Fair Cycle Detection: A New Algorithm and a Comparative Study

1
Fair Cycle DetectionA New Algorithm and a
Comparative Study

• Fabio Somenzi
• University of Colorado at Boulder

2
Acknowledgement

• This talk is the conflation of
• Kavita Ravi, Roderick Bloem, and Fabio Somenzi,
  A comparative study of symbolic algorithms for
  the computation of fair cycles
• Roderick Bloem, Hal Gabow, and Fabio Somenzi, An
  algorithm for strongly connected component
  analysis in n log n symbolic steps
• Both presented at FMCAD00

3
Model Checking

• Given
• A finite state transition structure
• A property (set of admissible behaviors) usually
  specified as
• Temporal logic formula
• ?-regular automaton
• Decide whether initial states of structure
  satisfy property

4
Properties

• Safety properties
• violation described as finite path
• Liveness properties
• infinite path (cycles)
• ?-regular automata acceptance, fairness
• Büchi, Muller, Rabin, Streett, L-process

5
SCC Decomposition

• Find all sets of nodes that can reach each other
  (Strongly Connected Components)
• SCC is trivial if it contains no edges
• Central graph problem
• Tarjans algorithm is linear, but explicit
• Find a good implicit algorithm

6
Motivation

• Fair cycle detection algorithms
• Symbolic vs. explicit state search
• Many symbolic algorithms, no systematic
  comparisons
• What really makes the difference?
• Can we improve over O(n2) ?

7
Outline

• Motivation
• Introduction
• Fair cycle algorithms
• A general framework
• Lockstep algorithm
• How do the different algorithms fare?
• Conclusions

8
Büchi Emptiness

• A Büchi automaton accepts at least a word if it
  has a nontrivial SCC that contains an accepting
  state
• Used in
• LTL model checking (Spin, SMV)
• Fair CTL model checking (VIS, SMV)
• Language-containment checking (COSPAN)
• If language not empty, produce witness

9
Notation

• CTL
• EX, EU, EG, EF (future tense, backward)
• EY, ES, EH, EP (past tense, forward)
• Fixpoint operators
• ?, ?

10
Symbolic Algorithms

• Sets are represented by their characteristic
  functions
• No loops over the elements of sets
• Instead
• Union, intersection, complementation
• Check for equality (emptiness)
• (Choice of one element)
• Image (EY), preimage (EX)

11
Symbolic Complexity

• Number of variables is important
• Sets of nodes have 1 set of variables
• Transition relation has 2 sets
• Number of variables sets for operations
• Boolean operations 1 set
• Image, preimage 2 sets
• Transitive closure 3 sets
• Our Measure is number of steps image and
  preimage
• Keep transition relation constant!

12
Known Complexity

• Measured in nodes (n)
• Known results (symbolic)
• SCC decomposition O(n2) Xie Beerel 99
• Büchi emptiness O(n2) Emerson Lei 86
• We also measure number of steps as function of
  number of nodes, but

13
Interesting Parameters

• n number of states
• d Diameter of the graph
• Largest (finite) of the shortest distances
  between two nodes
• h Height of the SCC quotient graph
• How many SCCs we can have along a path
• N Number of SCCs
• N Number of nontrivial SCCs
• C Number of fairness constraints

14
Outline

• Motivation
• Introduction
• Fair cycle algorithms
• A general framework
• Lockstep algorithm
• How do the different algorithms fare?
• Conclusions

15
Symbolic Fair Cycle Computations
16
SCC Hull Algorithms

• Generic SCC Hull algorithm (GSH)
• Emerson-Lei
• Hojati et al.
• Kesten et al.
• Hardin et al.

17
Generic SCC Hull Algorithm (GSH)

• SCC hull a set of states that contains all fair
  SCCs
• Operators
• TB EX(Z), E(Z U Z?c)
• TF EY(Z), E(Z S Z?c)
• Algorithm start with all states, at every
  iteration
• choose and apply an operator from TB or TF
  (operator schedules)
• converge when no change in state set under TB OR
  TF operators (weaker condition)

18
Instances of GSH Different operator schedules
19
SCC Quotient Graph
Trivial
Non-trivial
6
7
15
3
2
8
1
14
4
9
16
10
5
13
11
12
20
SCC Quotient Graph
Trivial
Non-trivial
Emerson-Lei, Hojati
6
7
15
3
2
8
1
14
4
9
16
10
5
13
11
12
21
SCC Quotient Graph
Trivial
Non-trivial
Hojati, Kesten
6
7
15
3
2
8
1
14
4
9
16
10
5
13
11
12
22
SCC Quotient Graph
Trivial
Non-trivial
Hojati, Hardin
6
7
15
3
2
8
1
14
4
9
16
10
5
13
11
12
23
SCC Quotient Graph
Trivial
Non-trivial
GSH (TF convergence)
6
7
15
3
2
8
1
14
4
9
16
10
5
13
11
12
GSH (TB convergence)
24
Generic SCC-Hull Algorithm

• TB EX(Z), E(Z U Z?ci)
• TF EY(Z), E(Z S Z?ci)

