regular model checking using solver technologies and ... · regular model checking using solver...
TRANSCRIPT
![Page 1: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/1.jpg)
Regular Model Checking Using Solver
Technologies and Automata Learning
Daniel Neider Nils Jansen
RWTH Aachen University, Germany
May 14th, 2013
NASA Formal Methods Symposium
NASA Ames Research Center, Mo�ett Field, CA, USA
![Page 2: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/2.jpg)
Token Ring Example
1
2
3
4
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 3: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/3.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations:
Transitions:
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 4: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/4.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations: 1000
, 0100, 0010, 0001, 0000, 1100, . . .
Transitions:
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 5: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/5.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations: 1000, 0100
, 0010, 0001, 0000, 1100, . . .
Transitions:
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 6: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/6.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations: 1000, 0100, 0010, 0001, 0000, 1100, . . .
Transitions:
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 7: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/7.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations: 1000, 0100, 0010, 0001, 0000, 1100, . . .
Transitions:
[10
][01
][00
][00
]
,
[00
][10
][01
][00
],. . . ,
[01
][00
][00
][10
]
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 8: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/8.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations: 1000, 0100, 0010, 0001, 0000, 1100, . . .
Transitions:
[10
][01
][00
][00
],
[00
][10
][01
][00
]
,. . . ,
[01
][00
][00
][10
]
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 9: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/9.jpg)
Token Ring Example
1
2
3
4
Modeling Programs
Con�gurations: 1000, 0100, 0010, 0001, 0000, 1100, . . .
Transitions:
[10
][01
][00
][00
],
[00
][10
][01
][00
],. . . ,
[01
][00
][00
][10
]
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 10: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/10.jpg)
Token Ring Example
1
2 3
4
56
Modeling Programs
Con�gurations: 100000, 010000, 001000, 000000, . . .
Transitions:
[10
][01
][00
][00
][00
][00
], . . . ,
[10
][00
][00
][00
][00
][01
]
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 11: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/11.jpg)
Token Ring Example
1
2
3
4
5
6
7
8
Modeling Programs
Con�gurations: (0 + 1)∗
Transitions:
[00
]∗[10
][01
][00
]∗+
[01
][00
]∗[10
]
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 12: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/12.jpg)
Token Ring Example
1
2
3
4
5
6
7
8
The question we want to address
Initial con�gurations I = 10∗
Transitions T = . . .
Bad con�gurations B = 0∗ + 0∗10∗1(0 + 1)∗
Is there a path from some c ∈ I to some c′ ∈ B along T?
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 1/16
![Page 13: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/13.jpg)
Regular Model Checking
Input
A regular set of initial con�gurations I,
a regular set of bad con�gurations B, and
a transducer T de�ning the transitions.
an NFA T = (Q,Σ× Σ, q0,∆, F )Question
Does ReachT (I) ∩B = ∅ hold?
RemarkThe Regular Model Checking Problem is undecidable.
Thus, all algorithms are necessarily semi-algorithms.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 2/16
![Page 14: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/14.jpg)
Regular Model Checking
Input
A regular set of initial con�gurations I,
a regular set of bad con�gurations B, and
a transducer T de�ning the transitions.
an NFA T = (Q,Σ× Σ, q0,∆, F )
Question
Does ReachT (I) ∩B = ∅ hold?
RemarkThe Regular Model Checking Problem is undecidable.
Thus, all algorithms are necessarily semi-algorithms.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 2/16
![Page 15: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/15.jpg)
Regular Model Checking
Input
A regular set of initial con�gurations I,
a regular set of bad con�gurations B, and
a transducer T de�ning the transitions.
an NFA T = (Q,Σ× Σ, q0,∆, F )
Question
Does ReachT (I) ∩B = ∅ hold?
RemarkThe Regular Model Checking Problem is undecidable.
Thus, all algorithms are necessarily semi-algorithms.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 2/16
![Page 16: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/16.jpg)
Regular Model Checking
Input
A regular set of initial con�gurations I,
a regular set of bad con�gurations B, and
a transducer T de�ning the transitions.
an NFA T = (Q,Σ× Σ, q0,∆, F )
Question
Does ReachT (I) ∩B = ∅ hold?
