1 / 41

When Simulation Meets Antichains

When Simulation Meets Antichains. on Checking Language Inclusion of NFA. Yu-Fang Chen Academia Sinica, Taiwan Joint work with Parosh Aziz Abdulla , Lukas Holik , Richard Mayr , and Tomas Vojunar. Outline. Motivation Previous Approaches Simulation-based Subset Construction-based

jereni
Télécharger la présentation

When Simulation Meets Antichains

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. When Simulation Meets Antichains on Checking Language Inclusion of NFA Yu-Fang Chen Academia Sinica, Taiwan Joint work with Parosh Aziz Abdulla, Lukas Holik, Richard Mayr, and Tomas Vojunar

  2. Outline • Motivation • Previous Approaches • Simulation-based • Subset Construction-based • Our Approach: Simulation+Antichain • Further Extensions • Experimental Results

  3. Nondeterministic Finite State Automata • NFA A=(Σ,Q,I,F,δ) • An example: • This NFA accepts the word aabab, but rejects the word aabaa • L(A)={w | w is accepted by A} a,b b a r s p

  4. Language Inclusion Problem • Many problems in verification can be reduced to language inclusion problems. • E.g., Automata-based Model Checking • NFA M describes the behaviors of a system and • NFA P describes the behaviors allowed by the desired property. L(M) µ L(P) ? Language Inclusion Problem of NFA

  5. Previous Approaches for Inclusion Checking Previous approaches for checking if L(A) µ L(B): • Simulation-based approach [Dill et al. CAV ’91] • Check if all the initial states of A are simulated by some initial states of B • Subset Construction-based approaches • Check if L(A)Å L(B)=; • Antichain-based approach [De Wulf et al. CAV ’06]

  6. Simulation-based Approach • A simulation on A=(Σ,Q,I,F,δ) is a relation ¹µQ£Q such that p¹r (p is simulated by r) implies • p2F) r2F, and • for every transition p !a p', there exists a transition r !a r' such that p'¹r' • It can be extended to states of two NFA. • There exists efficient polynomial-time algorithms for computing maximal simulation [FOCS’95, LICS’07]. r ¹ a1 p p1

  7. Simulation-based Approach • A simulation on A=(Σ,Q,I,F,δ) is a relation ¹µQ£Q such that p¹r (p is simulated by r) implies • p2F) r2F, and • for every transition p !a p', there exists a transition r !a r' such that p'¹r' • It can be extended to states of two NFA. • There exists efficient polynomial-time algorithms for computing maximal simulation [FOCS’95, LICS’07]. a1 r r1 ¹ ¹ a1 p p1

  8. Simulation-based Approach • A simulation on A=(Σ,Q,I,F,δ) is a relation ¹µQ£Q such that p¹r (p is simulated by r) implies • p2F) r2F, and • for every transition p !a p', there exists a transition r !a r' such that p'¹r' • It can be extended to states of two NFA. • There exists efficient polynomial-time algorithms for computing maximal simulation [FOCS’95, LICS’07]. a1 a2 r r1 r2 ¹ ¹ ¹ a1 a2 p p1 p2

  9. Simulation-based Approach • A simulation on A=(Σ,Q,I,F,δ) is a relation ¹µQ£Q such that p¹r (p is simulated by r) implies • p2F) r2F, and • for every transition p !a p', there exists a transition r !a r' such that p'¹r' • We have p ¹ r implies L(p) µ L(r). • It can be extended to states of two NFA. • There exists efficient polynomial-time algorithms for computing maximal simulation [FOCS’95, LICS’07]. a1 a2 a3 am r rm r1 …… r2 ¹ ¹ ¹ ¹ a1 a2 a3 am p p1 p2 …… pm

  10. Simulation-based Approach • NFA A=(Σ,QA,IA,FA,δA) and B=(Σ,QB,IB,FB,δB). • We have 8p2IA 9q2IB: p¹q implies L(A)µL(B) L(A) =[p2IaL(p) L(B) =[q2IbL(q) µ

  11. Simulation-based Approach • NFA A=(Σ,QA,IA,FA,δA) and B=(Σ,QB,IB,FB,δB). • However, even if L(A)µL(B), it is not always true that 8p2IA9q2IB: p¹q • An example: A B a,b a,b r1 a We have L(A)µL(B), but both p¹r1 and p¹r2 r’ p b r2

  12. Problems of Simulation-based Approach Simulation-based approach is fast, but incomplete. No conclusion can be made if there exists no simulation between the initial states of the NFA.

