static analysis of programs with probabilities
play

Static Analysis of Programs with Probabilities Sriram - PowerPoint PPT Presentation

Jan 17, 2023 •129 likes •610 views

Static Analysis of Programs with Probabilities Sriram Sankaranarayanan University of Colorado, Boulder, USA. Joint Work Aleksandar Chakarov Olivier Bouissou Eric Goubault Sylvie Putot Yuen-Lam Voronin Univ. Colorado, Boulder CEA, now at

  1. Static Analysis of Programs with Probabilities Sriram Sankaranarayanan University of Colorado, Boulder, USA.

  2. Joint Work Aleksandar Chakarov Olivier Bouissou Eric Goubault Sylvie Putot Yuen-Lam Voronin Univ. Colorado, Boulder CEA, now at Mathworks Ecole Polytechnique Ecole Polytechnique Univ. Colorado, Boulder now at Phase Change

  3. What is this talk about? VERSUS Stochastic Demonic Randomized Worst-Case

  4. Programs with Probabilities angles = [10, 60, 110, 160, 140, ... 100, 60, 20, 10, 0] Probabilistic x := TruncGaussian(0,0.05,-0.5,0.5) Statements y := TruncGaussian(0, 0.1,-0.5,0.5) for reps in range(0,100): for theta in angles: # Distance travelled variation d = Uniform(0.98,1.02) # Steering angle variation t = deg2rad(theta) * (1 + ... TruncGaussian(0,0.01,-0.05,0.05)) # Move distance d with angle t x = x + d * cos(t) y = y + d * sin(t) #Probability that we went too far? Probability Estimate assert(x >= 272)

  5. Example #1: Coin Toss fortune := 1000 repeat (1000) Heads à Gain one dollar if flip(0.5): fortune := fortune +1 else: fortune := fortune -1 assert fortune >= 0 Repeat 1000 times. Tails à Lose one dollar

  6. Example #2: Vehicle on a road y = 0, theta = 0, x = 0 repeat (1000) x := x + 0.1 * cos(theta) y := y + 0.1 * sin(theta) theta := 0.8 * theta + Normal(0, 0.1) assert (y <= 5.0)

  7. Example #3: Repetitive Robot angles = [10, 60, 110, 160, 140, ... 100, 60, 20, 10, 0] Repeat this x := TruncGaussian(0,0.05,-0.5,0.5) 100 times. y := TruncGaussian(0, 0.1,-0.5,0.5) for reps in range(0,100): Probability of for theta in angles: going out of # Distance travelled variation bounds? d = Uniform(0.98,1.02) # Steering angle variation t = deg2rad(theta) * (1 + ... Small TruncGaussian(0,0.01,-0.05,0.05)) errors at # Move distance d with angle t x = x + d * cos(t) each step. y = y + d * sin(t) #Probability that we went too far? Sawyer Robotic Arm assert(x >= 272) (rethink robotics)

  8. Repetitive Robot angles = [10, 60, 110, 160, 140, ... 100, 60, 20, 10, 0] Scatter Plot 10^5 Simulations x := TruncGaussian(0,0.05,-0.5,0.5) y := TruncGaussian(0, 0.1,-0.5,0.5) for reps in range(0,100): for theta in angles: # Distance travelled variation d = Uniform(0.98,1.02) # Steering angle variation t = deg2rad(theta) * (1 + ... TruncGaussian(0,0.01,-0.05,0.05)) # Move distance d with angle t x = x + d * cos(t) y = y + d * sin(t) #Probability that we went too far? assert(x >= 272)

  9. Systems Acting Under Disturbances Stochastic Verification Reliability Stochastic Controls Uncertainty Quantification AI Output Yes External System Property Disturbances No “Classic” Formal Verification. “Set-Valued” Robust Control.

  10. Reasoning about Uncertainty Probability of Success? Random Output Inputs Property Probabilistic Program Probability of Failure? Demonic Inputs Rare Event ≤ 10 -6 ? Estimating the probabilities vs. Proving bounds on probabilities.

