Mrudula Balachander,Emmanuel Filiot,Jean-François Raskin

DOI: https://doi.org/10.48550/arXiv.2301.10485

2023-01-25

Abstract:We study a variant of the problem of synthesizing Mealy machines that enforce LTL specifications against all possible behaviours of the environment including hostile ones. In the variant studied here, the user provides the high level LTL specification {\phi} of the system to design, and a set E of examples of executions that the solution must produce. Our synthesis algorithm works in two phases. First, it generalizes the decisions taken along the examples E using tailored extensions of automata learning algorithms. This phase generalizes the user-provided examples in E while preserving realizability of {\phi}. Second, the algorithm turns the (usually) incomplete Mealy machine obtained by the learning phase into a complete Mealy machine that realizes {\phi}. The examples are used to guide the synthesis procedure. We provide a completeness result that shows that our procedure can learn any Mealy machine M that realizes {\phi} with a small (polynomial) set of examples. We also show that our problem, that generalizes the classical LTL synthesis problem (i.e. when E = {\emptyset}), matches its worst-case complexity. The additional cost of learning from E is even polynomial in the size of E and in the size of a symbolic representation of solutions that realize {\phi}. This symbolic representation is computed by the synthesis algorithm implemented in Acacia-Bonzai when solving the plain LTL synthesis problem. We illustrate the practical interest of our approach on a set of examples.

Computer Science and Game Theory,Formal Languages and Automata Theory,Logic in Computer Science,Systems and Control

Yoad Lustig,Moshe Vardi

DOI: https://doi.org/10.4204/EPTCS.54.1

2011-06-07

Abstract:Synthesis is the automatic construction of a system from its specification. In classical synthesis algorithms it is always assumed that the system is "constructed from scratch" rather than composed from reusable components. This, of course, rarely happens in real life. In real life, almost every non-trivial commercial software system relies heavily on using libraries of reusable components. Furthermore, other contexts, such as web-service orchestration, can be modeled as synthesis of a system from a library of components. In 2009 we introduced LTL synthesis from libraries of reusable components. Here, we extend the work and study synthesis from component libraries with "call and return"' control flow structure. Such control-flow structure is very common in software systems. We define the problem of Nested-Words Temporal Logic (NWTL) synthesis from recursive component libraries, where NWTL is a specification formalism, richer than LTL, that is suitable for "call and return" computations. We solve the problem, providing a synthesis algorithm, and show the problem is 2EXPTIME-complete, as standard synthesis.

Logic in Computer Science,Software Engineering

Ashish Mishra,Suresh Jagannathan

DOI: https://doi.org/10.48550/arXiv.2209.02752

2022-09-07

Abstract:Component-based synthesis seeks to build programs using the APIs provided by a set of libraries. Oftentimes, these APIs have effects, which make it challenging to reason about the correctness of potential synthesis candidates. This is because changes to global state made by effectful library procedures affect how they may be composed together, yielding an intractably large search space that can confound typical enumerative synthesis techniques. If the nature of these effects are exposed as part of their specification, however, deductive synthesis approaches can be used to help guide the search for components. In this paper, we present a new specification-guided synthesis procedure that uses Hoare-style pre- and post-conditions to express fine-grained effects of potential library component candidates to drive a bi-directional synthesis search strategy. The procedure alternates between a forward search process that seeks to build larger terms given an existing context but which is otherwise unaware of the actual goal, alongside a backward search mechanism that seeks terms consistent with the desired goal but which is otherwise unaware of the context from which these terms must be synthesized. To further improve efficiency and scalability, we integrate a conflict-driven learning procedure into the synthesis algorithm that provides a semantic characterization of previously encountered unsuccessful search paths that is used to prune the space of possible candidates as synthesis proceeds. We have implemented our ideas in a tool called Cobalt and demonstrate its effectiveness on a number of challenging synthesis problems defined over OCaml libraries equipped with effectful specifications.

