Probabilistic Verification of Discrete Event Systems - PowerPoint PPT Presentation

About This Presentation

Title:

Probabilistic Verification of Discrete Event Systems

Description:

'The probability is at least 0.7 that the stork satisfies its hunger within 180 seconds' ... A stork hunting for frogs. The CMU post office. The Swedish ... – PowerPoint PPT presentation

Number of Views:20

Avg rating:3.0/5.0

Slides: 55

Provided by: hak78

Learn more at: http://www.tempastic.org

Category:

more less

Transcript and Presenter's Notes

Title: Probabilistic Verification of Discrete Event Systems

1
Probabilistic Verification of Discrete Event
Systems

Håkan L. S. Younes

2
Introduction

Verify properties of discrete event systems
Probabilistic and real-time properties
Properties expressed using CSL
Acceptance sampling
Guaranteed error bounds

3
The Hungry Stork
4
The Hungry Stork
System
The probability is at least 0.7 that the stork
satisfies its hunger within 180 seconds
5
Systems

A stork hunting for frogs
The CMU post office
The Swedish telephone system
The solar system

6
Discrete Event Systems

Discrete state changes at the occurrence of
events
A stork hunting for frogs
The CMU post office
The Swedish telephone system
The solar system

7
The Hungry Stork as aDiscrete Event System
hungry
8
The Hungry Stork as aDiscrete Event System
stork sees frog
hungry,hunting
hungry
40 sec
9
The Hungry Stork as aDiscrete Event System
stork sees frog
frog sees stork
hungry,hunting,seen
hungry,hunting
hungry
40 sec
19 sec
10
The Hungry Stork as aDiscrete Event System
stork sees frog
frog sees stork
stork eats frog
hungry,hunting,seen
not hungry
hungry,hunting
hungry
40 sec
19 sec
1 sec
11
Sample Execution Paths
stork sees frog
frog sees stork
stork eats frog
hungry,hunting,seen
not hungry
hungry,hunting
hungry
40 sec
19 sec
1 sec
12
Properties of Interest

Probabilistic real-time properties
The probability is at least 0.7 that the stork
satisfies its hunger within 180 seconds

13
Properties of Interest

Probabilistic real-time properties
The probability is at least 0.7 that the stork
satisfies its hunger within 180 seconds

14
Verifying Real-time Properties

The stork satisfies its hunger within 180
seconds

stork sees frog
frog sees stork
stork eats frog
hungry,hunting,seen
not hungry
hungry,hunting
hungry
40 sec
19 sec
1 sec
True!
15
Verifying Real-time Properties

The stork satisfies its hunger within 180
seconds

stork sees frog
Stork eats frog
not hungry
hungry,hunting
hungry
165 sec
30 sec
False!
16
Verifying Probabilistic Properties

The probability is at least 0.7 that X
Symbolic Methods
Pro Exact solution
Con Works for a restricted class of systems
Sampling
Pro Works for all systems that can be simulated
Con Uncertainty in correctness of solution

17
Our Approach

Use simulation to generate sample execution paths
Use sequential acceptance sampling to verify
probabilistic properties

18
Error Bounds

Probability of false negative ?
We say that P is false when it is true
Probability of false positive ?
We say that P is true when it is false

19
Acceptance Sampling

Hypothesis The probability is at least ? that X

20
Acceptance Sampling

Hypothesis Pr?(X)

21
SequentialAcceptance Sampling

Hypothesis Pr?(X)

22
Performance of Test
23
Ideal Performance
24
Actual Performance
25
Graphical Representation of Sequential Test
26
Graphical Representation of Sequential Test

We can find an acceptance line and a rejection
line given ?, ?, ?, and ?

27
Graphical Representation of Sequential Test

Reject hypothesis

28
Graphical Representation of Sequential Test

Accept hypothesis

29
Continuous Stochastic Logic (CSL)

State formulas
Truth value is determined in a single state
Path formulas
Truth value is determined over an execution path

30
State Formulas

Standard logic operators ?, ?1 ? ?2
Probabilistic operator Pr?(?)
True iff probability is at least ? that ? holds
Pr0.7(The stork satisfies its hunger within 180
seconds)

31
Path Formulas

Until ?1 Ut ?2
Holds iff ?2 becomes true in some state along the
execution path before time t, and ?1 is true in
all prior states
The stork satisfies its hunger within 180
seconds true U180 hungry