  11. Static Analysis of Probabilities

  12. Semantics real x,y,z; initially x is Normal(0,1), y is Uniform(-1,1); is a initially z is Uniform(0,10); while (true) if (z <= 10) Markov Process x := x +1 + 2*Normal(0,1); y := y – 2 + Uniform(-1,1); NONDET (0,1) z := z + 1; else Complicated Semantics x := x +1; Skip for this talk y := y – 2; z := z -1;

  13. Sample Path Semantics [Kozen’1981] “Sample path” semantics. real x,y,z; initially x is Normal(0,1), y is Uniform(-1,1); initially z is Uniform(0,10); while (true) if (z <= 10) x := x -1 + 2*Normal(0,1); # Steps y := y – 2 + Uniform(-1,1); z := z + 1; else x := x +1; y := y – 2; z := z -1; # Steps

  14. Distribution Transformer Semantics [Kozen’1981] real x,y,z; initially x is Normal(0,1), y is Uniform(-1,1); initially z is Uniform(0,10); while (true) if (z <= 10) x := x -1 + 2*Normal(0,1); y := y – 2 + Uniform(-1,1); z := z + 1; else x := x +1; y := y – 2; z := z -1;

  15. Comparison with “Classical” Programs “Classical” Programs Probabilistic Programs State ( x:10, y:25, z:15) Distributions x: N(0,1), y: U(-1,1), z: Poisson(5) Sets of States Sets of Distributions Abstract Domains Probabilistic Abstract Domains

  16. Reachable Set of Distributions real x, y; real z; initially x is Normal(0,1), y is Uniform(-1,1); initially z is Uniform(0,10); while (true) if (z <= 10) x := x -1 + 2*Normal(0,1); y := y – 2 + Uniform(-1,1); z := z + 1; else x := x +1; y := y – 2; z := z -1;

  17. Probabilistic Abstract Interpretation [Monniaux, Cousot+Monerau, Mardziel + Hicks, Bouissou+Goubault+Putot, S +Chakarov+Gulwani, …] Abstraction of reachable distributions Abstraction of Initial Distribution Probabilistic Abstract Interpreter Program How to: 1. Systematically abstract distributions? Probability of x <= 135? [0.956, 0.989] 2. Propagate abstract distributions through programs? 3. Answer queries on the results?

  18. Approach #1: Discretization [Monniaux, Mardziel+Hicks,Cousot+Monerau] Propagate abstract distributions through programs? Use Standard Forwards/Backwards Abstract Interpretation (with modifications) Answer queries on the results? Partition domain into cells. Associate range of probability with each cell. “Discrete” Integration Systematically abstract distributions? Volume Computation (expensive)

  19. Discretization • Tradeoff: precise bounds vs number of cells. • Off-the-shelf use of abstract interpretation tools. • Conceptually easy to handle nondeterminism + stochastic choices. Ø Does not scale to large number of random variables. Ø Loops may require widening à precision loss.

  20. Approach #2: Probabilistic Calculii [Bouissou+Goubault+Putot, Bouissou+ Goubault + Putot+ Chakarov+S] • How do program variables depend on the uncertainties? y := Uniform(-0.01, 0.01) th := Uniform(-0.01, 0.01) for i in range(0, 10): y := y + 0.1 * th th := 0.8 * th + randomw() Probability( y >= 0.1) <= ??

  21. Probabilitic Affine Forms Propagate abstract distributions through programs? Systematically abstract distributions? Modified Affine Form Calculus Conditional Branches Answer queries on the results? Volume Computation (expensive) Concentration of Measure Inequalities (cheap but not fully general)

  22. Repetitive Robot angles = [10, 60, 110, 160, 140, ... 100, 60, 20, 10, 0] Repeat this x := TruncGaussian(0,0.05,-0.5,0.5) 100 times. y := TruncGaussian(0, 0.1,-0.5,0.5) for reps in range(0,100): Probability for theta in angles: of going out # Distance travelled variation of bounds? d = Uniform(0.98,1.02) # Steering angle variation t = deg2rad(theta) * (1 + ... Small TruncGaussian(0,0.01,-0.05,0.05)) errors at # Move distance d with angle t x = x + d * cos(t) each step. y = y + d * sin(t) #Probability that we went too far? Sawyer Robotic Arm assert(x >= 272) (rethink robotics)

