VERIFICATION OF PARAMETERIZED SYSTEMS

MONOTONIC ABSTRACTION IN PARAMETERIZED SYSTEMS

NAVNEETA NAVEEN PATHAK

Parosh Aziz Abdullah, Giorgio Delzanno, Ahmed Rezine

2

AGENDA

INTRODUCTION

PARAMETERIZED SYSTEMS

TRANSITION SYSTEMS

ORDERING

MONOTONIC ABSTRACTIONMonotonic Abstraction in Parameterized Systems

3

INTRODUCTION

Monotonic Abstraction as a simple and effective method to prove safety properties for Parameterized Systems with linear topologies.

Main idea : Monotonic Abstraction for considering a transition relation that is an over-approximation of the one induced by the parameterized system.

Monotonic Abstraction in Parameterized Systems

4

MODEL CHECKING + ABSTRACTION

Infinite-State

System

Abstraction

Finite-State

System

Model Checking

Monotonic Abstraction in Parameterized Systems

5

AGENDA

INTRODUCTION

PARAMETERIZED SYSTEMS

TRANSITION SYSTEMS

ORDERING

MONOTONIC ABSTRACTIONMonotonic Abstraction in Parameterized Systems

6

PARAMETERIZED SYSTEMS

AIM : To verify correctness of the systems for the whole family of Parameterized Systems.

Monotonic Abstraction in Parameterized Systems

P1 P2 P3 PN..........

P1

P2

P3

P4PN

......

...

......

...

7

A parameterized system P is a triple (Q,X, T ),Q - set of local states,X - set of local variables, T - set of transition rules.

A transition rule t is of the form:t: [ q | grd → stmt | q´ ]

where q, q´ ϵ Q grd → stmt is a guarded commandgrd ϵ B(X) U G(X U Q)stmt : set of assignments

DEFINITION

Monotonic Abstraction in Parameterized Systems

8

V LR

V L

∃ L

t1 t6

t2

t3

t4

t5

Idle State – Initially all

processes are in this state

Critical State – Eventually a process will

enter this state

A process moves

from Idle to Black

state when it wants to access its

critical section.

Once a process moves from Black to Blue

state, it “closes the door” on all processes in

Idle state

Parameterized System, P = (Q,T)Q = {Green, Black, Blue, Red} and T = {t1, t2, t3. t4, t5, t6}where t2, t5, t6 – Local transition rules t1, t4 – Universal Rules t3 – Existential Rule

Monotonic Abstraction in Parameterized Systems

9

AGENDA

INTRODUCTION

PARAMETERIZED SYSTEMS

TRANSITION SYSTEMS

ORDERING

MONOTONIC ABSTRACTIONMonotonic Abstraction in Parameterized Systems

10

TRANSITION SYSTEMS

A transition system T is a pair (C,⇒)where, C - (infinite) set of configurations , ⇒ - binary relation on C, ⇒* - reflexive transitive closure of ⇒

A configuration c ϵ C is a sequence u1 , ...... , un of process states.i.e. corresponding to an instance of the system with n processes.

Monotonic Abstraction in Parameterized Systems

11

The word below represents a configuration in an instance of system with 5 processes.

t3

Valid Transitions

t3

Invalid Transitions

Monotonic Abstraction in Parameterized Systems

12

Initial Configuration

Bad ConfigurationAll configurations that have atleast 2 RED processes

AIM : Init * Bad ?

Monotonic Abstraction in Parameterized Systems

13

AGENDA

INTRODUCTION

PARAMETERIZED SYSTEMS

TRANSITION SYSTEMS

ORDERING

MONOTONIC ABSTRACTIONMonotonic Abstraction in Parameterized Systems

14

ORDERINGc1, c2 – configurationsc1 ≤ c2 - c1is a subword of c2

e.g. ≤Upward Closed Configurations

Set U of configurations is upward closed, ifwhenever c ϵ U and c ≤ c´ then c´ϵ U.

c – configuration,ĉ – denotes upward closed set U:= {c´ | c ≤ c´}

ĉ contains all configurations larger than c w.r.t. ordering ≤.i.e. c is the generator of U Monotonic Abstraction in Parameterized Systems

15

Why Upward Closed Sets ?