RemarkThe Regular Model Checking Problem is undecidable.
Thus, all algorithms are necessarily semi-algorithms.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 2/16
![Page 17: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/17.jpg)
Motivation
IB
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 3/16
![Page 18: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/18.jpg)
Motivation
P
IB
ProofA (regular) proof is a (regular) set P with
I ⊆ P ,B ∩ P = ∅, andP is inductive, i.e., u ∈ P and (u, u′) ∈ L(T ) implies u′ ∈ P .
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 3/16
![Page 19: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/19.jpg)
Motivation
P
IB
Tools for Regular Model Checking
Faster and
T(O)RMC
Problem: The performance is poor for large representations of I!
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 3/16
![Page 20: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/20.jpg)
Motivation
P
IB
What we do
We approximate I and B with �nite sets.
We use sampling strategies known from automata learning.
We compute smallest proofs using logic solvers.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 3/16
![Page 21: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/21.jpg)
Outline
1. Automata Learning
2. Regular Model Checking via Automata Learning
3. Experiments
4. Conclusion
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 4/16
![Page 22: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/22.jpg)
Outline
1. Automata Learning
2. Regular Model Checking via Automata Learning
3. Experiments
4. Conclusion
![Page 23: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/23.jpg)
Angluin's Learning Framework
Is ab ∈ L??a, b
Yes!No, counterexample aa!
ab
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 24: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/24.jpg)
Angluin's Learning Framework
Is ab ∈ L?
?
a, bYes!No, counterexample aa!
ab
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 25: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/25.jpg)
Angluin's Learning Framework
Is ab ∈ L??a, b
Yes!
No, counterexample aa!
ab
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 26: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/26.jpg)
Angluin's Learning Framework
Is ab ∈ L?
?
a, b
Yes!No, counterexample aa!
ab
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 27: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/27.jpg)
Angluin's Learning Framework
Is ab ∈ L??a, b
Yes!
No, counterexample aa!
ab
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 28: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/28.jpg)
Our Learning Framework
Is ab ∈ L??a, b
Yes!No, counterexample aa!
ab
�yes��no�
?
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 29: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/29.jpg)
Our Learning Framework
Is ab ∈ L??a, b
Yes!No, counterexample aa!
ab
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 5/16
![Page 30: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/30.jpg)
Outline
1. Automata Learning
2. Regular Model Checking via Automata Learning
3. Experiments
4. Conclusion
![Page 31: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/31.jpg)
CEGAR-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
S A
�no�
Add counterexample to S
�yes�
L(A) isa proof
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 6/16
![Page 32: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/32.jpg)
CEGAR-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
S A
�no�
Add counterexample to S
�yes�
L(A) isa proof
1. Sample S = (S+, S−) where S+, S− ⊆ Σ∗ are �nite.
2. Compute a smallest inductive DFA A consistent with S, i.e.,
S+ ⊆ L(A) and S− ∩ L(A) = ∅.
3. Equivalence query: if A is inductive, it is enough to check
I ⊆ L(A) and B ∩ L(A) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 6/16
![Page 33: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/33.jpg)
CEGAR-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
S A
�no�
Add counterexample to S
�yes�
L(A) isa proof
1. Sample S = (S+, S−) where S+, S− ⊆ Σ∗ are �nite.
2. Compute a smallest inductive DFA A consistent with S, i.e.,
S+ ⊆ L(A) and S− ∩ L(A) = ∅.
3. Equivalence query: if A is inductive, it is enough to check
I ⊆ L(A) and B ∩ L(A) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 6/16
![Page 34: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/34.jpg)
CEGAR-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
S A
�no�
Add counterexample to S
�yes�
L(A) isa proof
1. Sample S = (S+, S−) where S+, S− ⊆ Σ∗ are �nite.
2. Compute a smallest inductive DFA A consistent with S, i.e.,
S+ ⊆ L(A) and S− ∩ L(A) = ∅.
3. Equivalence query: if A is inductive, it is enough to check
I ⊆ L(A) and B ∩ L(A) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 6/16
![Page 35: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/35.jpg)
CEGAR-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
S A
�no�
Add counterexample to S
�yes�
L(A) isa proof
Correctness
The algorithm terminates once L(A) is a proof.
