Implementation of a Coalgebraic Model Checker Aaron Strahlberger - PowerPoint PPT Presentation

Implementation of a Coalgebraic Model Checker Aaron Strahlberger 16.07.2019

Parity Game based Model Checker • Game-Based Local Model Checking for the Coalgebraic µ -Calculus by Daniel Hausmann and Lutz Schröder [1] (CONCUR 2019) • Extension to Coalgebraic Ontology Logic Reasoner (COOL) [2] 1

Coalgebraic µ -Calculus [3] Formulae (NNF) φ,ψ ∶∶= ⊺ ∣ � ∣ φ ∨ ψ ∣ φ ∧ ψ ∣ ♡ φ ∣ X ∣ η X .φ (♡ ∈ Λ , X ∈ V ,η ∈ { µ,ν }) • Λ set of modal operators, closed under duals • V set of fixpoint variables • µ,ν fixpoint opererators 2

Coalgebraic µ -Calculus [3] Semantics • System type: functor T ∶ Set → Set • System: coalgebra ( C ,ξ ) where • C is the set of states • ξ ∶ C → TC is the transition map • Modal operator as monotone predicate liftings i.e. natural transformations ⟦♡⟧∶ 2 X → 2 TX ⟦♡⟧( A ) = TC /⟦♡⟧( C / A ) 3

Coalgebraic µ -Calculus [3] Semantics given σ ∶ V → P( C ) ⟦⊺⟧ σ = C ⟦�⟧ σ = ∅ ⟦ X ⟧ σ = σ ( X ) ⟦ φ ∧ ψ ⟧ σ = ⟦ φ ⟧ σ ∩ ⟦ ψ ⟧ σ ⟦ φ ∨ ψ ⟧ σ = ⟦ φ ⟧ σ ∪ ⟦ ψ ⟧ σ ⟦♡ φ ⟧ σ = ξ − 1 [⟦ ♡ ⟧(⟦ φ ⟧ σ )] ⟦ µ X .φ ⟧ σ = LFP ⟦ φ ⟧ X σ ⟦ ν X .φ ⟧ σ = GFP ⟦ φ ⟧ X σ where ⟦ φ ⟧ X σ ( A ) = ⟦ φ ⟧ σ [ X ↦ A ] 4

Example: Labeled Transition System • Functor TX = P( Prop ) × P( X ) L , a Λ = {◻ a , ◇ a ∣ a ∈ L } ∪ { p , ¬ p ∣ p ∈ Prop } • Predicate Liftings: p x 1 ⟦◻ a ⟧( A ) = { B ∈ TC ∣ π 2 ( B )( a ) ⊆ A } ⟦ p ⟧() = { B ∈ TC ∣ p ∈ π 1 ( B )} • ⟦ ν X . p ∧ ◻ a X ⟧ = { x 1 } c b ξ ( x ) x ({ p } , [ a ↦ { x 1 } , b ↦ { x 2 } , c ↦ ∅ ]) x 1 ¬ p x 2 ( ∅ , [ a ↦ ∅ , b ↦ ∅ , c ↦ { x 1 }]) x 2 5

Model checking Problem Definition Given a closed formula φ , a coalgebra ξ ∶ C → TC and a state x ∈ C the model checking problem is to decide whether x ∈ ⟦ φ ⟧ . 6

Implementation encoded Parsing Solver Solution problem 7

Parsing the Model (** internal representation of functor elements *) type functor_element = | Id of string (* identifier *) | INT of int | RAT of int * int | Tuple of functor_element list | Set of functor_element list | Function of (functor_element, functor_element)Hashtbl.t → as a context free grammar for parser generator menhir [4] 8

Example: Labeled Transition System a p x 1 x1 : ({p}, [ a : {x1}, b : {x2} ]) x2 : ({}, [ c : {x1} ]) c b ¬ p x 2 9

Implementation encoded Parsing Solver Solution problem 10

Parity games Definition (Parity game) A parity game played by two players Eloise ( ∃ ) and Abelard ( ∀ ) consists of: • a directed graph G = ( V = V ∃ ˙ ∪ V ∀ , A ) . • a priority function α ∶ V → N Definition (Play) A play is a path in G . • finite plays v 0 v 1 ... v n are won by Eloise iff v n ∈ V ∀ . • infinite plays are won by Eloise iff max { p ∣ ∀ j ∈ N . ∃ k ≥ j .α ( v k ) = p } is even. • otherwise plays are won by Abelard 11

