesized efficiently,
identifying the need to reorder binary decision diagrams during strategy
construction, in order to prevent the exponential blowup observed in previous
work.Comment: In Proceedings SYNT 2015, arXiv:1602.0078
- …