Shortest Violation Traces in Model Checking Based on Petri Net Unfoldings and SAT Victor Khomenko University of Newcastle upon Tyne Supported by IST project.

Slides:

Advertisements

Similar presentations

PID Control Loops Guy Zebrick.

Advertisements

The Coin Game. SUPPLY CHAIN BASICS Key Learning Points: The dynamics of a supply chain The benefits to be gained from Supply Chain Visibility Demand/Supply.

Exploiting SAT solvers in unbounded model checking

1 Concurrency: Deadlock and Starvation Chapter 6.

Questionnaire on Water Consumption in Sweden P1 From what source do you consume water from most frequently ? P2 Is your home connected to the public system.

Fakultät für informatik informatik 12 technische universität dortmund Petri Nets Peter Marwedel TU Dortmund, Informatik 12 Graphics: © Alexandra Nolte,

Exploiting SAT solvers in unbounded model checking K. L. McMillan Cadence Berkeley Labs.

International Technology Alliance In Network & Information Sciences International Technology Alliance In Network & Information Sciences 1 Interference.

Analysis of Algorithms

WS-Policy F2F Austin, TX July 2006 Report on WS-Policy Interop Workshop of April 2006 (Round 3) Toufic Boubez Layer 7 Technologies.

Theoretical Probability

Theoretical Probability

Modeling of Signaling Pathways Based on Petri nets

P1 RJM 16/10/02EG1C2 Engineering Maths: Matrix Algebra Tutorial 1 A mass (weight 20N) is suspended by two wires as shown in the figure: relevant distances.

Modeling Software Systems Lecture 2 Book: Chapter 4.

DCSP-20 Jianfeng Feng Department of Computer Science Warwick Univ., UK

Modeling issues Book: chapters 4.12, 5.4, 8.4, 10.1.

1 Two dimensional thining Let P =(V, m, n, B) and P ' = (V, m, n, B - D) be digital pictures, where D B. Then we say that P' is obtained from P by deleting.

Algorithms for Geometric Covering and Piercing Problems Robert Fraser PhD defence Nov. 23, 2012.

OLAP Over Uncertain and Imprecise Data T.S. Jayram (IBM Almaden) with Doug Burdick (Wisconsin), Prasad Deshpande (IBM), Raghu Ramakrishnan (Wisconsin),

Online Event-driven Subsequence Matching over Financial Data Streams Huanmei Wu,Betty Salzberg, Donghui Zhang Northeastern University, College of Computer.

Scalable Data Partitioning Techniques for Parallel Sliding Window Processing over Data Streams DMSN 2011 Cagri Balkesen & Nesime Tatbul.

School of Computer Science & Software Engineering

Principles of Engineering System Design Dr T Asokan

Ken C. K. Lee, Baihua Zheng, Huajing Li, Wang-Chien Lee VLDB 07 Approaching the Skyline in Z Order 1.

Chris Morgan, MATH G160 January 30, 2012 Lecture 9 Chapter 4.1: Combinations 1.

Minimum Weight Plastic Design For Steel-Frame Structures EN 131 Project By James Mahoney.

Intel Software College Tuning Threading Code with Intel® Thread Profiler for Explicit Threads.

1 Petri Nets I Paul Fishwick author From

Outline Introduction Assumptions and notations

Slide 5-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 5 5 Device Management.

Sistemas Digitais I LESI - 2º ano Lesson 3 - Boolean Algebra U NIVERSIDADE DO M INHO E SCOLA DE E NGENHARIA Prof. João Miguel Fernandes

BME - Budapest University of Technology and Economics 1872 BME - Budapest University of Technology and Economics 1872 RESEARCH at BME.

Computer Graphics 4: Viewing In 2D

Anupam Saxena Associate Professor Indian Institute of Technology KANPUR

1 Code Generation The target machine Instruction selection and register allocation Basic blocks and flow graphs A simple code generator Peephole optimization.

Petri Net1 :Abstract formal model of information flow Major use: Modeling of systems of events in which it is possible for some events to occur concurrently,

Vasileios Germanos 1, Stefan Haar 2, Victor Khomenko 1, and Stefan Schwoon 2 1 School of Computing Science, Newcastle University, UK 2 INRIA & LSV (ENS.

On Specification and Verification of Location- Based Fault Tolerant Mobile Systems Alexei Iliasov, Victor Khomenko, Maciej Koutny and Alexander Romanovsky.

Is there anything more to RS than just recommending movies and songs?

Splines IV – B-spline Curves

Properties of Exponents

Geometry Introduction

Construction of a regular pentagon Dr Andrew French Const. Pent. p1 of 10. A.French 2012.

