quantitative verification arindam chakrabarti * krishnendu chatterjee * thomas a. henzinger * orna...
Post on 19-Dec-2015
223 views
TRANSCRIPT
![Page 1: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/1.jpg)
Quantitative Verification
Arindam Chakrabarti*
Krishnendu Chatterjee*
Thomas A. Henzinger*
Orna Kupferman**
Rupak Majumdar***
*UC Berkeley **Hebrew University ***UC Los Angeles
![Page 2: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/2.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
2
Outline
• What is the proposal ?• What benefits do we get out of it ?• Nailing down some details…• Some interesting results.• Summary
![Page 3: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/3.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
3
Formal Verification: Traditional approach
• Model: Labelled transition structure.
• Property: Classification of finite and/or infinite sequences of states into good and bad sets.
• Model-checking: Verification that all sequences of states generated by model are in good set.
![Page 4: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/4.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
4
Traditional approach: Models
{a}
{c}{b,c}
{a,b}
{a}
![Page 5: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/5.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
5
Traditional approach: Models
{a}
{c}{b,c}
{a,b}
{a}
Each proposition maps each state to TRUE or FALSE.
![Page 6: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/6.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
6
Traditional approach: Models
{a}
{c}{b,c}
{a,b}
{a}
Each proposition maps each state to TRUE or FALSE.
Proposition: a
![Page 7: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/7.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
7
Traditional approach: Models
{a}
{c}{b,c}
{a,b}
{a}
Each proposition maps each state to a boolean.
Proposition: b
![Page 8: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/8.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
8
Extension 1: Quantitative Propositions, Models
1,3,4
0,2,5
34,23,1
8,4,9
3,2,4
Propositions: <a,b,c>
Each proposition maps each state to an integer.
![Page 9: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/9.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
9
Traditional approach: Properties
A(a U c)
{a}
{c}{b,c}
{a,b}
{a}
![Page 10: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/10.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
10
Traditional approach: Properties
A(a U c)
{a}
{c}{b,c}
{a,b}
{a}
A property maps each path to TRUE or FALSE.
![Page 11: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/11.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
11
Extension 2: Quantitative Properties
1,3,4
0,2,5
34,23,1
8,4,9
3,2,4
max(sum(a)) while (sum(b) < 100)
![Page 12: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/12.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
12
Extension 2: Quantitative Properties
max(sum(a)) while (sum(b) < 100)
1,3,4
0,2,5
34,23,1
8,4,9
3,2,4
112
![Page 13: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/13.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
13
Extension 2: Quantitative Properties
max(sum(a)) while (sum(b) < 100)
1,3,4
0,2,5
34,23,1
8,4,9
3,2,4
115
![Page 14: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/14.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
14
Extension 2: Quantitative Properties
max(sum(a)) while (sum(b) < 100)
1,3,4
0,2,5
34,23,1
8,4,9
3,2,4
188
A property maps each path to an integer.
![Page 15: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/15.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
15
Traditional approach: Model-checking problem
{a}
{c}{b,c}
{a,b}
{a}A(a U c)
Check if any path in model violates the property (is mapped to FALSE).
![Page 16: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/16.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
16
Extension 3: Quantitative Model-checking problem
1,3,4
0,2,5
34,23,1
8,4,9
3,2,4
188
max(sum(a)) while (sum(b) < 100)
Find the maximum (or minimum) value of the property on any path in the model.
![Page 17: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/17.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
17
Outline
• What is the proposal ?• What benefits do we get out of it ?• Nailing down some details…• Some interesting results.• Summary
![Page 18: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/18.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
18
Motor driver in a robot
0
stop slow fast
1 2
fast?
slow?stop?
slow?
fast?
stop?
stop? slow?
fast?
![Page 19: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/19.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
19
Sensornet node with buffer of size 3
0
receive send
1
send?
receive?
2
send?
receive?
3
send?
receive?
![Page 20: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/20.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
20
Outline
• What is the proposal ?• What benefits do we get out of it ?• Nailing down some details…• Some interesting results.• Summary
![Page 21: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/21.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
21
Specifying properties using quantitative automata
• Property: maps each sequence of states to an integer.
• Quantitative automaton: States, input symbols, counters, guarded instructions on transitions, nondeterminism.
• Value of a run is given by limsup of values of a designated counter R0.
![Page 22: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/22.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
22
A Quantitative AutomatonR1 := R1 + aR2 := R2 - bif R1 = R2 then R0 := c
R1 := R1 + aR2 := R2 + bif R1 = R2 then R0 := c
Maps each infinite sequence = hai,bi,cii… to limsup ci such that ai = (-1)i ¢ bi
![Page 23: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/23.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
23
Outline
• What is the proposal ?• What benefits do we get out of it ?• Nailing down some details…• Some interesting results.• Summary
![Page 24: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/24.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
24
Some interesting results
• Infinite det- and nondet- hierarchies.• Power of non-determinism.• Undecidability of model-checking.• Absence of finite-memory determinacy.• Parametric-bounds, decidability,
complexity.• Parameter-finding cannot be automated.• Quantitative -calculus, correlations.
![Page 25: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/25.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
25
Some interesting results
• Infinite det- and nondet- hierarchies.• Power of non-determinism.• Undecidability of model-checking.• Absence of finite-memory determinacy.• Parametric-bounds, decidability,
complexity.• Parameter-finding cannot be automated.• Quantitative -calculus, correlations.
![Page 26: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/26.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
26
Examples
• Response time• Fair maximum• Resoure lifetime
![Page 27: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/27.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
27
Summary
• Quantitative extension to boolean verification framework.
• Motivation for doing so.• Extended definitions for
propositions, properties, and the model-checking problem.
• Some results (+ problems, solutions), examples.
![Page 28: Quantitative Verification Arindam Chakrabarti * Krishnendu Chatterjee * Thomas A. Henzinger * Orna Kupferman ** Rupak Majumdar *** * UC Berkeley ** Hebrew](https://reader035.vdocument.in/reader035/viewer/2022062308/56649d295503460f949fdf39/html5/thumbnails/28.jpg)
14 May 2004 4th OSQ Retreat, Santa Cruz, CA
28
Thanks for listening !
Questions, Comments, Suggestions ?