Designing fast LTL model checking algorithms for many-core GPUs

Recent technological developments made various many-core hardware platforms widely accessible. These massively parallel architectures have been used to significantly accelerate many computation demanding tasks. In this paper, we show how the algorithms for LTL model checking can be redesigned in order to accelerate LTL model checking on many-core GPU platforms. Our detailed experimental evaluation demonstrates that using the NVIDIA CUDA technology results in a significant speedup of the verification process. Together with state space generation based on shared hash-table and DFS exploration, our CUDA accelerated model checker is the fastest among state-of-the-art shared memory model checking tools.     

Exploiting structure in LTL synthesis

In this paper, we show how to exploit the structure of some automata-based construction to efficiently solve the LTL synthesis problem. We focus on a construction proposed in Schewe and Finkbeiner that reduces the synthesis problem to a safety game, which can then be solved by computing the solution of the classical fixpoint equation νX.Safe ∩ CPre(X), where CPre(X) are the controllable predecessors of X. We have shown in previous works that the sets computed during the fixpoint algorithm can be equipped with a partial order that allows one to represent them very compactly, by the antichain of their maximal elements. However the computation of CPre(X) cannot be done in polynomial time when X is represented by an antichain (unless P = NP). This motivates the use of SAT solvers to compute CPre(X). Also, we show that the CPre operator can be replaced by a weaker operator CPre _crit where the adversary is restricted to play a subset of critical signals. We show that the fixpoints of the two operators coincide, and so, instead of applying iteratively CPre, we can apply iteratively CPre _crit. In practice, this leads to important improvements on previous LTL synthesis methods. The reduction to SAT problems and the weakening of the CPre operator into CPre _crit and their performance evaluations are new.     

On-line compositional controller synthesis for AGV

This paper deals with the on-line design of a supervisor to coordinate an automated guided vehicle (AGV) fleet. This supervisor ensures the system safety (no collision) and a good coordination between vehicles (no blocking situations). It is the so-called Wonham-Ramadge supervisor, it is the least restrictive, and ensures controllability and nonblocking. We propose a compositional procedure to resolve this problem allowing an efficient on-line synthesis. A calculation on the fly is made at every attribution of a new mission for an AGV, to actualize the supervisor and adapt it to the new situation. This compositional approach allows to increase the number of AGV taken on compared to the monolithic approach. We show on some tests the efficiency of this method for the on-line synthesis of supervisor to coordinate a fleet of mobile robots for real cases.     

Positive compositional algorithms in chemical reaction systems

Algorithms which relate to the generation of positive compositional structures in chemical reaction systems are presented. The algorithms are applied to the following problems: (1) determine if a specified reaction system is proper; (2) given a reaction system, determine a minimum initial mix which allows all reactions to proceed, or conversely given an initial mix, determine the number of free reactions; (3) given a reaction system and a consistent set of reactant molecular weights, determine a proper moiety structure for the reactants; (4) given a steady-state network and a consistent set of one-way reaction rates, determine a proper reaction path structure for the network.     

Parallel search for LTL violations

Recent advances in parallel model checking for liveness properties achieve significant capacity increases over sequential model checkers. However, the capacity of parallel model checkers is in turn limited by available aggregate memory and network bandwidth. We propose a new parallel algorithm that sacrifices complete coverage for increased capacity to find errors. The algorithm, called BEE (for bee-based error exploration), uses coordinated depth-bounded random walks to reduce memory and bandwidth demands. A unique advantage of BEE is that it is well suited for use on clusters of nondedicated workstations.     

Practical synthesis of reactive systems from LTL specifications via parity games

Acta Informatica - The synthesis of reactive systems from linear temporal logic (LTL) specifications is an important aspect in the design of reliable software and hardware. We present our adaption...     

