Synthesis from LTL Specifications with Mean-Payoff Objectives Aaron - PowerPoint PPT Presentation

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Synthesis from LTL Specifications with Mean-Payoff Objectives Aaron Bohy 1 ere 1 Emmanuel Filiot 2 V´ eronique Bruy` cois Raskin 3 Jean-Fran¸ 1 Universit´ 2 Universit´ 3 Universit´ e de Mons e Paris-Est Cr´ eteil e Libre de Bruxelles ETAPS - TACAS 2013 Rome, Italy

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Overview LTL realizability and synthesis with mean-payoff objectives: • Qualitative objectives • Quantitative objectives Interest: • Reactive systems • Resource-constrained environments Contributions: • Incremental symbolic algorithm based on antichains • Implementation in Acacia+

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work LTL Realizability game Let φ be an LTL formula over the set P = I ⊎ O of atomic signals LTL Realizability game • 2-player game: • Player O , the system, controls the set O • Player I , the environment, controls the set I • Infinite play: at each round j , • Player O gives a subset o j ⊆ O • Player I responds by giving i j ⊆ I • Outcome of the game: w = ( i 1 ∪ o 1 )( i 2 ∪ o 2 ) . . . ( i k ∪ o k ) . . . • Player O wins the play if w satisfies φ , otherwise Player I wins

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work LTL MP Realizability game Let φ be an LTL formula over the set P = I ⊎ O of atomic signals Let v : Lit( P ) �→ Z be a cost function Let c ∈ Q be a threshold value LTL MP Realizability game • 2-player infinite game • Outcome of the game: w = ( i 1 ∪ o 1 )( i 2 ∪ o 2 ) . . . ( i k ∪ o k ) . . . • Let n 1 � � MP( w , v ) = lim inf v ( l ) n n →∞ j =1 l ∈ Lit( i j ∪ o j ) be the mean-payoff value of w w.r.t. v • Player O wins the play if (1) w satisfies φ and (2) MP( w , v ) ≥ c , otherwise Player I wins

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Problems LTL realizability problem Decide whether the system has a winning strategy to satisfy φ against any strategy of the environment LTL MP realizability problem Given a threshold c ∈ Q , decide whether the system has a winning strategy (1) to satisfy φ and (2) to ensure a mean-payoff value ≥ c against any strategy of the environment LTL/LTL MP synthesis problem Produce such a winning strategy when φ is realizable

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Motivating example 2 clients sharing access to a resource Desired properties: (1) every request must be eventually granted by the server (2) the server can grant only one request at a time (mutual exclusion) (3) the requests emitted by client 2 must be prioritized (3) is an optimality criterion ⇒ best modeled using a cost function and a mean-payoff objective

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Motivating example 2 clients sharing access to a resource Let I = { r 1 , r 2 } , O = { g 1 , g 2 , w 1 , w 2 } (1) every request must be eventually granted by the server � ( r 1 → X ( w 1 U g 1 )) ∧ � ( r 2 → X ( w 2 U g 2 )) (2) the server can grant only one request at a time (mutual exclusion) � ( ¬ g 1 ∨ ¬ g 2 ) (3) the requests emitted by client 2 must be prioritized Idea : Impose penalties to w 1 and w 2 :  v ( w 1 ) = − 1   Let v : Lit( I ∪ O ) �→ Z s.t. v ( w 2 ) = − 2   v ( l ) = 0 , ∀ l �∈ { w 1 , w 2 }

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Motivating example 2 clients sharing access to a resource Winning strategies for Player O for properties: • (1) and (2): T ( g 1 , w 2 ) ( g 2 , w 1 ) T • (1), (2) and (3) to ensure a mean-payoff value of − 1 . 2: T T T ( g 2 , w 1 ) ( g 2 , w 1 ) ( g 2 , w 1 ) ( g 2 , w 1 ) ( g 1 , w 2 ) T T

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work State of the art Results of [PR89]: • 2ExpTime-Complete • Finite-memory strategies Classical procedure: • Reduction to Rabin games with Safra’s determinization Safraless procedures: • Reduction to B¨ uchi games [KV05]: • Implemented in Lily [JB06] • Reduction to safety games [SF07, FJR09]: • Implemented in Unbeast [Ehl10] with BDDs • Implemented in Acacia+ [BBF + 12] with antichains

