No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Analysis and Verification of Navigation Strategies by Abstract Interpretation of Cellular Automata
Abstract
We present a new approach to the analysis and verification of simple properties of character navigation. We model navigation strategies for virtual characters by cellular automata, and use standard abstract interpretation techniques for abstracting and verifying navigation properties.
ResearchGate has not been able to resolve any citations for this publication.
We propose a numerical abstract domain based on parallelotopes. A parallelotope is a polyhedron whose constraint matrix is squared and invertible. The domain of parallelotopes is a fully relational abstraction of the Cousot and Halbwachsʼ polyhedra abstract domain, and does not use templates. We equip the domain of parallelotopes with all the necessary operations for the analysis of imperative programs, and show optimality results for the abstract operators.
In 1995, HyTech broke new ground as a potentially powerful tool for verifying hybrid systems. But due to practical and systematic
limitations it is only applicable to relatively simple systems. We address the main problems of HyTech with PHAVer, a new
tool for the exact verification of safety properties of hybrid systems with piecewise constant bounds on the derivatives,
so-called linear hybrid automata. Affine dynamics are handled by on-the-fly overapproximation and partitioning of the state
space based on user-provided constraints and the dynamics of the system. PHAVer features exact arithmetic in a robust implementation
that, based on the Parma Polyhedra Library, supports arbitrarily large numbers. To force termination and manage the complexity
of the polyhedral computations, we propose methods to conservatively limit the number of bits and constraints of polyhedra.
Experimental results for a navigation benchmark and a tunnel diode circuit demonstrate the effectiveness of the approach.
We propose a new technique for developing ad-hoc numerical abstract domains by means of statistical analysis. We apply Principal
Component Analysis to partial execution traces of programs, to find out a “best basis” in the vector space of program variables.
This basis may be used to specialize numerical abstract domains, in order to enhance the precision of the analysis. As an
example, we apply our technique to interval analysis of simple imperative programs.
The virtual worlds of computer games and similar animated simulations may be populated by autonomous characters that intelligently
navigate in virtual cities. We concretely apply hybrid system theory and tools to model navigation strategies for virtual
characters. In particular, we present hybrid systems for both low-level (local) and high-level (global) navigation strategies, and we describe how we modeled these systems using the hybrid system specification tool Charon.
Further, we directly employed our hybrid system models to generate animations that demonstrate these navigation strategies.
Overall, our results suggest that hybrid systems may be a natural framework for modeling aspects of intelligent virtual actors.
We also present a small verification example for a simple navigation strategy, and we briefly discuss obstacles to widespread
practical applicability of verification in this problem domain.
Semantic analysis of programs is essential in optimizing compilers and program verification systems. It encompasses data flow analysis, data type determination, generation of approximate invariant assertions, etc. This paper is devoted to the systematic and correct design of program analysis frameworks with respect to a formal semantics.
In the theory of abstract interpretation, we introduce the observational completeness, which extends the common notion of completeness. A domain is complete when abstract computations are as precise as concrete computations. A domain is observationally complete for an observable *** when abstract computations are as precise as concrete computations, if we only look at properties in *** . We prove that continuity of state-transition functions ensures the existence of the least observationally complete domain. When state-transition functions are additive, the least observationally complete domain boils down to the complete shell.
We present a tool which performs abstract interpretation based static analysis of numerical variables. The novelty is that
the analysis is parametric, and parameters are chosen by applying a variant of principal component analysis to partial execution
traces of programs.
In the theory of abstract interpretation, a domain is complete when abstract computations are as precise as concrete computations. In addition to the standard notion of completeness, we introduce the concept of observational completeness. A domain is observationally complete for an observable π when abstract computations are as precise as concrete computations, if we only look at properties in π. We prove that continuity of state-transition functions ensures the existence of the least observationally complete domain and we provide a constructive characterization. We study the relationship between the least observationally complete domain and the complete shell. We provide sufficient conditions under which they coincide, and show several examples where they differ, included a detailed analysis of cellular automata.
We present the tool Random (R-based Analyzer for Numerical DOMains) for static analysis of imperative programs. The tool is based on the theory of abstract interpretation and implements several abstract domains for detecting numerical properties, in particular integer loop invariants. The tool combines a statistical dynamic analysis with a static analysis on the new domain of parallelotopes. The tool has a graphical interface for tuning the parameters of the analysis and visualizing partial traces.
We propose a new technique combining dynamic and static analysis of programs to find linear invariants. We use a statistical tool, called simple component analysis, to analyze partial execution traces of a given program. We get a new coordinate system in the vector space of program variables, which is used to specialize numerical abstract domains. As an application, we instantiate our technique to interval analysis of simple imperative programs and show some experimental evaluations.
We develop an algebraic framework, Logic Programming Doctrines, for the syntax, proof theory, operational semantics and model theory of Horn Clause logic programming based on indexed premonoidal categories. Our aim is to provide a uniform framework for logic programming and its extensions capable of incorporating constraints, abstract data types, features imported from other programming language paradigms and a mathematical description of the state space in a declarative manner. We define a new way to embed information about data into logic programming derivations by building a sketch-like description of data structures directly into an indexed category of proofs. We give an algebraic axiomatization of bottom-up semantics in this general setting, describing categorical models as fixed points of a continuous operator.
