250 likes | 371 Views
Approximate Simulations for Task-Structured Probabilistic I/O Automata. Sayan Mitra and Nancy Lynch CSAIL, MIT. Implementation. Implementation or simulation is a fundamental notion in concurrency theory “traces” or observable behavior, e.g. sequence of events, timing of events, probabilities
E N D
Approximate Simulations for Task-Structured Probabilistic I/O Automata Sayan Mitra and Nancy Lynch CSAIL, MIT Probabilistic Automata and Logics (PAuL) 2006
Implementation • Implementation or simulation is a fundamental notion in concurrency theory • “traces” or observable behavior, e.g. sequence of events, timing of events, probabilities • Aimplements B if traces(A) traces(B) • Ais equivalent to B if they implement each other, i.e., traces(A) = traces(B) Probabilistic Automata and Logics (PAuL) 2006
Fragility wait d(x) = 1 x ≤ a stop d(x) = 0 wait d(x) = 1 x ≤ a + ε stop d(x) = 0 Jump x = a Jump x = a + ε Probabilistic Automata and Logics (PAuL) 2006
Unequal, but similar • A metric d on the space T of traces of A (and B) • (T,d) is a metric space • Aapproximately implements B if the one-sided Hausdorff distance from traces(A) to traces(B) is small. • A is approximately equivalent to B if the Hausdorff distance from traces(A) to traces(B) is small. traces(B) traces(A) traces(B) Probabilistic Automata and Logics (PAuL) 2006
Previously • Metric-based approximate simulations and bisimultions • PIOA [Jou and Smolka 1990] • Labelled Markov Processes [Desharnais, et. al. 2004] [Breugel, Mislove 2003] • Hybrid Systems [Girard, Julius, Pappas 2005] • GSMP [Gupta, Jagadeesan, Panagaden 2004] • Linear stochastic hybrid automata [Julius 2006] Probabilistic Automata and Logics (PAuL) 2006
Outline • Background • Task PIOA vocabulary • Definitions: metrics and simulations • Soundness (sketch) • Discussions • Generalization • Applications • Future directions Probabilistic Automata and Logics (PAuL) 2006
Task PIOA A = (Q,v,A,D,R) [Canetti, et. al. 2006] • Countable set of states Q • Initial distribution on states v • Countable set of actions A = I O H • If I = then A is closed • O H set of locally controlled actions • Set of (q,a,µ) transitions D • An equivalence R relation on locally controlled actions • Each equivalence class of R is a task • Input enabled: for every state q and input action a, there exists (q,a,µ) • Transition deterministic: for every state q and action a, there is at most one (q,a,µ) • Action deterministic: for every state q and task T, there is at most one a in T enabled at q Nondeterministic choice over tasks. Probabilistic Automata and Logics (PAuL) 2006
Task PIOA Vocabulary • Execution fragment α = q0a1q1a2… • αis an execution if q0in supp(v) • trace(α)is obtained by deleting all q’s and the a’s in H. • trace is a measurable function • Scheduler for resolving nondeterminism • In general a scheduleris a mapping from execution fragments to (sub-) distributions over transitions • Task scheduler σis a sequence of tasks T1 T2 T3… • apply(µ,σ) gives a probability distribution over fragments (sigma algebra generated by cones of fragments) • tdist(µ) is the corresponding measure on traces • tdists(A) = {tdist(apply(v, σ)): σ is a task scheduler for A} Probabilistic Automata and Logics (PAuL) 2006
Example: Consensus protocol Probabilistic Automata and Logics (PAuL) 2006
Previously in PIOA: Exact implementations Exact implementation for task-PIOAs tdists(A1) tdists(A2) Exact simulation relation • A1and A2 are comparable, closed task-PIOAs. Let R Disc(Execs*(A1)) × Disc(Execs*(A1)). R is a simulation relation if: • µ1R µ2 implies tdist(µ1) = tdist(µ2) • v1Rv2 • If µ1R µ2, there exists a function c:R1* × R1 R2*such that for any task T of A1and any schedule σ of A1 if µ1 is consistentσ and µ2 is consistent with the sequence of tasks corresponding to σ thenapply(µ1,T) E(R)apply(µ1,c(σ,T)). E(R) is defined using lifting and flattening Needed for simulation proofs in the verification of OT protocol [Canetti, et. al. 2006] Probabilistic Automata and Logics (PAuL) 2006
