The metric analogue of weak bisimulation for probabilistic processes

Desharnais, Jules; Jagadeesan, Radha; Gupta, Vineet; Panangaden, Prakash

doi:10.1109/lics.2002.1029849

Cited by 111 publications

(204 citation statements)

References 21 publications

Supporting

Mentioning

198

Contrasting

Order By: Relevance

“…Intuitively, in the context of transportation problem, Kantorovich metric gives the lowest total cost of transporting the mass of one distribution µ to the other distribution µ ′ , while our variant is used to achieve the lowest cost of transportation per unit mass of µ ′ , the ratio representing the optimal efficiency. We also show that our variant satisfies most of the properties of the metric in [11]: in particular, it can be characterized by a fixed-point construction, and it extends weak bisimilarity.…”

Section: Introductionmentioning

confidence: 78%

“…In their seminal work, Desharnais et al [11] proposed a pseudo metric based on the Kantorovich metric, which is particularly appealing because it extends weak bisimilarity (captured by the property of having distance 0) and it is based on a natural way of relating probability masses distributed on a metric space. It also satisfies the property that the composition does not increase the distance, which can be considered the metric generalization of the congruence property.…”

Section: Introductionmentioning

confidence: 99%

“…It is therefore natural to explore also the use of bisimulation metrics, and to consider the metricà la Kantorovic proposed in [11], which represents a cornerstone in this area. However, we cannot use directly the metric of [11] because it does not imply differential privacy: the problem is that the difference in probabilities in this metric is accounted for additively, while differential privacy is a property about their ratio. Thus, we propose a multiplicative variant of it, and obtain a pseudometric that, to the best of our knowledge, is new.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Metrics for Differential Privacy in Concurrent Systems

Chatzikokolakis

Lin

2014

Formal Techniques for Distributed Objects, Components, and Systems

View full text Add to dashboard Cite

Abstract. Originally proposed for privacy protection in the context of statistical databases, differential privacy is now widely adopted in various models of computation. In this paper we investigate techniques for proving differential privacy in the context of concurrent systems. Our motivation stems from the work of Tschantz et al., who proposed a verification method based on proving the existence of a stratified family of bijections between states, that can track the privacy leakage, ensuring that it does not exceed a given leakage budget. We improve this technique by investigating state properties which are more permissive and still imply differential privacy. We consider three pseudometrics on probabilistic automata: The first one is essentially a reformulation of the notion proposed by Tschantz et al. The second one is a more liberal variant, still based on the existence of a family of bijections, but relaxing the relation between them by integrating the notion of amortization, which results into a more parsimonious use of the privacy budget. The third one aims at relaxing the bijection requirement, and is inspired by the Kantorovich-based bisimulation metric proposed by Desharnais et al. We cannot adopt the latter notion directly because it does not imply differential privacy. Thus we propose a multiplicative variant of it, and prove that it is still an extension of weak bisimulation. We show that for all the pseudometrics the level of differential privacy is continuous on the distance between the starting states, which makes them suitable for verification. Moreover we formally compare these three pseudometrics, proving that the latter two metrics are indeed more permissive than the first one, but incomparable with each other, thus constituting two alternative techniques for the verification of differential privacy.

show abstract

Section: Introductionmentioning

confidence: 78%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Metrics for Differential Privacy in Concurrent Systems

Chatzikokolakis

Lin

2014

Formal Techniques for Distributed Objects, Components, and Systems

View full text Add to dashboard Cite

show abstract

“…However, this notion turns out to be still too strict and a number of researchers developed "approximate" versions; among them we just name the approaches by Desharnais et.al. [17,18] and van Breugel [19] and our work [10,20] (an extensive bibliography on this issue can be found in [21]). We based this current paper on the latter approach because it allows for an implementation of the semantics of pWhile via linear operators, i.e.…”

Section: Related and Further Workmentioning

confidence: 99%

Quantifying Timing Leaks and Cost Optimisation

Pierro

Hankin

Wiklicky

2008

Information and Communications Security

View full text Add to dashboard Cite

show abstract

“…Approximate notions of probabilistic bisimilarity are formally characterised and computed for finite-state labelled Markov processes in [17]. Metrics are also discussed and employed in [16] and applied to weak notions of bisimilarity for finite-state processes, and in [23,24,25] for (finite and infinite) Markov decision processes -in particular, [25] looks at models with uncountable state spaces. The work in [23] is extended by on-the-fly techniques in [12] over finite-state Markov decision processes.…”

Section: Introductionmentioning

confidence: 99%

Probabilistic Model Checking of Labelled Markov Processes via Finite Approximate Bisimulations

Abate

Kwiatkowska

Norman

et al. 2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. This paper concerns labelled Markov processes (LMPs), probabilistic models over uncountable state spaces originally introduced by Prakash Panangaden and colleagues. Motivated by the practical application of the LMP framework, we study its formal semantics and the relationship to similar models formulated in control theory. We consider notions of (exact and approximate) probabilistic bisimulation over LMPs and, drawing on methods from both formal verification and control theory, propose a simple technique to compute an approximate probabilistic bisimulation of a given LMP, where the resulting abstraction is characterised as a finite-state labelled Markov chain (LMC). This construction enables the application of automated quantitative verification and policy synthesis techniques over the obtained abstract model, which can be used to perform approximate analysis of the concrete LMP. We illustrate this process through a case study of a multi-room heating system that employs the probabilistic model checker PRISM.

show abstract

The metric analogue of weak bisimulation for probabilistic processes

Cited by 111 publications

References 21 publications

Metrics for Differential Privacy in Concurrent Systems

Metrics for Differential Privacy in Concurrent Systems

Quantifying Timing Leaks and Cost Optimisation

Probabilistic Model Checking of Labelled Markov Processes via Finite Approximate Bisimulations

Contact Info

Product

Resources

About