an smt based approach to coverability analysis
play

An SMT-Based Approach to Coverability Analysis Javier Esparza 1 , - PowerPoint PPT Presentation

Dec 30, 2023 •47 likes •527 views

An SMT-Based Approach to Coverability Analysis Javier Esparza 1 , Rusln Ledesma-Garza 1 , Rupak Majumdar 2 , Philipp Meyer 1 , Filip Niksic 2 1 Technische Universitt Mnchen 2 MPI-SWS Petri net coverability is important, but difficult

  1. An SMT-Based Approach to Coverability Analysis Javier Esparza 1 , Ruslán Ledesma-Garza 1 , Rupak Majumdar 2 , Philipp Meyer 1 , Filip Niksic 2 1 Technische Universität München 2 MPI-SWS

  2. Petri net coverability is important, but difficult • Many verification problems reduce to Petri net coverability problem • Petri net coverability is EXPSPACE-complete � • Sophisticated tools and algorithms: MIST — Expand-enlarge-check [GRB ’06] BFC — Minimal uncoverability proof [KKW ’12] IIC — Incremental, inductive coverability [KMNP ’13]

  3. MIST, BFC and IIC don’t scale well Examples proved safe 115 92 69 64 61 46 51 33 23 MIST BFC IIC Together

  4. Reducing coverability to feasibility of linear constraints Method LinCon : � • Based on marking equation [Murata ’77] Incomplete � • Strengthened with traps [EM ’00] Traps — essentially Boolean constraints Still incomplete �

  5. Use SMT for linear and Boolean constraints. But LinCon is incomplete. � Does it make sense to use it?

  6. Yes! For the right class of examples, LinCon is “quite complete” Examples proved safe 115 92 96 69 64 61 46 51 33 23 MIST BFC IIC Together LinCon

  7. Yes! For the right class of examples, LinCon is “quite complete” Examples proved safe All but one example in under 100 s 115 92 96 69 64 61 46 51 33 23 MIST BFC IIC Together LinCon

  8. Contributions Main contribution: • Extensive experimental evaluation showing that LinCon works well � Also: • Using duality of linear programming to derive succinct inductive invariants

  9. Contributions Main contribution: • Extensive experimental evaluation showing that LinCon works well � Also: • Using duality of linear programming to derive succinct inductive invariants

  10. In this talk Petri nets Experiments and LinCon

  11. In this talk Petri nets Experiments and LinCon

  12. Petri nets are state transition systems s x t y z r

  13. Petri nets are state transition systems s transitions token x t y z r places

  14. Petri nets are state transition systems s initial marking transitions (0, 1, 0) token x t y z r places

  15. Petri nets are state transition systems s initial marking transitions (0, 1, 0) token x t y z r places

  16. Petri nets are state transition systems s initial marking transitions (0, 1, 0) token x +(1, 0, 0) t y (1, 1, 0) z r places

  17. Petri nets are state transition systems s initial marking transitions (0, 1, 0) token x +(1, 0, 0) t y (1, 1, 0) z r places

  18. Petri nets are state transition systems s initial marking transitions (0, 1, 0) token x +(1, 0, 0) t y (1, 1, 0) +(-1, 0, 1) z (0, 1, 1) r places

  19. Petri nets are state transition systems s initial marking transitions (0, 1, 0) token x +(1, 0, 0) t y (1, 1, 0) +(-1, 0, 1) z (0, 1, 1) r places reachable markings

  20. Reachable markings satisfy marking equation s Ignore the order of transitions: • marking equation [Murata ’77] x         0 1 − 1 0 x s t  =  + y 1 0 0 0 y t       0 0 1 − 1 z r z r

  21. Reachable markings satisfy marking equation s Ignore the order of transitions: • marking equation [Murata ’77] x t M = m 0 + CX y z transition marking initial vector r vector marking incidence matrix

  22. Coverability problem Given a Petri net with: • initial marking m 0 m r m t • target marking m t Is there a reachable m 0 marking m r that covers m t ?