时间自动机的LTL性质模型检测研究

为了增强模型检测工具的检测能力,拓宽模型检测技术的应用范围,对基于时间自动机的LTL性质模型检测进行了研究,对自动机的状态空间的存储方式和状态空间的展开过程进行了分析,讨论了LTL性质模型检测工具的检测流程和检测算法的实现策略对工具检测性能的影响,针对制约模型工具的检测能力和检测效率的因素,采取了一些相应的优化改进策略.采用了BDD(二叉决策图)共享存储技术和位编码压缩存储,较有效地减小了空间消耗,缓解了模型检测中状态爆炸引起的内存空间不足问题.与DTSpin等著名的模型检测工具进行了实验比较,取得了较好的实验结果.     

LTL model checking for communicating concurrent programs

Innovations in Systems and Software Engineering - We present in this paper a new approach to the static analysis of concurrent programs with procedures. To this end, we model multi-threaded...     

Regular model checking for LTL(MSO)

Regular model checking is a form of symbolic model checking for parameterized and infinite-state systems whose states can be represented as words of arbitrary length over a finite alphabet, in which regular sets of words are used to represent sets of states. We present LTL(MSO), a combination of the logics monadic second-order logic (MSO) and LTL as a natural logic for expressing the temporal properties to be verified in regular model checking. In other words, LTL(MSO) is a natural specification language for both the system and the property under consideration. LTL(MSO) is a two-dimensional modal logic, where MSO is used for specifying properties of system states and transitions, and LTL is used for specifying temporal properties. In addition, the first-order quantification in MSO can be used to express properties parameterized on a position or process. We give a technique for model checking LTL(MSO), which is adapted from the automata-theoretic approach: a formula is translated to a buchi regular transition system with a regular set of accepting states, and regular model checking techniques are used to search for models. We have implemented the technique, and show its application to a number of parameterized algorithms from the literature.     

LTL receding horizon control for finite deterministic systems

This paper considers receding horizon control of finite deterministic systems, which must satisfy a high level, rich specification expressed as a linear temporal logic formula. Under the assumption that time-varying rewards are associated with states of the system and these rewards can be observed in real-time, the control objective is to maximize the collected reward while satisfying the high level task specification. In order to properly react to the changing rewards, a controller synthesis framework inspired by model predictive control is proposed, where the rewards are locally optimized at each time-step over a finite horizon, and the optimal control computed for the current time-step is applied. By enforcing appropriate constraints, the infinite trajectory produced by the controller is guaranteed to satisfy the desired temporal logic formula. Simulation results demonstrate the effectiveness of the approach.     

基于LTL语义的可达性控制器合成工具

控制器合成是针对给定的获胜目标,在开放的实时系统环境中,自动地寻找获胜策略的过程.这个策略可以表述为一系列的符号化状态和动作的映射关系.在本文中,我们主要针对以线性时序逻辑（LTL）描述的可达性作为获胜目标,进行合成策略的发现.文中介绍了一种采用on-the-fly思路的合成算法,以规避状态数目太多带来的内存溢出问题.文中算法是对文献[1]的一种扩展,该算法主要用于解决基于分支时序逻辑（CTL）的控制器合成.另外,我们实现了相关的控制器合成工具CTAV/TGA（Timed Gamed Automata）,在实现的过程中,使用on-the-fly的方式,避免了穷尽状态空间,同时,通过使用zone和抽象,大大缩减了状态数目,使时空效率控制在可接受的范围内.     

Top-down synthesis of divide-and-conquer algorithms

A top-down method is presented for the derivation of algorithms from a formal specification of a problem. This method has been implemented in a system called cypress. The synthesis process involves the top-down decomposition of the initial specification into a hierarchy of specifications for subproblems. Synthesizing programs for each of these subproblems results in the composition of a hierarchically structured program. The initial specification is allowed to be partial in that some or all of the input conditions may be missing. cypress completes the specification and produces a totally correct applicative program. Much of cypress' knowledge comes in the form of ‘design strategies’ for various classes of algorithms. The structure of a class of divide-and-conquer algorithms is explored and provides the basis for several design strategies. Detailed derivations of mergesort and quicksort algorithms are presented.     