Successive DFAs are di�erent and the size of successive DFAs
increases monotonically.
Computing minimal DFAs guarantees termination if a proof
exists.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 6/16
![Page 36: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/36.jpg)
Angluin-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
Membership query
S A
�no�
Add counterexample
�yes�
L(A) isa proof
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 7/16
![Page 37: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/37.jpg)
Angluin-style Regular Model Checking
Maintain asample S
Compute a smallestinductive DFA Aconsistent with S
Equivalencequery
Membership query
S A
�no�
Add counterexample
�yes�
L(A) isa proof
u �yes� / �no� / �?�
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 7/16
![Page 38: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/38.jpg)
Realizing the Black Box
Given a sample S and a transducer T .
Main IdeaConstruct a formula ϕS,Tn such that
ϕS,Tn is satis�able
⇔there exists a DFA A with n states such that A is consistent with
S and inductive with respect to T .
TheoremBy increasing the value of n, we will �nd a smallest DFA consistent
with S and inductive with respect to T if one exists.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 8/16
![Page 39: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/39.jpg)
Realizing the Black Box
Given a sample S and a transducer T .
Main IdeaConstruct a formula ϕS,Tn such that
ϕS,Tn is satis�able
⇔there exists a DFA A with n states such that A is consistent with
S and inductive with respect to T .
TheoremBy increasing the value of n, we will �nd a smallest DFA consistent
with S and inductive with respect to T if one exists.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 8/16
![Page 40: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/40.jpg)
Encoding DFAs
A =(Q,Σ, q0, δ, F
)If Q, Σ, and q0 are �xed, then every DFA is completely de�ned by δand F .
Use Boolean variables dp,a,q with the meaning:
if dp,a,q ≡ true, then δ(p, a) = q.
Use Boolean variables fq with the meaning:
if fq ≡ true, then q ∈ F .Use constraints
¬dp,a,q ∨ ¬dp,a,q′∨q∈Q
dp,a,q
Let ϕDFAn be the conjunction of these constraints.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 9/16
![Page 41: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/41.jpg)
Encoding DFAs
A =(Q,Σ, q0, δ, F
)If Q, Σ, and q0 are �xed, then every DFA is completely de�ned by δand F .
Use Boolean variables dp,a,q with the meaning:
if dp,a,q ≡ true, then δ(p, a) = q.
Use Boolean variables fq with the meaning:
if fq ≡ true, then q ∈ F .
Use constraints
¬dp,a,q ∨ ¬dp,a,q′∨q∈Q
dp,a,q
Let ϕDFAn be the conjunction of these constraints.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 9/16
![Page 42: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/42.jpg)
Encoding DFAs
A =(Q,Σ, q0, δ, F
)If Q, Σ, and q0 are �xed, then every DFA is completely de�ned by δand F .
Use Boolean variables dp,a,q with the meaning:
if dp,a,q ≡ true, then δ(p, a) = q.
Use Boolean variables fq with the meaning:
if fq ≡ true, then q ∈ F .Use constraints
¬dp,a,q ∨ ¬dp,a,q′∨q∈Q
dp,a,q
Let ϕDFAn be the conjunction of these constraints.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 9/16
![Page 43: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/43.jpg)
Encoding DFAs
Construction of a DFA from a ModelLet M |= ϕDFAn . Then, we construct a DFA
AM = ({q0, . . . , qn−1},Σ, q0, δ, F ) as follows:
δ(p, a) = q for the unique q ∈ Q such that M(dp,a,q) = true.
q ∈ F if and only if M(fq) = true.
Impose restrictions on the behavior of AM by introducing the two
formulas
ϕSn that enforces that AM is consistent with S, andϕTn that enforces that AM is inductive with respect to T .
ϕS,Tn := ϕDFAn ∧ ϕSn ∧ ϕTn is the desired formula.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 10/16
![Page 44: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/44.jpg)
Encoding DFAs
Construction of a DFA from a ModelLet M |= ϕDFAn . Then, we construct a DFA
AM = ({q0, . . . , qn−1},Σ, q0, δ, F ) as follows:
δ(p, a) = q for the unique q ∈ Q such that M(dp,a,q) = true.
q ∈ F if and only if M(fq) = true.
