91,457 research outputs found
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
A Verified Information-Flow Architecture
SAFE is a clean-slate design for a highly secure computer system, with
pervasive mechanisms for tracking and limiting information flows. At the lowest
level, the SAFE hardware supports fine-grained programmable tags, with
efficient and flexible propagation and combination of tags as instructions are
executed. The operating system virtualizes these generic facilities to present
an information-flow abstract machine that allows user programs to label
sensitive data with rich confidentiality policies. We present a formal,
machine-checked model of the key hardware and software mechanisms used to
dynamically control information flow in SAFE and an end-to-end proof of
noninterference for this model.
We use a refinement proof methodology to propagate the noninterference
property of the abstract machine down to the concrete machine level. We use an
intermediate layer in the refinement chain that factors out the details of the
information-flow control policy and devise a code generator for compiling such
information-flow policies into low-level monitor code. Finally, we verify the
correctness of this generator using a dedicated Hoare logic that abstracts from
low-level machine instructions into a reusable set of verified structured code
generators
Constructing Parsimonious Analytic Models for Dynamic Systems via Symbolic Regression
Developing mathematical models of dynamic systems is central to many
disciplines of engineering and science. Models facilitate simulations, analysis
of the system's behavior, decision making and design of automatic control
algorithms. Even inherently model-free control techniques such as reinforcement
learning (RL) have been shown to benefit from the use of models, typically
learned online. Any model construction method must address the tradeoff between
the accuracy of the model and its complexity, which is difficult to strike. In
this paper, we propose to employ symbolic regression (SR) to construct
parsimonious process models described by analytic equations. We have equipped
our method with two different state-of-the-art SR algorithms which
automatically search for equations that fit the measured data: Single Node
Genetic Programming (SNGP) and Multi-Gene Genetic Programming (MGGP). In
addition to the standard problem formulation in the state-space domain, we show
how the method can also be applied to input-output models of the NARX
(nonlinear autoregressive with exogenous input) type. We present the approach
on three simulated examples with up to 14-dimensional state space: an inverted
pendulum, a mobile robot, and a bipedal walking robot. A comparison with deep
neural networks and local linear regression shows that SR in most cases
outperforms these commonly used alternative methods. We demonstrate on a real
pendulum system that the analytic model found enables a RL controller to
successfully perform the swing-up task, based on a model constructed from only
100 data samples
- …