  13. Subset Construction-based Approach B a a a Is L(A)µL(B)? p’ a,b Determinize & Complement A Å B B Intersection A a p a r, {p’} a r’ r a p p’ a b a b r', {p’} r,{p} a b a b a a b p,p’ a ; a,b a r',{p,p’} r,{p,p’} a,b a a

  14. Subset Construction-based Approach • Is L(A)µL(B)? B a a a p’ a,b A a Determinize (subset construction) p r’ r a a p p’ b a,b a b b p,p’ ; a,b a

  15. Subset Construction-based Approach • Is L(A)µL(B)? B a a a p’ a,b A a Determinize & Complement p a B r’ r p p’ a b a b b p,p’ ; a,b a,b a

  16. Subset Construction-based Approach B a a a Is L(A)µL(B)? p’ a,b Determinize & Complement A Å B B Intersection A a p a r, {p’} a r’ r a p p’ a b a b r', {p’} r,{p} a b a b a a b p,p’ a ; a,b a r',{p,p’} r,{p,p’} a,b a a r,R Note: a product state is accepting if r is accepting and all states in R are rejecting a

  17. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a p r’ r a r, {p’} a a a b r', {p’} r,{p} a,b a a a b a a r',{p,p’} r,{p,p’} a a

  18. Subset Construction-based Approach A B • Is L(A)µL(B)? a a a a a p’ r’ r a,b a,b r, {p} a a p r, {p’} r', {p’} r, {p’} a a a b r', {p’} r,{p} a a a b a a r',{p,p’} r,{p,p’} a a

  19. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r b a r, {p’} a r,{p} a a b r', {p’} r,{p} a,b a a a b a a r',{p,p’} r,{p,p’} a a

  20. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r b a r, {p’} a r,{p} a a b r', {p’} r,{p} a,b a a a b a a r',{p,p’} r,{p,p’} a a

  21. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r a b a a r, {p’} a r,{p} r',{p,p’} r,{p,p’} a a b r', {p’} r,{p} a,b a a a b a a r',{p,p’} r,{p,p’} a a

  22. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r a a b a a a r, {p’} a r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} a a b r', {p’} r,{p} a,b a a a b a a r',{p,p’} r,{p,p’} a a

  23. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r a a b a a a r, {p’} a r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} a a b r', {p’} r,{p} a,b a a a b a a r',{p,p’} r,{p,p’} a a

  24. Subset Construction-based Approach B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r a a b a a a r, {p’} a r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} a a b a a b a a r', {p’} r,{p} a,b a r, {p} r', {p,p’} r, {p,p’} r', {p,p’} r, {p,p’} a a b a a r',{p,p’} r,{p,p’} a a

  25. Antichain-based Approach (CAV 2006) B • Is L(A)µL(B)? • Observe that if the product state already in the processed set, we do not need to continue the search from the state . • Intuition: any word that is accepted from will also be accepted from . a a a p’ a,b A a r, {p} p r’ r r,{p,p’} a r,{p,p’} r, {p} w a,b w  r‘, P[P’ r‘, P r,R Note: a product state is accepting if r is accepting and all states in R are rejecting

  26. Antichain-based Approach (CAV 2006) B • Is L(A)µL(B)? • Define the order w between product states as follows: w iff (1) r = q and (2) R¶ Q • Keep only minimal elements (wrt. w) in the processed set a a a p’ a,b r, {p} A a a a p r, {p’} r', {p’} r’ r a a b a a a r, R q, Q r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} a a b a a a,b r, {p} r', {p,p’} r, {p,p’} r', {p,p’} r, {p,p’} An antichain is a subset of a partially ordered set such that any two elements in the subset are incomparable

  27. Antichain-based Approach (CAV 2006) B • Is L(A)µL(B)? a a a p’ a,b A r, {p} a a a p r, {p’} r', {p’} r’ r a a b a a a r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} a a b a a a,b r, {p} r', {p,p’} r, {p,p’} r', {p,p’} r, {p,p’} An antichain is a subset of a partially ordered set such that any two elements in the subset are incomparable

  28. Problems of Antichain-based Approach Antichain-based approach is complete, but slow. In many cases, the determinization will cause a very fast growth in the number of states.

  29. Generalize Both Approaches • Here we propose a new approach that can be viewed as a generalization of both simulation-based and antichain-based approaches. • It has the advantages of both approaches: fast and complete. • NFA A=(Σ,QA,IA,FA,δA), B=(Σ,QB,IB,FB,δB), a relation ¹ over states of A and B that implies language inclusion, i.e., p ¹ q implies L(p) µ L(q). • We want to know if L(A) µ L(B)?

