Milan Češka
Skip Abstract Section
Abstract
Abstract
This paper presents counterexample-guided inductive synthesis (CEGIS) to automatically synthesise probabilistic models. The starting point is a family of finite-stateMarkov chains with related but distinct topologies. Such families can succinctly be described by a sketch of a probabilistic program. Program sketches are programs containing holes. Every hole has a finite repertoire of possible program snippets by which it can be filled.We study several synthesis problems—feasibility, optimal synthesis, and complete partitioning—for a given quantitative specification . Feasibility amounts to determine a family member satisfying , optimal synthesis amounts to find a family member that maximises the probability to satisfy , and complete partitioning splits the family in satisfying and refuting members. Each of these problems can be considered under the additional constraint of minimising the total cost of instantiations, e.g., what are all possible instantiations for that are within a certain budget? The synthesis problems are tackled using a CEGIS approach. The crux is to aggressively prune the search space by using counterexamples provided by a probabilistic model checker. Counterexamples can be viewed as sub-Markov chains that rule out all family members that share this sub-chain. Our CEGIS approach leverages efficient probabilisticmodel checking,modern SMT solving, and programsnippets as counterexamples. Experiments on case studies froma diverse nature—controller synthesis, program sketching, and security—show that synthesis among up to a million candidate designs can be done using a few thousand verification queries.
- [ÁBD+14] Ábrahám E, Becker B, Dehnert C, Jansen N, Katoen J-P, Wimmer R (2014) Counterexample generation for discrete-time Markov models: An introductory survey, Springer, vol 8483 of LNCS, pp 65–121Google Scholar
- [ABD+15] Alur R, Bodík R, Dallal E, Fisman D, Garg P, Juniwal G, Kress-Gazit H, Madhusudan P, Martin MMK, Raghothaman M, Saha S, Seshia SA, Singh R, Solar-Lezama A, Torlak E, Udupa A (2015) Syntax-guided synthesis. In: Dependable software systems engineering, IOS Press, vol 40 of NATO Science for Peace and Security Series, pp 1–25Google Scholar
- [ADK+18] Abate A, David C, Kesseli P, Kroening D, Polgreen E (2018) Counterexample guided inductive synthesis modulo theories. In: CAV (1), Springer, vol 10981 of LNCS, pp 270–288Google Scholar
- [AHL+08] 20 years of modal and mixed specificationsBulletin of the EATCS2008959412924424771169.68498Google Scholar
- [ASFS18] Search-based program synthesisCommun ACM20186112849310.1145/3208071Google ScholarDigital Library
- [BBPM99] Policy optimization for dynamic power managementIEEE Trans CAD Integr Circuits Syst199918681383310.1109/43.766730Google ScholarDigital Library
- [BdAFK18] Baier C, de Alfaro L, Forejt V, Kwiatkowska M (2018) Model checking probabilistic systems. In: Handbook of model checking, Springer, pp 963–999Google Scholar
- [BDH+17] Budde CE, Dehnert C, Hahn EM, Hartmanns A, Junges S, Turrini A (2017) JANI: quantitative model and tool interaction. In: TACAS, vol 10206 of LNCS, pp 151–168Google Scholar
- [BGK+11] Bartocci E, Grosu R, Katsaros P, Ramakrishnan CR, Smolka SA (2011) Model repair for probabilistic systems. In: TACAS, Springer, vol 6605 of LNCS, pp 326–340Google Scholar
- [BHvMW09] Biere A, Heule M, van Maaren H, Walsh T (eds) (2009) Handbook of Satisfiability, IOS Press, vol 185 of Frontiers in artificial intelligence and applicationsGoogle Scholar
- [BK08] Baier C, Katoen J-P (2008) Principles of model checking MIT PressGoogle Scholar
- [BKL+12] Benes N, Křetínský J, Larsen KG, Møller MH, Srba J (2012) Dual-priced modal transition systems with time durations. In: LPAR, Springer, vol 7180 of LNCS, pp 122–137Google Scholar