Checking  -Calculus Structural Congruence is Graph Isomorphism Complete Victor Khomenko 1 and Roland Meyer 2 1 School of Computing Science, Newcastle.

On Dynamic Load Balancing on Graphics Processors Daniel Cederman and Philippas Tsigas Chalmers University of Technology.

Distributed Computing 9. Sorting - a lower bound on bit complexity Shmuel Zaks ©

Datorteknik F1 bild 1 Higher Level Parallelism The PRAM Model Vector Processors Flynn Classification Connection Machine CM-2 (SIMD) Communication Networks.

1 Undirected Graphical Models Graphical Models – Carlos Guestrin Carnegie Mellon University October 29 th, 2008 Readings: K&F: 4.1, 4.2, 4.3, 4.4,

Compiler Construction

A. S. Morse Yale University University of Minnesota June 4, 2014 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A.

Chapter 6 Intermediate Code Generation

Concurrent Operational Semantics of Safe Time Petri Nets Claude Jard European University of Brittany, ENS Cachan Bretagne, IRISA Campus de Ker-Lann,

Merged Processes of Petri nets Victor Khomenko Joint work with Alex Kondratyev, Maciej Koutny and Walter Vogler.

Logic Synthesis for Asynchronous Circuits Based on Petri Net Unfoldings and Incremental SAT Victor Khomenko, Maciej Koutny, and Alex Yakovlev University.

1 Boolean Satisfiability in Electronic Design Automation (EDA ) By Kunal P. Ganeshpure.

Resolution of Encoding Conflicts by Signal Insertion and Concurrency Reduction based on STG Unfoldings V. Khomenko, A. Madalinski and A. Yakovlev University.

Behaviour-Preserving Transition Insertions in Unfolding Prefixes

Branching Processes of High-Level Petri Nets Victor Khomenko and Maciej Koutny University of Newcastle upon Tyne.

Parallel LTL-X Model Checking of High- Level Petri Nets Based on Unfoldings Claus Schröter* and Victor Khomenko** *University of Stuttgart, Germany **University.

A New Type of Behaviour- Preserving Transition Insertions in Unfolding Prefixes Victor Khomenko.

Detecting State Coding Conflicts in STGs Using SAT Victor Khomenko, Maciej Koutny, and Alex Yakovlev University of Newcastle upon Tyne.

Derivation of Monotonic Covers for Standard C Implementation Using STG Unfoldings Victor Khomenko.

Merged processes – a new condensed representation of Petri net behaviour V.Khomenko 1, A.Kondratyev 2, M.Koutny 1 and W.Vogler 3 1 University of Newcastle.

HELSINKI UNIVERSITY OF TECHNOLOGY *Laboratory for Theoretical Computer Science Helsinki University of Technology **Department of Computing Science University.

Structural methods for synthesis of large specifications

Recovering and Exploiting Structural Knowledge from CNF Formulas

Victor Khomenko and Andrey Mokhov

Canonical Computation without Canonical Data Structure

Presentation transcript:

Shortest Violation Traces in Model Checking Based on Petri Net Unfoldings and SAT Victor Khomenko University of Newcastle upon Tyne Supported by IST project (RODIN)

2 Shortest violation traces Can be much shorter than the first computed trace Do not contain incidental system activity unrelated to the found error Facilitate debugging, saving the designer’s time

3 Petri net unfolding prefixes Partial-order semantics of PNs Concurrency represented explicitly, using an acyclic PN Alleviate the state space explosion problem Efficient model checking algorithms

4 Dining Philosophers P5P5 P 13 T1T1 P3P3 T3T3 P2P2 T2T2 P1P1 T5T5 P6P6 T4T4 P4P4 P7P7 P8P8 P9P9 P 11 P 10 P 14 P 12 T9T9 T7T7 T 10 T6T6 T8T8 T1T1 P1P1 T2T2 T3T3 P2P2 P3P3 P4P4 P5P5 T4T4 P6P6 T5T5 P1P1 P7P7 P8P8 P7P7 P8P8 P9P9 T6T6 T7T7 P 10 P 11 T8T8 P 13 P 12 T9T9 P 14 T 10 P9P9 P7P7 P8P8

5 Model checking on PN unfoldings A Boolean expression  is built using the prefix, such that:   is unsatisfiable iff the property holds  Every satisfiable assignment of  gives a violation trace  has a form CONF  VIOL Some of the variables of  are associated with the events of the prefix