  30. Generalize the Antichain-based Approach • Optimization 1: an extended order between product states Previous:w iff (1) r = q and (2) R¶ Q New: w89iff (1) r ¹ q and (2) 8qi9rj : qi¹rj r, R q, Q q, {q1,q2,…,qm} r, {r1,r2,…,rn} w w  q‘, Q1[Q2[…[Qm r‘, R1[R2[…[Rn p,P Note: a product state is accepting if p is accepting and all states in P are rejecting

  31. Generalize the Antichain-based Approach • Optimization 1: an extended order between product states Previous:w iff (1) r = q and (2) R¶ Q New: w89iff (1) r ¹ q and (2) 8qi9rj : qi¹rj r, R q, Q q, {q1,q2,…,qm} r, {r1,r2,…,rn} w w  q‘, Q1[Q2[…[Qm r‘, R1[R2[…[Rn p,P Note: a product state is accepting if p is accepting and all states in P are rejecting

  32. Generalize the Antichain-based Approach • Optimization 1: an extended order between product states Previous:w iff (1) r = q and (2) R¶ Q New: w89iff (1) r ¹ q and (2) 8qi9rj : qi¹rj r, R q, Q q, {q1,q2,…,qm} r, {r1,r2,…,rn} w w  q‘, Q1[Q2[…[Qm r‘, R1[R2[…[Rn p,P Note: a product state is accepting if p is accepting and all states in P are rejecting

  33. Generalize the Antichain-based Approach • Optimization 1: an extended order between product states Previous:w iff (1) r = q and (2) R¶ Q New: w89iff (1) r ¹ q and (2) 8qi9rj : qi¹rj r, R q, Q It can an be viewed as our special case when ¹ is the identity. q, {q1,q2,…,qm} r, {r1,r2,…,rn} w w  q‘, Q1[Q2[…[Qm r‘, R1[R2[…[Rn p,P Note: a product state is accepting if p is accepting and all states in P are rejecting

  34. Our Approach • Optimization 1: If ¹ is the maximal simulation, we have p¹p’, hence w89 and we don’t need to continue from . r, {p’} r, {p} r, {p’} r, {p} a a a r, {p’} r', {p’} a a b A a a a r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} p a a b B a r’ r a a a a r, {p} r', {p,p’} r, {p,p’} r', {p,p’} r, {p,p’} p’ Note1: w89iff (1) r ¹ q and (2) 8q’2Q.9r’2R: q’¹r’ r, R q, Q a,b a,b Note2: we have r’=p’ > r =p wrt. the maximal simulation

  35. Generalize Simulation-based Approaches • Optimization 2: an generalized simulation-based approach We can stop the search if a product state s.t. 9qi:q¹qi is encountered • Any word w accepted from q are also accepted from qi. • Hence, all successors of are not final states. Our algorithm begins with the following set of product states: { | iA2IA } • For cases that simulation is sufficient to prove language inclusion, our approach terminates immediately after all initial states are processed. • For cases that simulation is not sufficient to prove language inclusion, the time used for computing simulation is not wasted. q, {q1,q2,…,qm} q, {q1,q2,…,qm} iA , IB

  36. Our Approach B • Optimization 2: • If ¹ is the maximal simulation, we have r¹p, hence we can stop immediately from the product state and conclude that L(A)µ L(B) a a a p’ a,b A r, {p} r, {p} a a a p r, {p’} r', {p’} r’ r a a b a a a r,{p,p’} r',{p,p’} r,{p} r',{p,p’} r,{p,p’} a a b a a a,b r, {p} r', {p,p’} r, {p,p’} r', {p,p’} r, {p,p’} Note: we have r’=p’ > r =p wrt. the maximal simulation

  37. There Are More in the Paper…. • Other optimizations • Correctness proof • … But it should be sufficient for you to understand how our approach subsumes both the antichain-based approach and the simulation-based approach.

  38. Further Extensions and Applications • Further extensions: • Tree Automata (done , TACAS 2010) • Buchi Automata • Ramsey-based (antichain-based, TACAS 2010) • Safra-based • Rank-based (antichain-based, TACAS 2007, 2008) • Applications: • Automata-based Model Checking • Regular Model Checking (useful in verifying parameterized system).

  39. Experimental Results Source: 1069 pairs of NFA generated from the intermediate steps of a regular model checker while verifying the correctness of the bakery algorithm, a producer-consumer system, the bubble sort algorithm, an algorithm that reverses a circular list, and a Petri net model of the readers/writers protocol.

  40. Experimental Results Source: NFA generated from random regular expressions. Our approach is more stable. All the test cases are finished within 10 secs.

  41. Experimental Results Source: We generate two NFA A and B from regular expressions and then check if L(A)µL(A[B).

More Related