Regular Model Checking Made Simple and Efficient P. Abdulla, B. Jonsson, M. Nilsson and J. d’Orso...
42
Regular Model Regular Model Checking Made Checking Made Simple and Simple and Efficient Efficient P. Abdulla, B. Jonsson, M. P. Abdulla, B. Jonsson, M. Nilsson and J. d’Orso Nilsson and J. d’Orso Uppsala University Uppsala University
-
Upload
janel-wells -
Category
Documents
-
view
215 -
download
0
Transcript of Regular Model Checking Made Simple and Efficient P. Abdulla, B. Jonsson, M. Nilsson and J. d’Orso...
Regular Model Checking Regular Model Checking Made Simple and Made Simple and
EfficientEfficient
Regular Model Checking Regular Model Checking Made Simple and Made Simple and
EfficientEfficient
P. Abdulla, B. Jonsson, M. Nilsson P. Abdulla, B. Jonsson, M. Nilsson and J. d’Orsoand J. d’Orso
Uppsala UniversityUppsala University
Presentation Overview• Aim
• Regular Model Checking
• Subset Construction
• Construction by Matching
• Conclusions
Aim• Parameterized systems• Counters• Stacks• queues
Can all be represented by regular languagesAnd regular relations.
Regular Model Checking
Represent configurations/transition relationswith finite automata.
(n,n)
(n,t)(t,n)
(n,n)
Example: moving a token to the right
Regular Model Checking
The transitive closure:
(n,n)
(n,t)(t,n)
(n,n)
Example: moving a token arbitrarily to the right
(n,n)
Regular Model Checking (cont.)
• Problem: how do we compute transitive closures ?
• Solution: subset construction ([BJNT00])
• First step: use strings to represent composition (“columns”)
Successiveruns
One column
Regular Model Checking (cont.)
Regular Model Checking (cont.)
Regular Model Checking (cont.)
Subset Construction (cont.)
• Problem: previous automaton is infinite !• Second idea: apply subset construction• With regular sets
Subset Construction (cont.)
€
q0+
(n,n)
(n,t)(t,n)
(n,n)
Relation R:
Construction:
(n,n)
€
q0
€
q1
€
q2
Subset Construction (cont.)
€
q0+
(n,n)
(n,t)(t,n)
(n,n)
Relation R:
Construction:
€
q1 ⋅q0*
€
q2
(n,n)
(t,n)
(n,t)
(n,n)
Subset Construction (cont.)
€
q0+
(n,n)
(n,t)(t,n)
(n,n)
Relation R:
Construction:
€
q1 ⋅q0*
€
q2
€
q2 ⋅q1 ⋅q0*
€
q2 ⋅q2
(n,n)
(n,n) (n,n)
(n,n)(t,n)
(n,t) (n,t)
Subset Construction (cont.)
€
q0+
(n,n)
(n,t)(t,n)
(n,n)
Relation R:
Construction:
€
q1 ⋅q0*
€
q2
€
q2 ⋅q1 ⋅q0*
€
q2 ⋅q2
(n,n)
(t,n)
(n,t) (n,t)
(n,n) (n,n)
(n,n)(n,n)
Subset Construction (cont.)
€
q0+
(n,n)
(n,t)(t,n)
(n,n)
Relation R:
Construction:
€
q1 ⋅q0*
€
q2
€
q2 ⋅q1 ⋅q0*
€
q2 ⋅q2
(n,n)
(t,n)
(n,t) (n,t)
(n,n) (n,n)
(n,n)(n,n)
Subset Construction (cont.)
• Automaton built is deterministic
• Computing the image of a set is expensive
• For many examples, sets obtained are simple
Practical problems:
Our Contribution
• The algorithm uses only local information, not global reasoning (bisimulations).
Compared with [DLS01]:
Our Contribution
• Construction does not rely on determinism
• No image computation, but simple “matching”
Compared with [BJNT00]:
An Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
An Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
Compose automaton twice:
(e,e)(e,e)
(a,e) (b,e) (e,b) (e,d)(d,a)LL
1L
21
32
R3
RR
An Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
(e,e) (e,e)
(a,e) (b,e) (e,b) (e,d)(d,a)LL
1L
21
32
R3
RR
An Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
(b,e)
(d,a)
(e,b)
An Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
(b,e)
(d,a)
(e,b)
(d,e) (e,a)
An Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
(b,e)
(d,a)
(e,b)
(d,e) (e,a)
(e,e)
Construction by Matching
Use sets of form:
€
e1 ⋅e2 ⋅L ⋅epWith each sub-expression being one of:
€
q{ }(1)
(2)
€
L+
(3)
€
R+
Construction by Matching (cont.)
(e,e)(e,e)
(a,e) (b,e) (e,b) (e,d)(d,a)LL
1L
21
32
R3
RR
Examples of sets:
€
L+
€
2{ } 1{ }
€
R+ 3{ }
Construction by Matching (cont.)
Properties of such sets:(1) Can be made canonical representation (2) Closed under an operation similar to concatenation(3) Induce equivalence relation
Property (1)
Canonicity: always take the largest set !
€
q ⋅q∈ q+ ⋅q+ ⊂q+
Property (2)
Define operator * as follows:
€
e1∗e2 =e1e1 ⋅e2
⎧ ⎨ ⎩ otherwise
if
€
e1 = e2 = q+
Property (2)
Using the * operator:
L+ 1 L+ L+
L+
L+ * L+ 1 * L+
1 * L+
(a,e) (e,e)
(a,e)
(a,e)
Property (3)
When can we merge states ?
€
w1
€
w2
€
w2
€
w1
1
2
1/2
Property (3) (cont.)
Does our equivalence relation satisfy this ?Yes !
€
w1
€
w2
€
w2
€
w1
€
≈
€
≈
€
≈
€
≈ LL
L
LL
q
q1q2
q1q2q
q
Property (3) (cont.)
€
w1
€
w2
€
w2
€
w1
€
≈
€
≈
€
≈
€
≈LL
L
L
q1
q2
q1
q2q1
Property needs to be symmetric !
The Algorithm
• Initialization: replace copying states “q” with “q+”, leave the rest;
• Step k+1: for a transition of step k and a transition of step 0, if “match” then add the combined transition;
• Stop: when reach fixed point.
Example
L 1 2 3 R
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
Run the initialization step.
Example
L+ 1 2 3 R+
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
Example
L+ 1 2 3 R+
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
Match transitions in red.
Example
L+ 1 2 3 R+
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
1 L+
(a,e)
Example
L+ 1 2 3 R+
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
1 L+
(a,e)
Example
L+ 1 2 3 R+
(e,e) (e,e)
(a,e) (b,a) (d,b) (e,d)
1 L+
(a,e)
2 1(b,e)
ResultsAlgorithm Subset
ConstructionMatching Speedup
Dijkstra 435s 39s 11.2
Szymanski 278s 178s 1.5
Termination detection
47s 22s 2.1
Ticket 17s 20s 0.85
Future Work
• Extend to other systems e.g. trees, push-down systems, graphs, etc…
• Experiment underlying data structure Graphical interface for this tool
