- AutorIn
- Simon Jantsch
- Titel
- Certificates and Witnesses for Probabilistic Model Checking
- Zitierfähige Url:
- https://nbn-resolving.org/urn:nbn:de:bsz:14-qucosa2-804732
- Erstveröffentlichung
- 2022
- Datum der Einreichung
- 02.03.2022
- Datum der Verteidigung
- 06.07.2022
- Abstract (EN)
- The ability to provide succinct information about why a property does, or does not, hold in a given system is a key feature in the context of formal verification and model checking. It can be used both to explain the behavior of the system to a user of verification software, and as a tool to aid automated abstraction and synthesis procedures. Counterexample traces, which are executions of the system that do not satisfy the desired specification, are a classical example. Specifications of systems with probabilistic behavior usually require that an event happens with sufficiently high (or low) probability. In general, single executions of the system are not enough to demonstrate that such a specification holds. Rather, standard witnesses in this setting are sets of executions which in sum exceed the required probability bound. In this thesis we consider methods to certify and witness that probabilistic reachability constraints hold in Markov decision processes (MDPs) and probabilistic timed automata (PTA). Probabilistic reachability constraints are threshold conditions on the maximal or minimal probability of reaching a set of target-states in the system. The threshold condition may represent an upper or lower bound and be strict or non-strict. We show that the model-checking problem for each type of constraint can be formulated as a satisfiability problem of a system of linear inequalities. These inequalities correspond closely to the probabilistic transition matrix of the MDP. Solutions of the inequalities are called Farkas certificates for the corresponding property, as they can indeed be used to easily validate that the property holds. By themselves, Farkas certificates do not explain why the corresponding probabilistic reachability constraint holds in the considered MDP. To demonstrate that the maximal reachability probability in an MDP is above a certain threshold, a commonly used notion are witnessing subsystems. A subsystem is a witness if the MDP satisfies the lower bound on the optimal reachability probability even if all states not included in the subsystem are made rejecting trap states. Hence, a subsystem is a part of the MDP which by itself satisfies the lower-bounded threshold constraint on the optimal probability of reaching the target-states. We consider witnessing subsystems for lower bounds on both the maximal and minimal reachability probabilities, and show that Farkas certificates and witnessing subsystems are related. More precisely, the support (i.e., the indices with a non-zero entry) of a Farkas certificate induces the state-space of a witnessing subsystem for the corresponding property. Vice versa, given a witnessing subsystem one can compute a Farkas certificate whose support corresponds to the state-space of the witness. This insight yields novel algorithms and heuristics to compute small and minimal witnessing subsystems. To compute minimal witnesses, we propose mixed-integer linear programming formulations whose solutions are Farkas certificates with minimal support. We show that the corresponding decision problem is NP-complete even for acyclic Markov chains, which supports the use of integer programs to solve it. As this approach does not scale well to large instances, we introduce the quotient-sum heuristic, which is based on iteratively solving a sequence of linear programs. The solutions of these linear programs are also Farkas certificates. In an experimental evaluation we show that the quotient-sum heuristic is competitive with state-of-the-art methods. A large part of the algorithms proposed in this thesis are implemented in the tool SWITSS. We study the complexity of computing minimal witnessing subsystems for probabilistic systems that are similar to trees or paths. Formally, this is captured by the notions of tree width and path width. Our main result here is that the problem of computing minimal witnessing subsystems remains NP-complete even for Markov chains with bounded path width. The hardness proof identifies a new source of combinatorial hardness in the corresponding decision problem. Probabilistic timed automata generalize MDPs by including a set of clocks whose values determine which transitions are enabled. They are widely used to model and verify real-time systems. Due to the continuously-valued clocks, their underlying state-space is inherently uncountable. Hence, the methods that we describe for finite-state MDPs do not carry over directly to PTA. Furthermore, a good notion of witness for PTA should also take into account timing aspects. We define two kinds of subsystems for PTA, one for maximal and one for minimal reachability probabilities, respectively. As for MDPs, a subsystem of a PTA is called a witness for a lower-bounded constraint on the (maximal or minimal) reachability probability, if it itself satisfies this constraint. Then, we show that witnessing subsystems of PTA induce Farkas certificates in certain finite-state quotients of the PTA. Vice versa, Farkas certificates of such a quotient induce witnesses of the PTA. Again, the support of the Farkas certificates corresponds to the states included in the subsystem. These insights are used to describe algorithms for the computation of minimal witnessing subsystems for PTA, with respect to three different notions of size. One of them counts the number of locations in the subsystem, while the other two take into account the possible clock valuations in the subsystem.
- Forschungsdatenverweis
- Certificates and Witnesses for Probabilistic Model Checking -- Supplementary material

DOI: 10.6084/m9.figshare.19209303

Link: https://figshare.com/articles/dataset/Certificates_and_Witnesses_for_Probabilistic_Model_Checking_--_Supplementary_material/19209303 - Certificates and Witnesses for Probabilistic Model Checking -- Examples

DOI: 10.6084/m9.figshare.19209429

Link: https://figshare.com/articles/dataset/Certificates_and_Witnesses_for_Probabilistic_Model_Checking_--_Examples/19209429 - Freie Schlagwörter (DE)
- Probabilistische Modellüberprüfung, Verifikation, Markov-Entscheidungsprozesse, probabilistische Erreichbarkeitsbeschränkungen
- Freie Schlagwörter (EN)
- Probabilistic Model Checking, Verification, Markov Decision Processes, Probabilistic Reachability Constraints
- Klassifikation (DDC)
- 004
- Klassifikation (RVK)
- ST 136
- GutachterIn
- Prof. Dr. Christel Baier
- Prof. Dr. Nils Jansen

- Den akademischen Grad verleihende / prüfende Institution
- Technische Universität Dresden, Dresden
- Förder- / Projektangaben
- Deutsche Forschungsgemeinschaft

Research Training Group

Quantitative Logics and Automata -- DFG Research Training Group 1763 (QuantLA)

ID: 1763

Deutsche Forschungsgemeinschaft

Transregional Collaborative Research Centre

Center for Perspicuous Computing -- Transregional Collaborative Research Centre 248 (CPEC)

ID: 389792660 - Version / Begutachtungsstatus
- publizierte Version / Verlagsversion
- URN Qucosa
- urn:nbn:de:bsz:14-qucosa2-804732
- Veröffentlichungsdatum Qucosa
- 18.08.2022
- Dokumenttyp
- Dissertation
- Sprache des Dokumentes
- Englisch
- Lizenz / Rechtehinweis
- CC BY 4.0
- Inhaltsverzeichnis
1 Introduction 2 Preliminaries 3 Farkas certificates 4 New techniques for witnessing subsystems 5 Probabilistic systems with low tree width 6 Explications for probabilistic timed automata 7 Conclusion