probabilistic cegar* björn wachter joint work with holger hermanns, lijun zhang texpoint fonts used...
Post on 19-Dec-2015
217 views
TRANSCRIPT
![Page 1: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/1.jpg)
Probabilistic CEGAR*Björn Wachter
Joint work with Holger Hermanns, Lijun Zhang
AVACS
Supported by
Uni Saar
*To appear in CAV
![Page 2: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/2.jpg)
2
Introducing
Probabilistic Model Checking
CEGAR (counterexample-guided abstraction refinement) PASS does CEGAR for probabilistic models
Reach· 0:03(f ail)?
1
![Page 3: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/3.jpg)
3
PRISM & PASS
PRISM Very popular probabilistic model checker Finite-state
PASS Supports PRISM models handles infinite-state as well Under the Hood:
Predicate abstraction SMT Interpolation
![Page 4: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/4.jpg)
4
Comparison to PRISM
Network protocols Wireless LAN, CSMA Bounded Retransmission Sliding Window
Model (#)
State reduction
Speed-up
WLAN (3)WLAN (1)
16x-152x?
1,3x-7xTO->311s
CSMA (4)
41x-248x
1x-2x
BRP (3) 1x 1/2x - 1/3x
PRISM vs PASS
![Page 5: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/5.jpg)
5
Basics Paths, Markov Chains, MDPs Counterexamples Probabilistic Programs Predicate Abstraction
Abstraction Refinement Abstract Counterexamples Path Analysis Strongest Evidence CEGAR algorithm
Experimental Results Conclusion
ProgramReach· p(e)?
e
Probabilistic Reachability Problem
Overview
![Page 6: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/6.jpg)
6
Paths, MCs, MDPs
Weighted Path
Markov Chain
non-determinism …
2/3
1/31/3
1/3
1/3
1/3 2/3 1/3
![Page 7: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/7.jpg)
7
Paths, MCs, MDPs
2/3
1/31/3
1/3
1/3
2/31/3
1/3
1/3
1/3
1
1/21/2
1/3 2/3 1/3Weighted Path
Markov Chain
MarkovDecisionProcess
![Page 8: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/8.jpg)
8
Adversary
Adversary resolves transition non-determinism
2/31/3
1/3
1/3
1/3
1
1/21/2
![Page 9: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/9.jpg)
9
Probabilistic Reachability
Probability to get from green to red Weighted Path
Markov Chain
Markov Decision Process
2/3
1/31/3
1/3
1/3
2/31/3
1/3
1/3
1/3
1
1/21/2
X
¼P (¼) =
13
P (¼) = 227
maxM C
P (M C) =13
1/3 2/3 1/3
![Page 10: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/10.jpg)
10
Guarded command language à la PRISM Variables: integer, real, bool Non-determinism: interleaving
Example:
Program = (variables, commands, initial condition)
Probabilistic Programs
x > 0 ! 0:2 : (x0:= x + 1) + 0:8 : (x0:= x + 2)
x=1
0.2: (x‘:=x+1)
x=2
Update #1
0.8: (x‘:=x+2)x=3
Update #2
Guard: x>0
guard
Labels for CEX Analysis
![Page 11: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/11.jpg)
11
Predicates: partition the state space are boolean expressions
x>0, x<y, x + y = 3 (variables x,y)
Abstract MDP Probabilistic may-transitions
Similar to Blast, SLAM, Magic … See our [Qest’07] paper
Abstraction guarantees upper bound
Predicate Abstraction
actual
1
0
Probability:
Abstract MDP
![Page 12: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/12.jpg)
12
May Transitions
Hier ist‘s noch nicht verständlich genug! Besseres Beispiel wo #abs. trans < #conc.
trans
0.2
0.8
1.0
0.2
0.8
1.0
abstractconcrete
![Page 13: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/13.jpg)
13
CEGAR Loop
pactual
upperabstract check
refine
Probability
CEX?
Real CEX
Low enough
![Page 14: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/14.jpg)
14
Counterexamples (CEX)
Resolution of non-determinism initial state adversaryinduces a Markov chain
Counterexample: Resolution of non-detsuch that probability threshold exceeded
Example:CEX for
Witness of Reachability probability
in MDP
Reach1=62/3
1/31/3
1/3
1/3
1
1/21/2
![Page 15: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/15.jpg)
15
Path 1 Path 2 Path 3 Path 4 …
Counterexample Analysis: Idea
Idea: Enumerate paths of Markov chain Sort paths by probability [Han\Katoen2007]: visit paths with highest measure first Realizable Spurious
Path 1 Path 2 Path 3 Path 4 …
Probability of Abstract CEX / Markov Chain
How much MEASURE is REALIZABLE? More than p?