  23. Repetitive Robot: Affine Form [Bouissou+Chakaraov+Goubault+Putot+S’TACAS 2016]

  24. Repetitive Robot (Cont.) Bounds computation using Chernoff-Hoeffding Inequality:

  25. Anesthesia (Fentanyl) Infusion [McClain+Hug, Fentanyl Kinetics, Clinical Pharmacology & Therapeutics, 28(1):106–114, July 1980.] Infusion Rate Drug Time Concentration Drug Conc. must be inside Pump Patient + safe range. Error x 4 : [150, 300] ng/ml

  26. Anesthesia Infusion (Continued) infusionTimings[7] = {20, 15, 15, 15, 15, 15, 45}; [Bouissou+Chakaraov+Goubault+Putot+ S ’TACAS 2016] double infusionRates[7] = { 3, 3.2, 3.3, 3.4, 3.2, 3.1, 3.0}; Interval e0(-0.4, 0.4), e1(0.0), e2(0.006,0.0064); for i in range(0, 7): currentInfusion= 20.0*infusionRates[i]; curTime = infusionTimings[i]; for j in range(0, 40 * infusionTimings[j]): e : = 1+ randomVariable(e0, e1, e2) u : = e * currentInfusion x1n : = 0.9012* x1 + 0.0304 * x2 + 0.0031 * x3 + 2.676e-1 * u x2n := 0.0139* x1 + 0.9857 * x2 + 2e-3*u x3n := 0.0015 * x1 + 0.9985 * x3+ 2e-4*u x4n := 0.0838 * x1 + 0.0014 * x2 + 0.0001 *x3 + 0.9117 * x4 + 12e-3 * u x1 := x1n; x2 := x2n; x3 := x3; x4 := x4n

  27. Affine Form-Based Approach ü Generalizes to nonlinear computation ü Polynomials, Trigonometric Functions, Hyperbolic Functions. ü Relation to polynomial chaos approximations [Xiu+Karandiakis] ü Wiener-Askey Approximation Scheme. Ø Conditional Branches. Ø Current Solution: discretize domain of the affine form into smaller boxes. Ø Unbounded Loops.

  28. Approach #3: Deductive [McIver+Morgan+Katoen, Chakarov+ S , Chatterjee et al., Systematically abstract distributions? Fioriti et al.] real x,y,z initially x is Normal(0,1), E ( x + z ) = 5 y is Uniform(-1,1), E ( y ) = 2 n z is Uniform(0,10); E ( z ) 11 ≤ while (true) E ( z ) 5 + n ≤ if (z < 10) E ( z ) 5 − n x := x -1 + 2*Normal(0,1); ≥ y := y – 2 + Uniform(-1,1); z := z + 1; else x := x +1; Facts about the moments of distributions. y := y – 2; Loop Invariants. z := z -1;

  29. Deducing Properties of Distributions • Early work by McIver and Morgan. • Pre-Expectation calculus for programs with probabilities. • Restricted to finite domain random variables. • Generalizing McIver and Morgan’s work [Chakarov + S ‘ CAV 2013]. • Connections with Supermartingales. • Handle continuous random variables. • Concentration of Measure Inequalities.

  30. Coin Tossing Example Heads à Gain one dollar Repeat N times. Tails à Lose one dollar Toss X Dollars ? Dollars Coin Once Expected fortune in next step = fortune in current step.

