1 / 17

General Techniques for Symmetry Reduction in Model Checking

General Techniques for Symmetry Reduction in Model Checking. Alastair Donaldson Alice Miller Department of Computing Science University of Glasgow. Model Checking. System design or code. Requirements. manual. Finite state model M. Set of logical properties. for each property φ.

freya-gaines
Download Presentation

General Techniques for Symmetry Reduction in Model Checking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. General Techniques for Symmetry Reduction in Model Checking Alastair Donaldson Alice Miller Department of Computing Science University of Glasgow

  2. Model Checking System design or code Requirements manual Finite state model M Set of logical properties for each property φ automatic Model checker M |= φ ? Yes No √ ?

  3. Model Written in High Level Language byte tok = 1; active [2] proctype user() { byte state = N; do :: (state == N) -> state = T :: (state == T) && (tok == _pid) -> state = C :: (state == C) -> state = N; if :: tok = 1 :: tok = 2 fi od }

  4. Symmetry Reduction: Example Reduced state-graph State-graph N1 N2 tok=1 N1 N2 tok=2 N1 N2 tok=1 T1 N2 tok=1 N1 T2 tok=1 T1 N2 tok=1 N1 T2 tok=1 T1 N2 tok=2 N1 T2 tok=2 C1 N2 tok=1 T1 T2 tok=1 C1 N2 tok=1 T1 T2 tok=1 T1 T2 tok=2 N1 C2 tok=2 C1 T2 tok=1 C1 T2 tok=1 T1 C2 tok=2

  5. Symmetry Reduction – Informally • Symmetry partitions state-space into equivalence classes • Knowledge of symmetry  search only 1 state per equivalence class This talk • Need techniques for: • Symmetry detection • Efficient exploitation of symmetry • Ideally both should be fully automatic

  6. TopSPIN G Symmetry group for state-space Promela source code SymmExtractor Based on approach used by SymmSpin (Bosnacki et. al 2002) Use GAP to classify structure of G Generate verifier using SPIN Adjust verifier to incorporate symmetry reduction strategy Minimising set Enumerate Local search… pan.c Symmetry reduction strategy for G, based on group structure sympan.c gcc gcc M |= φ or counter example execute MG |= φ or counter example sympan.exe pan.exe

  7. Model Checking With Symmetry • Suppose we have magic function, rep : S → S • Encounter state s • Is rep(s) in reached? Represent state as tuple of local states, e.g. (A,A,B) Total ordering on states follows Standard approach: take rep(s) to be smallest state in equivalence class No: add rep(s) to reached & explore successors of rep(s) Yes: backtrack

  8. Obvious Approach • Given s, consider σ(s) for all σG • Choose smallest σ(s) as rep(s) • If |G| = 10 this is fine • If |G| = 10! > 3,000,000 this is bad

  9. The Orbit Problem • Constructive orbit problem (COP) – compute smallest state in equivalence class of s under G • NP-hard [Jha 1996] • However, for many classes of group, COP can be solved in polynomial time • The function rep can be approximate – representatives don’t have to be unique

  10. Easy Groups: Small • N processes • |G| < N2 • Enumerate • Could use bound f(N) for some +ve valued polynomial f

  11. Easy Groups: Fully Symmetric • Largest kind of groups • N processes, |SN|=N! • Compute representative by sorting state • Example: Local states A, B, C with A < B < C. 5 processes. • s = (C,B,B,A,B) • rep(s) = (A,B,B,B,C) • Sorting is easy! This can be generalised

  12. Easy Groups: Disjoint Products • M+N processes • G = S{1,…,M} . S{M+1,…,M+N} • Sort both sections • Suppose M = N = 5 • s = (B,A,A,C,B|A,C,B,A,A) • rep(s) = (A,A,B,B,C|A,A,A,B,C) • This generalises Based on Jha 1996

  13. Easy Groups: Wreath Products • Example s = (A,B,A|B,C,B|C,A,A|A,A,A) (A,A,B|B,B,C|A,A,C|A,A,A) rep(s) = (A,A,A|A,A,B|A,A,C|B,B,C) • This generalises Based on Jha 1996

  14. Classifying a Group G • Small groups / fully symmetric groups • Easy to detect • Disjoint products: • Construct equivalence relation on generators • Factors of product generated by equivalence classes • Wreath products: • Look at maximal block systems of G restricted to individual orbits • Classify G using a recursive algorithm

  15. Local Search for Unclassifiable Groups G = <,,> 5d Hypercube |G|=3840 No reduction: 9.6 x 106 states, 2965 s Full reduction: 3907 states, 5241 s Local search: 90442 states, 946 s    u     t s    min orbit of s

  16. Summary • Symmetry techniques aim to improve model checkers • Challenges: detecting & exploiting symmetries • Group structure can lead to efficient exploitation • Computational group theory can help find structure • Local search can be applied as an approximate strategy

  17. References • A.F. Donaldson and A. Miller – Automatic Symmetry Detection for Model Checking Using Compuataional Group Theory (FM’05) • A.F. Donaldson and A. Miller – A Computational Group Theoretic Symmetry Reduction Package for the SPIN Model Checker (AMAST’06) • S. Jha – Symmetry and Induction in Model Checking (PhD Thesis 1996)

More Related