![Page 16: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/16.jpg)
16
Path Analysis
Abstract path: Two cases
Realizable if there‘s a corresponding concrete path
Spurious: no corresponding path
Splitter predicate exists iff path spurious Interpolation: predicate from unsatisfiable path formula
u u´ u´´
u u´ u´´
u u´
u´´
Reachable with prefix
Can do postfix
Pathformula
SAT
UNSAT
Logic (SMT)
![Page 17: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/17.jpg)
17
Path Analysis
Abstract path: Two cases
Realizable if there‘s a corresponding concrete path
Spurious: no corresponding path
Splitter predicate (interpolant):
u u´ u´´
u u´ u´´
0 1x´:=x+1
2x´:=x+1
109x´:=x+1
Reachable with prefix
Can do postfix
Pathformula
SAT
UNSAT
Logic (SMT)
x=0 x=1
X 10x>1 ¸
x · 2
![Page 18: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/18.jpg)
18
Example
1.0
concrete abstract
0.2
0.8
0.50.5
0
Probability:
Upper: 1.0
0.8 0.2 ?
![Page 19: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/19.jpg)
19
Example(cont): after refinement
0.4
Concrete abstract
0.4
0
Probability:
Upper: 0.4
0.8
0.5
lower
![Page 20: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/20.jpg)
20
Example 2
1.00.8
1.0
0.80.8
0.2
0.8
0.2
0.2
concrete abstract
0.8
0.2
0.2
0
lower0.8
Upper1.0
MultipleInitial states
![Page 21: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/21.jpg)
21
Example 2
1.00.8
1.0
0.80.8
0.2
0.8
0.2
concrete abstract
0.8
0.2
0.2
Maximum
Find Maximal Combination by MAX-SMT ( paper)
0.80.8
0
Probability:
lower0.8
Upper1.0
![Page 22: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/22.jpg)
22
CEX Analysis:Semi decision procedure Problem in general: undecidable Too many spurious paths abort counterexample
analysis
Output: collection of predicates
Enough realizable probability
Path 1 Path 2 Path 3 Path 4 …Path 1 Path 2 Path 3 Path 4 …
> CLimit # of
spurious paths to enforce
termination
Path 1 Path 2 Path 3 Path 4 …Path 1 Path 2 Path 3 Path 4 …
Can take many pathsTo obtain enough realizableprobability
0
lower= real
![Page 23: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/23.jpg)
23
Related Work
Probabilistic Counterexamples: … however not in the context of abstraction
Hermanns/Aljazzar (FORMATS’05) , Han/Katoen (TACAS’07) Abstraction Refinement for Prob. Finite-state Models
CEGAR for stochastic games, Chatterjee et al (UAI’05) Not based on counterexamples
D‘Argenio (Papm-Probmiv02), Fecher & al (SPIN’06): simulation
Magnifying-lens, de Alfaro et al (CAV’07): probability values
![Page 24: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/24.jpg)
24
Conclusion & Future Work
Abstraction refinement … Counterexamples ~ Markov Chains
Markov Chains have cycles Model Checking Infinite-state Probabilistic Models Speed-up for huge finite-state models Future Work
Better Lower bounds
![Page 25: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/25.jpg)
25
References
Tool website http://depend.cs.uni-sb.de/pass Literature
Our work Hermanns, Wachter, Zhang: Probabilistic CEGAR (CAV’08) Wachter, Zhang, Hermanns: MC Modulo Theories (Qest’07)
Counterexamples Hermanns, Aljazar: CEX for timed prob reachability, FORMATS‘05 Han, Katoen: CEX in probabilistic model checking, TACAS‘07
Probabilistic Abstraction Refinement De Alfaro, Magnifying-lens abstraction for MDPs, CAV‘07 Chatterjee, Henzinger, Majumdar: CEX-guided planning, UAI’05
![Page 26: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/26.jpg)
26
Questions?
![Page 27: Probabilistic CEGAR* Björn Wachter Joint work with Holger Hermanns, Lijun Zhang TexPoint fonts used in EMF. Read the TexPoint manual before you delete](https://reader035.vdocument.in/reader035/viewer/2022062407/56649d265503460f949fd6e8/html5/thumbnails/27.jpg)
27
Is Counterexample analysis problem undecidable? Semi-decision algorithm heuristics If we only need finiteley many paths decidable if logic is If we need infinitely many undecidable