7,209 research outputs found
Refinement algebra for probabilistic programs
We identify a refinement algebra for reasoning about probabilistic program transformations in a total-correctness setting. The algebra is equipped with operators that determine whether a program is enabled or terminates respectively. As well as developing the basic theory of the algebra we demonstrate how it may be used to explain key differences and similarities between standard (i.e. non-probabilistic) and probabilistic programs and verify important transformation theorems for probabilistic action systems.29 page(s
Probabilistic Demonic Refinement Algebra
We propose an abstract algebra for reasoning about probabilistic programs in a total-correctness framework. In contrast to probablisitic Kleene algebra it allows genuine reasoning about total correctness and in addition to Kleene star also has a strong iteration operator. We define operators that determine whether a program is enabled, has certain failure or does not have certain failure, respectively. The algebra is applied to the derivation of refinement rules for probabilistic action systems
Hidden-Markov Program Algebra with iteration
We use Hidden Markov Models to motivate a quantitative compositional
semantics for noninterference-based security with iteration, including a
refinement- or "implements" relation that compares two programs with respect to
their information leakage; and we propose a program algebra for source-level
reasoning about such programs, in particular as a means of establishing that an
"implementation" program leaks no more than its "specification" program.
This joins two themes: we extend our earlier work, having iteration but only
qualitative, by making it quantitative; and we extend our earlier quantitative
work by including iteration. We advocate stepwise refinement and
source-level program algebra, both as conceptual reasoning tools and as targets
for automated assistance. A selection of algebraic laws is given to support
this view in the case of quantitative noninterference; and it is demonstrated
on a simple iterated password-guessing attack
Probabilistic Rely-guarantee Calculus
Jones' rely-guarantee calculus for shared variable concurrency is extended to
include probabilistic behaviours. We use an algebraic approach which combines
and adapts probabilistic Kleene algebras with concurrent Kleene algebra.
Soundness of the algebra is shown relative to a general probabilistic event
structure semantics. The main contribution of this paper is a collection of
rely-guarantee rules built on top of that semantics. In particular, we show how
to obtain bounds on probabilities by deriving rely-guarantee rules within the
true-concurrent denotational semantics. The use of these rules is illustrated
by a detailed verification of a simple probabilistic concurrent program: a
faulty Eratosthenes sieve.Comment: Preprint submitted to TCS-QAP
Compositional closure for Bayes Risk in probabilistic noninterference
We give a sequential model for noninterference security including probability
(but not demonic choice), thus supporting reasoning about the likelihood that
high-security values might be revealed by observations of low-security
activity. Our novel methodological contribution is the definition of a
refinement order and its use to compare security measures between
specifications and (their supposed) implementations. This contrasts with the
more common practice of evaluating the security of individual programs in
isolation.
The appropriateness of our model and order is supported by our showing that
our refinement order is the greatest compositional relation --the compositional
closure-- with respect to our semantics and an "elementary" order based on
Bayes Risk --- a security measure already in widespread use. We also relate
refinement to other measures such as Shannon Entropy.
By applying the approach to a non-trivial example, the anonymous-majority
Three-Judges protocol, we demonstrate by example that correctness arguments can
be simplified by the sort of layered developments --through levels of
increasing detail-- that are allowed and encouraged by compositional semantics
Abstract Hidden Markov Models: a monadic account of quantitative information flow
Hidden Markov Models, HMM's, are mathematical models of Markov processes with
state that is hidden, but from which information can leak. They are typically
represented as 3-way joint-probability distributions.
We use HMM's as denotations of probabilistic hidden-state sequential
programs: for that, we recast them as `abstract' HMM's, computations in the
Giry monad , and we equip them with a partial order of increasing
security. However to encode the monadic type with hiding over some state
we use rather
than the conventional that suffices for
Markov models whose state is not hidden. We illustrate the
construction with a small
Haskell prototype.
We then present uncertainty measures as a generalisation of the extant
diversity of probabilistic entropies, with characteristic analytic properties
for them, and show how the new entropies interact with the order of increasing
security. Furthermore, we give a `backwards' uncertainty-transformer semantics
for HMM's that is dual to the `forwards' abstract HMM's - it is an analogue of
the duality between forwards, relational semantics and backwards,
predicate-transformer semantics for imperative programs with demonic choice.
Finally, we argue that, from this new denotational-semantic viewpoint, one
can see that the Dalenius desideratum for statistical databases is actually an
issue in compositionality. We propose a means for taking it into account
Counterexample-Guided Polynomial Loop Invariant Generation by Lagrange Interpolation
We apply multivariate Lagrange interpolation to synthesize polynomial
quantitative loop invariants for probabilistic programs. We reduce the
computation of an quantitative loop invariant to solving constraints over
program variables and unknown coefficients. Lagrange interpolation allows us to
find constraints with less unknown coefficients. Counterexample-guided
refinement furthermore generates linear constraints that pinpoint the desired
quantitative invariants. We evaluate our technique by several case studies with
polynomial quantitative loop invariants in the experiments
Finding polynomial loop invariants for probabilistic programs
Quantitative loop invariants are an essential element in the verification of
probabilistic programs. Recently, multivariate Lagrange interpolation has been
applied to synthesizing polynomial invariants. In this paper, we propose an
alternative approach. First, we fix a polynomial template as a candidate of a
loop invariant. Using Stengle's Positivstellensatz and a transformation to a
sum-of-squares problem, we find sufficient conditions on the coefficients.
Then, we solve a semidefinite programming feasibility problem to synthesize the
loop invariants. If the semidefinite program is unfeasible, we backtrack after
increasing the degree of the template. Our approach is semi-complete in the
sense that it will always lead us to a feasible solution if one exists and
numerical errors are small. Experimental results show the efficiency of our
approach.Comment: accompanies an ATVA 2017 submissio
- …