Quantitative Verification

1
Quantitative Verification

• Arindam Chakrabarti
• Krishnendu Chatterjee
• Thomas A. Henzinger
• Orna Kupferman
• Rupak Majumdar
• UC Berkeley Hebrew University
  UC Los Angeles

2
Outline

• What is the proposal ?
• What benefits do we get out of it ?
• Nailing down some details
• Some interesting results.
• Summary

3
Formal Verification Traditional approach

• Model Labelled transition structure.
• Property Classification of finite and/or
  infinite sequences of states into good and bad
  sets.
• Model-checking Verification that all sequences
  of states generated by model are in good set.

4
Traditional approach Models
5
Traditional approach Models
Each proposition maps each state to TRUE or FALSE.
6
Traditional approach Models
Proposition a
Each proposition maps each state to TRUE or FALSE.
7
Traditional approach Models
Proposition b
Each proposition maps each state to a boolean.
8
Extension 1 Quantitative Propositions, Models
Propositions lta,b,cgt
Each proposition maps each state to an integer.
9
Traditional approach Properties

• A(a U c)

10
Traditional approach Properties

• A(a U c)

A property maps each path to TRUE or FALSE.
11
Extension 2 Quantitative Properties
max(sum(a)) while (sum(b) lt 100)
12
Extension 2 Quantitative Properties
max(sum(a)) while (sum(b) lt 100)
13
Extension 2 Quantitative Properties
max(sum(a)) while (sum(b) lt 100)
14
Extension 2 Quantitative Properties
max(sum(a)) while (sum(b) lt 100)
A property maps each path to an integer.
15
Traditional approach Model-checking problem

• A(a U c)

Check if any path in model violates the property
(is mapped to FALSE).
16
Extension 3 Quantitative Model-checking problem
max(sum(a)) while (sum(b) lt 100)
Find the maximum (or minimum) value of the
property on any path in the model.
17
Outline

• What is the proposal ?
• What benefits do we get out of it ?
• Nailing down some details
• Some interesting results.
• Summary

18
Motor driver in a robot
19
Sensornet node with buffer of size 3
20
Outline

• What is the proposal ?
• What benefits do we get out of it ?
• Nailing down some details
• Some interesting results.
• Summary

21
Specifying properties using quantitative automata

• Property maps each sequence of states to an
  integer.
• Quantitative automaton States, input symbols,
  counters, guarded instructions on transitions,
  nondeterminism.
• Value of a run is given by limsup of values of a
  designated counter R0.

22
A Quantitative Automaton
Maps each infinite sequence ? hai,bi,cii to
limsup ci such that
? ai ? (-1)i bi
23
Outline

• What is the proposal ?
• What benefits do we get out of it ?
• Nailing down some details
• Some interesting results.
• Summary

24
Some interesting results

• Infinite det- and nondet- hierarchies.
• Power of non-determinism.
• Undecidability of model-checking.
• Absence of finite-memory determinacy.
• Parametric-bounds, decidability, complexity.
• Parameter-finding cannot be automated.
• Quantitative ?-calculus, correlations.

25
Some interesting results

• Infinite det- and nondet- hierarchies.
• Power of non-determinism.
• Undecidability of model-checking.
• Absence of finite-memory determinacy.
• Parametric-bounds, decidability, complexity.
• Parameter-finding cannot be automated.
• Quantitative ?-calculus, correlations.

26
Examples

• Response time
• Fair maximum
• Resoure lifetime

27
Summary

• Quantitative extension to boolean verification
  framework.
• Motivation for doing so.
• Extended definitions for propositions,
  properties, and the model-checking problem.
• Some results ( problems, solutions), examples.

28
Thanks for listening !

• Questions, Comments, Suggestions ?