Combining Runtime Verification and Property Adaptation through Neural-Symbolic Integration

Similar documents
Formal Methods for Software Development

System Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements

Leveraging DTrace for runtime verification

Formal Methods in Software Engineering. Lecture 07

Practical Model-based Testing With Papyrus and RT-Tester

Database Theory VU , SS Codd s Theorem. Reinhard Pichler

Deep Learning. Deep Learning. Practical Application Automatically Adding Sounds To Silent Movies

Verifying Temporal Properties via Dynamic Program Execution. Zhenhua Duan Xidian University, China

Formal Verification: Practical Exercise Model Checking with NuSMV

Formal Specification and Verification

Graph Neural Network. learning algorithm and applications. Shujia Zhang

Range Restriction for General Formulas

Lecture 2: Symbolic Model Checking With SAT

Monitoring Interfaces for Faults

The SPIN Model Checker

COMP 551 Applied Machine Learning Lecture 16: Deep Learning

COS 320. Compiling Techniques

The Maude LTL Model Checker and Its Implementation

Double Header. Two Lectures. Flying Boxes. Some Key Players: Model Checking Software Model Checking SLAM and BLAST

Distributed Systems Programming (F21DS1) SPIN: Formal Analysis II

Towards Automated Verification of Autonomous Networks: A Case Study in Self-Configuration

Behavior models and verification Lecture 6

Behavioural Equivalences and Abstraction Techniques. Natalia Sidorova

Model checking pushdown systems

Scenario Graphs Applied to Security (Summary Paper)

Finite State Verification. CSCE Lecture 21-03/28/2017

Automated Reasoning. Model Checking with SPIN (II)

Programming with Dependent Types Interactive programs and Coalgebras

Design and Analysis of Distributed Interacting Systems

COMP219: Artificial Intelligence. Lecture 14: Knowledge Representation

MetaData for Database Mining

Introduction & Formal Methods

Model-Checking Concurrent Systems. The Model Checker Spin. The Model Checker Spin. Wolfgang Schreiner

Constraint (Logic) Programming

Xuandong Li. BACH: Path-oriented Reachability Checker of Linear Hybrid Automata

An Introduction to UPPAAL. Purandar Bhaduri Dept. of CSE IIT Guwahati

CLAN: A Tool for Contract Analysis and Conflict Discovery

ALASKA Antichains for Logic, Automata and Symbolic Kripke structures Analysis

Relative Information Completeness

Finite State Verification. CSCE Lecture 14-02/25/2016

C++ Data Types. 1 Simple C++ Data Types 2. 3 Numeric Types Integers (whole numbers) Decimal Numbers... 5

Lecture1: Symbolic Model Checking with BDDs. Edmund M. Clarke, Jr. Computer Science Department Carnegie Mellon University Pittsburgh, PA 15213

SVMs for Structured Output. Andrea Vedaldi

On the Reliability of Correct Programs

Qualitätssicherung von Software (SWQS)

Automata-Theoretic LTL Model Checking. Emptiness of Büchi Automata

MATLAB representation of neural network Outline Neural network with single-layer of neurons. Neural network with multiple-layer of neurons.

A Novel Approach for Software Property Validation

Runtime Verification of LTL-Based Declarative Process Models

Software Model Checking: Theory and Practice

Constraint Programming

Typed First-order Logic

Habanero Extreme Scale Software Research Project

Verifying C & C++ with ESBMC

Part 6: VHDL simulation. Introduction to Modeling and Verification of Digital Systems. Elaboration and simulation. Elaboration and simulation

Overview. Discrete Event Systems - Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?

Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1

Mathematical Programming Formulations, Constraint Programming

ISCASMC: A Web-Based Probabilistic Model Checker

THE MODEL CHECKER SPIN

Creating Smart Agents:

Pace University. Fundamental Concepts of CS121 1

Action Language Verifier, Extended

Refinement Types for TypeScript

Introduction to Linear-Time Temporal Logic. CSE 814 Introduction to LTL

Probabilistic Dialogue Models with Prior Domain Knowledge

Rough Set Approach to Unsupervised Neural Network based Pattern Classifier

Computers in Engineering COMP 208. Computer Structure. Computer Architecture. Computer Structure Michael A. Hawker

Leveraging DTrace for Runtime Verification

Next Steps in Data Mining. Sistemas de Apoio à Decisão Cláudia Antunes

Static Program Checking

Global Optimality in Neural Network Training

1.3 Primitive Recursive Predicates and Bounded Minimalization

It is primarily checking of the code and/or manually reviewing the code or document to find errors This type of testing can be used by the developer

Example: Map coloring

Yuki Osada Andrew Cannon

Model-Checking Concurrent Systems

Combining Model Checking and Data-Flow Analysis

Reducing development time through SNMP simulators.

