K. Inaba,S. Hidaka,Z. Hu,H. Kato,K. Nakano

2010-01-01

Abstract:This paper presents a static verification algorithm for a core subset of UnCAL, the query algebra for graph-structured databases proposed by Bunemann et al. Given a query and input/output schemas, our algorithm statically verifies that any graph satisfying the input schema is converted by the query to a graph satisfying the output schema. The basic idea is to reformulate the semantics of UnCAL using monadic second-order logic (MSO). The logic-based foundation allows to express the schema satisfaction of transformations as the validity of MSO formulas over graph structures. Furthermore, with several insights on the established properties of UnCAL, the problem turns out to be reducible to the validity of MSO over trees, which has a sound and complete decision procedure.

Soichiro Hidaka,Zhenjiang Hu,Kazuhiro Inaba,Hiroyuki Kato,Kazutaka Matsuda,Keisuke Nakano

DOI: https://doi.org/10.1145/1932681.1863573

2010-01-01

Abstract:Bidirectional transformations provide a novel mechanism for synchronizing and maintaining the consistency of information between input and output. Despite many promising results on bidirectional transformations, these have been limited to the context of relational or XML (tree-like) databases. We challenge the problem of bidirectional transformations within the context of graphs, by proposing a formal definition of a well-behaved bidirectional semantics for UnCAL, i.e., a graph algebra for the known UnQL graph query language. The key to our successful formalization is full utilization of both the recursive and bulk semantics of structural recursion on graphs. We carefully refine the existing forward evaluation of structural recursion so that it can produce sufficient trace information for later backward evaluation. We use the trace information for backward evaluation to reflect in-place updates and deletions on the view to the source, and adopt the universal resolving algorithm for inverse computation and the narrowing technique to tackle the difficult problem with insertion. We prove our bidirectional evaluation is well-behaved. Our current implementation is available online and confirms the usefulness of our approach with nontrivial applications.

S. Hidaka,Zhenjiang Hu,K. Inaba,H. Kato,Kazutaka,Matsuda,Keisuke Nakano,Isao Sasano

2011-01-01

Abstract:Buneman et al. proposed a graph algebra called UnCAL (Unstructured CALculus) for compositional graph transformations based on structural recursion, and we have recently applied to model transformations. The compositional nature of the algebra greatly enhances the modularity of transformations. However, intermediate results generated between composed transformations cause overhead. Buneman et al. proposed fusion rules that eliminate the intermediate results, but auxiliary rewriting rules that enable the actual application of the fusion rules are not apparent so far. UnCAL graph model includes the concept of markers, which correspond to recursive function call in the structural recursion. We have found that there are many optimization opportunities at rewriting level based on static analysis, especially focusing on markers. The analysis can safely eliminate redundant function calls. Performance evaluation shows its practical effectiveness for non-trivial examples in model transformations.

Soichiro Hidaka,Zhenjiang Hu,Kazuhiro Inaba,Hiroyuki Kato,Kazutaka Matsuda,Keisuke Nakano,Isao Sasano

DOI: https://doi.org/10.1007/978-3-642-32211-2_9

2011-01-01

Abstract:Buneman et al. proposed a graph algebra called UnCAL (Unstructured CALculus) for compositional graph transformations based on structural recursion, and we have recently applied to model transformations. The compositional nature of the algebra greatly enhances the modularity of transformations. However, intermediate results generated between composed transformations cause overhead. Buneman et al. proposed fusion rules that eliminate the intermediate results, but auxiliary rewriting rules that enable the actual application of the fusion rules are not apparent so far. UnCAL graph model includes the concept of markers, which correspond to recursive function call in the structural recursion. We have found that there are many optimization opportunities at rewriting level based on static analysis, especially focusing on markers. The analysis can safely eliminate redundant function calls. Performance evaluation shows its practical effectiveness for non-trivial examples in model transformations.