- [BKL+15] Refinement checking on parametric modal transition systemsActa Inf2015522–3269297332358810.1007/s00236-015-0215-4Google ScholarDigital Library
- [BTGC16] Bornholt J, Torlak E, Grossman D, Ceze L (2016) Optimizing synthesis with metasketches. In: POPL, ACM, pp 775–788Google Scholar
- [CČF+17] Cardelli L, Češka M, Fränzle M, Kwiatkowska M, Laurenti L, Paoletti N, Whitby M (2017) Syntax-guided optimal synthesis for chemical reaction networks. In: CAV, Springer, vol 10427 of LNCS, pp 375–395Google Scholar
- [ČCH+11] Černý P, Chatterjee K, Henzinger TA, Radhakrishna A, Singh R (2011) Quantitative synthesis for concurrent programs. In: CAV, Springer, vol 6806 of LNCS, pp 243–259Google Scholar
- [CCS14] Chaudhuri S, Clochard M, Solar-Lezama A (2014) Bridging boolean and quantitative synthesis using smoothed proof search. In: POPL, ACM, pp 207–220Google Scholar
- [CDKB18] ProFeat: feature-oriented engineering for family-based probabilistic model checkingFormal Asp Comput20183014575374747710.1007/s00165-017-0432-4Google ScholarDigital Library
- [ČDP+17] Precise parameter synthesis for stochastic biochemical systemsActa Inf2017546589623368601110.1007/s00236-016-0265-2Google ScholarDigital Library
- [CGJ+16] Formal verification with confidence intervals to establish quality of service properties of software systemsIEEE Trans Rel201665110712510.1109/TR.2015.2452931Google ScholarCross Ref
- [CGKM12] Self-adaptive software needs quantitative verification at runtimeCommun ACM2012559697710.1145/2330667.2330686Google ScholarDigital Library
- [CHH+13] Chen T, Hahn EM, Han T, Kwiatkowska MZ, Qu H, Zhang L (2013) Model repair for Markov decision processes. In: TASE, IEEE, pp 85–92Google Scholar
- [ČHJK19] Češka M, Hensel C, Junges S, Katoen J-P (2019) Counterexample-driven synthesis for probabilistic program sketches. In: Formal methods – the next 30 years, Springer International Publishing, vol 11800 of LNCS, pp 101–120Google Scholar
- [Cho17] Chonev V (2017) Reachability in augmented interval Markov chains. CoRR abs/1701.02996Google Scholar
- [ČJJK19] Češka M, Jansen N, Junges S, Katoen J-P (2019) Shepherding hordes of Markov chains. In: TACAS, Springer, vol 11428 of LNCSGoogle Scholar
- [CvG+17a] Calinescu R, Češka M, Gerasimou S, Kwiatkowska M, Paoletti N (2017) Designing robust software systems through parametric Markov chain synthesis. In: ICSA, IEEE, pp 131–140Google Scholar
- [CvG+17b] Calinescu R, Češka M, Gerasimou S, Kwiatkowska M, Paoletti N (2017) RODES: A robust-design synthesis tool for probabilistic systems. In: QEST, Springer, pp 304–308Google Scholar
- [CvG+18] Efficient synthesis of robust models for stochastic systemsJ Syst Softw201814314015810.1016/j.jss.2018.05.013Google ScholarCross Ref
- [DJKV17] Dehnert C, Junges S, Katoen J-P, Volk M (2017) A storm is coming: A modern probabilistic model checker. In: CAV, Springer, vol 10427 of LNCS, pp 592–600Google Scholar
- [DJW+14] Dehnert C, Jansen N, Wimmer R, Ábrahám E, Katoen J-P (2014) Fast debugging of PRISM models. In ATVA, Springer, vol 8837 of LNCS, pp 146–162Google Scholar
- [DKL+13] Abstract probabilistic automataInf Comput201323266116313252210.1016/j.ic.2013.10.002Google ScholarDigital Library
- [dMB08] de Moura LM, Bjørner N (2008) Z3: an efficient SMT solver. In: TACAS, Springer, vol 4963 of LNCS, pp 337–340Google Scholar
- [DR18] Dureja R, Rozier KY (2018) More scalable LTL model checking via discovering design-space dependencies. In: TACAS (1), Springer, vol 10805 of LNCS, pp 309–327Google Scholar
- [FTG16] Supporting self-adaptation via quantitative verification and sensitivity analysis at run timeIEEE Trans Software Eng2016421759910.1109/TSE.2015.2421318Google ScholarDigital Library
