1 / 39

Using Abduction and Induction for Operational Requirements Elaboration

Using Abduction and Induction for Operational Requirements Elaboration. Dalal Alrajeh Oliver Ray Alessandra Russo Sebastian Uchitel. AIAI 2007 Sept. 15 th 2007. System Development Cycle. Requirements. Requirements. Design. Implementation. Testing. Requirements Elaboration.

matthew-snow
Télécharger la présentation

Using Abduction and Induction for Operational Requirements Elaboration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using Abduction and Induction for Operational Requirements Elaboration Dalal Alrajeh Oliver RayAlessandra Russo Sebastian Uchitel AIAI 2007 Sept. 15th 2007

  2. System Development Cycle Requirements Requirements Design Implementation Testing

  3. Requirements Elaboration Goals:BookRequestSatisfied Operations: checkOut,issueReminder,.. Agents:System, borrower,.. Objects: book(found,borrowed,…) Operationalization Techniques Operation: checkOut Operation: IssueReminderPrecondition: Book Available Trigger condition:has been borrowed for at least 2wks and there hasn’t been a reminder within the last week

  4. Drawbacks • Patterns become too complex • Restricted to pattern catalog • Size of specification becomes too large (some may be irrelevant) • Lacks automated support

  5. Approach Overview Partial System Specification (LTL) Scenarios (LTL) (1)Transform into a logic program Using Abduction & Induction (2) Run ILP system (3) Transform into Requirement Operational Requirements(LTL)

  6. Mine Pump Controller

  7. Linear Temporal Logic • A propositional logic for modeling event-based systems over a linear temporal structure • The language is composed of • Boolean Propositions (P) • Boolean operators(, ,, ) • Temporal Operators (, ,, U ,W) *Propositions divided into two disjoint sets (event propositions and fluent propositions). Pf={pumpOn, criticalMethane, highWater} Pe={switchPumpOn, switchPumpOff, signalCriticalMethane, signalNoCriticalMethane, signalHighWater, signalNoHighWater}

  8. signalHighWater switchPumpOff switchPumpOn states s1 s0 s2 s3 signalNoHighWater Initial state signalNoHighWater labels LTL Model • Composed of a Labeled Transition System and a valuation function. Transition Relation ={(s0,signalHighWater.s1),(s1, switchPumpOn,s2),…}

  9. signalHighWater switchPumpOff switchPumpOn HighWater HighWater HighWaterPumpOn s1 s0 s2 s3 signalNoHighWater signalNoHighWater LTL Model -2 • The truth value of an event fluent at state si depends on the ith transition label . • The truth value of a fluent proposition depends on the path and position in a path of a labeled transition system. • LTL formulae are interpreted over paths of a Labeled Transition System LTS HighWater U signalNotHighWater

  10. Partial System Specification-1 Partial System Specification (LTL) Scenarios (LTL) Partial System Specification Initial state (0in)fi(0jm)fj Effect Axioms: (ef ) (e f ) Persistence Axioms: (f  f WET) (f f WEI) Using Abduction & Induction System Requirements(LTL)

  11. Partial System Specification- 2 • Mine Pump Partial System Specification • Initial state: e.g.pumpOn  criticalMethane highWater • Effect Axioms: e.g. (switchPumpOn pumpOn ) (switchPumpOff pumpOn ) • Persistence Axioms: e.g. (pumpOn pumpOn WswitchPumpOn) (pumpOn pumpOn W switchPumpOff)

  12. Scenario Properties -1 Scenario Properties • Universal scenario Property: satisfied by all possible system behavior. (i<n) i ein ()en • Existential scenario Property: satisfied by at least one. • (1j<m) j ejm ()em Partial System Specification (LTL) Scenarios (LTL) Using Abduction & Induction System Requirements(LTL)

  13. Scenario Properties-2 Mine Pump Scenario Properties • Universal scenario Property: • signalCriticalMethane 2 signalHighWater 3switchPumpOn • Existential scenario Property: • signalHighWater 2switchPumpOn • switchPumpOn

  14. A Model of the Mine Pump switchPumpOn • u1=signalCriticalMethane 2 signalHighWater 3switchPumpOn • e1=signalHighWater 2switchPumpOn e2= switchPumpOn