Programming Languages

Philippe Heim,Rayna Dimitrova

DOI: https://doi.org/10.48550/arXiv.2301.10032

2023-01-24

Abstract:Automatic synthesis from temporal logic specifications is an attractive alternative to manual system design, due to its ability to generate correct-by-construction implementations from high-level specifications. Due to the high complexity of the synthesis problem, significant research efforts have been directed at developing practically efficient approaches for restricted specification language fragments. In this paper, we focus on the Safety LTL fragment of Linear Temporal Logic (LTL) syntactically extended with bounded temporal operators. We propose a new synthesis approach with the primary motivation to solve efficiently the synthesis problem for specifications with bounded temporal operators, in particular those with large bounds. The experimental evaluation of our method shows that for this type of specifications, it outperforms state-of-art synthesis tools, demonstrating that it is a promising approach to efficiently treating quantitative timing constraints in safety specifications.

Logic in Computer Science

Angello Astorga,Shambwaditya Saha,Ahmad Dinkins,Felicia Wang,P. Madhusudan,Tao Xie

DOI: https://doi.org/10.1145/3485481

2021-01-01

Proceedings of the ACM on Programming Languages

Abstract:We present an approach to learn contracts for object-oriented programs where guarantees of correctness of the contracts are made with respect to a test generator. Our contract synthesis approach is based on a novel notion of tight contracts and an online learning algorithm that works in tandem with a test generator to synthesize tight contracts. We implement our approach in a tool called Precis and evaluate it on a suite of programs written in C#, studying the safety and strength of the synthesized contracts, and compare them to those synthesized by Daikon.

Benedikt Maderbacher,Roderick Bloem

DOI: https://doi.org/10.48550/arXiv.2108.00090

2021-07-30

Logic in Computer Science

Abstract:Reactive synthesis builds a system from a specification given as a temporal logic formula. Traditionally, reactive synthesis is defined for systems with Boolean input and output variables. Recently, new theories and techniques have been proposed to extend reactive synthesis to data domains, which are required for more sophisticated programs. In particular, Temporal stream logic(TSL) (Finkbeiner et al. 2019) extends LTL with state variables, updates, and uninterpreted functions and was created for use in synthesis. We present a synthesis procedure for TSL(T), an extension of TSL with theories. Synthesis is performed using a counter-example guided synthesis loop and an LTL synthesis procedure. Our method translates TSL(T) specifications to LTL and extracts a system if synthesis is successful. Otherwise, it analyzes the counterstrategy for inconsistencies with the theory. If the counterstrategy is theory-consistent, it proves that the specification is unrealizable. Otherwise, we add temporal assumptions and Boolean predicates to the TSL(T) specification and start the next iteration of the the loop. We show that the synthesis problem for TSL (T) is undecidable. Nevertheless our method can successfully synthesize or show unrealizability of several non-Boolean examples.

Prasita Mukherjee,Benjamin Delaware

2024-10-19

Abstract:We present \synver{}, a novel synthesis and verification framework for C programs, that deploys a Large Language Model (LLM) to search for a candidate program that satisfies the given specification. Our key idea is to impose syntactic and semantic biases on programs generated by LLMs, such that the synthesized program is more amenable to automated verification. Based on this idea, we propose a novel specification-verification tool, built on top of Verified Software Toolchain, that help automate the process. Our experiments on a diverse set of benchmarks drawn from the deductive program synthesis community, shows that this approach is scalable and extensible. The benchmarks constitute of specifications comprising of basic coding examples, Separation Logic based assertions, and API specifications.

Programming Languages

Milan Češka,Christian Hensel,Sebastian Junges,Joost-Pieter Katoen

DOI: https://doi.org/10.48550/arXiv.1904.12371

2019-04-29

Abstract:Probabilistic programs are key to deal with uncertainty in e.g. controller synthesis. They are typically small but intricate. Their development is complex and error prone requiring quantitative reasoning over a myriad of alternative designs. To mitigate this complexity, we adopt counterexample-guided inductive synthesis (CEGIS) to automatically synthesise finite-state probabilistic programs. Our approach leverages efficient model checking, modern SMT solving, and counterexample generation at program level. Experiments on practically relevant case studies show that design spaces with millions of candidate designs can be fully explored using a few thousand verification queries.