- [GPS17] Program synthesis. Found Trends Program Lang201741–21119Google ScholarCross Ref
- [GS13] Model-based verification of quantitative non-functional properties for software product linesInf Softw Technol201355350852410.1016/j.infsof.2012.07.017Google ScholarDigital Library
- [GTC15] Gerasimou S, Tamburrelli G, Calinescu R (2015) Search-based synthesis of probabilistic models for quality-of-service software engineering. In: ASE, IEEE Computer Society, pp 319–330Google Scholar
- [Hen13] Quantitative reactive modeling and verificationComput Sci - R&D2013284331344Google ScholarDigital Library
- [Hen18] Hensel C (2018) The probabilistic model checker storm: Symbolic methods for probabilistic model checking. PhD thesis, RWTH Aachen University, GermanyGoogle Scholar
- [HH14] Hartmanns A, Hermanns H (2014) The modest toolset: An integrated environment for quantitative modelling and verification. In: TACAS, Springer, pp 593–598Google Scholar
- [HHZ11] Probabilistic reachability for parametric Markov modelsSoftw Tools Technol Transf201113131910.1007/s10009-010-0146-xGoogle ScholarCross Ref
- [HKD09] Counterexample generation in probabilistic model checkingIEEE Trans Software Eng200935224125710.1109/TSE.2009.5Google ScholarDigital Library
- [HKP+19] Hartmanns A, Klauck M, Parker D, Quatmann T, Ruijters E (2019) The quantitative verification benchmark set. In: TACAS (1), Springer, vol 11427 of Lecture Notes in Computer Science, pp 344–350Google Scholar
- [JHTT19] Jansen N, Humphrey L, Tumova J, Topcu U (2019) Structured synthesis for probabilistic systems. In: NFM, Springer, vol 11460 of LNCS, pp 237–254Google Scholar
- [JJD+16] Junges S, Jansen N, Dehnert C, Topcu U, Katoen J-P (2016) Safety-constrained reinforcement learning for MDPs. In: TACAS, Springer, vol 9636 of LNCS, pp 130–146Google Scholar
- [JJW+18] Junges S, Jansen N, Wimmer R, Quatmann T, Winterer L, Katoen J-P, Becker B (2018) Finite-state controllers of POMDPs using parameter synthesis. In: UAI, AUAI Press, pp 519–529Google Scholar
- [JS17] A theory of formal synthesis via inductive learningActa Inf2017547693726371231410.1007/s00236-017-0294-5Google ScholarDigital Library
- [Jun20] Junges S (2020) Parameter synthesis in Markov models. PhD thesis, RWTH Aachen University, Germany, to appearGoogle Scholar
- [Kat16] Katoen J-P (2016) The probabilistic model checking landscape. In: LICS, ACM, pp 31–45Google Scholar
- [KLC98] Planning and acting in partially observable stochastic domainsArtif Intell19981011–299134164153010.1016/S0004-3702(98)00023-XGoogle ScholarCross Ref
- [KNP11] Kwiatkowska M, Norman G, Parker D (2011) Prism 4.0: Verification of probabilistic real-time systems. In: CAV, vol 6806 of LNCS, Springer, pp 585–591Google Scholar
- [KNPV09] Probabilistic mobile ambientsTheor Comput Sci200941012–1312721303249927110.1016/j.tcs.2008.12.058Google ScholarDigital Library
- [Kre17] Kretínský J (2017) 30 years of modal transition systems: Survey of extensions and analysis. In: Models, algorithms, logics and tools, Springer, vol 10460 of LNCS, pp 36–74Google Scholar
- [LCA+18] Feature-family-based reliability analysis of software product linesInform Softw Technol201894598110.1016/j.infsof.2017.10.001Google Scholar
- [LT88] Larsen KG, Thomsen B (1988) A modal process logic. In: LICS, IEEE Computer Society, pp 203–210Google Scholar
- [MKKC99] Meuleau N, Kim K-E, Kaelbling LP, Cassandra AR (1999) Solving POMDPs by searching the space of finite policies. In: UAI, Morgan Kaufmann Publishers Inc., pp 417–426Google Scholar
- [MMS96] Probabilistic predicate transformersACM Trans Program Lang Syst199618332535310.1145/229542.229547Google ScholarDigital Library
- [NORV15] Nori AV, Ozair S, Rajamani SK, Vijaykeerthy D (2015) Efficient synthesis of probabilistic programs. In: PLDI, ACM, pp 208–217Google Scholar