Recommend

1 Analysis Information Where Do Facts Hold? How much information depends on the client

1 Analysis Information Where Do Facts Hold? How much information depends on the client

711? CS711 Advanced Programming Languages Topics in Program Analysis Radu Rugina Fall 2005 CS711 Overview 2 Program Analysis Static vs. Dynamic Static analysis: inspect programs at compile-time Static analysis: Work done at

282 views • 4 slides
Abstract a unified lattice model for static analysis of programs by construction or approximation

Abstract a unified lattice model for static analysis of programs by construction or approximation

Abstract a unified lattice model for static analysis of programs by construction or approximation of fixpoints Interpretation Patrick Cousot and Radhia Cousot, 1977 Motivation (for static analysis) Say youve written code that you really

619 views • 25 slides
Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer

Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer

Data Flow Analysis Concurrent Programs Race-Free Programs Sync-CFG Analysis Analysis Static Analysis of Race-Free Interrupt-Driven Programs Deepak DSouza Department of Computer Science and Automation Indian Institute of Science,

981 views • 47 slides
Modelling, Specification and Formal Analysis of Complex Software Systems Precise Static Analysis

Modelling, Specification and Formal Analysis of Complex Software Systems Precise Static Analysis

Modelling, Specification and Formal Analysis of Complex Software Systems Precise Static Analysis of Programs with Dynamic Memory Mihaela Sighireanu IRIF, University Paris Diderot &amp; CNRS VTSA 2015 1 / 99 Static Analysis Establish

2.15k views • 186 slides
PMAF : AN ALGEBRAIC FRAMEWORK FOR STATIC ANALYSIS OF PROBABILISTIC PROGRAMS Di Wang 1 , Jan

PMAF : AN ALGEBRAIC FRAMEWORK FOR STATIC ANALYSIS OF PROBABILISTIC PROGRAMS Di Wang 1 , Jan

PMAF : AN ALGEBRAIC FRAMEWORK FOR STATIC ANALYSIS OF PROBABILISTIC PROGRAMS Di Wang 1 , Jan Hoffmann 1 , Thomas Reps 2 1 Carnegie Mellon University 2 University of Wisconsin; GrammaTech, Inc. PROBABILISTIC PROGRAMS Draw random data from

969 views • 79 slides
Semantic Analysis Chapter 5 Semantic Analysis Determine static properties of programs

Semantic Analysis Chapter 5 Semantic Analysis Determine static properties of programs

Semantic Analysis Chapter 5 Semantic Analysis Determine static properties of programs association between definitions and applied occurrences of variables and other names scope and visibility of names, escaping names types

661 views • 20 slides
Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting insights at compile time Full branch coverage Terminates Doesnt rely on a test suite Types are static analysis. Lets talk about

784 views • 39 slides
Static analysis of numerical programs Sylvie Putot with Eric Goubault, Franck V edrine and

Static analysis of numerical programs Sylvie Putot with Eric Goubault, Franck V edrine and

Static analysis of numerical programs Sylvie Putot with Eric Goubault, Franck V edrine and Karim Tekkal (Digiteo) Laboratory for the Modelling and Analysis of Interacting Systems, CEA LIST RAIM09: 3es Rencontres Arithm etique de

204 views • 19 slides
Static Analysis of OpenStream Programs Using polyhedral techniques to analyze interesting language

Static Analysis of OpenStream Programs Using polyhedral techniques to analyze interesting language

Static Analysis of OpenStream Programs Using polyhedral techniques to analyze interesting language subsets Alain Darte With Albert Cohen and Paul Feautrier CNRS, Compsys Laboratoire de lInformatique du Paralllisme cole normale

527 views • 26 slides
Modular static analysis of string manipulations in C programs a Matthieu Journault, Antoine Min

Modular static analysis of string manipulations in C programs a Matthieu Journault, Antoine Min

Modular static analysis of string manipulations in C programs a Matthieu Journault, Antoine Min e, Abdelraouf Ouadjaout August 30, 2018 a This work is supported by the European Research Council under Consolidator Grant Agreement 681393

563 views • 31 slides
Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ? Basic analysis ! Example : Flow analysis ! Increasing precision ! Context -, flow -, and path sensitivity Scaling it up !