  23. Coverability problem Given a Petri net with: • initial marking m 0 m r m t • target marking m t Is there a reachable m 0 marking m r that covers m t ? If m t is not coverable , Petri net is safe .

  24. Adding coverability constraint to marking equation yields basic LinCon M = m 0 + CX M ≥ m t X ≥ 0 If the constraints are not feasible , the Petri net is safe .

  25. Strengthening LinCon using traps [EM ’00] Trap — set of places such that every transition that consumes tokens from it also puts tokens into it. y x z

  26. Strengthening LinCon using traps [EM ’00] Trap — set of places such that every transition that consumes tokens from it also puts tokens into it. y x z

  27. Strengthening LinCon using traps [EM ’00] Trap — set of places such that every transition that consumes tokens from it also puts tokens into it. If a trap is marked, y it stays marked. x z

  28. Strengthening LinCon using traps [EM ’00] Trap — set of places such that every transition that consumes tokens from it also puts tokens into it. If a trap is marked, y it stays marked. x x + y ≥ 1 z

  29. LinCon with traps [EM ’00] M = m 0 + CX M ≥ m t X ≥ 0

  30. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0

  31. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0 M = m r X = x r

  32. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0 M = m r X = x r Is there a trap • initially marked • empty at m r

  33. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0 M = m r X = x r SAT query: Is there a trap • initially marked • empty at m r

  34. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0 M = m r X = x r SAT query: Is there a trap no solution • initially marked inconclusive • empty at m r

  35. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0 ( M = m r 1 , p in trap T p = 0 , otherwise X = x r SAT query: Is there a trap no solution • initially marked inconclusive • empty at m r

  36. LinCon with traps [EM ’00] M = m 0 + CX no solution M ≥ m t safe X ≥ 0 T τ M ≥ 1 ( M = m r 1 , p in trap T p = 0 , otherwise X = x r SAT query: Is there a trap no solution • initially marked inconclusive • empty at m r

  37. In this talk Petri nets Experiments and LinCon

  38. In this talk Petri nets Experiments and LinCon

  39. The origin of examples • MIST — https://github.com/pierreganty/mist Examples from the literature • BFC — http://www.cprover.org/bfc/ Examples from verification of concurrent C programs • Provenance verification for message-passing programs [MMW ’13] Examples modeling a medical system and a bug-tracking system • SOTER — http://mjolnir.cs.ox.ac.uk/soter/ [DKO ’13] Examples from verification of Erlang programs Contains a Petri net with 66,950 places and 213,625 transitions

  40. Main point here: LinCon works well even without traps

  41. LinCon without traps is fast 100000 10000 1000 BFC (time in sec) 100 10 1 0,1 0,01 0,01 0,1 1 10 100 1000 10000 100000 LinCon (time in sec)

  42. LinCon without traps is fast 100000 10000 30 min 1000 BFC (time in sec) 100 10 1 0,1 0,01 0,01 0,1 1 10 100 1000 10000 100000 LinCon (time in sec)

  43. LinCon without traps is fast 100000 25 s 10000 30 min 1000 BFC (time in sec) 100 10 1 0,1 0,01 0,01 0,1 1 10 100 1000 10000 100000 LinCon (time in sec)

  44. LinCon without traps is fast 100000 25 s 2 h 10000 30 min 1000 BFC (time in sec) 100 10 1 0,1 0,01 0,01 0,1 1 10 100 1000 10000 100000 LinCon (time in sec)

  45. LinCon is “quite complete” Examples proved safe 115 92 96 69 64 61 46 51 33 23 MIST BFC IIC Together LinCon

  46. LinCon without traps is “quite complete” Examples proved safe Examples proved safe 115 115 92 92 96 84 69 69 64 64 61 61 46 46 51 51 33 33 23 23 MIST MIST BFC BFC IIC IIC Together Together LinCon LinCon

  47. If LinCon were combined with other tools Examples proved safe 115 107 105 92 69 64 61 46 23 BFC BFC+LinCon Together Together+LinCon

