Exploiting the Temporal Logic Hierarchy and the Non-Confluence Property for Efficient LTL Synthesis

The classic approaches to synthesize a reactive system from a linear temporal logic (LTL) specification first translate the given LTL formula to an equivalent omega-automaton and then compute a winning strategy for the corresponding omega-regular game. To this end, the obtained omega-automata have to be (pseudo)-determinized where typically a variant of Safra's determinization procedure is used. In this paper, we show that this determinization step can be significantly improved for tool implementations by replacing Safra's determinization by simpler determinization procedures. In particular, we exploit (1) the temporal logic hierarchy that corresponds to the well-known automata hierarchy consisting of safety, liveness, Buechi, and co-Buechi automata as well as their boolean closures, (2) the non-confluence property of omega-automata that result from certain translations of LTL formulas, and (3) symbolic implementations of determinization procedures for the Rabin-Scott and the Miyano-Hayashi breakpoint construction. In particular, we present convincing experimental results that demonstrate the practical applicability of our new synthesis procedure

Approximating Optimal Bounds in Prompt-LTL Realizability in Doubly-exponential Time

We consider the optimization variant of the realizability problem for Prompt Linear Temporal Logic, an extension of Linear Temporal Logic (LTL) by the prompt eventually operator whose scope is bounded by some parameter. In the realizability optimization problem, one is interested in computing the minimal such bound that allows to realize a given specification. It is known that this problem is solvable in triply-exponential time, but not whether it can be done in doubly-exponential time, i.e., whether it is just as hard as solving LTL realizability. We take a step towards resolving this problem by showing that the optimum can be approximated within a factor of two in doubly-exponential time. Also, we report on a proof-of-concept implementation of the algorithm based on bounded LTL synthesis, which computes the smallest implementation of a given specification. In our experiments, we observe a tradeoff between the size of the implementation and the bound it realizes. We investigate this tradeoff in the general case and prove upper bounds, which reduce the search space for the algorithm, and matching lower bounds.Comment: In Proceedings GandALF 2016, arXiv:1609.0364

Experimental Aspects of Synthesis

We discuss the problem of experimentally evaluating linear-time temporal logic (LTL) synthesis tools for reactive systems. We first survey previous such work for the currently publicly available synthesis tools, and then draw conclusions by deriving useful schemes for future such evaluations. In particular, we explain why previous tools have incompatible scopes and semantics and provide a framework that reduces the impact of this problem for future experimental comparisons of such tools. Furthermore, we discuss which difficulties the complex workflows that begin to appear in modern synthesis tools induce on experimental evaluations and give answers to the question how convincing such evaluations can still be performed in such a setting.Comment: In Proceedings iWIGP 2011, arXiv:1102.374

Determinising Parity Automata

Parity word automata and their determinisation play an important role in automata and game theory. We discuss a determinisation procedure for nondeterministic parity automata through deterministic Rabin to deterministic parity automata. We prove that the intermediate determinisation to Rabin automata is optimal. We show that the resulting determinisation to parity automata is optimal up to a small constant. Moreover, the lower bound refers to the more liberal Streett acceptance. We thus show that determinisation to Streett would not lead to better bounds than determinisation to parity. As a side-result, this optimality extends to the determinisation of B\"uchi automata

On the verification of parametric and real-time systems

2009 - 2010Parametric and Real-Time Systems play a central role in the theory underlying the Verification and Synthesis problems. Real-time systems are present everywhere and are used in safety critical applications, such as flight controllers. Failures in such systems can be very expensive and even life threatening and, moreover, they are quite hard to design and verify. For these reasons, the development of formal methods for the modeling and analysis of safety-critical systems is an active area of computer science research. The standard formalism used to specify the wished behaviour of a realtime system is temporal logic. Traditional temporal logics, such as linear temporal logic (LTL), allow only qualitative assertions about the temporal ordering of events. However, in several circumstances, for assessing the efficiency of the system being modeled, it may be useful to have additional quantitative guarantees. An extension of LTL with a real-time semantics is given by the Metric Interval Temporal Logic (MITL), where changes of truth values happen according to a splitting of the line of non-negative reals into intervals. However, even with quantitative temporal logics, we would actually like to find out what quantitative bounds can be placed on the logic operators. In this thesis we face with the above problem proposing a parametric extension of MITL, that is the parametric metric interval temporal logic (PMITL), which allows to introduce parameters within intervals . For this logic, we study decision problems which are the analogous of satisfiability, validity and model-checking problems for non-parametric temporal logic. PMITL turns out to be decidable and we show that, when parameter valuations give only non-singular sets, the considered problems are all decidable, EXPSPACE-complete, and have the same complexity as in MITL. Moreover, we investigate the computational complexity of these problems for natural fragments of PMITL, and show that in meaningful fragments of the logic they are PSPACE-complete. We also consider a remarkable problem expressed by queries where the values that each parameter may assume are either existentially or universally quantified. We solve this problem in several cases and we propose an algorithm in EXPSPACE. Another interesting application of the temporal logic is when it is used to express specification of concurrent programs, where programs and properties are formalized as regular languages of infinite words. In this case, the verification problem (whether the program satisfies the specification) corresponds to solve the language inclusion problem. In the second part of this thesis we consider the Synthesis problem for realtime systems, investigating the applicability of automata constructions that avoid determinization for solving the language inclusion problem and the realizability problem for real-time logics. Since Safra’s determinization procedure is difficult to implement, we present Safraless algorithms for automata on infinite timed words. [edited by author]IX n.s

A Faster Tableau for CTL*

There have been several recent suggestions for tableau systems for deciding satisfiability in the practically important branching time temporal logic known as CTL*. In this paper we present a streamlined and more traditional tableau approach built upon the author's earlier theoretical work. Soundness and completeness results are proved. A prototype implementation demonstrates the significantly improved performance of the new approach on a range of test formulas. We also see that it compares favourably to state of the art, game and automata based decision procedures.Comment: In Proceedings GandALF 2013, arXiv:1307.416

Lazy Probabilistic Model Checking without Determinisation

The bottleneck in the quantitative analysis of Markov chains and Markov decision processes against specifications given in LTL or as some form of nondeterministic B\"uchi automata is the inclusion of a determinisation step of the automaton under consideration. In this paper, we show that full determinisation can be avoided: subset and breakpoint constructions suffice. We have implemented our approach---both explicit and symbolic versions---in a prototype tool. Our experiments show that our prototype can compete with mature tools like PRISM.Comment: 38 pages. Updated version for introducing the following changes: - general improvement on paper presentation; - extension of the approach to avoid full determinisation; - added proofs for such an extension; - added case studies; - updated old case studies to reflect the added extensio