Approximate implementations • Uniform metric on traces • A1 δ-implements A2 if for every µ1 there is a µ2 with du(µ1,µ2) ≤ δ • Thisimplies for every µ1 of A1 there exists µ2 of A2 with Probabilistic Automata and Logics (PAuL) 2006
Chains and limits • µ1 ≤ µ2 if for every finite trace ß µ1(Cβ) ≤µ2(Cβ) µ1 ≤ µ2 ≤ µ3 …≤ µn is a chain µ(Cβ) := Ltn∞ µn(Cβ) limit of a chain µ can be uniquely extended to a probability measure on the σ-algebra generated by the cones of finite traces Lemma 1: Ifµ = Ltn∞ µn then tdist(µ) = Ltn∞ tdist(µn). Lemma 2: If µ1i µ1 and µ2i µ2 then du(µ1i,,µ2i) du(µ1,,µ2). Probabilistic Automata and Logics (PAuL) 2006
Approximate simulation, roughly • A function on pairs of distributions over execution fragments is an (ε, δ)-approximate simulation function if: Probabilistic Automata and Logics (PAuL) 2006
Phi and Phi Hat Given witnessing distribution Probabilistic Automata and Logics (PAuL) 2006
Expansion Witnessing joint distribution is the dirac mass at x1,y1 x y Probabilistic Automata and Logics (PAuL) 2006
Expansion x y Probabilistic Automata and Logics (PAuL) 2006
Approximate simulation is an (ε, δ)-approximate simulation function from A1to A2if: 2. There exists a function c:R1* × R1 R2* such that for any task T of A1 and any schedule σ of A1 if µ1 is consistentσ and µ2 is consistent with full(c)(σ) then Weaker requirement in the definition of approximate simulation. Stronger soundness theorem. Probabilistic Automata and Logics (PAuL) 2006
Approximate simulation is an (ε, δ)-approximate simulation function from A1to A2if: 2. There exists a function c:R1* × R1 R2* such that for any task T of A1 and any schedule σ of A1if µ1 is consistentσ and µ2 is consistent with full(c)(σ) then Weaker requirement in the definition of approximate simulation. Stronger soundness theorem. Probabilistic Automata and Logics (PAuL) 2006
Key Lemmas • Lemma 3: Probabilistic Automata and Logics (PAuL) 2006
Key Lemmas • Lemma 4: • Lemma 1: Ifµ = Ltn∞ µn then tdist(µ) = Ltn∞ tdist(µn). • Lemma 2: If µ1i µ1 and µ2i µ2 then du(µ1i,,µ2i) du(µ1,,µ2). Probabilistic Automata and Logics (PAuL) 2006
Soundness • Theorem: Let A1and A2 be two closed comparable task-PIOAs. If there exists an (ε, δ)-approximate simulation function from A1to A2, then A1δ-implementsA2. • Construct a chain of distributions for A1applying one task at a time. Construct the corresponding chain for A2. • Induction on the length of the chain • Base case from start condition • Induction step from Lemma 2 • Show that f1 = apply( . ,Tj) is distributive • and • Use Lemmas 2 & 4 for n∞ Probabilistic Automata and Logics (PAuL) 2006
Probabilistic Safety • X be a random variable on (T, FT). If A1 is δ-equivalent to A2 and for every trace distribution µ2 of A2 , µ2[X=x] = p then µ1[X=x]≤ p + δ • Xu: T {0,1} defined as Xu(β) :=1 if some unsafe action U occurs in β. If A2 is safe with probability p then A1 is safe with probability at least p + δ Probabilistic Automata and Logics (PAuL) 2006
Task-PIOAs • An environment E for a task PIOA A is another task-PIOA such that E||A is closed • External behavior of A is a function mapping each environment E of A to the set of trace distributions of E||A • A1δ-implements A2 if for every environment E, for everytrace distributionµ1 in extbehA(E)there is a trace distribution µ2 in extbehA(E). • Suppose for every environment E, there exists a (εE, δ)-approximate simulation function from A1||E to A2||E, then A1 δ-implements A2. Probabilistic Automata and Logics (PAuL) 2006
Applications: Consensus protocol Probabilistic Automata and Logics (PAuL) 2006
Future directions • Applications: randomized consensus protocols, • Approximate implementations and simulation relations for task-PIOAs with continuous state spaces. • Simulations as functions of distributions over states (as opposed to distributions over fragments). • Explore the possibility of automating simulation proofs by solving optimization problems. • See thesis Probabilistic Automata and Logics (PAuL) 2006