  48. Summary • We’ve revisited a linear constraint approach to Petri net coverability • LinCon is incomplete , but useful … on its own … as a cheap preprocessing step in other tools

Recommend

Boundedness and Coverability for Pushdown Vector Addition Systems Grgoire Sutre LaBRI, CNRS

Boundedness and Coverability for Pushdown Vector Addition Systems Grgoire Sutre LaBRI, CNRS

Boundedness and Coverability for Pushdown Vector Addition Systems Grgoire Sutre LaBRI, CNRS & University of Bordeaux, France ACTS, CMI, Chennai February 2017 Based on joint works with J. Leroux, M. Praveen and P. Totzke. Table of

1.07k views • 88 slides
An Approach to Human Reliability Analysis of SAMG Actions based on a Time Uncertainty Analysis

An Approach to Human Reliability Analysis of SAMG Actions based on a Time Uncertainty Analysis

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 An Approach to Human Reliability Analysis of SAMG Actions based on a Time Uncertainty Analysis Young A Suh 1 , Jaewhan Kim 1* 1 Risk and Reliability Assessment

312 views • 3 slides
5. Conclusion Hazard Analysis for GNSS-based Train Localisation Unit with Model Based Approach

5. Conclusion Hazard Analysis for GNSS-based Train Localisation Unit with Model Based Approach

Outline 1. Background 2. System Performance: QoS 3. From Aviation to Railway 4. Hazard Analysis 5. Conclusion Hazard Analysis for GNSS-based Train Localisation Unit with Model Based Approach According to EGNOS SoL and Railway RAMS Debiao

374 views • 21 slides
A Proactive Approach for Runtime Self-Adaptation Based on Queueing Network Fluid Analysis Emilio

A Proactive Approach for Runtime Self-Adaptation Based on Queueing Network Fluid Analysis Emilio

Introduction Background Our Approach Illustrative Example Conclusion and future work A Proactive Approach for Runtime Self-Adaptation Based on Queueing Network Fluid Analysis Emilio Incerto 1 Mirco Tribastone 2 Catia Trubiani 1 1 Gran Sasso

503 views • 21 slides
A Semantic Approach to the Analysis of Rewriting-Based Systems Salvador Lucas DSIC, Universitat

A Semantic Approach to the Analysis of Rewriting-Based Systems Salvador Lucas DSIC, Universitat

A Semantic Approach to the Analysis of Rewriting-Based Systems Salvador Lucas DSIC, Universitat Polit` ecnica de Val` encia, Spain 27 th International Symposium on Logic-Based Program Synthesis and Transformation, LOPSTR 2017 1 Salvador

358 views • 19 slides
A Bisimulation-Based Approach to the Analysis of Human-Computer Interaction S ebastien Comb

A Bisimulation-Based Approach to the Analysis of Human-Computer Interaction S ebastien Comb

A Bisimulation-Based Approach to the Analysis of Human-Computer Interaction S ebastien Comb efis Charles Pecheur Universit e catholique de Louvain (UCLouvain) Belgium July 16, 2009 [EICS09, Pittsburgh, PA, USA] Complex Systems

660 views • 40 slides
Sketch mapping: A comparative approach to GIS-based network analysis in measuring accessibility

Sketch mapping: A comparative approach to GIS-based network analysis in measuring accessibility

Sketch mapping: A comparative approach to GIS-based network analysis in measuring accessibility Fariba Sotoudehnia 1 , Lex Comber 2 1,2 University of Leicester, Department of Geography, LE1 7RH; fs69@le.ac.uk; ajc36@le.ac.uk Summary This study

290 views • 5 slides
SI10 Implementation of a Metadata-based Approach to Statistical Planning, Analysis &

SI10 Implementation of a Metadata-based Approach to Statistical Planning, Analysis &