Instantaneously trained neural networks with complex inputs

1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.

MATH 22 MORE ABOUT FUNCTIONS. Lecture M: 10/14/2003. Form follows function. Louis Henri Sullivan

CS 4100 // artificial intelligence

Combining Test Case Generation and Runtime Verification

Introduction to Homotopy Type Theory

COMP 763. Eugene Syriani. Ph.D. Student in the Modelling, Simulation and Design Lab School of Computer Science. McGill University

Chapter 6. Curves and Surfaces. 6.1 Graphs as Surfaces

Jay Ligatti and Srikar Reddy University of South Florida

Lecture 2. Decidability and Verification

Module 5: Performance Issues in Shared Memory and Introduction to Coherence Lecture 9: Performance Issues in Shared Memory. The Lecture Contains:

Implementation of a Sudoku Solver Using Reduction to SAT

METR 4202: Advanced Control & Robotics

Reasoning about normative update

Handling Parallelisation in OpenFOAM

Course 7 25 November Adrian Iftene

CSE 332: Data Structures & Parallelism Lecture 19: Introduction to Graphs. Ruth Anderson Autumn 2018

Rule-based Runtime Verification Revisited

Graphics and Interaction Transformation geometry and homogeneous coordinates

6. NEURAL NETWORK BASED PATH PLANNING ALGORITHM 6.1 INTRODUCTION

COMP30019 Graphics and Interaction Transformation geometry and homogeneous coordinates

Transcription:

Combining Runtime Verification and Property Adaptation through Neural-Symbolic Integration Alan Perotti Guido Boella Università di Torino Artur d Avila Garcez City University London perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 1 / 26

Research question Is it possible to rigidly verify a system s compliance to a model, modelling at the same time what actually takes place in terms of process management, making it exploitable for other systems? Quoting the Process Mining Manifesto, to discover, monitor and improve real processes (i.e., not assumed processes) by extracting knowledge from event logs readily available in today s (information) systems. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 2 / 26

Scenario When it comes to companies, in many small and medium enterprises (such as a bank s branch) the task execution often differs from the rigid protocol enforcement, due to obstacles (from broken printers to strikes) or by adaptations to specific needs (dynamic resources reallocation). perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 3 / 26

Scenario Hard violations (security, privacy) have to be detected and prevented. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 4 / 26

Scenario Some soft violations, that is, discrepancies between high-level directives and real implementation, are unavoidable or even necessary. The model should be adapted in order to include them. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 5 / 26

Scenario And the learned model can be used as a benchmark for new branches. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 6 / 26

Proposed framework: components Verification Observed System 1 Trace 3 4 Monitoring System 5 Compliance Desired Property 2 6 Learning 7 Actual Properties 6 8 perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 7 / 26

Proposed framework: tools of choice Verification / Monitoring System 1 Trace 4 5 Neural network 6 Compliance Desired Property 2 Rules 3 7 Learning 8 Actual Properties 6 9 perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 8 / 26

(Rule-based) monitoring trace... d a b,d e c... monitoring system!p1!p3!p2 perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 9 / 26

What kind of model checking is that? blackbox: we don t know the monitored system, we just OBSERVE its traces (this goes from reading logs of what human employees did to catching Java events with AspectJ) real-time (a.k.a. on the fly ): the trace is fed one cell at a time; and in general one is not allowed to explore the trace back and forth finite traces: by observing the automaton of a system, one can analyse infinite behaviours; but we can only observe traces. Bauer s LTL3 and RVLTL, for instance, deal with this aspect. Another related field is bounded model checking. propositional LTL is the language in which the properties we want to check are specified. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 10 / 26

Dealing with one cell at a time You can t peek into the future Therefore, a third true value, undecided, is necessary (e.g. a when a is not observed). You can t look back to check the past The system needs to write down what happened in the previous cells. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 11 / 26