Implementation Solver reduce to parity game encoded Parsing Solution problem parity game solver → used PGSolver [5] for solving parity games 12

One-step Satisfaction Problem [1] Definition For a functor T and set C the one-step satisfaction problem is for input t ∈ TC , ♡ ∈ Λ , U ⊆ C to decide whether t ∈ ⟦♡⟧ U . 13

One-step Satisfaction Games [1] Definition: A one-step game (A ♡ ,t , U), played by two players Eloise and Abelard consists of: • one-step satisfaction arena A ♡ , t • V ♡ , t = {(♡ , t )} ∪ I ♡ , t ∪ C , • E ♡ , t ⊆ V ♡ , t × V ♡ , t s.t. E ♡ , t ( x ) = ∅ for x ∈ C • a set U ⊆ C , encoding a winning condition • Eloise wins game if: • it ends in x ∈ U • it ends in Abelard-node • A ♡ , t is one-step sound and complete if for all U ⊆ C ∶ t ∈ ⟦♡⟧ U iff Eloise wins ( A ♡ , t , U ) . 14

Example for Graded µ -Calculus [1] Functor, Predicate Lifting TX = ( N ∪ ∞) X , ⟦◇ g ⟧( A ) = { β ∈ TC ∣ ∑ β ( x ) > g } x ∈ A Nodes • I ◇ g , t = { 1 ,..., ∣ C ∣ + 1 } × { 0 ,..., g + 1 } × { 0 , 1 } • for n ≤ ∣ C ∣ : (n, c, 0) belongs to Eloise and (n, c, 1) to Abelard ⎧ ⎪ ⎪ , if c > g ⎪ Abelard a node (|C|+1, c, 0) belongs to ⎨ ⎪ ⎪ Eloise , else ⎪ ⎩ Moves ( n ≤ ∣ C ∣ ) • referee move ( ◇ g , t ) → ( 1 , 0 , 0 ) • E ◇ g , t ( n , c , 0 ) = {( n , min ( g + 1 , c + t ( v n )) , 1 ) , ( n + 1 , c , 0 )} • E ◇ g , t ( n , c , 1 ) = { v n , ( n + 1 , c , 0 )} 15

Example for Graded µ -Calculus 2 x 1 x 2 3 (◇ 2 , t ) t = [ x 1 ↦ 3 , x 2 ↦ 2 ] ∃ (1,0,0) ∃ (2,0,0) ∀ (1,3,1) x 1 ∃ (3,0,0) ∃ (2,3,0) ∀ (2,2,1) ∃ (3,2,0) ∀ (2,3,1) x 2 ∀ (3,3,0) 16

Model Checking Game [1] The model checking game G χ = ( V , E ,α ) for χ is a parity game played over: V = ( Cl ( χ ) × C ) ∪ ({ ψ } × V ♡ , t ) ⋃ ♡ ψ ∈ Cl ( χ ) , x ∈ C ⎧ ⎪ ∅ if x ∈ C , ψ = ⊺ or ψ = � ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ if x ∈ C , ψ = ψ 1 ∧ ψ 2 or ψ = ψ 1 ∨ ψ 2 {( ψ 1 , x ) , ( ψ 2 , x )} ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ if x ∈ C , ψ = η X .ψ 1 {( ψ 1 , x )} ⎪ E ( ψ, x ) = ⎨ ⎪ ⎪ if x ∈ C , ψ = X {( Θ ( X ) , x )} ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ {( ψ 1 , ( ♡ ,ξ ( x )))} if x ∈ C , ψ = ♡ ψ 1 ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ ⎪ { ψ } × E ♡ , t ( x ) if x ∈ V ♡ , t / C ⎩ V ∀ = {( φ, x ) ∣ φ ∈ { ⊺ ,φ 1 ∧ φ 2 ,ν X .φ 1 }} ∪ V ♡ , t , ∀ V ∃ = {( φ, x ) ∣ φ ∈ { � ,φ 1 ∨ φ 2 ,µ X .φ 1 }} ∪ V ♡ , t , ∃ α ( φ, x ) = 0 if φ ≠ η X .φ 1 otherwise α ( φ, x ) = ad ( φ ) 17