PhUSE EU CONNECT 2018 SI10 Implementation of a Metadata-based Approach to Statistical Planning, Analysis & Reporting By Frank Freischlger & Hanspeter Schnitzer INDEX Situation & Purpose Clinical Study Metadata Statistical

596 views • 22 slides
Protographs: Graph-Based Approach to NetFlow Analysis Jeff Janies RedJack FloCon 2011 Thesis

Protographs: Graph-Based Approach to NetFlow Analysis Jeff Janies RedJack FloCon 2011 Thesis

Protographs: Graph-Based Approach to NetFlow Analysis Jeff Janies RedJack FloCon 2011 Thesis Using social networks we can complement our existing volumetric analysis. Identify phenomenon we are missing because they are just not

568 views • 24 slides
Modelling and Analysis of Parallel/ Distributed Time-dependent Systems: An Approach based on JADE

Modelling and Analysis of Parallel/ Distributed Time-dependent Systems: An Approach based on JADE

Modelling and Analysis of Parallel/ Distributed Time-dependent Systems: An Approach based on JADE Franco Cicirelli and Libero Nigro Laboratorio di Ingegneria del Software www.lis.deis.unical.it Universit della Calabria, DIMES 87036 Rende

725 views • 30 slides
An Approach to Automated Thesaurus Construction Using Clusterization-Based Dictionary Analysis

An Approach to Automated Thesaurus Construction Using Clusterization-Based Dictionary Analysis

An Approach to Automated Thesaurus Construction Using Clusterization-Based Dictionary Analysis Nadezhda Lagutina P.G. Demidov Yaroslavl State University Yaroslavl, Russia Thesaurus definition Thesaurus is a vocabulary of controlled

379 views • 14 slides
A model based approach for benchmarking seasonally adjusted time series Susanne Buijtenhek A

A model based approach for benchmarking seasonally adjusted time series Susanne Buijtenhek A

Conference on Seasonality, Seasonal Adjustment and their implications for Short-Term Analysis and Forecasting 10-12 May 2006 A model based approach for benchmarking seasonally adjusted time series Susanne Buijtenhek A model based approach for

401 views • 13 slides
INFRARED-THERMOGRAPHY BASED INF THE HERMAL ANALYSIS OF THE HE OLD LD VS. . NEW TYP YPE OF

INFRARED-THERMOGRAPHY BASED INF THE HERMAL ANALYSIS OF THE HE OLD LD VS. . NEW TYP YPE OF

THE FIRST INTERNATIONAL STUDENT SCIENTIFIC CONFERENCE "MULTIDISCIPLINARY APPROACH TO CONTEMPORARY RESEARCH INFRARED-THERMOGRAPHY BASED INF THE HERMAL ANALYSIS OF THE HE OLD LD VS. . NEW TYP YPE OF THE HE NON-RESIDENTIAL BU

711 views • 13 slides
Dynamic Real-Time Workload: A Practical Approach Based On Analysis-driven Load Balancing Daniel

Dynamic Real-Time Workload: A Practical Approach Based On Analysis-driven Load Balancing Daniel

Semi-Partitioned Scheduling of Dynamic Real-Time Workload: A Practical Approach Based On Analysis-driven Load Balancing Daniel Casini , Alessandro Biondi, and Giorgio Buttazzo Scuola Superiore SantAnna ReTiS Laboratory Pisa, Italy 1

632 views • 47 slides
CEC BASED APPROACH, CEC BASED APPROACH, METHODOLOGY AND PROCESS METHODOLOGY AND PROCESS (CECBA)

CEC BASED APPROACH, CEC BASED APPROACH, METHODOLOGY AND PROCESS METHODOLOGY AND PROCESS (CECBA)

CEC BASED APPROACH, CEC BASED APPROACH, METHODOLOGY AND PROCESS METHODOLOGY AND PROCESS (CECBA) (CECBA) Pacific Ecosystem based Adaptation to Climate Change (PEBACC) Solomon Islands component inception workshop. 3 rd March 2016 SOLOMON

