31 research outputs found
STL: Surprisingly Tricky Logic (for System Validation)
Much of the recent work developing formal methods techniques to specify or
learn the behavior of autonomous systems is predicated on a belief that formal
specifications are interpretable and useful for humans when checking systems.
Though frequently asserted, this assumption is rarely tested. We performed a
human experiment (N = 62) with a mix of people who were and were not familiar
with formal methods beforehand, asking them to validate whether a set of signal
temporal logic (STL) constraints would keep an agent out of harm and allow it
to complete a task in a gridworld capture-the-flag setting. Validation accuracy
was (mean standard deviation). The ground-truth validity
of a specification, subjects' familiarity with formal methods, and subjects'
level of education were found to be significant factors in determining
validation correctness. Participants exhibited an affirmation bias, causing
significantly increased accuracy on valid specifications, but significantly
decreased accuracy on invalid specifications. Additionally, participants,
particularly those familiar with formal methods, tended to be overconfident in
their answers, and be similarly confident regardless of actual correctness.
Our data do not support the belief that formal specifications are inherently
human-interpretable to a meaningful degree for system validation. We recommend
ergonomic improvements to data presentation and validation training, which
should be tested before claims of interpretability make their way back into the
formal methods literature
A Flexible and Efficient Temporal Logic Tool for Python: PyTeLo
Temporal logic is an important tool for specifying complex behaviors of
systems. It can be used to define properties for verification and monitoring,
as well as goals for synthesis tools, allowing users to specify rich missions
and tasks. Some of the most popular temporal logics include Metric Temporal
Logic (MTL), Signal Temporal Logic (STL), and weighted STL (wSTL), which also
allow the definition of timing constraints. In this work, we introduce PyTeLo,
a modular and versatile Python-based software that facilitates working with
temporal logic languages, specifically MTL, STL, and wSTL. Applying PyTeLo
requires only a string representation of the temporal logic specification and,
optionally, the dynamics of the system of interest. Next, PyTeLo reads the
specification using an ANTLR-generated parser and generates an Abstract Syntax
Tree (AST) that captures the structure of the formula. For synthesis, the AST
serves to recursively encode the specification into a Mixed Integer Linear
Program (MILP) that is solved using a commercial solver such as Gurobi. We
describe the architecture and capabilities of PyTeLo and provide example
applications highlighting its adaptability and extensibility for various
research problems
Counterexample-Guided Prophecy for Model Checking Modulo the Theory of Arrays
We develop a framework for model checking infinite-state systems by
automatically augmenting them with auxiliary variables, enabling
quantifier-free induction proofs for systems that would otherwise require
quantified invariants. We combine this mechanism with a counterexample-guided
abstraction refinement scheme for the theory of arrays. Our framework can thus,
in many cases, reduce inductive reasoning with quantifiers and arrays to
quantifier-free and array-free reasoning. We evaluate the approach on a wide
set of benchmarks from the literature. The results show that our implementation
often outperforms state-of-the-art tools, demonstrating its practical
potential.Comment: 23 pages, 1 figure, 1 table, extended version of paper to be
published in International Conference on Tools and Algorithms for the
Construction and Analysis of Systems 202
Safety-Aware Task Composition for Discrete and Continuous Reinforcement Learning
Compositionality is a critical aspect of scalable system design.
Reinforcement learning (RL) has recently shown substantial success in task
learning, but has only recently begun to truly leverage composition. In this
paper, we focus on Boolean composition of learned tasks as opposed to
functional or sequential composition. Existing Boolean composition for RL
focuses on reaching a satisfying absorbing state in environments with discrete
action spaces, but does not support composable safety (i.e., avoidance)
constraints. We advance the state of the art in Boolean composition of learned
tasks with three contributions: i) introduce two distinct notions of safety in
this framework; ii) show how to enforce either safety semantics, prove
correctness (under some assumptions), and analyze the trade-offs between the
two safety notions; and iii) extend Boolean composition from discrete action
spaces to continuous action spaces. We demonstrate these techniques using
modified versions of value iteration in a grid world, Deep Q-Network (DQN) in a
grid world with image observations, and Twin Delayed DDPG (TD3) in a
continuous-observation and continuous-action Bullet physics environment. We
believe that these contributions advance the theory of safe reinforcement
learning by allowing zero-shot composition of policies satisfying safety
properties
Counterexample-Guided Prophecy for Model Checking Modulo the Theory of Arrays
We develop a framework for model checking infinite-state systems by automatically augmenting them with auxiliary variables, enabling quantifier-free induction proofs for systems that would otherwise require quantified invariants. We combine this mechanism with a counterexample-guided abstraction refinement scheme for the theory of arrays. Our framework can thus, in many cases, reduce inductive reasoning with quantifiers and arrays to quantifier-free and array-free reasoning. We evaluate the approach on a wide set of benchmarks from the literature. The results show that our implementation often outperforms state-of-the-art tools, demonstrating its practical potential
Counterexample-Guided Prophecy for Model Checking Modulo the Theory of Arrays
We develop a framework for model checking infinite-state systems by automatically augmenting them with auxiliary variables, enabling quantifier-free induction proofs for systems that would otherwise require quantified invariants. We combine this mechanism with a counterexample-guided abstraction refinement scheme for the theory of arrays. Our framework can thus, in many cases, reduce inductive reasoning with quantifiers and arrays to quantifier-free and array-free reasoning. We evaluate the approach on a wide set of benchmarks from the literature. The results show that our implementation often outperforms state-of-the-art tools, demonstrating its practical potential
Lightweight Online Learning for Sets of Related Problems in Automated Reasoning
We present Self-Driven Strategy Learning (sdsl), a lightweight online
learning methodology for automated reasoning tasks that involve solving a set
of related problems. sdsl automatically gathers information, in form of a
dataset, while solving earlier problems. It utilizes the learned data to adjust
the solving strategy for later problems by fitting a machine learning model to
the obtained data on the fly. We formally define the approach as a set of
abstract transition rules. We describe a concrete instance of the sdsl calculus
which uses conditional sampling for generating data and random forests as the
underlying machine learning model. We implement the approach on top of the
Kissat solver and show that the combination of Kissat+sdsl certifies larger
bounds and finds more counter-examples than other state-of-the-art bounded
model checking approaches on benchmarks obtained from the latest Hardware Model
Checking Competition.Comment: Under submissio
Automating System Configuration
The increasing complexity of modern configurable
systems makes it critical to improve the level of automation
in the process of system configuration. Such automation can
also improve the agility of the development cycle, allowing
for rapid and automated integration of decoupled workflows.
In this paper, we present a new framework for automated
configuration of systems representable as state machines. The
framework leverages model checking and satisfiability modulo
theories (SMT) and can be applied to any application domain
representable using SMT formulas. Our approach can also be
applied modularly, improving its scalability. Furthermore, we
show how optimization can be used to produce configurations
that are best according to some metric and also more likely to
be understandable to humans. We showcase this framework and
its flexibility by using it to configure a CGRA memory tile for
various image processing applications.2103111