Abstract interpretation is a theory of semantics approximation that is used for the construction of semantic-based program analysis algorithms (sometimes called “data flow analysis”), the comparison of formal semantics (e.g., construction of a denotational semantics from an operational one), design of proof methods, etc.Automatic program analysers are used for determining statistically conservative approximations of dynamic properties of programs. Such properties of the run-time behavior of programs are useful for debugging (e.g., type inference), code optimization (e.g., compile-time garbage collection, useless occur-check elimination), program transformation (e.g., partial evaluation, parallelization), and even program correctness proofs (e.g., termination proof).After a few simple introductory examples, we recall the classical framework for abstract interpretation of programs. Starting from a ground operational semantics formalized as a transition system, classes of program properties are first encapsulated in collecting semantics expressed as fixpoints on partial orders representing concrete program properties. We consider invariance properties characterizing descendants of the initial states (corresponding to top/down or forward analyses), ascendant states of the final states (corresponding to bottom/up or backward analyses) as well as a combination of the two. Then we choose specific approximate abstract properties to be gathered about program behaviors and express them as elements of a poset of abstract properties. The correspondence between concrete and abstract properties is established by a concretization and abstraction function that is a Galois connection formalizing the loss of information. We can then constructively derive the abstract program properties from the collecting semantics by a formal computation leading to a fixpoint expression in terms of abstract operators on the domain of abstract properties. The design of the abstract interpreter then involves the choice of a chaotic iteration strategy to solve this abstract fixpoint equation. We insist on the compositional design of this abstract interpreter, which is formalized by a series of propositions for designing Galois connections (such as Moore families, decomposition by partitioning, reduced product, down-set completion, etc.). Then we recall the convergence acceleration methods using widening and narrowing allowing for the use of very expressive infinite domains of abstract properties.We show that this classical formal framework can be applied in extenso to logic programs. For simplicity, we use a variant of SLD-resolution as the ground operational semantics. The first example is groundness analysis, which is a variant of Mellish mode analysis. It is extended to a combination of top/down and bottom/up analyses. The second example is the derivation of constraints among argument sizes, which involves an infinite abstract domain requiring the use of convergence accelaration methods. We end up with a short thematic guide to the literature on abstract interpretation of logic programs.
Presents a model-checking procedure and its implementation for the
automatic verification of embedded systems. The system components are
described as hybrid automata-communicating machines with finite control
and real-valued variables that represent continuous environment
parameters such as time, pressure and temperature. The system
requirements are specified in a temporal logic with stop-watches, and
verified by symbolic fixpoint computation. The verification
procedure-implemented in the Cornell Hybrid Technology tool,
HyTech-applies to hybrid automata whose continuous dynamics is governed
by linear constraints on the variables and their derivatives. We
illustrate the method and the tool by checking safety, liveness,
time-bounded and duration requirements of digital controllers,
schedulers and distributed algorithms
We introduce the framework of hybrid automata as a model and specification language for hybrid systems. Hybrid automata can be viewed as a generalization of timed automata, in which the behavior of variables is governed in each state by a set of differential equations. We show that many of the examples considered in the workshop can be defined by hybrid automata. While the reachability problem is undecidable even for very restricted classes of hybrid automata, we present two semidecision procedures for verifying safety properties of piecewise-linear hybrid automata, in which all variables change at constant rates. The two procedures are based, respectively, on minimizing and computing fixpoints on generally infinite state spaces. We show that if the procedures terminate, then they give correct answers. We then demonstrate that for many of the typical workshop examples, the procedures do terminate and thus provide an automatic way for verifying their properties. 1 Introduction More and...
A hybrid system is a dynamical system whose behavior exhibits both discrete and continuous change. A hybrid automaton is a mathematical model for hybrid systems, which combines, in a single formalism, automaton transitions for capturing discrete change with differential equations for capturing continuous change. HyTech is a symbolic model checker for linear hybrid automata, a subclass of hybrid automata that can be analyzed automatically by computing with polyhedral state sets. A key feature of HyTech is its ability to perform parametric analysis, i.e. to determine the values of design parameters for which a linear hybrid automaton satisfies a temporal-logic requirement.
Since hybrid embedded systems are pervasive and often safetycritical, guarantees about their correct performance are desirable. The hybrid systems model checker HyTech provides such guarantees and has successfully verified some systems. However, HyTech severely restricts the continuous dynamics of the system being analyzed and, therefore, often forces the use of prohibitively expensive discrete and polyhedral abstractions. We have designed a new algorithm, which is capable of directly verifying hybrid systems with general continuous dynamics, such as linear and nonlinear differential equations. The new algorithm conservatively overapproximates the reachable states of a hybrid automaton by using interval numerical methods. Interval numerical methods return sets of points that enclose the true result of numerical computation and, thus, avoid distortions due to the accumulation of round-off errors. We have implemented the new algorithm in a successor tool to HyTech called HyperTech. We consider three examples: a thermostat with delay, a two-tank water system, and an air-traffic collision avoidance protocol. HyperTech enables the direct, fully automatic analysis of these systems, which is also more accurate than the use of polyhedral abstractions.
The abstract domain of parallelotopes Electronic Notes in Theoretical Computer Science
- G Amato
- F Scozzari