Counterexample Generation in Probabilistic Model Checking

Providing evidence for the refutation of a property is an essential, if not the most important, feature of model checking. This paper considers algorithms for counterexample generation for probabilistic CTL formulae in discrete-time Markov chains. Finding the strongest evidence (i.e., the most probable path) violating a (bounded) until-formula is shown to be reducible to a single-source (hop-constrained) shortest path problem. Counterexamples of smallest size that deviate most from the required probability bound can be obtained by applying (small amendments to) k-shortest (hop-constrained) paths algorithms. These results can be extended to Markov chains with rewards, to LTL model checking, and are useful for Markov decision processes. Experimental results show that typically the size of a counterexample is excessive. To obtain much more compact representations, we present a simple algorithm to generate (minimal) regular expressions that can act as counterexamples. The feasibility of our approach is illustrated by means of two communication protocols: leader election in an anonymous ring network and the Crowds protocol.

[1]  Pedro R. D'Argenio,et al.  Significant Diagnostic Counterexamples in Probabilistic Model Checking , 2008, Haifa Verification Conference.

[2]  Manuel Delgado,et al.  Approximation to the Smallest Regular Expression for a Given Regular Language , 2004, CIAA.

[3]  Piet Van Mieghem,et al.  Performance evaluation of constraint-based path selection algorithms , 2004, IEEE Network.

[4]  Jeffrey M. Jaffe,et al.  Algorithms for finding paths with multiple constraints , 1984, Networks.

[5]  Francisco Casacuberta,et al.  Probabilistic finite-state machines - part I , 2005, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[6]  T. Lindvall ON A ROUTING PROBLEM , 2004, Probability in the Engineering and Informational Sciences.

[7]  Edsger W. Dijkstra,et al.  A note on two problems in connexion with graphs , 1959, Numerische Mathematik.

[8]  Joost-Pieter Katoen,et al.  Providing Evidence of Likely Being on Time: Counterexample Generation for CTMC Model Checking , 2007, ATVA.

[9]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[10]  Ding-Zhu Du,et al.  Problem solving in automata, languages, and complexity , 2004, IEEE Circuits and Devices Magazine.

[11]  Gérard Berry,et al.  From Regular Expressions to Deterministic Automata , 1986, Theor. Comput. Sci..

[12]  Derick Wood,et al.  Obtaining shorter regular expressions from finite-state automata , 2007, Theor. Comput. Sci..

[13]  Joost-Pieter Katoen,et al.  Bisimulation Minimisation Mostly Speeds Up Probabilistic Model Checking , 2007, TACAS.

[14]  Janusz A. Brzozowski,et al.  Derivatives of Regular Expressions , 1964, JACM.

[15]  L. Comtet,et al.  Advanced Combinatorics: The Art of Finite and Infinite Expansions , 1974 .

[16]  Vitaly Shmatikov Probabilistic analysis of an anonymity system , 2004, J. Comput. Secur..

[17]  Marta Z. Kwiatkowska,et al.  Probabilistic symbolic model checking with PRISM: a hybrid approach , 2004, International Journal on Software Tools for Technology Transfer.

[18]  Andrés Marzal,et al.  Computing the K Shortest Paths: A New Algorithm and an Experimental Comparison , 1999, WAE.

[19]  Micha Sharir,et al.  Termination of Probabilistic Concurrent Program , 1983, TOPL.

[20]  David Eppstein,et al.  Finding the k Shortest Paths , 1999, SIAM J. Comput..

[21]  Kurt Mehlhorn,et al.  Resource Constrained Shortest Paths , 2000, ESA.

[22]  Andrew J. Viterbi,et al.  Error bounds for convolutional codes and an asymptotically optimum decoding algorithm , 1967, IEEE Trans. Inf. Theory.

[23]  Marsha Chechik,et al.  Proof-Like Counter-Examples , 2003, TACAS.

[24]  Bengt Jonsson,et al.  A logic for reasoning about time and reliability , 1990, Formal Aspects of Computing.

[25]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[26]  Raymond A. Marie,et al.  Visiting Probabilities in Non-Irreducible Markov Chains with Strongly Connected Components , 2002, ESM.