497 views • 46 slides
Sensitivity Analysis for Fuzzy- Sensitivity Analysis for Fuzzy- Logic-Based Life-Cycle Analysis

Sensitivity Analysis for Fuzzy- Sensitivity Analysis for Fuzzy- Logic-Based Life-Cycle Analysis

Sensitivity Analysis for Fuzzy- Sensitivity Analysis for Fuzzy- Logic-Based Life-Cycle Analysis Logic-Based Life-Cycle Analysis Approach Approach Chen Chen Chen and Gerardo W. Flintsch Chen and Gerardo W. Flintsch Roadway Infrastructure

722 views • 54 slides
Inter-procedural Control Flow Analysis Using Constraint-based Approach cs6463 1 The Dynamic

Inter-procedural Control Flow Analysis Using Constraint-based Approach cs6463 1 The Dynamic

Inter-procedural Control Flow Analysis Using Constraint-based Approach cs6463 1 The Dynamic Dispatch Problem Which function is called by p(x)? int myFunc ( int (*p)(int), ) { return p(x); } P is a function pointer. What

364 views • 20 slides
Outcome Based Approach in Outcome Based Approach in Education and Accreditation Education and

Outcome Based Approach in Outcome Based Approach in Education and Accreditation Education and

Outcome Based Approach in Outcome Based Approach in Education and Accreditation Education and Accreditation Prof Dr Sha hrin Moha mma d Unive rsiti T e knolog i Ma la ysia 15th Ma rc h 2007 Pre se nta tion Outc ome s Afte r this pre se nta

1.13k views • 62 slides
Time Domain Models Box & Jenkins popularized an approach to time series analysis based on

Time Domain Models Box & Jenkins popularized an approach to time series analysis based on

Time Domain Models Box & Jenkins popularized an approach to time series analysis based on Auto-Regressive Integrated Moving Average (ARIMA) models. 1 Autoregressive Models Autoregressive model of order p (AR( p )): x t =

212 views • 18 slides
A Machine Learning Based Approach to Mobile Network Analysis Zengwen Yuan 1 , Yuanjie Li 1 ,

A Machine Learning Based Approach to Mobile Network Analysis Zengwen Yuan 1 , Yuanjie Li 1 ,

A Machine Learning Based Approach to Mobile Network Analysis Zengwen Yuan 1 , Yuanjie Li 1 , Chunyi Peng 2 , Songwu Lu 1 , Haotian Deng 2 , Zhaowei Tan 1 , Taqi Raza 1 1 2 Overview 2 Overview 2 Background Overview 2 Background

1.1k views • 106 slides
Formal Security Analysis and Improvement of a hash-based

Formal Security Analysis and Improvement of a hash-based

Formal Security Analysis and Improvement of a hash-based NFC M-coupon Protocol Ali Alshehri and Steve Schneider Agenda Introduc?on. Approach

498 views • 25 slides
A Combinatorial Approach to the Analysis of Differential Gene Expression Data The Use of Graph

A Combinatorial Approach to the Analysis of Differential Gene Expression Data The Use of Graph

A Combinatorial Approach to the Analysis of Differential Gene Expression Data The Use of Graph Algorithms for Disease Prediction and Screening The Goal To classify patients based on expression profiles Presence of cancer Type of

488 views • 33 slides
Foundations of an Outcome-based Approach Purpose 2 Explain the foundations of an

Foundations of an Outcome-based Approach Purpose 2 Explain the foundations of an

Foundations of an Outcome-based Approach Purpose 2 Explain the foundations of an outcome-based approach including performance measurement Outline the Agency's thinking around implementing the approach Explore stakeholder views

190 views • 14 slides
Component-based approach Discovery exercise conducted last year on overall approach to social

Component-based approach Discovery exercise conducted last year on overall approach to social

SS Programme Board 5 - 24/10/2017: Agenda item 5 Paper 5.5 Component-based approach Discovery exercise conducted last year on overall approach to social security This underpins the approach to estimating costs set out in the financial

480 views • 8 slides

More recommend