32
Expressing Properties in CSL

The probability is at least 0.7 that the stork
satisfies its hunger within 180 seconds
Pr0.7(true U180 hungry)
The probability is at least 0.9 that the
customer is served within 60 seconds and remains
happy while waiting
Pr0.9(happy U60 served)

33
Semantics of Until

true U180 hungry

hungry,hunting,seen
hungry
hungry,hunting
hungry
40 sec
19 sec
1 sec
True!
34
Semantics of Until

true U180 hungry

hungry
hungry,hunting
hungry
165 sec
30 sec
False!
35
Semantics of Until

happy U60 served

happy,served
served
happy,served
happy,served
17 sec
13 sec
5 sec
False!
36
Verifying Probabilistic Statements

Verify Pr?(?) with error bounds ? and ?
Generate sample execution paths using simulation
Verify ? over each sample execution path
If ? is true, then we have a positive sample
If ? is false, then we have a negative sample
Use sequential acceptance sampling to test the
hypothesis Pr?(?)

37
Verification of Nested Probabilistic Statements

Suppose ?, in Pr?(?), contains probabilistic
statements
Pr0.8(true U60 Pr0.9(true U30 hungry))
Error bounds ? and ? when verifying ?

38
Verification of Nested Probabilistic Statements

Suppose ?, in Pr?(?), contains probabilistic
statements

39
Modified Test

Find an acceptance line and a rejection line
given ?, ?, ?, ?, ?, and ?

40
Modified Test

Find an acceptance line and a rejection line
given ?, ?, ?, ?, ?, and ?

Accept
Continue sampling
Reject
41
Verification of Negation

To verify ? with error bounds ? and ?
Verify ? with error bounds ? and ?

42
Verification of Conjunction

Verify ?1 ? ?2 ? ? ?n with error bounds ? and ?
Accept if all conjuncts are true
Reject if some conjunct is false

43
Acceptance of Conjunction

Accept if all conjuncts are true
Accept all ?i with bounds ?i and ?i
Probability at most ?i that ?i is false
Therefore Probability at most ?1 ?n that
conjunction is false
For example, choose ?i ?/n
Note ?i unconstrained

44
Rejection of Conjunction

Reject if some conjunct is false
Reject some ?i with bounds ?i and ?i
Probability at most ?i that ?i is true
Therefore Probability at most ?i that
conjunction is true
Choose ?i ?
Note ?i unconstrained

45
Putting it Together

To verify ?1 ? ?2 ? ? ?n with error bounds ?
and ?
Verify each ?i with error bounds ? and ?
Return false as soon as any ?i is verified to be
false
If all ?i are verified to be true, verify each ?i
again with error bounds ? and ?/n
Return true iff all ?i are verified to be true

Fast reject
46
Putting it Together

To verify ?1 ? ?2 ? ? ?n with error bounds ?
and ?
Verify each ?i with error bounds ? and ?
Return false as soon as any ?i is verified to be
false
If all ?i are verified to be true, verify each ?i
again with error bounds ? and ?/n
Return true iff all ?i are verified to be true

Rigorous accept
47
Verification of Path Formulas

To verify ?1 Ut ?2 with error bounds ? and ?
Convert to disjunction
?1 Ut ?2 holds if ?2 holds in the first state,
or if ?2 holds in the second state and ?1 holds
in all prior states, or

48
More on Verifying Until

Given ?1 Ut ?2, let n be the index of the first
state more than t time units away from the
current state
Disjunction of n conjunctions c1 through cn, each
of size i
Simplifies if ?1 or ?2, or both, do not contain
any probabilistic statements

49
Example
hungry

Verify Pr0.7(true U180 hungry) inwith ? ?
0.1 and ? 0.1

Simulator
50
Example
hungry

Verify Pr0.7(true U180 hungry) inwith ? ?
0.1 and ? 0.1

hungry
40
hungry, hunting
19
hungry, hunting, seen
1
hungry
Total time 0 sec
Total time 40 sec
Total time 59 sec
Total time 60 sec
51
Example
hungry

Verify Pr0.7(true U180 hungry) inwith ? ?
0.1 and ? 0.1

hungry
63
hungry, hunting
25
hungry, hunting, seen
2
hungry,tired
93
hungry
Total time 88 sec
Total time 90 sec
Total time 183 sec
Total time 0 sec
Total time 63 sec
52
Example
hungry