面向参数化LTL的预测监控器构造技术

介绍了一种基于自动机理论的参数化LTL(parameterized LTL(linear temporal logic),简称P_ALTL)公式运行时预测监控器构造方法.一方面研究P_ALTL公式的语法、预测语义、赋值提取以及赋值绑定等重要概念,从语法层面保证公式中参数化变量的正确绑定(binding)和使用(using);另一方面给出参数化预测监控器的概念.它由静态和动态两部分组成,静态部分由参数化Büchi自动机表示,动态部分为当前状态处的变量赋值.在系统运行过程中,预测监控器基于静态部分的参数化Büchi自动机,以on-the-fly的方式在当前状态处动态地提取和绑定变量赋值,递进地验证当前程序运行是否满足指定的参数化性质规约.在该过程中,参数化监控器能够精确地识别被验证性质的最小好/坏前缀.     

Randomized algorithms for synthesis of switching rules for multimodal systems

In this paper, we consider the design of globally asymptotically stabilizing state-dependent switching rules for multimodal systems, first restricting attention to linear time-invariant (LTI) systems with only two states for the switch, and then generalizing the results to multimodal LTI systems and to nonlinear systems. In all cases, the systems considered do not allow the construction of a single quadratic Lyapunov function and, hence, fall in the class of problems that require multiple Lyapunov functions and thus are nonconvex. To address the challenge of nonconvexity , we introduce probabilistic algorithms, and prove their probability-one convergence under a new notion of convergence. Then, to reduce complexity, we develop modified versions of the algorithm. We also present a class of more general nonconvex problems to which this approach can be applied. The results are illustrated using two- and three-dimensional systems with multiple switch states.     

Creating schedules and computing operating costs for LTL load plans

This paper presents a computational approach for creating an operational schedule for the tactical load plan used by a less-than-truckload (LTL) motor carrier. A load plan determines how freight is routed through an LTL carrier's linehaul terminal network by specifying a sequence of transfer terminals for all freight shipments, but does not provide a timed schedule of trailer, tractor, and driver dispatches required to operate the plan. Developing a detailed operational schedule allows one to more accurately estimate the likely cost of a given load plan, along with other important performance metrics. Given a load plan, the scheduling approach we develop creates loaded truck dispatches between terminals with specified time windows, and then creates cyclic driver schedules to cover all dispatches. A computational study using data from a large U.S. LTL carrier demonstrates that our technology produces schedules that accurately model operational costs, typically within 2% of actual reported costs.     

Combining search space partition and abstraction for LTL model checking

The state space explosion problem is still the key obstacle for applying model checking to systems of industrial size. Abstraction-based methods have been particularly successful in this regard. This paper presents an approach based on refinement of search space partition and abstraction which combines these two techniques for reducing the complexity of model checking. The refinement depends on the representation of each portion of search space. Especially, search space can be refined stepwise to get a better reduction. As reported in the case study, the integration of search space partition and abstraction improves the efficiency of verification with respect to the requirement of memory and obtains significant advantage over the use of each of them in isolation.     

Randomized algorithms for the synthesis of cautious adaptive controllers

We introduce a new methodology for the design of cautious adaptive controllers based on the following two-step procedure: (i) a probability measure describing the likelihood of different models is updated on-line based on observations, and (ii) a controller with certain robust control specifications is tuned to the updated probability by means of randomized algorithms. The robust control specifications are assigned as average specifications with respect to the estimated probability measure, and randomized algorithms are used to make the controller tuning computationally tractable.This paper provides a general overview of the proposed new methodology. Still, many issues remain open and represent interesting topics for future research.     

Performance heuristics for GR(1) synthesis and related algorithms

Acta Informatica - Reactive synthesis for the GR(1) fragment of LTL has been implemented and studied in many works. In this work we present and evaluate a list of heuristics to potentially reduce...