- [QDJ+16] Quatmann T, Dehnert C, Jansen N, Junges S, Katoen J-P (2016) Parameter synthesis for Markov models: Faster than ever. In: ATVA, vol 9938 of LNCS, pp 50–67Google Scholar
- [QJD+15] Quatmann T, Jansen N, Dehnert C, Wimmer R, Ábrahám E, Katoen J-P, Becker B (2015) Counterexamples for expected rewards. In: FM, Springer, vol 9109 of LNCS, pp 435–452Google Scholar
- [RAN+15] Rodrigues GN, Alves V, Nunes V, Lanna A, Cordy M, Schobbens P-Y, Sharifloo AM, Legay A (2015) Modeling and verification for probabilistic properties in software product lines. In: HASE, IEEE pp 173–180Google Scholar
- [Ros16] Rosenblum DS (2016) The power of probabilistic thinking. In: ASE, ACM, p 3Google Scholar
- [SDM08] Dynamic power management of a system with a two-priority request queue using probabilistic-model checkingIEEE Trans CAD Integr Circuits Syst200827240340710.1109/TCAD.2007.911342Google ScholarDigital Library
- [SLJB08] Solar-Lezama A, Jones CG, Bodik R (2008) Sketching concurrent data structures. In: PLDI, ACM, pp 136–148Google Scholar
- [SLTB+06] Solar-Lezama A, Tancau L, Bodik R, Seshia S, Saraswat V (2006) Combinatorial sketching for finite programs. In: ASPLOS, ACM, pp 404–415Google Scholar
- [Sol13] Program sketching. STTT2013155–6475495Google Scholar
- [SRBE05] Solar-Lezama A, Rabbah RM, Bodík R, Ebcioglu K (2005) Programming by sketching for bit-streaming programs. In: PLDI, ACM, pp 281–294Google Scholar
- [VK13] Varshosaz M, Khosravi R (2013) Discrete time Markov chain families: modeling and verification of probabilistic software product lines. In: SPLC Workshops, ACM, pp 34–41Google Scholar
- [VtBLL18] Vandin A, ter Beek MH, Legay A, Lluch-Lafuente A (2018) Qflan: A tool for the quantitative analysis of highly reconfigurable systems. In: FM, Springer, vol 10951 of LNCS, pp 329–337Google Scholar
- [WJÁ+12] Wimmer R, Jansen N, Ábrahám E, Becker B, Katoen J-P (2012) Minimal critical subsystems for discrete-time Markov models. In TACAS, Springer, vol 7214 of LNCS, pp 299–314Google Scholar
- [WJÁ+14] Minimal counterexamples for linear-time probabilistic verificationTheor Comput Sci201454961100324725210.1016/j.tcs.2014.06.020Google ScholarCross Ref
- [WJV+15] Wimmer, R., Jansen, N., Vorpahl, A., Ábrahám, E., Katoen, J.-P., Becker, B.: High-level counterexamples for probabilistic automata. Log Methods Comput Sci 11(1), (2015)Google Scholar
- [ZL18] Zhou W, Li W (2018) Safety-aware apprenticeship learning. In CAV'18, Springer, vol 10981 of LNCS, pp 662–680Google Scholar
Recommendations
Can reactive synthesis and syntax-guided synthesis be friends?
SPLASH Companion 2021: Companion Proceedings of the 2021 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for HumanityWhile reactive synthesis and syntax-guided synthesis (SyGuS) have seen enormous progress in recent years, combining the two approaches has remained a challenge. In this work, we present the synthesis of reactive programs from Temporal Stream Logic ...
Can reactive synthesis and syntax-guided synthesis be friends?
PLDI 2022: Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and ImplementationWhile reactive synthesis and syntax-guided synthesis (SyGuS) have seen enormous progress in recent years, combining the two approaches has remained a challenge. In this work, we present the synthesis of reactive programs from Temporal Stream Logic ...
Counterexample-driven genetic programming without formal specifications
GECCO '20: Proceedings of the 2020 Genetic and Evolutionary Computation Conference CompanionCounterexample-driven genetic programming (CDGP) uses specifications provided as formal constraints in order to generate the training cases used to evaluate the evolving programs. It has also been extended to combine formal constraints and user-provided ...
Comments