Software Engineering,Artificial Intelligence

Josu Oca,Montserrat Hermo,Alexander Bolotov

2023-08-31

Abstract:Recently, several algorithms have been proposed for decomposing reactive synthesis specifications into independent and simpler sub-specifications. Being inspired by one of the approaches, developed by Antonio Iannopollo (2018), who designed the so-called (DC) algorithm, we present here our solution that takes his ideas further and provides mathematical formalisation of the strategy behind DC. We rigorously define the main notions involved in the algorithm, explain the technique, and demonstrate its application on examples. The core technique of DC is based on the detection of independent variables in linear temporal logic formulae by exploiting the power and efficiency of a model checker. Although the DC algorithm is sound, it is not complete, as its author already pointed out. In this paper, we provide a counterexample that shows this fact and propose relevant changes to adapt the original DC strategy to ensure its correctness. The modification of DC and the detailed proof of its soundness and completeness are the main contributions of this work.

Logic in Computer Science

Shengping Xiao,Yongkang Li,Shufang Zhu,Jun Sun,Jianwen Li,Geguang Pu,Moshe Y. Vardi

2024-08-14

Abstract:We present an on-the-fly synthesis framework for Linear Temporal Logic over finite traces (LTLf) based on top-down deterministic automata construction. Existing approaches rely on constructing a complete Deterministic Finite Automaton (DFA) corresponding to the LTLf specification, a process with doubly exponential complexity relative to the formula size in the worst case. In this case, the synthesis procedure cannot be conducted until the entire DFA is constructed. This inefficiency is the main bottleneck of existing approaches. To address this challenge, we first present a method for converting LTLf into Transition-based DFA (TDFA) by directly leveraging LTLf semantics, incorporating intermediate results as direct components of the final automaton to enable parallelized synthesis and automata construction. We then explore the relationship between LTLf synthesis and TDFA games and subsequently develop an algorithm for performing LTLf synthesis using on-the-fly TDFA game solving. This algorithm traverses the state space in a global forward manner combined with a local backward method, along with the detection of strongly connected components. Moreover, we introduce two optimization techniques -- model-guided synthesis and state entailment -- to enhance the practical efficiency of our approach. Experimental results demonstrate that our on-the-fly approach achieves the best performance on the tested benchmarks and effectively complements existing tools and approaches.

Artificial Intelligence,Logic in Computer Science

Benjamin Aminof,Giuseppe De Giacomo,Antonio Di Stasio,Hugo Francon,Sasha Rubin,Shufang Zhu

2023-08-29

Abstract:In this paper, we study LTLf synthesis under environment specifications for arbitrary reachability and safety properties. We consider both kinds of properties for both agent tasks and environment specifications, providing a complete landscape of synthesis algorithms. For each case, we devise a specific algorithm (optimal wrt complexity of the problem) and prove its correctness. The algorithms combine common building blocks in different ways. While some cases are already studied in literature others are studied here for the first time.

Logic in Computer Science,Artificial Intelligence,Formal Languages and Automata Theory,Systems and Control

Shufang Zhu,Giuseppe De Giacomo,Geguang Pu,Moshe Vardi

DOI: https://doi.org/10.48550/arXiv.1912.07804

IF: 14.4

2019-12-17

Artificial Intelligence

Abstract:In synthesis, assumptions are constraints on the environment that rule out certain environment behaviors. A key observation here is that even if we consider systems with LTLf goals on finite traces, environment assumptions need to be expressed over infinite traces, since accomplishing the agent goals may require an unbounded number of environment action. To solve synthesis with respect to finite-trace LTLf goals under infinite-trace assumptions, we could reduce the problem to LTL synthesis. Unfortunately, while synthesis in LTLf and in LTL have the same worst-case complexity (both 2EXPTIME-complete), the algorithms available for LTL synthesis are much more difficult in practice than those for LTLf synthesis. In this work we show that in interesting cases we can avoid such a detour to LTL synthesis and keep the simplicity of LTLf synthesis. Specifically, we develop a BDD-based fixpoint-based technique for handling basic forms of fairness and of stability assumptions. We show, empirically, that this technique performs much better than standard LTL synthesis.

Jean-François Raskin,Yun Chen Tsai

2024-10-11

Abstract:This paper addresses the synthesis of reactive systems that enforce hard constraints while optimizing for quality-based soft constraints. We build on recent advancements in combining reactive synthesis with example-based guidance to handle both types of constraints in stochastic, oblivious environments accessible only through sampling. Our approach constructs examples that satisfy LTL-based hard constraints while maximizing expected rewards-representing the soft constraints-on samples drawn from the environment. We formally define this synthesis problem, prove it to be NP-complete, and propose an SMT-based solution, demonstrating its effectiveness with a case study.