  15. Operational Requirements -1 Partial System Specification (LTL) Scenarios (LTL) Using Abduction & Induction Precondition Axioms: ((1jn) ()fje ) Trigger-Condition Axioms:((1km) ()fk e) System Requirements(LTL)

  16. Opertational Requirements -2 Mine Pump Operational Requirements: • Precondition Axioms: (criticalMethane switchPumpOn ) • Trigger-Condition Axioms:((highWater  ¬ criticalMethene) switchPumpOn)

  17. The Task • Given Partial System Specification Spec and a set of Universal and existential scenario properties SPuand Spe, find a set of pre- and trigger conditions (Pre U Trig) such that:Spec U (Pre U Trig) |= spu Spec U (Pre U Trig) |=/= ¬spe *Pre U Trig are called a correct extension of Spec

  18. Approach Overview Partial System Specification (LTL) Scenarios (LTL) (1)Transform into a logic program Using Abduction & Induction (2) Run ILP system (3) Transform into Requirement Operational Requirements(LTL)

  19. Event Calculus Logic Program • Domain dependent axioms • Initial State: initially(F,S) • Effect Axioms: initiates(E,F,T,S), terminates(E,F,T,S), • Event Axioms: impossible(E,T,S):-(not) holdsAt(F1,T,S),.. triggered(E,T,S):- (not) holdsAt(F1,T,S),.. • Narrative: • attempt(E,T,S). • Domain independent axioms • holdsAt(F,T2,S):- initially(F,S), not clipped(0,F,T2,S) • holdsAt(F,T2,S):- happens(E,T1,S), initiates(E,F,S,T1),T1<T2, not clipped(T1,F,T2,S). • clipped(T1,F,T2,S):- happens(E,T,S), terminates(E,F,T,S), T1<T , T < T2. • happens(E,T,S):- attempt(E,T,S), not impossible(E,T,S) • happens(E,T,S):- attempt(E,T,S), triggered(E,T,S). • :- triggered(E,T,S) , impossible(E,T,S).

  20. B E H Learning Event Calculus Programs • Given • Partial Set of Domain dependant axioms • Domain Independent axioms • Narrative • Event facts • Find • Additional Domain Dependant Axiomsthat explain the event facts. B U H |= E

  21. For any fluent f and position i  , i |= f For any event e and position i , i |= e Obtaining program  composed of (Spec) Nar={attempt(ei,i-1,s)| ei is the ith label in } Sound Translation • Given • System Specification Spec • A finite path =e1,e2,… •  |= holdsAt(f,i, ) •  |= happens(e,i-1, )

  22. Step 1: Transform Specification into Logic Program -1 LTL Initial State Axioms pumpOn  criticalMethane highWater Initial state facts not initially(pumpOn,S). not initially(criticalMethane,S). not initially(highWater,S).

  23. Step 1: Transform Specification into Logic Program -2 LTL Effect Axioms (switchPumpOn pumpOn ) (switchPumpOff pumpOn ) EC effect Axioms initiates(switchPumpOn,pumpOn,T,S). terminates(switchPumpOff,pumpOn,T,S).

  24. Step 1: Transform Specification into Logic Program -3 Scenario Properties signalCriticalMethane 2 signalHighWater 3switchPumpOn Narrative attempt(signalCriticalMethane,0,u1). attempt(signalHighWater,1,u1). attempt(switchPumpOn,2,u1). happens(signalCriticalMethane,0,u1). happens(signalHighWater,1,u1). not happens(switchPumpOn,2,u1). Event facts

  25. Step 1: Transform Specification into Logic Program -4 Universal Scenario Prporties signalHighWater  switchPumpumpOn Narrative attempt(signalHighWater,0,e1). attempt(switchPumpOn,1,e1). Action facts happens(signalHighWater,0,e1). happens(switchPumpOn,1,e1).