6 CONF: Causality If an e is executed than its causal predecessors are also executed (it’s enough to require that the direct predecessors of e are executed) T1T1 P1P1 T2T2 T3T3 P2P2 P3P3 P4P4 P5P5 T4T4 P6P6 T5T5 P1P1 P7P7 P8P8 P7P7 P8P8 P9P9 T6T6 T7T7 P 10 P 11 T8T8 P 13 P 12 T9T9 P 14 T 10 P9P9 P7P7 P8P8 e

7 CONF: Conflicts If an e is executed than events in conflict cannot be executed (it’s enough to require that the events in direct conflict with e are not executed) T1T1 P1P1 T2T2 T3T3 P2P2 P3P3 P4P4 P5P5 T4T4 P6P6 T5T5 P1P1 P7P7 P8P8 P7P7 P8P8 P9P9 T6T6 T7T7 P 10 P 11 T8T8 P 13 P 12 T9T9 P 14 T 10 P9P9 P7P7 P8P8 e

8 VIOL: Deadlock For every e: either some direct predecessor is not executed, or an event in direct conflict has fired, or e itself has fired T1T1 P1P1 T2T2 T3T3 P2P2 P3P3 P4P4 P5P5 T4T4 P6P6 T5T5 P1P1 P7P7 P8P8 P7P7 P8P8 P9P9 T6T6 T7T7 P 10 P 11 T8T8 P 13 P 12 T9T9 P 14 T 10 P9P9 P7P7 P8P8 e

9 Computing shortest traces input:  - a Boolean expression output: T - a shortest violation trace or UNSAT A  SAT_Assignment(  ); if A = UNSAT then T  UNSAT; stop T  Extract_Trace(A); r  |T|; l  0; while l < r do t   (l + r)/2  ; A  SAT_Assignment(   Threshold t ); if A = UNSAT then l = t + 1 else T  Extract_Trace(A); r  |T|;

10 Threshold constraint First build a Boolean circuit and then translate it into a boolean expression (linear translation is possible by adding new variables) Try to minimize the changes in the circuit if the threshold changes – good for incremental SAT … n O(log n)

11 Implementation of the counter n Size (if n is a power of 2): 4n – 2 log 2 n – 4 auxiliary variables 16n – 10 log 2 n – 16 clauses 52n – 36 log 2 n – 52 literals Linear translation  Large multiplicative constants

12 Exploiting conflicts Events in a conflict cluster are mutually exclusive An  -gate can be used as a counter T1T1 P1P1 T2T2 T3T3 P2P2 P3P3 P4P4 P5P5 T4T4 P6P6 T5T5 P1P1 P7P7 P8P8 P7P7 P8P8 P9P9 T6T6 T7T7 P 10 P 11 T8T8 P 13 P 12 T9T9 P 14 T 10 P9P9 P7P7 P8P8 Conflict cluster

13 Implementation of the counter Significant gains if the number of clusters is much smaller than the number of events Need to partition the prefix into the minimum number of conflict clusters An NP-complete problem (reduction from partition into cliques) A greedy algorithm can be used in practice n \/

14 Exploiting causality If an event in a cluster has fired, some event in a preceding cluster has also fired If Cl 1 <Cl 2 <…<Cl n, then the outputs of the corresponding  -gates are ordered T1T1 P1P1 T2T2 T3T3 P2P2 P3P3 P4P4 P5P5 T4T4 P6P6 T5T5 P1P1 P7P7 P8P8 P7P7 P8P8 P9P9 T6T6 T7T7 P 10 P 11 T8T8 P 13 P 12 T9T9 P 14 T 10 P9P9 P7P7 P8P8

15 Implementation of the counter A sort-adder is simpler than a conventional one! 33 22 sort-  1 22 n \/

16 Partitioning into chains of clusters Gains if the number of ordered chains of clusters is small Need to partition the conflict clusters into the minimum number of ordered chains The problem can be reduced to maximum matching in bipartite graphs and solved in polynomial time, but this might be inefficient due to the need to work with an implicitly represented graph A greedy algorithm can be used in practice

17 Experimental results The first computed violation trace can be much longer than a shortest one – computing shortest violation traces can indeed greatly facilitate the debugging process The number of conflict clusters is by many orders of magnitude smaller than the number of events – significant reductions in the size of threshold constraint

18 The ideal case If the adder tree can be implemented as a single  -gate:  1 (rather than 4n – 2 log 2 n – 4) auxiliary variables  n+1 (rather than 16n – 10 log 2 n – 16) clauses  3n+1 (rather than 52n – 36 log 2 n – 52) literals Improvement ratios for n  :  variables:   clauses: 16  literals: 17⅓

19 Experimental results: variables

20 Experimental results: clauses

21 Experimental results: literals