Model Checking Game [1] Theorem We have x ∈ ⟦ χ ⟧ iff Eloise wins the node ( χ, x ) in G χ Corrolary Model checking C against χ can be done in time ∣ I ♡ , t ∣) log ( k )+ 6 ) O (((∣ χ ∣ ⋅ ∣ C ∣) ⋅ max ♡∈ Cl ( χ ) , t ∈ ξ ( C ) 18

Implementation reduce to parity game all but modal- operators model parity create outer game checking game problem modaloperators exit nodes create one step game 19

Type of Nodes • game nodes Cl ( χ ) × C • initial nodes ( ♡ , t ) • inner nodes I ♡ , t (* exit nodes are just Normal Nodes *) type mnode = | NormalNode of F.formula * M.functor_element | EntryNode of F.formula * (F.formula * M.functor_element option) * M.functor_element | InnerNode of F.formula * innerNode 20

Create outer Game ... match formula with | F.FALSE -> ret_arg 0 eloise | F.TRUE -> ret_arg 0 abelard | F.OR(x1, x2) -> ret_arg 0 eloise >>= fun lst -> reccall lst x1 >>= fun lst -> reccall lst x2 | F.AND(x1, x2) -> ret_arg 0 abelard >>= fun lst -> reccall lst x1 >>= fun lst -> reccall lst x2 ... 21

Create outer Game ... (* for fixpoints and fixpointvars the owner is irrelevant *) | F.MU(s, f') -> alternation_depth formula >>= fun prio -> ret_arg prio abelard >>= fun lst -> reccall lst f' ... (* modalities handled by one step arena functions *) | F.AX(s, f) -> onestep abelard f | F.EX(s, f) -> onestep eloise f ... 22

Create One-Step Arena in Relational µ -Calculus ... let succs = List.map (fun x -> NormalNode (form, x)) exit_nodes in (* add move from entry_node to its successors *) (Success ((entry_node, (0, player, succs, Some (mnode_to_string entry_node))) :: ret_list)) >>= fun ret_list -> call_outer_on_exitnodes (k_one_step_arena k) theta xi ret_list exit_nodes form 23

Create One-Step Arena in Graded µ -Calculus let edges = function | Graded(n, c, 0, s) -> Success (if n > c_size then [] else [ (InnerNode (form, (Graded (n, min (grade + 1) (c + (t (v n))), 1, s)))) ; (InnerNode (form, (Graded (n+1, c, 0, s))))]) | Graded(n, c, 1, s) -> Success (if n > c_size then [] else [ (NormalNode(form, (v n))) ; (InnerNode (form, (Graded (n+1, c, 0, s))))]) | _ -> Error(NotHappeningCase "edges graded") in ... 24

Create One-Step Arena in Graded µ -Calculus let rec create_exit_ret exit_nodes ret snode = (match snode with | InnerNode (f, x) -> edges x | _ -> Success []) >>= fun succ_snode -> (match snode with | InnerNode (f, Graded(n, c, 0, s)) -> Success (exit_nodes, appendet ret snode succ_snode eloise) ... | NormalNode (f, e) -> Success (e :: exit_nodes, ret) | _ -> Error (NotHappeningCase "graded ret exit")) |> fun x -> List.fold_left (fun tl hd -> tl >>= fun (exit_nodes, ret) -> create_exit_ret exit_nodes ret hd) x succ_snode in create_exit_ret [] ret_list initial_node >>= ... 25

Time complexity [1] Relational O ((∣ χ ∣ ⋅ ∣ C ∣) log ( k )+ 6 ) (Serial) Monotone In general O ((∣ χ ∣⋅∣ C ∣⋅ size ( C )) log ( k )+ 6 ) solving the modelchecking problem is in ∣ I ♡ , t ∣) log ( k )+ 6 ) O ((∣ χ ∣ ⋅ ∣ C ∣ ⋅ max Graded (unary coded) ♡∈ Cl ( χ ) , O ((∣ χ ∣⋅∣ C ∣ 2 ⋅ size ( χ )) log ( k )+ 6 ) t ∈ ξ ( C ) Alternating Time O ((∣ χ ∣⋅∣ C ∣⋅ size ( χ )) log ( k )+ 6 ) 26