Solving games via three-valued abstraction refinement

Games that model realistic systems can have very large state-spaces, making their direct solution difficult. We present a symbolic abstraction-refinement approach to the solution of two-player games with reachability or safety goals. Given a reachability or safety property, an initial set of states, and a game representation, our approach starts by constructing a simple abstraction of the game, guided by the predicates present in the property and in the initial set. The abstraction is then refined, until it is possible to either prove, or disprove, the property over the initial states. Specifically, we evaluate the property on the abstract game in three-valued fashion, computing an over-approximation (the may states), and an under-approximation (the must states), of the states that satisfy the property. If this computation fails to yield a certain yes/no answer to the validity of the property on the initial states, our algorithm refines the abstraction by splitting uncertain abstract states (states that are may-states, but not must-states). The approach lends itself to an efficient symbolic implementation. We discuss the property required of the abstraction scheme in order to achieve convergence and termination of our technique.

[1]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[2]  Joseph Sifakis,et al.  On the Synthesis of Discrete Controllers for Timed Systems (An Extended Abstract) , 1995, STACS.

[3]  Simon L. Peyton Jones,et al.  Imperative functional programming , 1993, POPL '93.

[4]  Sriram K. Rajamani,et al.  The SLAM project: debugging system software via static analysis , 2002, POPL '02.

[5]  Alon Itai,et al.  Timing Verification by Successive Approximation , 1992, CAV.

[6]  Axel Legay,et al.  Sociable Interfaces , 2005, FroCoS.

[7]  Donald A. Martin,et al.  An Extension of Borel Determinacy , 1990, Ann. Pure Appl. Log..

[8]  Radha Jagadeesan,et al.  Three-valued abstractions of games: uncertainty, but with precision , 2004, Proceedings of the 19th Annual IEEE Symposium on Logic in Computer Science, 2004..

[9]  Thomas A. Henzinger,et al.  Counterexample-Guided Control , 2003, ICALP.

[10]  Orna Grumberg,et al.  3-Valued Abstraction: More Precision at Less Cost , 2006, LICS.

[11]  Orna Grumberg,et al.  A game-based framework for CTL counterexamples and 3-valued abstraction-refinement , 2007, TOCL.

[12]  Edmund M. Clarke,et al.  Counterexample-Guided Abstraction Refinement , 2000, CAV.

[13]  E. Allen Emerson,et al.  Tree automata, mu-calculus and determinacy , 1991, [1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science.

[14]  E. Emerson,et al.  Tree Automata, Mu-Calculus and Determinacy (Extended Abstract) , 1991, FOCS 1991.

[15]  Orna Grumberg,et al.  3-Valued Abstraction: More Precision at Less Cost , 2006, 21st Annual IEEE Symposium on Logic in Computer Science (LICS'06).

[16]  Thomas A. Henzinger,et al.  Symbolic Algorithms for Infinite-State Games , 2001, CONCUR.

[17]  GrumbergOrna,et al.  A game-based framework for CTL counterexamples and 3-valued abstraction-refinement , 2007 .

[18]  Thomas A. Henzinger,et al.  The Element of Surprise in Timed Games , 2003, CONCUR.

[19]  Axel Legay,et al.  Ticc: A Tool for Interface Compatibility and Composition , 2006, CAV.

[20]  Wolfgang Thomas,et al.  Automata on Infinite Objects , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[21]  Orna Grumberg,et al.  Monotonic Abstraction-Refinement for CTL , 2004, TACAS.

[22]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[23]  Thomas A. Henzinger,et al.  Abstract Interpretation of Game Properties , 2000, SAS.

[24]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[25]  Thomas A. Henzinger,et al.  jMocha: a model checking tool that exploits design structure , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.

[26]  Stephen Gilmore,et al.  Process Algebra and Probabilistic Methods. Performance Modelling and Verification , 2001, Lecture Notes in Computer Science.

[27]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[28]  Radha Jagadeesan,et al.  Three-valued abstractions of games: uncertainty, but with precision , 2004, LICS 2004.

[29]  E BryantRandal Graph-Based Algorithms for Boolean Function Manipulation , 1986 .