Kazuyuki Asada,Soichiro Hidaka,Hiroyuki Kato,Zhenjiang Hu

2012-01-01

Abstract:UnCAL was introduced as a graph transformation language for unordered finite graphs, and has a powerful transformation method for finite graphs: structural recursion. Although UnCAL is powerful and recently applied to model driven software engineering, there are two major limitations. One is that its graph model is only unordered graph in which branches of nodes are unordered. The other is its limited expressive power: structural recursion functions transform depth-direction well, but not well on sibling-direction. We solve these problems by generalizing the graph model and extending the expressive power of UnCAL. We generalize the type of branches of nodes from powerset to general monad, so that we introduce graph transformation languages λFG which are parameterized by (finitary) monads T . The special case where T is the finite powerset monad becomes an extension of UnCAL. Our crucial instance is the case of list monad for treating ordered graph, where we solve how to define bisimilarity between ordered graphs having edges labeled by an invisible label ε. Also we extend the expressive power of λFG from that of UnCAL: higher order functions and transformations for sibling dimension. We demonstrate that we can modularize designing graph transformation languages, by our generalization with monads and by monad transformers.

Y Zhao,YS Fan,XM Bai,Y Wang,H Cai,W Ding

DOI: https://doi.org/10.1109/cec-east.2004.70

2004-01-01

Abstract:In this paper, a meta-level and highly automated technique that could formally transform UML diagrams for verification is presented. Firstly, the meta-model hierarchical structure of UML is reviewed and the relationships among different UML diagrams are analyzed from different views. An approach for transforming and verifying UML statechart diagrams is developed based on graph transformation. This approach can be used to transform UML diagrams to Petri-nets while preserving dynamic consistency properties. Finally, the approach is validated through a case study.

Zhenjiang Hu

2012-01-01

Abstract:Bidirectional transformations provide a novel mechanism for synchronizing and maintaining the consistency of information between input and output. Despite many promising results on bidirectional transformations, these have been limited to lists and trees. We challenge the problem of bidirectional transformations on graphs, by proposing a formal definition of a well-behaved bidirectional semantics for UnCAL, a graph algebra. Our key idea is to treat graphs as compactable infinite trees and to manipulate trees by structural recursion. Specifically, we carefully refine the existing forward evaluation of structural recursion so that it can produce sufficient trace information for later backward evaluation, and we use the trace information for backward evaluation to reflect updates on the view to the source. We prove our bidirectional evaluation is well-behaved.

Zhenjiang Hu,K. Inaba,H. Matsuda,Keisuke

2009-01-01

Abstract:The bidirectional transformation problem has been attracting more and more attention in the programming language community. Despite many promising results about bidirectional transformation on linear strings or tree-like data structures, it remains as an open problem whether it is possible to design a language that can support practical development of bidirectional transformations on graphs. In this paper, we propose the first language-based (linguistic) solution towards solving this challenging problem. We approach this problem by giving a well-behaved bidirectional semantics for structural recursion (on graphs), the most essential construct in UnCAL which is the underlying graph algebra for the known UnQL graph query language. In particular, we carefully refine the existing forward evaluation of structural recursion so that it can produce useful trace information for later backward evaluation, and extending the bulk semantics of structural recursion from forward evaluation to backward evaluation. We have formally proved the well-behavedness of our bidirectional semantics, fully implemented bidirectional transformation engine for UnQL, and confirmed the effectiveness of our approach through many non-trivial examples including typical transformation in database and software engineering.

Einollah Pira

DOI: https://doi.org/10.1007/s11219-020-09542-x

2021-02-21

Software Quality Journal

Abstract:Safety is one of the most important features of modern software systems, especially safety-critical systems such as nuclear power plants, which can be checked exactly by model checking. Model checking is a formal verification technique that analyzes system properties through exploring all reachable states (state space) of a model of a system. The problem of the technique is that it confronts the state space explosion in large and complex systems due to exponential memory usage. Recent researches show that a partial and intelligent exploration of the state space can be a suitable solution to overcome this problem. In this paper, we propose a two-phase model checking for safety analysis of systems specified formally through graph transformations. In the first phase, the beam-search algorithm explores the state space to a specific number of states. In case of failure of the phase, the second phase starts: in systems specified through graph transformations, the rule applied on the previous state can determine the rule that can perform on the next state. In other words, the rule on current state depends on only the rule applied to previous state, not the one on earlier states. Hence, a Markov chain (MC) is estimated to capture dependencies between the sequence of applied rules in the state space explored by the beam-search algorithm. The MC is then employed to explore the remainder of the state space intelligently. To evaluate the effectiveness of the two-phase model checking, we implement it in GROOVE, an open source toolset for designing and model checking graph transformation systems. Experimental results show that the two-phase model checking has the high speed and accuracy in comparison with the existing meta-heuristic and evolutionary techniques.

