Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes Reid G. Simmons (initial work performed at HTC, Summer 2001)

Slides:



Advertisements
Similar presentations
Tests of Hypotheses Based on a Single Sample
Advertisements

Chapter 7 Hypothesis Testing
Introduction to Hypothesis Testing
MaC Monitoring and Checking at Runtime (Continue) Presented By Usa Sammapun CIS 700 Oct 12, 2005.
SAT-Based Planning Using Propositional SAT- Solvers to Search for Plans.
Dana Nau: Lecture slides for Automated Planning Licensed under the Creative Commons Attribution-NonCommercial-ShareAlike License:
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Lesson 5 - Decision Structure By: Dan Lunney
Statistical Probabilistic Model Checking Håkan L. S. Younes Carnegie Mellon University.
CS 355 – Programming Languages
Ymer: A Statistical Model Checker Håkan L. S. Younes Carnegie Mellon University.
A Hybridized Planner for Stochastic Domains Mausam and Daniel S. Weld University of Washington, Seattle Piergiorgio Bertoli ITC-IRST, Trento.
Symbolic Logic. Objectives Determine if a sentence or question is a statement or not. Write a sentence that represents the negation of a given statement.
Planning under Uncertainty
Precise Inter-procedural Analysis Sumit Gulwani George C. Necula using Random Interpretation presented by Kian Win Ong UC Berkeley.
1 Discrete Structures CS 280 Example application of probability: MAX 3-SAT.
Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes.
ESE601: Hybrid Systems Introduction to verification Spring 2006.
8-2 Basics of Hypothesis Testing
Chapter 4 MATLAB Programming Logical Structures Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
VESTA: A Statistical Model- checker and Analyzer for Probabilistic Systems Authors: Koushik Sen Mahesh Viswanathan Gul Agha University of Illinois at Urbana-Champaign.
Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.
Antoine Girard VAL-AMS Project Meeting April 2007 Behavioral Metrics for Simulation-based Circuit Validation.
Definitions In statistics, a hypothesis is a claim or statement about a property of a population. A hypothesis test is a standard procedure for testing.
272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.
A Framework for Planning in Continuous-time Stochastic Domains Håkan L. S. Younes Carnegie Mellon University David J. MuslinerReid G. Simmons Honeywell.
Policy Generation for Continuous-time Stochastic Domains with Concurrency Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.
Predicates and Quantifiers
Software Systems Verification and Validation Laboratory Assignment 3
1 © Lecture note 3 Hypothesis Testing MAKE HYPOTHESIS ©
Hypothesis Tests In statistics a hypothesis is a statement that something is true. Selecting the population parameter being tested (mean, proportion, variance,
Planning with Concurrency in Continuous-time Stochastic Domains (thesis proposal) Håkan L. S. Younes Thesis Committee: Reid G. Simmons (chair) Geoffrey.
UPPAAL Ghaith Haddad. Introduction UPPAAL is a tool for modeling, validation and verification of real-time systems. Appropriate for systems that can be.
Planning and Verification for Stochastic Processes with Asynchronous Events Håkan L. S. Younes Carnegie Mellon University.
Slide Slide 1 Chapter 8 Hypothesis Testing 8-1 Overview 8-2 Basics of Hypothesis Testing 8-3 Testing a Claim about a Proportion 8-4 Testing a Claim About.
Copyright 2013, 2010, 2007, Pearson, Education, Inc. Section 3.7 Switching Circuits.
110/19/2015CS360 AI & Robotics AI Application Areas  Neural Networks and Genetic Algorithms  These model the structure of neurons in the brain  Humans.
Hypothesis Tests In statistics a hypothesis is a statement that something is true. Selecting the population parameter being tested (mean, proportion, variance,
Chapter 1, Part II: Predicate Logic With Question/Answer Animations.
Logic Disjunction A disjunction is a compound statement formed by combining two simple sentences using the word “OR”. A disjunction is true when at.
1 Chapter 8 Hypothesis Testing 8.2 Basics of Hypothesis Testing 8.3 Testing about a Proportion p 8.4 Testing about a Mean µ (σ known) 8.5 Testing about.
1 Building The Ultimate Consistent Reader. 2 Introduction We’ve already built a consistent reader (cube-Vs.-point)... Except it had variables ranging.
The Class NP Lecture 39 Section 7.3 Mon, Nov 26, 2007.
Slide Slide 1 Copyright © 2007 Pearson Education, Inc Publishing as Pearson Addison-Wesley. Overview.
Extending PDDL to Model Stochastic Decision Processes Håkan L. S. Younes Carnegie Mellon University.
Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. Younes Carnegie Mellon University.
Chapter 2 Logic 2.1 Statements 2.2 The Negation of a Statement 2.3 The Disjunction and Conjunction of Statements 2.4 The Implication 2.5 More on Implications.
1 Definitions In statistics, a hypothesis is a claim or statement about a property of a population. A hypothesis test is a standard procedure for testing.
Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes.
1 Section 8.2 Basics of Hypothesis Testing Objective For a population parameter (p, µ, σ) we wish to test whether a predicted value is close to the actual.
C HAPTER 3 Describing Syntax and Semantics. D YNAMIC S EMANTICS Describing syntax is relatively simple There is no single widely acceptable notation or.
Section 1.4. Propositional Functions Propositional functions become propositions (and have truth values) when their variables are each replaced by a value.
Håkan L. S. YounesDavid J. Musliner Carnegie Mellon UniversityHoneywell Laboratories Probabilistic Plan Verification through Acceptance Sampling.
 Conjunctive Normal Form: A logic form must satisfy one of the following conditions 1) It must be a single variable (A) 2) It must be the negation of.
Simple Logic.
Chapter 7. Propositional and Predicate Logic
Statistical probabilistic model checking
Chapter 4 MATLAB Programming
When we free ourselves of desire,
Chapter 9: Hypothesis Testing
Statistical Model-Checking of “Black-Box” Probabilistic Systems VESTA
On Statistical Model Checking of Stochastic Systems
Chapter 7. Propositional and Predicate Logic
More About Tests Notes from
Section 3.7 Switching Circuits
Statistical Probabilistic Model Checking
Introduction to verification
Presentation transcript:

Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes Reid G. Simmons (initial work performed at HTC, Summer 2001)

May 30, 2002Carnegie Mellon Introduction Goal: Verify temporal properties of general discrete event systems Probabilistic, real-time properties Expressed using CSL Approach: Acceptance sampling Guaranteed error bounds Any-time properties

May 30, 2002Carnegie Mellon “The Hungry Stork” System “The probability is at least 0.7 that the stork satisfies its hunger within 180 seconds”

May 30, 2002Carnegie Mellon “The Hungry Stork” as a Discrete Event System hungry

May 30, 2002Carnegie Mellon “The Hungry Stork” as a Discrete Event System hungry hungry, hunting 40 secstork sees frog

May 30, 2002Carnegie Mellon “The Hungry Stork” as a Discrete Event System hungry 40 secstork sees frog hungry, hunting, seen hungry, hunting 19 secfrog sees stork

May 30, 2002Carnegie Mellon “The Hungry Stork” as a Discrete Event System hungry, hunting, seen not hungry hungry, hunting hungry 40 sec19 sec2 sec stork sees frogfrog sees storkstork eats frog

May 30, 2002Carnegie Mellon “The Hungry Stork” as a Discrete Event System hungry, hunting, seen not hungry hungry, hunting hungry 40 sec19 sec2 sec stork sees frogfrog sees storkstork eats frog For this execution path, at least, the property holds… (total time < 180 sec)

May 30, 2002Carnegie Mellon Verifying Probabilistic Properties Properties of the form: Pr ≥  (X) Symbolic Methods + Exact solutions - Works for a restricted class of systems Sampling + Works for all systems that can be simulated - Solutions not guaranteed

May 30, 2002Carnegie Mellon Our Approach: Acceptance Sampling Use simulation to generate sample execution paths Samples based on stochastic discrete event models How many samples are “enough”? Probability of false negatives ≤  Probability of false positives ≤ 

May 30, 2002Carnegie Mellon Performance of Test Actual probability of X holding Probability of accepting Pr ≥  (X) as true  1 –  

May 30, 2002Carnegie Mellon Ideal Performance Actual probability of X holding Probability of accepting Pr ≥  (X) as true  1 –   False negatives False positives

May 30, 2002Carnegie Mellon Actual Performance  –  +  Indifference region Actual probability of X holding Probability of accepting Pr ≥  (X) as true  1 –   False negatives False positives

May 30, 2002Carnegie Mellon Sequential Acceptance Sampling True, false, or another sample? Hypothesis: Pr ≥  (X)

May 30, 2002Carnegie Mellon Graphical Representation of Sequential Test Number of samples Number of positive samples