RuleRunner: the approach in a nuthsell We stick to the cell-by-cell verification approach. We use rules to compute the truth value of the encoded property in each cell. If some evaluation is pending, it s marked to be repeated; the monitoring loop goes on until the formula is satisfied/verified. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 12 / 26

Rules (simplified) RuleRunner rules for a are: R[ a], [a]t [ a]t R[ a], [a]f [ a]? [ a]? R[a], R[ a] Evaluation and reactivation rules. Active rules. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 13 / 26

Rules for disjunction (meta)rules for φ ψ R[φ ψ], φ, ψ φ ψ R[φ ψ], φ, ψ? φ ψ R[φ ψ], φ, ψ φ ψ R[φ ψ], φ?, ψ φ ψ R[φ ψ], φ?, ψ? φ ψ? R[φ ψ], φ?, ψ φ ψ? l R[φ ψ], φ, ψ φ ψ V φ φ? φ ψ ψ? ψ T T T T?? T? R[φ ψ], φ, ψ? φ ψ? r R[φ ψ], φ, ψ φ ψ R[φ ψ] l, φ φ ψ R[φ ψ] l, φ? φ ψ? l R[φ ψ] l, φ φ ψ R[φ ψ] r, ψ φ ψ φ φ? Vl T? ψ ψ? Vr T? R[φ ψ] r, ψ? φ ψ? r R[φ ψ] r, ψ φ ψ φ ψ perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 14 / 26

Rule-based monitoring example: trace and formula trace z y b x,y x,z y property: a b perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 15 / 26

Preprocessing: parsing, encoding V rules for V a rules for a rules for b rules for b perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 16 / 26

Running: cell monitoring trace z y b x,y x,z y V V V V? a a F a F? a F? b b F b F b F perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 17 / 26

Rules as a network ev1) R[ a], [a]t [ a]t ev2) R[ a], [a]f [ a]? re1) [ a]? R[a], R[ a] R[<>a] [a]t [a]f [<>a]? ev_1 ev_2 re_1 [<>a]t [<>a]? R[a] R[<>a] a R[a] [ a]? [a]t [U] R[ a] [a]f [a]? [ a]f END [ a]t [ a]?p [a]f [a]t a R[a] R[ a] [ a]t [ a]?p [F] END [S] [ a]f [ a]? perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 18 / 26

Example: creating the network a b rules for a rules for b rules for rules for V b violated a violated a satisfied b satisfied b pending av b pending av b satisfied perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 19 / 26

Example: firing the network trace z y b x,y x,z y b violated a violated a satisfied b satisfied b pending av b pending av b satisfied perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 20 / 26

Example: convergence trace z y b x,y x,z y b violated a violated a satisfied b satisfied b pending av b pending av b satisfied V pending a violated pending b violated perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 21 / 26

Example: convergence trace z y b x,y x,z y b violated a violated b satisfied b satisfied b pending av b pending av b satisfied V satisfied a ignored satisfied b satisfied perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 22 / 26

Wrap-up The (rule) language of RuleRunner allows for implicit representation of time and involves no alternatives. Using CIL 2 P, RuleRunner can be encoded in a standard neural network (one-hidden layer, feedforward, with recurrent connections). In every cell of the trace, the network converges and the activated output neurons represent the truth evaluations for each subformula of the monitored property (e.g. [a]t, [ b]?..). The obtained network is capable of performing LTL runtime verification over finite traces. RuleRunner is implemented in java. We implemented the neural encoding and tested various libraries for matrices manipulation (native, Jama, Cern s Colt, JBLAS..) with poor performances. Then we tried to declare the weight matrices as sparse. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 23 / 26

Sparse matrices X axis: number of RuleRunner rules. Y axis: number of seconds required to monitor 10.000 random cells. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 24 / 26

Conclusions We are interested in a neural-symbolic system for combining reasoning and learning about temporal properties. We developed an ad-hoc rule system, RuleRunner, that avoids possible worlds and explicit time representation With minor adjustments, a RuleRunner rule system can be encoded in a standard neural network using CIL 2 P By explicit sparse matrices manipulation, the neural network implementation outperformed the rule-based one. We are currently working on learning and extraction. perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 25 / 26

Thank you perotti@di.unito.it Neural-symbolic workshop 2013 August 5, 2013 26 / 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback