VERIFICATION OF PARAMETERIZED SYSTEMS MONOTONIC ABSTRACTION IN PARAMETERIZED SYSTEMS NAVNEETA NAVEEN PATHAK Parosh Aziz Abdullah, Giorgio Delzanno, Ahmed Rezine

AGENDA  INTRODUCTION  PARAMETERIZED SYSTEMS  TRANSITION SYSTEMS  ORDERING  MONOTONIC ABSTRACTION Monotonic Abstraction in Parameterized Systems2

INTRODUCTION  Monotonic Abstraction as a simple and effective method to prove safety properties for Parameterized Systems with linear topologies.  Main idea : Monotonic Abstraction for considering a transition relation that is an over- approximation of the one induced by the parameterized system. 3Monotonic Abstraction in Parameterized Systems

MODEL CHECKING + ABSTRACTION Infinite-State System Abstraction Finite-State System Model Checking 4Monotonic Abstraction in Parameterized Systems

AGENDA  INTRODUCTION  PARAMETERIZED SYSTEMS  TRANSITION SYSTEMS  ORDERING  MONOTONIC ABSTRACTION Monotonic Abstraction in Parameterized Systems 5

PARAMETERIZED SYSTEMS  AIM : To verify correctness of the systems for the whole family of Parameterized Systems. Monotonic Abstraction in Parameterized Systems6 P1P1 P2P2 P3P3 PNPN P1P1 P2P2 P3P3 P4P4 PNPN

A parameterized system P is a triple (Q,X, T ), Q - set of local states, X - set of local variables, T - set of transition rules. A transition rule t is of the form: t: [ q | grd → stmt | q´ ] where q, q´ ϵ Q grd → stmt is a guarded command BG grd ϵ B(X) U G(X U Q) stmt : set of assignments DEFINITION 7Monotonic Abstraction in Parameterized Systems

V LR V L ∃ L t1t1 t6t6 t2t2 t3t3 t4t4 t5t5 Idle State – Initially all processes are in this state Critical State – Eventually a process will enter this state A process moves from Idle to Black state when it wants to access its critical section. Once a process moves from Black to Blue state, it “closes the door” on all processes in Idle state Parameterized System, P = (Q,T) Q = {Green, Black, Blue, Red} and T = {t 1, t 2, t 3. t 4, t 5, t 6 } where t 2, t 5, t 6 – Local transition rules t 1, t 4 – Universal Rules t 3 – Existential Rule 8Monotonic Abstraction in Parameterized Systems

AGENDA  INTRODUCTION  PARAMETERIZED SYSTEMS  TRANSITION SYSTEMS  ORDERING  MONOTONIC ABSTRACTION 9Monotonic Abstraction in Parameterized Systems

TRANSITION SYSTEMS A transition system T is a pair (C, ⇒ ) where, C - (infinite) set of configurations, ⇒ - binary relation on C, ⇒ * - reflexive transitive closure of ⇒ A configuration c ϵ C is a sequence u 1,......, u n of process states. i.e. corresponding to an instance of the system with n processes. 10Monotonic Abstraction in Parameterized Systems

The word below represents a configuration in an instance of system with 5 processes. t3t3 Valid Transitions t3t3 Invalid Transitions 11Monotonic Abstraction in Parameterized Systems

12 Initial Configuration Bad Configuration All configurations that have atleast 2 RED processes AIM : Init * Bad ? 12Monotonic Abstraction in Parameterized Systems

AGENDA  INTRODUCTION  PARAMETERIZED SYSTEMS  TRANSITION SYSTEMS  ORDERING  MONOTONIC ABSTRACTION 13Monotonic Abstraction in Parameterized Systems

ORDERING c 1, c 2 – configurations c 1 ≤ c 2 - c 1 is a subword of c 2 e.g. ≤ Upward Closed Configurations Set U of configurations is upward closed, if whenever c ϵ U and c ≤ c´ then c´ ϵ U. c – configuration, ĉ – denotes upward closed set U:= {c´ | c ≤ c´} ĉ contains all configurations larger than c w.r.t. ordering ≤. i.e. c is the generator of U 14Monotonic Abstraction in Parameterized Systems

Why Upward Closed Sets ? 1.All sets of Bad configurations (which are worked upon) are upward closed. 2.Upward closed sets have an efficient symbolic representation. i.e. For an upward closed set U, there are configurations c 1,....., c n with U = ĉ 1 U......U ĉ n 15Monotonic Abstraction in Parameterized Systems

16 Coverability Problem for Parameterized Systems To analyze safety properties. PAR-COV Instance Parameterized System, P = (Q,X,T) C F – upward-closed set of configurations Question Init * C F ?

Backward Reachability Analysis 17Monotonic Abstraction in Parameterized Systems For a set of configurations, C Use Pre(C) := {c | ∃c´ ϵ C; c → c´ } IDEA : i.Start with set of bad upward-closed configurations. ii.Apply function Pre repeatedly generating sequence U 0, U 1, U 2,.... where U 0 := Bad, and U i+1 := U i + Pre(U i ) for all i ≥ 0 Observation : set U i characterizes set of configurations from which set Bad is reachable within i steps

18 MONOTONICITY Monotonicity implies that upward closedness is preserved through the application of Pre. Consider: U – upward closed set, c 1 – member of Pre(U) and c 2 ≥ c 1 By Monotonicity, it can be proved that c 2 is also a member of Pre(U) Monotonic Abstraction in Parameterized Systems

19 AGENDA  INTRODUCTION  PARAMETERIZED SYSTEMS  TRANSITION SYSTEMS  ORDERING  MONOTONIC ABSTRACTION

MONOTONIC ABSTRACTION Monotonic Abstraction in Parameterized Systems20 An abstraction that generates over-approximation of the transition systems. The abstract transition system is monotonic. Hence, allowing one to work with upward closed sets. c1c1 c1c1 c1´c1´ c1´c1´ ≥ c2c2 c2c2 A

c 1 = = c 3 21 Local transitions are monotonic! Monotonic Abstraction in Parameterized Systems t2t2 Consider the local transition, Configuration c 2 = c 2 = c 4 This leads to c 4 ≥ c 2 and also maintains c 3 ≤ c 4. t2t2

Monotonic Abstraction in Parameterized Systems22 Existential transitions are monotonic! t3t3 t3t3 Consider the existential transition: c 1 = = c 3 Configuration, c 2 = c 2 = = c 4 Leading to c 4 ≥ c 3

Monotonic Abstraction in Parameterized Systems23 Non-monotonicity of Universal transitions Consider the following Universal transition: c 1 = = c 3 t 4 can be applied to c 1 as all process in the left context of the active process satisfy the condition of transition. Now consider c 2 = c 1 ≤ c 2 But t 4 is not enabled from c 2 since the left context of the active process violates the conditions of transition. t4t4

1.Work with Abstract transition relation → A. 2. → A is an monotonic abstraction (over-approximation) of the concrete relation →. 3.When t is universal, we have: c 1 → A c 2 iff c 1 ´ → c 2 for some c 1 ´ ≤ c 1 i.e. → A Since ≤ → Monotonic Abstraction in Parameterized Systems24 Solution! t t t4t4 t4t4

Monotonic Abstraction in Parameterized Systems25 Since,  c 1 ≤ c 2  c 1 → A c 3 implies c 2 → A c 3 Hence, Abstract transition relation is Monotonic, w.r.t. Universal Transitions. The Abstract transition relation is and over-approximation of the original transition relation ↓↓ If a safety property holds in the abstract model, then it will also hold in the concrete model. Solution.....

Monotonic Abstraction in Parameterized Systems26 Coverability Problem for Approximate Systems APRX-PAR-COV Instance Parameterized System, P = (Q,X,T) C F – upward-closed set of configurations Question Init * A C F ?

Monotonic Abstraction in Parameterized Systems27 A = ( U 1 ) 1 reflects the approximation of universal quantifiers Since ⊆ A A negative answer to APRX-PAR-COV implies a negative answer to PAR-COV.

CONCLUSION Monotonic Abstraction in Parameterized Systems28

Monotonic Abstraction in Parameterized Systems29  Introduction to our topic.  Overview of Parameterized Systems using a simple example.  (Infinite) Transition Systems arising from parameterized systems.  Introduced Ordering on the set of configurations.  Definiton and explanation of Monotomic Abstraction; based on the parameterized systems example.

Thank you for your attention. Monotonic Abstraction in Parameterized Systems30