May 30, 2002Carnegie Mellon Graphical Representation of Sequential Test We can find an acceptance line and a rejection line given , , , and  Reject Accept Continue sampling Number of samples Number of positive samples

May 30, 2002Carnegie Mellon Graphical Representation of Sequential Test Reject Accept Continue sampling Number of samples Number of positive samples

May 30, 2002Carnegie Mellon Graphical Representation of Sequential Test Reject Accept Continue sampling Number of samples Number of positive samples

May 30, 2002Carnegie Mellon Verifying Properties Verify Pr ≥  (  ) with error bounds  and  Generate sample execution paths using simulation Verify  over each sample execution path If  is true, then we have a positive sample If  is false, then we have a negative sample Use sequential acceptance sampling to test the hypothesis Pr ≥  (  ) How to express probabilistic, real-time temporal properties as acceptance tests?

May 30, 2002Carnegie Mellon Continuous Stochastic Logic (CSL) State formulas Standard logic operators: ¬ ,  1   2 … Probabilistic operator: Pr ≥  (  ) Path formulas Time-bounded Until:  1 U ≤t  2 Pr ≥0.7 (true U ≤180 ¬hungry) Pr ≥0.9 (Pr ≤0.1 (queue-full) U ≤60 served)

May 30, 2002Carnegie Mellon Verification of Conjunction Verify  1   2  …   n with error bounds  and  What error bounds to choose for the  i ’s? Naïve:  i =  /n,  i =  /n Accept if all conjuncts are true Reject if some conjunct is false

May 30, 2002Carnegie Mellon “Fast reject” Verification of Conjunction Verify  1   2  …   n with error bounds  and  1. Verify each  i with error bounds  and  ’ 2. Return false as soon as any  i is verified to be false 3. If all  i are verified to be true, verify each  i again with error bounds  and  /n 4. Return true iff all  i are verified to be true

May 30, 2002Carnegie Mellon Verification of Conjunction “Rigorous accept” Verify  1   2  …   n with error bounds  and  1. Verify each  i with error bounds  and  ’ 2. Return false as soon as any  i is verified to be false 3. If all  i are verified to be true, verify each  i again with error bounds  and  /n 4. Return true iff all  i are verified to be true

May 30, 2002Carnegie Mellon Verification of Path Formulas To verify  1 U ≤t  2 with error bounds  and  Convert to disjunction  1 U ≤t  2 holds if  2 holds in the first state, or if  2 holds in the second state and  1 holds in all prior states, or …

May 30, 2002Carnegie Mellon More on Verifying Until Given  1 U ≤t  2, let n be the index of the first state more than t time units away from the current state Disjunction of n conjunctions c 1 through c n, each of size i Simplifies if  1 or  2, or both, do not contain any probabilistic statements

May 30, 2002Carnegie Mellon Verification of Nested Probabilistic Statements Suppose , in Pr ≥  (  ), contains probabilistic statements True, false, or another sample?

May 30, 2002Carnegie Mellon Verification of Nested Probabilistic Statements Suppose , in Pr ≥  (  ), contains probabilistic statements Pr ≥0.9 (Pr ≤0.1 (queue-full) U ≤60 served) How to specify the error bounds  ’ and  ’ when verifying  ?

May 30, 2002Carnegie Mellon Modified Test find an acceptance line and a rejection line given , , , ,  ’, and  ’: Reject Accept Continue sampling With  ’ and  ’ = 0 Number of samples Number of positive samples

May 30, 2002Carnegie Mellon Modified Test find an acceptance line and a rejection line given , , , ,  ’, and  ’: With  ’ and  ’ > 0 Reject Accept Continue sampling Number of samples Number of positive samples

May 30, 2002Carnegie Mellon Performance  =0.9  =0.7  =0.5 p log E p [n]

May 30, 2002Carnegie Mellon Performance p log E p [n]  =0.005  =0.01  =0.02

May 30, 2002Carnegie Mellon Performance p log E p [n]  =  =0.001  =  =0.01  =  =0.1

May 30, 2002Carnegie Mellon Summary Algorithm for probabilistic verification of discrete event systems Sample execution paths generated using simulation Probabilistic properties verified using sequential acceptance sampling Properties specified using CSL

May 30, 2002Carnegie Mellon Future Work Apply to hybrid dynamic systems Develop heuristics for formula ordering and parameter selection Use verification to aid policy generation for real-time stochastic domains

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.