[27]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[28]  Jr. G. Forney,et al.  The viterbi algorithm , 1973 .

[29]  Mayur Naik,et al.  From symptom to cause: localizing errors in counterexample traces , 2003, POPL '03.

[30]  Alon Itai,et al.  Symmetry breaking in distributed networks , 1990, Inf. Comput..

[31]  S C Kleene,et al.  Representation of Events in Nerve Nets and Finite Automata , 1951 .

[32]  Helmut Veith,et al.  Tree-like counterexamples in model checking , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[33]  Jr. G. Forney,et al.  Viterbi Algorithm , 1973, Encyclopedia of Machine Learning.

[34]  Georg Schnitger,et al.  Minimizing nfa's and regular expressions , 2007, J. Comput. Syst. Sci..

[35]  Thomas A. Henzinger,et al.  Detecting Errors Before Reaching Them , 2000, CAV.

[36]  Christel Baier,et al.  Principles of model checking , 2008 .

[37]  Joost-Pieter Katoen,et al.  A Markov reward model checker , 2005, Second International Conference on the Quantitative Evaluation of Systems (QEST'05).

[38]  Peter van Rossum,et al.  Conditional Probabilities over Probabilistic and Nondeterministic Systems , 2008, TACAS.

[39]  Kim G. Larsen,et al.  Bisimulation through Probabilistic Testing , 1991, Inf. Comput..

[40]  Lijun Zhang,et al.  Probabilistic CEGAR , 2008, CAV.

[41]  Christel Baier,et al.  PROBMELA: a modeling language for communicating probabilistic processes , 2004, Proceedings. Second ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2004. MEMOCODE '04..

[42]  Joost-Pieter Katoen,et al.  Three-Valued Abstraction for Continuous-Time Markov Chains , 2007, CAV.

[43]  Conrado Daws Symbolic and Parametric Model Checking of Discrete-Time Markov Chains , 2004, ICTAC.

[44]  Gang Liu,et al.  A*Prune: an algorithm for finding K shortest paths subject to multiple constraints , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[45]  Eric W. Weisstein Bellman-Ford Algorithm , 2002 .

[46]  Marta Z. Kwiatkowska,et al.  Game-based Abstraction for Markov Decision Processes , 2006, Third International Conference on the Quantitative Evaluation of Systems - (QEST'06).

[47]  Simone Fischer Hübner,et al.  Enabling Anonymity for the Mobile Internet Using the mCrowds System , 2004 .

[48]  S. Hart,et al.  Termination of Probabilistic Concurrent Programs. , 1982 .

[49]  Joost-Pieter Katoen,et al.  Counterexamples in Probabilistic Model Checking , 2007, TACAS.

[50]  Marta M. B. Pascoal,et al.  Deviation Algorithms for Ranking Shortest Paths , 1999, Int. J. Found. Comput. Sci..

[51]  Peter Linz,et al.  An Introduction to Formal Languages and Automata , 1997 .

[52]  Orna Grumberg,et al.  A game-based framework for CTL counterexamples and 3-valued abstraction-refinement , 2003, TOCL.

[53]  Kavita Ravi,et al.  Fate and free will in error traces , 2004, International Journal on Software Tools for Technology Transfer.

[54]  Holger Hermanns,et al.  Counterexamples for Timed Probabilistic Reachability , 2005, FORMATS.

[55]  Teemupekka Virtanen,et al.  BT-Crowds: Crowds-Style Anonymity with Bluetooth and Java , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[56]  Kim G. Larsen,et al.  Optimal scheduling using priced timed automata , 2005, PERV.

[57]  Joost-Pieter Katoen,et al.  Regular Expressions for PCTL Counterexamples , 2008, 2008 Fifth International Conference on Quantitative Evaluation of Systems.

[58]  Joost-Pieter Katoen,et al.  Discrete-Time Rewards Model-Checked , 2003, FORMATS.

[59]  Husain Aljazzar,et al.  Extended Directed Search for Probabilistic Timed Reachability , 2006, FORMATS.