generating system agnostic runtime verification
play

Generating System-Agnostic Runtime Verification Benchmarks from MLTL - PowerPoint PPT Presentation

Motivation Background Naive Encoding Interval-Aware Encoding Future Work Generating System-Agnostic Runtime Verification Benchmarks from MLTL Formulas Josh Wallin & Kristin Yvonne Rozier Iowa State University September 29, 2018 Midwest


  1. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Generating System-Agnostic Runtime Verification Benchmarks from MLTL Formulas Josh Wallin & Kristin Yvonne Rozier Iowa State University September 29, 2018 Midwest Verification Day 2018 Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  2. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Runtime Verification for Robonaut 2 1 1https://robonaut.jsc.nasa.gov/R2/ Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  3. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Runtime Verification for Robonaut 2 How can we debug/validate our monitor specifications? Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  4. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Runtime Verification for Robonaut 2 How can we debug/validate our monitor specifications? ֒ → Satisfiability checking! Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  5. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Runtime Verification for Robonaut 2 How can we debug/validate our monitor specifications? ֒ → Satisfiability checking! How can we test our monitors? Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  6. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Runtime Verification for Robonaut 2 How can we debug/validate our monitor specifications? ֒ → Satisfiability checking! How can we test our monitors? ֒ → Benchmark generation! Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  7. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Runtime Verification for Robonaut 2 How can we debug/validate our monitor specifications? ֒ → Satisfiability checking! How can we test our monitors? ֒ → Benchmark generation! We need a procedure to check satisfiability for properties, and return a satisfying assignment Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  8. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Mission-Time Linear Temporal Logic 2 Mission-Time Linear Temporal Logic (MLTL) reasons about finite, integer-bounded timelines: Symbol Operator Timeline p p p p p G [2 , 6] p Always [2 , 6] 0 1 2 3 4 5 6 7 8 p F [0 , 7] p Eventually [0 , 7] 0 1 2 3 4 5 6 7 8 p p q p U [1 , 5] q Until [1 , 5] 0 1 2 3 4 5 6 7 8 2T. Reinbacher, K.Y. Rozier, J. Schumann. “Temporal-Logic Based Runtime Observer Pairs for System Health Management of Real-Time Systems.” TACAS 2014. Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  9. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Mission-Time Linear Temporal Logic Why? Naturally aligns with (some) real mission applications e.g. actual UAS flights are predictably bounded Bounded logics may provide faster procedures for determining SAT Can we just use BMC? Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  10. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  11. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Trace, or computation, π e.g. π = � 0 , { a , ¬ b , ¬ c }� , � 1 , { a , b , ¬ c }� , � 2 , {¬ a , ¬ b , ¬ c }� . . . Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  12. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Trace, or computation, π e.g. π = � 0 , { a , ¬ b , ¬ c }� , � 1 , { a , b , ¬ c }� , � 2 , {¬ a , ¬ b , ¬ c }� . . . MLTL Formula, ϕ e.g. ϕ = G [0 , 1] ( a ∨ b ) Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  13. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Trace, or computation, π e.g. π = � 0 , { a , ¬ b , ¬ c }� , � 1 , { a , b , ¬ c }� , � 2 , {¬ a , ¬ b , ¬ c }� . . . MLTL Formula, ϕ e.g. ϕ = G [0 , 1] ( a ∨ b ) Oracle, O e.g. O = � 0 , T � , � 1 , F � , . . . Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  14. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Trace, or computation, π e.g. π = � 0 , { a , ¬ b , ¬ c }� , � 1 , { a , b , ¬ c }� , � 2 , {¬ a , ¬ b , ¬ c }� . . . MLTL Formula, ϕ e.g. ϕ = G [0 , 1] ( a ∨ b ) Oracle, O e.g. O = � 0 , T � , � 1 , F � , . . . t a b c O 0 T F F T 1 T T F F 2 F F F . . . . . . . . . . . . . . . Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  15. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Trace, or computation, π e.g. π = � 0 , { a , ¬ b , ¬ c }� , � 1 , { a , b , ¬ c }� , � 2 , {¬ a , ¬ b , ¬ c }� . . . MLTL Formula, ϕ e.g. ϕ = G [0 , 1] ( a ∨ b ) Oracle, O e.g. O = � 0 , T � , � 1 , F � , . . . t a b c O 0 T F F T 1 T T F F 2 F F F . . . . . . . . . . . . . . . Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  16. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Benchmarks An MLTL benchmark is a 3-tuple consisting of: Trace, or computation, π e.g. π = � 0 , { a , ¬ b , ¬ c }� , � 1 , { a , b , ¬ c }� , � 2 , {¬ a , ¬ b , ¬ c }� . . . MLTL Formula, ϕ e.g. ϕ = G [0 , 1] ( a ∨ b ) Oracle, O e.g. O = � 0 , T � , � 1 , F � , . . . t a b c O 0 T F F T 1 T T F F 2 F F F . . . . . . . . . . . . . . . Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  17. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Peculiarities The bounded nature of MLTL formulas permits application of certain transformations. Nested temporal operators can be eliminated G [ x , y ] = “must hold at each G [0 , 2] ( F [2 , 10] a ) time step in interval [ x , y ]” [2 , 10] + [0 , 0] [2 , 10] + [2 , 2] [2 , 10] + [1 , 1] F [2 , 10] a ∧ F [3 , 11] a ∧ F [4 , 12] a Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  18. Motivation Background Naive Encoding Interval-Aware Encoding Future Work MLTL Peculiarities The bounded nature of MLTL formulas permits application of certain transformations. Each temporal operator can be encoded in terms of Globally F [ x , y ] = “must hold at some F [2 , 4] c time step in interval [ x , y ]” G [2 , 2] c ∨ G [3 , 3] c ∨ G [4 , 4] c ≡ F [2 , 2] c ≡ F [3 , 3] c ≡ F [4 , 4] c Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  19. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Naive Encoding We can explicitly generate a benchmark by “expanding” a formula: ϕ = F [1 , 2] ( G [0 , 2] ( a ∨ b )) Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  20. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Naive Encoding We can explicitly generate a benchmark by “expanding” a formula: ϕ = F [1 , 2] ( G [0 , 2] ( a ∨ b )) ↓ ϕ ′ = G [1 , 2] ( a ∨ b ) ∨ G [2 , 3] ( a ∨ b ) Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  21. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Naive Encoding We can explicitly generate a benchmark by “expanding” a formula: ϕ = F [1 , 2] ( G [0 , 2] ( a ∨ b )) ↓ ϕ ′ = G [1 , 2] ( a ∨ b ) ∨ G [2 , 3] ( a ∨ b ) ↓ ϕ ′ = (( a 1 ∨ b 1 ) ∧ ( a 2 ∨ b 2 )) ∨ (( a 2 ∨ b 2 ) ∧ ( a 3 ∨ b 3 )) Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

  22. Motivation Background Naive Encoding Interval-Aware Encoding Future Work Naive Encoding We can explicitly generate a benchmark by “expanding” a formula: ϕ = F [1 , 2] ( G [0 , 2] ( a ∨ b )) ↓ ϕ ′ = G [1 , 2] ( a ∨ b ) ∨ G [2 , 3] ( a ∨ b ) ↓ ϕ ′ = (( a 1 ∨ b 1 ) ∧ ( a 2 ∨ b 2 )) ∨ (( a 2 ∨ b 2 ) ∧ ( a 3 ∨ b 3 )) ↓ SMT Solver* Laboratory for Temporal Logic J. Wallin & K.Y. Rozier Generating RV Benchmarks from MLTL Formulas

Recommend


More recommend