Impose restrictions on the behavior of AM by introducing the two
formulas
ϕSn that enforces that AM is consistent with S, andϕTn that enforces that AM is inductive with respect to T .
ϕS,Tn := ϕDFAn ∧ ϕSn ∧ ϕTn is the desired formula.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 10/16
![Page 45: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/45.jpg)
Encoding DFAs
Construction of a DFA from a ModelLet M |= ϕDFAn . Then, we construct a DFA
AM = ({q0, . . . , qn−1},Σ, q0, δ, F ) as follows:
δ(p, a) = q for the unique q ∈ Q such that M(dp,a,q) = true.
q ∈ F if and only if M(fq) = true.
Impose restrictions on the behavior of AM by introducing the two
formulas
ϕSn that enforces that AM is consistent with S, andϕTn that enforces that AM is inductive with respect to T .
ϕS,Tn := ϕDFAn ∧ ϕSn ∧ ϕTn is the desired formula.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 10/16
![Page 46: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/46.jpg)
Formula ϕSn
Let S = (S+, S−). Establish S+ ⊆ L(AM) and S− ∩ L(AM) = ∅!
Introduce variables xu,q for u ∈ Pref(S+ ∪ S−) with the meaning:
if AM : q0u−→ q, then xu,q ≡ true.
Introduce constraints:
xε,q0
(xu,p ∧ dp,a,q)→ xua,q for ua ∈ Pref(S+ ∪ S−)
xu,q → fq for u ∈ S+
xu,q → ¬fq for u ∈ S−
Let ϕSn be the conjunction of these constraints. Then,
M |= ϕDFAn ∧ ϕSn implies S+ ⊆ L(AM)) and S− ∩ L(AM) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 11/16
![Page 47: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/47.jpg)
Formula ϕSn
Let S = (S+, S−). Establish S+ ⊆ L(AM) and S− ∩ L(AM) = ∅!
Introduce variables xu,q for u ∈ Pref(S+ ∪ S−) with the meaning:
if AM : q0u−→ q, then xu,q ≡ true.
Introduce constraints:
xε,q0
(xu,p ∧ dp,a,q)→ xua,q for ua ∈ Pref(S+ ∪ S−)
xu,q → fq for u ∈ S+
xu,q → ¬fq for u ∈ S−
Let ϕSn be the conjunction of these constraints. Then,
M |= ϕDFAn ∧ ϕSn implies S+ ⊆ L(AM)) and S− ∩ L(AM) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 11/16
![Page 48: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/48.jpg)
Formula ϕSn
Let S = (S+, S−). Establish S+ ⊆ L(AM) and S− ∩ L(AM) = ∅!
Introduce variables xu,q for u ∈ Pref(S+ ∪ S−) with the meaning:
if AM : q0u−→ q, then xu,q ≡ true.
Introduce constraints:
xε,q0
(xu,p ∧ dp,a,q)→ xua,q for ua ∈ Pref(S+ ∪ S−)
xu,q → fq for u ∈ S+
xu,q → ¬fq for u ∈ S−
Let ϕSn be the conjunction of these constraints. Then,
M |= ϕDFAn ∧ ϕSn implies S+ ⊆ L(AM)) and S− ∩ L(AM) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 11/16
![Page 49: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/49.jpg)
Formula ϕSn
Let S = (S+, S−). Establish S+ ⊆ L(AM) and S− ∩ L(AM) = ∅!
Introduce variables xu,q for u ∈ Pref(S+ ∪ S−) with the meaning:
if AM : q0u−→ q, then xu,q ≡ true.
Introduce constraints:
xε,q0
(xu,p ∧ dp,a,q)→ xua,q for ua ∈ Pref(S+ ∪ S−)
xu,q → fq for u ∈ S+
xu,q → ¬fq for u ∈ S−
Let ϕSn be the conjunction of these constraints. Then,
M |= ϕDFAn ∧ ϕSn implies S+ ⊆ L(AM)) and S− ∩ L(AM) = ∅.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 11/16
![Page 50: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/50.jpg)
Formula ϕTn
Let T = (QT ,Σ× Σ, qT0 ,∆T , F T ). Establish
u ∈ L(AM) ∧ (u, u′) ∈ L(T ) ⇒ u′ ∈ L(AM)!