computer science, software engineering

Zhenjiang Hu,K. Inaba,H. Matsuda,Keisuke Nakano

2009-01-01

Abstract:The bidirectional transformation problem has been attracting more and more attention in the programming language community. Despite many promising results about bidirectional transformation on linear strings or tree-like data structures, it remains as an open problem whether it is possible to design a language that can support practical development of bidirectional transformations on graphs. In this paper, we propose the first language-based (linguistic) solution towards solving this challenging problem. We approach this problem by giving a well-behaved bidirectional semantics for structural recursion (on graphs), the most essential construct in UnCAL which is the underlying graph algebra for the known UnQL graph query language. In particular, we carefully refine the existing forward evaluation of structural recursion so that it can produce useful trace information for later backward evaluation, and extending the bulk semantics of structural recursion from forward evaluation to backward evaluation. We have formally proved the well-behavedness of our bidirectional semantics, fully implemented bidirectional transformation engine for UnQL, and confirmed the effectiveness of our approach through many non-trivial examples including typical transformation in database and software engineering.

Prasita Mukherjee,Haoteng Yin

2023-08-19

Abstract:Model Checking is widely applied in verifying the correctness of complex and concurrent systems against a specification. Pure symbolic approaches while popular, suffer from the state space explosion problem due to cross product operations required that make them prohibitively expensive for large-scale systems and/or specifications. In this paper, we propose to use graph representation learning (GRL) for solving linear temporal logic (LTL) model checking, where the system and the specification are expressed by a B{ü}chi automaton and an LTL formula, respectively. A novel GRL-based framework \model, is designed to learn the representation of the graph-structured system and specification, which reduces the model checking problem to binary classification. Empirical experiments on two model checking scenarios show that \model achieves promising accuracy, with up to $11\times$ overall speedup against canonical SOTA model checkers and $31\times$ for satisfiability checking alone.

Logic in Computer Science,Artificial Intelligence,Software Engineering

Sebastian Siebertz,Alexandre Vigny

2024-11-23

Abstract:Tractability results for the model checking problem of logics yield powerful algorithmic meta theorems of the form: Every computational problem expressible in a logic $L$ can be solved efficiently on every class $\mathscr{C}$ of structures satisfying certain conditions. The most prominent logics studied in the field are (counting) monadic second-order logic (C)MSO, and first-order logic FO and its extensions. The complexity of CMSO model checking in general and of FO model checking on monotone graph classes is very well understood. In recent years there has been a rapid and exciting development of new algorithmic meta theorems. On the one hand there has been major progress for FO model checking on hereditary graph classes. This progress was driven by the development of a combinatorial structure theory for the logically defined monadically stable and monadically dependent graph classes, as well as by the advent of the new width measure twinwidth. On the other hand, new algorithmic meta theorems for new logics with expressive power between FO and CMSO offer a new unifying view on methods like the irrelevant vertex technique and recursive understanding. In this paper we overview the recent advances in algorithmic meta theorems and provide rough sketches for the methods to prove them.

Logic in Computer Science,Discrete Mathematics,Combinatorics,Logic

Paulius Stankaitis,Alexei Iliasov,David Adjepon-Yamoah,Alexander Romanovsky

DOI: https://doi.org/10.48550/arXiv.1611.02923

2016-11-09

Abstract:Event-B is one of more popular notations for model-based, proof driven specification. It offers a fairly high-level mathematical lan- guage based on FOL and ZF set theory and an economical yet expres- sive modelling notation. Model correctness is established by discharging proving a number conjectures constructed via a syntactic instantiation of schematic conditions. A large proportion of provable conjectures re- quires proof hints from a user. For larger models this becomes extremely onerous as identical or similar proofs have to be repeated over and over, especially after model refactoring stages. In the paper we briefly present a new Rodin Platform proof back-end based on the Why3 umbrella prover.

