CSP-based inference of function block finite-state models from execution traces Daniil Chivilikhin, Vladimir Ulyantsev, Anatoly Shalyto, Valeriy Vyatkin INDIN 2017, Emden, Germany 25 July 2017
Program synthesis ● Derive implementation from examples/specification ○ From seminal work [A. Church, 1963] Synthesis Specification/ Implementation examples ● Motivation ○ Fundamental in computer science ○ Automation of software engineering ■ Reverse engineering 2/25
Reverse engineering of software SRC EXE SRC ● Understanding ● Rights limitations ● Optimization ● Changing standards ● Verification ● …. ● …. 3/25
Black-box approach (Controller) SRC EXE What’s in the box? 4/25
Target language: IEC 61499 function blocks 5/25
Test-based reverse engineering Simulation Execution Model Model traces inference Tests Tests gen Preparation 6/25
Scenarios Input Output Output vars Event Event values Input vars values 7/25
Basic function block model Boolean input/output vars 8/25
Previous/proposed approaches 1. Metaheuristic: [Chivilikhin et al / INDIN’15] • Slow • Approximate s t 2. We propose CSP-translation approach • Could be faster in practice • Exact 9/25
Proposed approach: translation to Constraint Satisfaction Problem Propositional Solution encoding reconstruction Data CSP-solver Solution 10/25 https://srlabs.de/bites/minisat-intro/
Proposed approach scheme Translation function f CSP solver Traces tree Traces � No construction 〈 ... 〉 , ... , 〈 ... 〉 solution 〈 ... 〉 , ... , 〈 ... 〉 (UNSAT) 〈 ... 〉 , ... , 〈 ... 〉 CSP CSP solving 〈 � , � , ℂ〉 Values of Automaton Number of variables states N � Constraints ℂ on variables � with domains � 11/25
Traces tree 12/25
Variables 13/25
Main constraints (1) Tree Automaton 14/25
Main constraints (2) Tree Automaton 15/25
Case study: pick-and-place manipulator 16/25
Trace generation All tests with length = 1, 2, 3 #1: 1 #2: 2 … #12: 1, 1, 1 … #39: 3, 3, 3 17/25
Experimental setup •Methods ✓ MuACO • metaheuristic [Chivilikhin et al (2015)] ✓ fbCSP • Proposed approach ✓ fbCSP+BFS • fbCSP + BFS-based symm breaking •State-of-the-art CSP-solvers ✓ Opturion CPX (Minizinc Challenge 2015 winner) ✓ HaifaCSP (Minizinc Challenge 2016 winner) 18/25
Fixed number of states: N = 10 19/25
Minimal model generation •Most general pattern in the given data •Occam’s razor (law of parsimony): “Among competing hypotheses, the one with the fewest assumptions should be selected” 20/25
Minimal model generation N = 1 Solve N := N + 1 Satisfiable UNSAT Return solution 21/25
Minimal model generation: results 22/25
Generated model example 23/25
Conclusion and Future work ● Proposed fast exact algorithm for inferring minimal-sized models of basic FBs for logic control ● Available: https://github.com/chivdan/cspgen ● Future/ongoing work ○ Integer/real variables ○ Timers ○ Composite FBs ○ CEGAR for LTL/CTL based inference 24/25
Thank you for your attention! Daniil Chivilikhin, chivdan@rain.ifmo.ru
Recommend
More recommend
