Mining assumptions for synthesis

Automatic synthesis of a reactive system from its formal specification is appealing but often difficult due to the tedium of writing auxiliary specifications, especially on the environment. In several instances, specifications are found unrealizable as a result of insufficient environmental assumptions. We present an approach to this problem for synthesis from LTL based on specification mining. For a satisfiable but unrealizable specification, a counter-strategy can be computed from the synthesis game as a witness to unrealizability. Our algorithm mines environment assumptions from this counter-strategy as well as user scenarios if they are provided. We argue that our approach is a natural way to discover the designer's intent. We demonstrate the effectiveness of our approach on examples from the domains of digital circuits and robotic controllers.

[1]  Krishnendu Chatterjee,et al.  Gist: A Solver for Probabilistic Games , 2010, CAV.

[2]  Roderick Bloem,et al.  Debugging Unrealizable Specifications with Model-Based Diagnosis , 2010, Haifa Verification Conference.

[3]  Marsha Chechik,et al.  Model exploration with temporal logic query checking , 2002, SIGSOFT '02/FSE-10.

[4]  Roderick Bloem,et al.  Debugging formal specifications using simple counterstrategies , 2009, 2009 Formal Methods in Computer-Aided Design.

[5]  William Chan Temporal-Locig Queries , 2000, CAV.

[6]  Gila Kamhi,et al.  Efficient Debugging in a Formal Verification Environment , 2001, CHARME.

[7]  Viktor Schuppan,et al.  RATSY - A New Requirements Analysis Tool with Synthesis , 2010, CAV.

[8]  Amir Pnueli,et al.  Automatic Hardware Synthesis from Specifications: A Case Study , 2007 .

[9]  Sanjit A. Seshia,et al.  Scalable specification mining for verification and diagnosis , 2010, Design Automation Conference.

[10]  Pierre-Yves Schobbens,et al.  Synthesis of open reactive systems from scenario-based specifications , 2003, Third International Conference on Application of Concurrency to System Design, 2003. Proceedings..

[11]  Shigeki Hagihara,et al.  Extracting Environmental Constraints to Make Reactive System Specifications Realizable , 2009, 2009 16th Asia-Pacific Software Engineering Conference.

[12]  Pavol Cerný,et al.  Synthesis of interface specifications for Java classes , 2005, POPL '05.

[13]  Roderick Bloem,et al.  Anzu: A Tool for Property Synthesis , 2007, CAV.

[14]  Stephen McCamant,et al.  The Daikon system for dynamic detection of likely invariants , 2007, Sci. Comput. Program..

[15]  Amir Pnueli,et al.  Specify, Compile, Run: Hardware from PSL , 2007, COCV@ETAPS.

[16]  Amir Pnueli,et al.  Synthesis of Reactive(1) Designs , 2006, VMCAI.

[17]  Pierre Wolper,et al.  Reasoning About Infinite Computations , 1994, Inf. Comput..

[18]  Nir Piterman From Nondeterministic Büchi and Streett Automata to Deterministic Parity Automata , 2007, Log. Methods Comput. Sci..

[19]  Krishnendu Chatterjee,et al.  Environment Assumptions for Synthesis , 2008, CONCUR.

[20]  Amir Pnueli,et al.  On the synthesis of a reactive module , 1989, POPL '89.

[21]  Bowen Alpern,et al.  Recognizing safety and liveness , 2005, Distributed Computing.

[22]  Ben Wegbreit,et al.  The synthesis of loop predicates , 1974, CACM.

[23]  Viktor Schuppan,et al.  Diagnostic Information for Realizability , 2008, VMCAI.

[24]  Roderick Bloem,et al.  Optimizations for LTL Synthesis , 2006, 2006 Formal Methods in Computer Aided Design.

[25]  E. Allen Emerson,et al.  Tree automata, mu-calculus and determinacy , 1991, [1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science.

[26]  Ofer Strichman,et al.  Variants of LTL Query Checking , 2010, Haifa Verification Conference.

[27]  Tichakorn Wongpiromsarn,et al.  Formal Methods for Design and Verification of Embedded Control Systems: Application to an Autonomous Vehicle , 2010 .