Software Engineering

Yunkai Lou,Chaokun Wang,Songyao Wang

DOI: https://doi.org/10.1109/tbdata.2024.3455172

2024-01-01

IEEE Transactions on Big Data

Abstract:With the wide application of graphs in various fields, graph query languages have attracted more and more attention. Existing graph query languages, such as GraphQL and SoQL, mostly have similar expressive power as the first-order logic or its extended versions, and are limited when used to express various queries. In this paper, since the graph data model is the base of the graph query language, we propose a new graph data model with the expressive power of monadic second-order logic (abbr. MSOL), and then present a more expressive SQL- like declarative graph query language named $SOGQL$ to support more common queries efficiently. Specifically, a new graph calculus is firstly proposed based on MSOL for attributed graphs. Then, the new graph data model is proposed. Its graph algebra, which operates on graph sets, has seven fundamental operators such as union, filter, map, and reduce. Next, the graph query language $SOGQL$ is proposed based on the graph data model. Since the graph algebra has the same expressive power as the graph calculus, $SOGQL$ has the expressive power of MSOL, and can express queries with constraints on subgraphs. Moreover, applied with $SOGQL$ , a prototype system named $SOGDB$ is implemented. $SOGDB$ is applied with $SOGQL$ , and the experimental results show its efficiency.

Shumo Chu,Brendan Murphy,Jared Roesch,Alvin Cheung,Dan Suciu

DOI: https://doi.org/10.48550/arXiv.1802.02229

2018-05-24

Abstract:Deciding the equivalence of SQL queries is a fundamental problem in data management. As prior work has mainly focused on studying the theoretical limitations of the problem, very few implementations for checking such equivalences exist. In this paper, we present a new formalism and implementation for reasoning about the equivalences of SQL queries. Our formalism, U-semiring, extends SQL's semiring semantics with unbounded summation and duplicate elimination. U-semiring is defined using only very few axioms and can thus be easily implemented using proof assistants such as Coq for automated query reasoning. Yet, they are sufficient enough to enable us reason about sophisticated SQL queries that are evaluated over bags and sets, along with various integrity constraints. To evaluate the effectiveness of U-semiring, we have used it to formally verify 39 query rewrite rules from both classical data management research papers and real-world SQL engines, where many of them have never been proven correct before.

Databases,Programming Languages

Daniel Castanho,Mário Pereira

DOI: https://doi.org/10.48550/arXiv.2207.09854

2022-07-20

Abstract:Functional programming offers the perfect ground for building correct-by-construction software. Languages of such paradigm normally feature state-of-the-art type systems, good abstraction mechanisms, and well-defined execution models. We claim that all of these make software written in a functional language excellent targets for formal certification. Yet, somehow surprising, techniques such as deductive verification have been seldom applied to large-scale programs, written in mainstream functional languages. In this paper, we wish to address this situation and present the auto-active proof of realistic OCaml implementations. We choose implementations issued from the OCamlgraph library as our target, since this is both a large-scale and widely-used piece of OCaml code. We use Cameleer, a recently proposed tool for the deductive verification of OCaml programs, to conduct the proofs of the selected case studies. The vast majority of such proofs are completed fully-automatically, using SMT solvers, and when needed we can apply lightweight interactive proof inside the Why3 IDE (Cameleer translates an input program into an equivalent WhyML one, the language of the Why3 verification framework). To the best of our knowledge, these are the first mechanized, mostly-automated proofs of graph algorithms written in OCaml.