527 views • 27 slides
Principles of Program Analysis An overview of approaches beyond loop analysis and optimizations

Principles of Program Analysis An overview of approaches beyond loop analysis and optimizations

Principles of Program Analysis An overview of approaches beyond loop analysis and optimizations cs6363 1 The Nature of static analysis --- approximation Static program analysis --- predict the dynamic behavior of programs without running

368 views • 19 slides
A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical problem and how to ignore it An example static analysis What is static analysis used for? Commercial successes Free static analysis tools you should

490 views • 37 slides
Static Analysis Static Analysis they are read? Will the current value of a variable ever be

Static Analysis Static Analysis they are read? Will the current value of a variable ever be

Interesting Questions Interesting Questions Is every statement reachable? Does every non- void method return a value? Compilation 2007 Compilation 2007 Will local variables definitely be assigned before Static Analysis Static

169 views • 13 slides
Modelling, Specification and Formal Analysis of Complex Software Systems Precise Static Analysis

Modelling, Specification and Formal Analysis of Complex Software Systems Precise Static Analysis

Modelling, Specification and Formal Analysis of Complex Software Systems Precise Static Analysis of Programs with Dynamic Memory Mihaela Sighireanu IRIF, University Paris Diderot &amp; CNRS VTSA 2015 1 / 149 Outline Introduction 1 Formal

861 views • 68 slides
Enabling Operator Reordering in Data Flow Programs Through Static Code Analysis XLDI 2012 Fabian

Enabling Operator Reordering in Data Flow Programs Through Static Code Analysis XLDI 2012 Fabian

Enabling Operator Reordering in Data Flow Programs Through Static Code Analysis XLDI 2012 Fabian Hueske, Aljoscha Krettek , Kostas Tzoumas Database Systems and Information Management Technische Universitt Berlin

584 views • 21 slides
Static and dynamic verification Software inspections Concerned with analysis of the static

Static and dynamic verification Software inspections Concerned with analysis of the static

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis Software

430 views • 12 slides
Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

I NTELLI D ROID A Targeted Input Generator for the Dynamic Analysis of Android Malware Michelle Y. Wong and David Lie University of Toronto Department of Electrical and Computer Engineering NDSS Symposium 2016 ! ! ! B ACKGROUND Static vs.

1.02k views • 32 slides
Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that

Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that

Static analysis and all that Martin Steffen IfI UiO Spring 2014 Static analysis and all that Martin Steffen IfI UiO Spring 2014 Plan approx. 15 lectures, details see web-page flexible time-schedule, depending on progress/interest

2.15k views • 194 slides
CS7038 - Malware Analysis - Wk04.1 Static Analysis Introduction Coleman Kane kaneca@mail.uc.edu

CS7038 - Malware Analysis - Wk04.1 Static Analysis Introduction Coleman Kane kaneca@mail.uc.edu

CS7038 - Malware Analysis - Wk04.1 Static Analysis Introduction Coleman Kane kaneca@mail.uc.edu February 1, 2017 Static Analysis Static Analysis is the process of documenting your observations about what identifying characteristics a

575 views • 8 slides
Where do the probabilities come from? Probabilities come from: Experts Data D. Poole

Where do the probabilities come from? Probabilities come from: Experts Data D. Poole

Where do the probabilities come from? Probabilities come from: Experts Data D. Poole and A. Mackworth 2019 c Artificial Intelligence, Lecture 10.1 1 / 6 Learning probabilities the simplest case Observe tosses of thumbtack:

643 views • 30 slides
Review: Probabilities DISCRETE PROBABILITIES Intro We have all been exposed to informal

Review: Probabilities DISCRETE PROBABILITIES Intro We have all been exposed to informal

Review: Probabilities DISCRETE PROBABILITIES Intro We have all been exposed to informal probabilities. However it is instructive to be more precise. The goal today is to refresh our ability to reason with probabilities in simple cases.

528 views • 8 slides
Static and dynamic verification Software inspections Concerned with analysis of the

Static and dynamic verification Software inspections Concerned with analysis of the

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis

310 views • 12 slides
Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Static analysis and all

Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Static analysis and all

Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Plan approx. 15 lectures, details see web-page flexible time-schedule, depending on

938 views • 69 slides

More recommend