1. All sets of Bad configurations (which are worked upon) are upward closed.

2. Upward closed sets have an efficient symbolic representation.i.e. For an upward closed set U, there are configurations c1, ..... , cn with U = ĉ1 U......U ĉn

Monotonic Abstraction in Parameterized Systems

16Monotonic Abstraction in Parameterized Systems

Coverability Problem for Parameterized Systems

To analyze safety properties.

PAR-COV

Instance• Parameterized System, P = (Q,X,T)• CF – upward-closed set of configurations

QuestionInit * CF ?

17

Backward Reachability Analysis

Monotonic Abstraction in Parameterized Systems

For a set of configurations, CUse Pre(C) := {c | c´∃ ϵ C; c → c´}

IDEA :i. Start with set of bad upward-closed

configurations.ii. Apply function Pre repeatedly generating

sequence U0, U1, U2,.... where U0 := Bad, and Ui+1 := Ui + Pre(Ui) for all i ≥ 0

Observation :set Ui characterizes set of configurations from which set Bad is reachable within i steps

18

MONOTONICITY

Monotonicity implies that upward closedness is preserved through the application of Pre.

Consider: U – upward closed set, c1 – member of Pre(U) and c2 ≥ c1

By Monotonicity, it can be proved thatc2 is also a member of Pre(U)

Monotonic Abstraction in Parameterized Systems

19Monotonic Abstraction in Parameterized Systems

AGENDA

INTRODUCTION

PARAMETERIZED SYSTEMS

TRANSITION SYSTEMS

ORDERING

MONOTONIC ABSTRACTION

20

MONOTONIC ABSTRACTION

Monotonic Abstraction in Parameterized Systems

An abstraction that generates over-approximation of the transition systems.

The abstract transition system is monotonic.Hence, allowing one to work with upward closed sets.

c1

c1´≥

c2

A

21

c1 = = c3

Local transitions are monotonic!

Monotonic Abstraction in Parameterized Systems

t2

Consider the local transition,

Configuration c2 =

c2 = c4

This leads to c4 ≥ c2 and also maintains c3 ≤ c4.

t2

22Monotonic Abstraction in Parameterized Systems

Existential transitions are monotonic!

t3

t3

Consider the existential transition:

c1 = = c3

Configuration, c2 =

c2 = = c4

Leading to c4 ≥ c3

23Monotonic Abstraction in Parameterized Systems

Non-monotonicity of Universal transitions

Consider the following Universal transition:

c1 = = c3

t4 can be applied to c1 as all process in the left context of the active process satisfy the condition of transition.

Now consider c2 = c1 ≤ c2

But t4 is not enabled from c2 since the left context of the active process violates the conditions of transition.

t4

24

1. Work with Abstract transition relation →A.

2. →A is an monotonic abstraction (over-approximation) of the concrete relation →.

3. When t is universal, we have: c1 →A c2 iff c1´ → c2 for some c1´ ≤ c1

i.e. →A

Since

≤ →Monotonic Abstraction in Parameterized Systems

Solution!

t t

t4

t4

25Monotonic Abstraction in Parameterized Systems

Since, c1 ≤ c2

c1 →A c3 implies c2 →A c3

Hence, Abstract transition relation is Monotonic, w.r.t. Universal Transitions.

The Abstract transition relation is and over-approximation of the original transition relation

↓↓If a safety property holds in the abstract model, then it will also hold in the concrete model.

Solution.....

26Monotonic Abstraction in Parameterized Systems

Coverability Problem for Approximate Systems

APRX-PAR-COV

Instance• Parameterized System, P = (Q,X,T)• CF – upward-closed set of configurations

QuestionInit * A CF ?

27Monotonic Abstraction in Parameterized Systems

A = ( U 1)

1 reflects the approximation of universal quantifiers

Since ⊆ A

A negative answer to APRX-PAR-COV implies a negative answer to PAR-COV.

28

CONCLUSION

Monotonic Abstraction in Parameterized Systems

29Monotonic Abstraction in Parameterized Systems

Introduction to our topic.

Overview of Parameterized Systems using a simple example.

(Infinite) Transition Systems arising from parameterized systems.

Introduced Ordering on the set of configurations.

Definiton and explanation of Monotomic Abstraction; based on the parameterized systems example.

30

Thank you for your attention.

Monotonic Abstraction in Parameterized Systems