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Reduction to safety games Method proposed by [SF07, FJR09]: LTL ↓ 2 O ( n ) Universal coB¨ uchi Word Automaton ↓ O (1) Universal K-coB¨ uchi Word Automaton ↓ 2 O ( m 2 ) Deterministic K-coB¨ uchi Word Automaton ⇒ Solve a safety game

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Step 2: strengthening of the acceptance condition Universal coB¨ uchi Word Aut. − → Universal K-coB¨ uchi Word Aut. New acceptance condition: Universal K-coB¨ uchi Word Automaton: w is accepted iff all runs labeled by w visit at most K accepting states Result from [FJR09]: A φ is realizable ⇔ A φ, K is realizable where K = 2 n ( n 2 n +2 + 1) and n the number of states of A φ ⇒ Strenghten the acceptance condition

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Step 3: determinization Universal K-coB¨ uchi Word Aut. − → Det. K-coB¨ uchi Word Aut. Determinization: • Extension of subset construction with counters • Counting functions f from Q to [ − 1 , 0 , . . . , K + 1] • f ( q ) = − 1: state q not reached • f ( q ) = i ≥ 0: i is the maximal number of accepting states visited by runs ending up in q • Bad states are counting functions f such that ∃ q : f ( q ) > K ⇒ Solve a safety game det ( A , K ), where the system tries to avoid bad states

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Goals Solve det ( A , K ) efficiently: • Avoid determinization • Avoid bound K = 2 n ( n 2 n +2 + 1) • Quickly find winning strategies with heuristics

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Properties of the safety game Property 1: partial order on counting functions f � f ′ ⇔ ∀ q : f ( q ) ≤ f ′ ( q ) • Intuition: If we can avoid bad states from f ′ , we can also avoid them from f • Compact symbolic representation of downward-closed sets by their maximal elements with antichains Example: ⇒ Construction on the fly , with antichains • Synthesis of compact strategies

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Properties of the safety game Property 2: incremental algorithm • If det ( A , k 1 ) is realizable, then det ( A , k 2 ) is realizable, ∀ k 2 > k 1 ⇒ Incremental algorithm on the values of k = 0, 1, 2, . . .

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Back to motivating example Desired properties: (1) every request must be eventually granted by the server (2) the server can grant only one request at a time (mutual exclusion) Let I = { r 1 , r 2 } and O = { g 1 , g 2 , w 1 , w 2 } � ( r 1 → X ( w 1 U g 1 )) ∧ � ( r 2 → X ( w 2 U g 2 )) ∧ � ( ¬ g 1 ∨ ¬ g 2 ) � �� � � �� � (1) (2) Winning strategy for Player O output by Acacia+: T ( g 1 , w 2 ) ( g 2 , w 1 ) T

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Complexity Theorem : The LTL MP synthesis problem is 2ExpTime-Complete. ⇒ Reduction to a Mean-Payoff Parity Game (MPPG) of size 2 2 O ( nlogn ) and with 2 O ( n ) priorities

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Back to motivating example Additional property: (3) the requests emitted by client 2 must be prioritized  v ( w 1 ) = − 1   Let v ( w 2 ) = − 2   v ( l ) = 0 , ∀ l �∈ { w 1 , w 2 } � ( r 1 → X ( w 1 U g 1 )) ∧ � ( r 2 → X ( w 2 U g 2 )) ∧ � ( ¬ g 1 ∨ ¬ g 2 ) Optimal strategy for Player O requires infinite memory : • Almost always immediately grant client 2 • Grant client 1 with decreasing frequency ⇒ Ensures a mean-payoff value of − 1

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work Finite memory ǫ -optimal strategies Results from [CHJ05]: (1) Optimal strategies in MPPGs may require infinite memory (2) Finite memory ǫ -optimal strategies exist in MPPGs, ∀ ǫ > 0 ⇒ Focus on ǫ -optimal strategies

Introduction LTL synthesis LTL synthesis with MP objectives Conclusion and future work From MPPGs to Energy Parity Games Results of [CD10]: (1) MPPGs can be handled by a reduction to Energy Parity Games (EPGs) for ǫ -optimal stategies ⇒ • Simpler algorithm for solving EPGS than for MPPGs • Basis of an efficient symbolic incremental algorithm Energy objective: Given c 0 ≥ 0, n � � v ′ ( l ) ≥ 0 , c 0 + ∀ n ≥ 0 j =1 l ∈ Lit( i j ∪ o j ) (2) If Player O wins in the EPG, then Player O has a winning strategy with initial credit ( n − 1) · W , where • n = number of state of the EPG • W = largest absolute cost w.r.t. v