Introduce variables yq,q′,q′′ with with the meaning:
if there are u, u′ ∈ Σ∗ such that
AM : q0u−→ q
T : qT0(u,u′)−−−→ q′
AM : q0u′−→ q′′
,
then yq,q′,q′′ ≡ true.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 12/16
![Page 51: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/51.jpg)
Formula ϕTn
Let T = (QT ,Σ× Σ, qT0 ,∆T , F T ). Establish
u ∈ L(AM) ∧ (u, u′) ∈ L(T ) ⇒ u′ ∈ L(AM)!
Introduce variables yq,q′,q′′ with with the meaning:
if there are u, u′ ∈ Σ∗ such that
AM : q0u−→ q
T : qT0(u,u′)−−−→ q′
AM : q0u′−→ q′′
,
then yq,q′,q′′ ≡ true.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 12/16
![Page 52: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/52.jpg)
Formula ϕTn
Introduce constraints:
yq0,qT0 ,q0(yp,p′,p′′ ∧ dp,a,q ∧ dp′′,b,q′′
)→ zq,q′,q′′ for (p′, (a, b), q′) ∈ ∆T(
yq,q′,q′′ ∧ fq)→ fq′′ for q′ ∈ F T
Let ϕTn be the conjunction of these constraints.
Then, M |= ϕDFAn ∧ ϕTn implies
u ∈ L(AM) ∧ (u, u′) ∈ L(T )⇒ u′ ∈ L(AM).
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 13/16
![Page 53: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/53.jpg)
Outline
1. Automata Learning
2. Regular Model Checking via Automata Learning
3. Experiments
4. Conclusion
![Page 54: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/54.jpg)
Experiments - Integer Linear Systems
Petri Berkeley Synapse Lift Mesi
0.01
0.1
1
10Runtimein
seconds
CEG (SAT) ANG (SAT) T(O)RMC FASTer
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 14/16
![Page 55: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/55.jpg)
Experiments - Token Ring
0 100 200 300 400
0.1
1
10
100
Size of I (# states)
Runtimein
seconds
CEGAR
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 15/16
![Page 56: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/56.jpg)
Experiments - Token Ring
0 100 200 300 400
0.1
1
10
100
Size of I (# states)
Runtimein
seconds
CEGAR ANGLUIN
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 15/16
![Page 57: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/57.jpg)
Experiments - Token Ring
0 100 200 300 400
0.1
1
10
100
Size of I (# states)
Runtimein
seconds
CEGAR ANGLUIN T(O)RMC
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 15/16
![Page 58: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/58.jpg)
Outline
1. Automata Learning
2. Regular Model Checking via Automata Learning
3. Experiments
4. Conclusion
![Page 59: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/59.jpg)
Conclusion and Further Research
Summary
We presented a new technique for Regular Model Checking
based upon automata learning and logic solver.
Large sets of initial and bad con�gurations are approximated.
Experiments show competitiveness to other available tools.
Further Research
Possible directions of future research are
suitable non-regular representations of I and B,
nondeterministic automata as proofs, and
an incremental SAT approach.
An interesting extension would be to also approximate the
transducer.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 16/16
![Page 60: Regular Model Checking Using Solver Technologies and ... · Regular Model Checking Using Solver echnologiesT and Automata Learning Daniel NeiderNils Jansen RWTH Aachen Universit,y](https://reader034.vdocument.in/reader034/viewer/2022042309/5ed6a88a39f16f294d5738d4/html5/thumbnails/60.jpg)
Conclusion and Further Research
Summary
We presented a new technique for Regular Model Checking
based upon automata learning and logic solver.
Large sets of initial and bad con�gurations are approximated.
Experiments show competitiveness to other available tools.
Further Research
Possible directions of future research are
suitable non-regular representations of I and B,
nondeterministic automata as proofs, and
an incremental SAT approach.
An interesting extension would be to also approximate the
transducer.
Daniel Neider RWTH Aachen RMC Using Logic Solvers and Automata Learning 16/16