  26. Approach Overview Partial System Specification (LTL) Scenarios (LTL) (1)Transform into a logic program Using Abduction & Induction (2) Run ILP system (3) Transform into Requirement Operational Requirements(LTL)

  27. XHAIL: Extended Hybrid Abductive Inductive Learning • Three phases • Abductive: Produce a set of ground atoms  such that B U  |= E • Deductive: Produce a set of ground clauses K ={k =  :- b } • Inductive: Produces a hypothesis H subsumes K

  28. Step 2: Using XHAIL ={triggered(switchPumpOn, 1, e2), impossible(switchPumpOn, 2,u1), impossible(tswitchPumpOn, 0,e1)} • modeh(*,impossible(#event, +time,+scenario)) • modeh(*,triggered(#event, +time, +scenario))modeb(*,holdsAt(#fluent,+time,+scenario)) • modeb(*,not holdsAt(#fluent, +time,+scenario)) • % • initiates(switchPumpOn,pumpOn,T,S). • terminates(switchPumpOff,pumpOn,T,S). • %attempt(signalCriticalMethane,0,u1). attempt(signalHighWater,1,u1).attempt(switchPumpOn,2,u1).%happens(signalCriticalMethane,0,u1). happens(signalHighWater,1,u1).not happens(switchPumpOn,2,u1).% initiates • happens(E,T,S) :- attempts (E,T,S) , not impossible (E,T,S) • holdsAt(F,T2,S) :- initiates (E,F,T,S) , happens (E,T,S), not clipped(T1,F,T2,S). K={triggered(switchPumpOn, 1, e2):- holdsAt(highWater,1,e2). not holdsAt(pumpOn,2,e2), not holdsAt(criticalMethane,2,e2). impossible(switchPumpOn, 2,u1):- holdsAt(highWater,2,u1). not holdsAt(pumpOn,2,u1), holdsAt(criticalMethane,2,u1). impossible(switchPumpOn, 0,e1) :- not holdsAt(highWater,0, e1), not holdsAt(pumpOn,0,e1), not holdsAt(criticalMethane,0, e1). H={triggered(switchPumpOn, X, Y):- holdsAt(highWater,X,Y). not holdsAt(criticalMethane,X,Y). impossible(switchPumpOn, X,Y):-holdsAt(criticalMethane,X,Y). impossible(switchPumpOn, X,Y) :- not holdsAt(highWater,X, Y)}

  29. Approach Overview Partial System Specification (LTL) Scenarios (LTL) (1)Transform into a logic program Using Abduction & Induction (2) Run ILP system (3) Transform into Requirement Operational Requirements(LTL)

  30. Step 3: Transform into Requirements Hypothesis triggered(turnPumpOn, X, Y):- holdsAt(highWater,X,Y). not holdsAt(methane,X,Y). impossible(turnPumpOn, X,Y):-holdsAt(methane,X,Y). LTL Operational requirements ( (highWater criticalMethane)  switchPumpOn) ( criticalMethane  switchPumpOn)

  31. Obtaining the corresponding: Partial System Description Set of Scenario properties Find: A a correct extension with respect to Spec and SPu U SPe Given Partial Set of Domain dependant axioms Domain Independent axioms Narrative Event facts Find Additional Domain dependant Axiomsthat explain the event facts B E H A Correct Extension with respect to an Inductive solution Spec U -1(H) |= spuSpec U -1(H) |=\= spe B U H |= E

  32. Extended Specification Model Spec Spec U Pre U Trig switchPumpOn

  33. Conclusion • Novel application of Abduction and Induction in the requirements elaboration process. • The need for non-monotonic Learning systems. • The Framework provides a back-end computational approach for the operationalization process.

  34. Current and Future Work -1 • Including Information about goals and agents in the partial specification • Learning other types of requirements such as post-conditions. • Learning requirements from discrete-time based models (goal driven models).

  35. Current and Future Work -2 • Handling incomplete scenarios • Representing system Goals and assumptions as Integrity constraints. • Integrating ILP and model checking techniques such that scenarios are generated automatically using model checking tools. • Thorough comparison of results obtained from other non monotonic approaches.

  36. Thank You

  37. An LTS of the Mine Pump

  38. Theorem 2 • Given • a partial specification • set of consistent scenario properties • the EC theory (B,E)=Tr(Spec,SPu,SPe) • S be the set of EC event axioms. • Then, • For any inductive generalisation H of E wrt. B and S, the corresponding set Tr(Pre U Trig)=(H) of LTL pre-condition and trigger-condition axioms is a correct extension of Spec with respect to SPu and SPe.

More Related