Minimal Assumptions Refinement for Realizable Specifications

Cavezza, Davide G.; Alrajeh, Dalal; György, András

doi:10.1145/3372020.3391557

Cited by 8 publications

(12 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Learning Assumptions. The problem of automatically inferring assumptions of software components, a.k.a supervisory control problem, was widely studied in the literature (e.g., [1], [7]- [9], [67], [80]- [84]). However, the solutions proposed in the literature are solely focused on components specified in finite-state machines and are not applicable to signal-based formalisms (e.g., Simulink ® models), that are widely used to specify CPS components (see Section I).…”

Section: Threats To Validitymentioning

confidence: 99%

“…The problem of synthesizing environment assumptions has been extensively studied in the area of formal verification and compositional reasoning (e.g., [3]- [7]). There have been approaches to automate the generation of environment assumptions in the context of assume-guarantee reasoning using an exact learning algorithm for regular languages and finite state automata [1], [8], [9].…”

mentioning

confidence: 99%

See 1 more Smart Citation

Combining Genetic Programming and Model Checking to Generate Environment Assumptions

Gaaloul

Menghi

Nejati

et al. 2022

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Software verification may yield spurious failures when environment assumptions are not accounted for. Environment assumptions are the expectations that a system or a component makes about its operational environment and are often specified in terms of conditions over the inputs of that system or component. In this article, we propose an approach to automatically infer environment assumptions for Cyber-Physical Systems (CPS). Our approach improves the state-of-the-art in three different ways: First, we learn assumptions for complex CPS models involving signal and numeric variables; second, the learned assumptions include arithmetic expressions defined over multiple variables; third, we identify the trade-off between soundness and informativeness of environment assumptions and demonstrate the flexibility of our approach in prioritizing either of these criteria.We evaluate our approach using a public domain benchmark of CPS models from Lockheed Martin and a component of a satellite control system from LuxSpace, a satellite system provider. The results show that our approach outperforms stateof-the-art techniques on learning assumptions for CPS models, and further, when applied to our industrial CPS model, our approach is able to learn assumptions that are sufficiently close to the assumptions manually developed by engineers to be of practical value.

show abstract

Section: Threats To Validitymentioning

confidence: 99%

mentioning

confidence: 99%

Combining Genetic Programming and Model Checking to Generate Environment Assumptions

Gaaloul

Menghi

Nejati

et al. 2022

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

show abstract

“…In the first two project classes, in 2015 and in 2017, the students have developed about 10 different autonomous Lego robots, which they wrote the specifications for, and actually built and run. 14 In the third and fourth project classes, in 2019 and 2020, the students have developed several example systems with a PC-based simulation. From these classes, we have collected over 320 versions of specifications, all written by these students as they worked on their projects for several months.…”

Section: Collections Of Spectra Specificationsmentioning

confidence: 99%

“…Indeed, we have already used SYNTECH15 and SYNTECH17 as benchmarks to examine the motivation for and the efficiency and effectiveness of various analyses, e.g., [28,43,51,53]. Others have also already used them, e.g., [14,59]. As we make these collections publicly available, we hope they will serve to advance reactive synthesis research and its future use in practice.…”

Section: The Syntech Collections As Benchmarksmentioning

confidence: 99%

Spectra: a specification language for reactive systems

Maoz

Ringert

2021

Softw Syst Model

View full text Add to dashboard Cite

We introduce Spectra, a new specification language for reactive systems, specifically tailored for the context of reactive synthesis. The meaning of Spectra is defined by a translation to a kernel language. Spectra comes with the Spectra Tools, a set of analyses, including a synthesizer to obtain a correct-by-construction implementation, several means for executing the resulting controller, and additional analyses aimed at helping engineers write higher-quality specifications. We present the language in detail and give an overview of its tool set. Together with the language and its tool set, we present four collections of many, non-trivial, large specifications, written by undergraduate computer science students for the development of autonomous Lego robots and additional example reactive systems. The collected specifications can serve as benchmarks for future studies on reactive synthesis. We present the specifications, with observations and lessons learned about the potential use of reactive synthesis by software engineers.

show abstract

“…Other works have considered means to repair unrealizable specifications by automatically suggesting additional assumptions that will make the specification realizable, see, e.g., [2], [8], [9], [10], [21]. It may be possible to combine the computation of a core or of all cores with a repair approach.…”

Section: Other Approaches To Dealing With Gr(1) Unrealizabilitymentioning

confidence: 99%

Unrealizable Cores for Reactive Systems Specifications

Maoz

Shalom

2021

2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE)

View full text Add to dashboard Cite

One of the main challenges of reactive synthesis, an automated procedure to obtain a correct-by-construction reactive system, is to deal with unrealizable specifications. One means to deal with unrealizability, in the context of GR(1), an expressive assume-guarantee fragment of LTL that enables efficient synthesis, is the computation of an unrealizable core, which can be viewed as a fault-localization approach. Existing solutions, however, are computationally costly, are limited to computing a single core, and do not correctly support specifications with constructs beyond pure GR(1) elements.In this work we address these limitations. First, we present QuickCore, a novel algorithm that accelerates unrealizable core computations by relying on the monotonicity of unrealizability, on an incremental computation, and on additional properties of GR(1) specifications. Second, we present Punch, a novel algorithm to efficiently compute all unrealizable cores of a specification. Finally, we present means to correctly handle specifications that include higher-level constructs beyond pure GR(1) elements.We implemented our ideas on top of Spectra, an opensource language and synthesis environment. Our evaluation over benchmarks from the literature shows that QuickCore is in most cases faster than previous algorithms, and that its relative advantage grows with scale. Moreover, we found that most specifications include more than one core, and that Punch finds all the cores significantly faster than a competing naive algorithm.

show abstract

Minimal Assumptions Refinement for Realizable Specifications

Cited by 8 publications

References 37 publications

Combining Genetic Programming and Model Checking to Generate Environment Assumptions

Combining Genetic Programming and Model Checking to Generate Environment Assumptions

Spectra: a specification language for reactive systems

Unrealizable Cores for Reactive Systems Specifications

Contact Info

Product

Resources

About