GSH (G, I, TB ,TF ) do Z Z ? PICK
(TB - ? , TF - ? ) Z ? (Z) until
(CONVERGED(Z, Z, TB ,TF , ?, ?))
25
Generic SCC-Hull Algorithm
CONVERGED (Z, Z, TB ,TF, ?, ?)) if (Z ?
Z) ? return FALSE
else ? ? ? ? return TB ? ?
? TF ? ?
26
Complexity in Steps

• n number of states
• C number of fairness constraints
• d diameter of graph
• N Number of SCCs (N non-trivial)
• h height of the SCC quotient graph

O(Cn2) complexity
27
Symbolic SCC Enumeration Algorithms

• Xie-Beerel
• IXB
• Bloem

28
Symbolic SCC Enumeration

• Find an SCC
• pick a state v
• compute the SCC of v as (EP(v)?EF(v))
• Check if SCC is fair
• Recur on the partitions

29
Symbolic SCC enumeration

• Xie-Beerel
• v is randomly chosen
• EF(v), EP(v) are SCC-closed sets
• Partition the state space
• EG(partition) applied to trim
• Complexity O(dN)

6
7
15
3
2
8
14
1
4
9
16
10
5
13
11
12
30
Symbolic SCC enumeration

• Improvements to Xie-Beerel
• trim with EH(partition) in addition to
  EG(partition)
• Improves complexity
• v is chosen from a priority queue
• Shortens prefix of counterexample

6
7
15
3
2
8
14
1
4
9
16
10
5
13
11
12
31
Outline

• Motivation
• Introduction
• Fair cycle algorithms
• A general framework
• Lockstep algorithm
• How do the different algorithms fare?
• Conclusions

32
Lockstep Algorithm

• Same basic approach as in Xie-Beerel
• Choose node v
• Search backward and forward, SCC of v is
  intersection
• Perform two searches simultaneously for n log n
  performance

33
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
34
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
35
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
36
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
37
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
Backwards search converged!
38
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
39
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
40
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
41
Lockstep by Example
Stage 1 Search forward and backward
until one converges Stage 2 Complete search
to find SCC Stage 3 Recursion
42
Picture of Search Space

• Recur on Black and Blue White both are
  SCC-closed
• One of Black and Blue White has lt n/2 nodes.
  This is S

V
43
Analysis Charging

• Amortized analysis charge to nodes and count
  total charge
• In Stage 1 at most S C steps
• Charge 1 to every node in S and C
• In Stage 2 at most C steps
• Charge 1 to every node in C

44
Analysis Total Charge
V1

• Every node goes down only one branch
• Stage 1 Every node is charged ? log n times
• Stage 2 Every node is charged ? 1 time
• Total charge n log n n O(n log n)

S1 lt V1/2
V2
S2 lt V2/2 lt V1/4
45
Sharper Analysis

• For Emerson-Lei O(dh)
• For Lockstep O(n log(dN/n))
• N is number of SCCs
• With optimization O(dNN) and O((dh)N)

46
Complexity Comparison
Symbolic SCC enumeration
SCC-Hull
O(Cn2) complexity
O(n log n)
O(n2)
N Number of non-trivial SCCs
47
Counterexamples

• Symbolic SCC enumeration algorithms
• Only one fair SCC
• Shortest prefix can be generated with onion rings
  
• SCC hull algorithms
• counterexample procedure depends on the computed
  hull i.e., location of fair SCCs

48
Counterexamples
Length of counterexample depends on the SCC hull
49
Summary

• SCC-hull algorithms
• Symbolic SCC enumeration algorithms
• Lockstep
• Performance depends on
• N, N, d, h, C
• Number of fair SCCs, location of the fair SCCs
• BDD factors?

50
Outline

• Motivation
• Introduction
• Fair cycle algorithms
• A general framework
• Lockstep algorithm
• How do the different algorithms fare?
• Conclusions

51
Experiments

• Implemented 5 algorithms in COSPAN
• Emerson-Lei, Hojati/Kesten, Hojati/Hardin, IXB,
  Lockstep
• Measured time, number of steps, length of
  counter-examples

52
Experiments No Fair Cycles
53
Experiments Fair Cycles
54
Experiments Length of Counterexamples
55
Experiments Summary

• Emerson-Lei seems no worse than others
• IXB, Lockstep designed to produce short
  counterexamples
• BDDs play a large role in actual performance

56
On-The-Fly Lockstep

• For example WV
• Lockstep takes 5779 s
• The fair path is very short (3,2)
• One (large) SCC is examined
• Stop as soon as B(v) ? F(v) intersects all fair
  sets
• A fair cycle is guaranteed in B(v) ? F(v)

57
Outline

• Motivation
• Introduction
• Fair cycle algorithms
• A general framework
• Lockstep algorithm
• How do the different algorithms fare?
• Conclusions

58
Conclusions

• Compared various symbolic algorithms
• provided a classification, generalized some
  algorithms
• Studied performance with experiments
• Future work
• Forward vs. Backward, BDD effects
• Streett acceptance
• Hybrid algorithms?

59
Conclusions

• n log n symbolic algorithm for
• SCC decomposition,
• Büchi emptiness,
• Streett emptiness,
• measured in images/preimages
• Improves n 2 previously known bounds
• When measured more sharply Lockstep incomparable
  with EL

60
Conclusions

• Lockstep useful for counterexample generation
• Future work parallelizing algorithms that change
  transition relation or even use extra variables