Explaining counterexamples using causality

Beer, Ilan; Ben-David, Shoham; Chockler, Hana; Orni, Avigail; Trefler, Richard J.

doi:10.1007/s10703-011-0132-2

Cited by 93 publications

(87 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other related papers include error diagnosis by abductive/backward inference [15], tracking down bugs by dynamic invariant detection [23]. Actual causality is applied to explain counterexamples from model checker [6] and estimate the coverage of specification [10]. Besides, there are researches on analyzing causes of specific security issues.…”

Section: Related Workmentioning

confidence: 99%

Responsibility Analysis by Abstract Interpretation

Deng

Cousot

2019

Static Analysis

View full text Add to dashboard Cite

Given a behavior of interest in the program, statically determining the corresponding responsible entity is a task of critical importance, especially in program security. Classical static analysis techniques (e.g. dependency analysis, taint analysis, slicing, etc.) assist programmers in narrowing down the scope of responsibility, but none of them can explicitly identify the responsible entity. Meanwhile, the causality analysis is generally not pertinent for analyzing programs, and the structural equations model (SEM) of actual causality misses some information inherent in programs, making its analysis on programs imprecise. In this paper, a novel definition of responsibility based on the abstraction of event trace semantics is proposed, which can be applied in program security and other scientific fields. Briefly speaking, an entity ER is responsible for behavior B, if and only if ER is free to choose its input value, and such a choice is the first one that ensures the occurrence of B in the forthcoming execution. Compared to current analysis methods, the responsibility analysis is more precise. In addition, our definition of responsibility takes into account the cognizance of the observer, which, to the best of our knowledge, is a new innovative idea in program analysis.

show abstract

Section: Related Workmentioning

confidence: 99%

Responsibility Analysis by Abstract Interpretation

Deng

Cousot

2019

Static Analysis

View full text Add to dashboard Cite

show abstract

“…The seminal work in [15] has been adopted in various settings. Closely related to the explanation of failures based on adoptions of [15] are the results in [3,20,7], for instance. All these works adjust the definition of causality in [15] to the setting of system executions leading to a failure.…”

Section: Introductionmentioning

confidence: 99%

“…All these works adjust the definition of causality in [15] to the setting of system executions leading to a failure. The approach in [3] considers one such execution at a time, and uses counterfactual causal reasoning for identifying the points in the trace that are relevant for the failure. The results in [20,7], on the other hand, aim at discovering the causal explanations for all failures in a system, and strongly rely on model-checking based techniques [2].…”

Section: Introductionmentioning

confidence: 99%

Explaining SDN Failures via Axiomatisations

Caltais

2019

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

This work introduces a concept of explanations with respect to the violation of safe behaviours within software defined networks (SDNs) expressible in NetKAT. The latter is a network programming language that is based on a well-studied mathematical structure, namely, Kleene Algebra with Tests (KAT). Amongst others, the mathematical foundation of NetKAT gave rise to a sound and complete equational theory. In our setting, a safe behaviour is characterised by a NetKAT policy which does not enable forwarding packets from ingress to an undesirable egress. Explanations for safety violations are derived in an equational fashion, based on a modification of the existing NetKAT axiomatisation.

show abstract

“…Generating small and indicative counterexamples only is not enough for understanding the error. Therefore, in conventional model checking many works have addressed the analysis of counterexamples to better understand the failure [18], [23], [10]. As it was done in conventional model checking, addressing the error explanation in probabilistic model checking is highly required, especially that probabilistic counterexample consists of multiple paths instead of single path and it is probabilistic.…”

Section: Introductionmentioning

confidence: 99%

Debugging of Markov Decision Processes (MDPs) Models

Debbi¹

2016

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

In model checking, a counterexample is considered as a valuable tool for debugging. In Probabilistic Model Checking (PMC), counterexample generation has a quantitative aspect. The counterexample in PMC is a set of paths in which a path formula holds, and their accumulative probability mass violates the probability threshold. However, understanding the counterexample is not an easy task. In this paper we address the task of counterexample analysis for Markov Decision Processes (MDPs). We propose an aided-diagnostic method for probabilistic counterexamples based on the notions of causality, responsibility and blame. Given a counterexample for a Probabilistic CTL (PCTL) formula that does not hold over an MDP model, this method guides the user to the most relevant parts of the model that led to the violation.Comment: In Proceedings CREST 2016, arXiv:1608.0739

show abstract

Explaining counterexamples using causality

Cited by 93 publications

References 26 publications

Responsibility Analysis by Abstract Interpretation

Responsibility Analysis by Abstract Interpretation

Explaining SDN Failures via Axiomatisations

Debugging of Markov Decision Processes (MDPs) Models

Contact Info

Product

Resources

About