Logic in Computer Science

Márk Somorjai,Mihály Dobos-Kovács,Zsófia Ádám,Levente Bajczi,András Vörös

DOI: https://doi.org/10.4204/EPTCS.402.11

2024-04-24

Abstract:Constrained Horn Clauses (CHCs) have conventionally been used as a low-level representation in formal verification. Most existing solvers use a diverse set of specialized techniques, including direct state space traversal or under-approximating abstraction, necessitating purpose-built complex algorithms. Other solvers successfully simplified the verification workflow by translating the problem to inputs for other verification tasks, leveraging the strengths of existing algorithms. One such approach transforms the CHC problem into a recursive program roughly emulating a top-down solver for the deduction task; and verifying the reachability of a safety violation specified as a control location. We propose an alternative bottom-up approach for linear CHCs, and evaluate the two options in the open-source model checking framework THETA on both synthetic and industrial examples. We find that there is a more than twofold increase in the number of solved tasks when the novel bottom-up approach is used in the verification workflow, in contrast with the top-down technique.

Logic in Computer Science,Software Engineering

Stephane Grumbach,Zhilin Wu

DOI: https://doi.org/10.48550/arXiv.0904.1902

2009-04-13

Abstract:We consider distributed model-checking of Monadic Second-Order logic (MSO) on graphs which constitute the topology of communication networks. The graph is thus both the structure being checked and the system on which the distributed computation is performed. We prove that MSO can be distributively model-checked with only a constant number of messages sent over each link for planar networks with bounded diameter, as well as for networks with bounded degree and bounded tree-length. The distributed algorithms rely on nontrivial transformations of linear time sequential algorithms for tree decompositions of bounded tree-width graphs.

Logic in Computer Science,Distributed, Parallel, and Cluster Computing

Shumo Chu,Konstantin Weitz,Alvin Cheung,Dan Suciu

DOI: https://doi.org/10.48550/arXiv.1607.04822

2016-08-06

Abstract:Every database system contains a query optimizer that performs query rewrites. Unfortunately, developing query optimizers remains a highly challenging task. Part of the challenges comes from the intricacies and rich features of query languages, which makes reasoning about rewrite rules difficult. In this paper, we propose a machine-checkable denotational semantics for SQL, the de facto language for relational database, for rigorously validating rewrite rules. Unlike previously proposed semantics that are either non-mechanized or only cover a small amount of SQL language features, our semantics covers all major features of SQL, including bags, correlated subqueries, aggregation, and indexes. Our mechanized semantics, called HoTTSQL, is based on K-Relations and homotopy type theory, where we denote relations as mathematical functions from tuples to univalent types. We have implemented HoTTSQL in Coq, which takes only fewer than 300 lines of code and have proved a wide range of SQL rewrite rules, including those from database research literature (e.g., magic set rewrites) and real-world query optimizers (e.g., subquery elimination). Several of these rewrite rules have never been previously proven correct. In addition, while query equivalence is generally undecidable, we have implemented an automated decision procedure using HoTTSQL for conjunctive queries: a well-studied decidable fragment of SQL that encompasses many real-world queries.

Programming Languages,Databases,Logic in Computer Science

Stephan Gocht,Ciaran McCreesh,Magnus O. Myreen,Jakob Nordström,Andy Oertel,Yong Kiam Tan

DOI: https://doi.org/10.1609/aaai.v38i8.28642

2024-03-24

Proceedings of the AAAI Conference on Artificial Intelligence

Abstract:Modern subgraph-finding algorithm implementations consist of thousands of lines of highly optimized code, and this complexity raises questions about their trustworthiness. Recently, some state-of-the-art subgraph solvers have been enhanced to output machine-verifiable proofs that their results are correct. While this significantly improves reliability, it is not a fully satisfactory solution, since end-users have to trust both the proof checking algorithms and the translation of the high-level graph problem into a low-level 0-1 integer linear program (ILP) used for the proofs. In this work, we present the first formally verified toolchain capable of full end-to-end verification for subgraph solving, which closes both of these trust gaps. We have built encoder frontends for various graph problems together with a 0-1 ILP (a.k.a. pseudo-Boolean) proof checker, all implemented and formally verified in the CakeML ecosystem. This toolchain is flexible and extensible, and we use it to build verified proof checkers for both decision and optimization graph problems, namely, subgraph isomorphism, maximum clique, and maximum common (connected) induced subgraph. Our experimental evaluation shows that end-to-end formal verification is now feasible for a wide range of hard graph problems.