Formal Languages and Automata Theory

Siyuan Liu,Adnane Saoud,Dimos V. Dimarogonas

2023-09-24

Abstract:This paper considers the problem of controller synthesis of signal temporal logic (STL) specifications for large-scale multi-agent systems, where the agents are dynamically coupled and subject to collaborative tasks. A compositional framework based on continuous-time assume-guarantee contracts is developed to break the complex and large synthesis problem into subproblems of manageable sizes. We first show how to formulate the collaborative STL tasks as assume-guarantee contracts by leveraging the idea of funnel-based control. The concept of contracts is used to establish our compositionality result, which allows us to guarantee the satisfaction of a global contract by the multi-agent system when all agents satisfy their local contracts. Then, a closed-form continuous-time feedback controller is designed to enforce local contracts over the agents in a distributed manner, which further guarantees the global task satisfaction based on the compositionality result. Finally, the effectiveness of our results is demonstrated by two numerical examples.

Systems and Control,Multiagent Systems

M. Hadi Zibaeenejad,Jun Liu

DOI: https://doi.org/10.1109/tac.2019.2953452

IF: 6.549

2020-10-01

IEEE Transactions on Automatic Control

Abstract:Controller design for continuous systems with linear temporal logic (LTL) specifications is a computationally intensive task. ing a discrete transition system from a real-world continuous-state system often results in a state machine with a large number of states and nondeterministic transitions. This makes controller synthesis for LTL specifications difficult specially when the design specification is lengthy. To reduce the complexity, we consider the specifications that are in the conjunctive form of practical LTL patterns. We use auditor product to incrementally restrict the system to satisfy the safety part of each subspecification. The control strategy, that satisfies the liveness part is then calculated by solving a generalized Buchi game on the result of the auditor product of the discrete transition system with all subspecifications. This approach has the same worst case computational complexity as $text{GR}(1)$ synthesis, but avoids some of the fundamental limitations involved with $Assumption Rightarrow Guarantee$ formulation of the problem.

automation & control systems,engineering, electrical & electronic

Alberto Camacho,Sheila A. McIlraith

DOI: https://doi.org/10.48550/arXiv.1912.13430

2020-01-01

Abstract:Synthesizing a program that realizes a logical specification is a classical problem in computer science. We examine a particular type of program synthesis, where the objective is to synthesize a strategy that reacts to a potentially adversarial environment while ensuring that all executions satisfy a Linear Temporal Logic (LTL) specification. Unfortunately, exact methods to solve so-called LTL synthesis via logical inference do not scale. In this work, we cast LTL synthesis as an optimization problem. We employ a neural network to learn a Q-function that is then used to guide search, and to construct programs that are subsequently verified for correctness. Our method is unique in combining search with deep learning to realize LTL synthesis. In our experiments the learned Q-function provides effective guidance for synthesis problems with relatively small specifications.

Artificial Intelligence,Formal Languages and Automata Theory,Computer Science and Game Theory,Logic in Computer Science,Neural and Evolutionary Computing

Cheng Wen,Jialun Cao,Jie Su,Zhiwu Xu,Shengchao Qin,Mengda He,Haokun Li,Shing-Chi Cheung,Cong Tian

2024-04-02

Abstract:Formal verification provides a rigorous and systematic approach to ensure the correctness and reliability of software systems. Yet, constructing specifications for the full proof relies on domain expertise and non-trivial manpower. In view of such needs, an automated approach for specification synthesis is desired. While existing automated approaches are limited in their versatility, i.e., they either focus only on synthesizing loop invariants for numerical programs, or are tailored for specific types of programs or invariants. Programs involving multiple complicated data types (e.g., arrays, pointers) and code structures (e.g., nested loops, function calls) are often beyond their capabilities. To help bridge this gap, we present AutoSpec, an automated approach to synthesize specifications for automated program verification. It overcomes the shortcomings of existing work in specification versatility, synthesizing satisfiable and adequate specifications for full proof. It is driven by static analysis and program verification, and is empowered by large language models (LLMs). AutoSpec addresses the practical challenges in three ways: (1) driving \name by static analysis and program verification, LLMs serve as generators to generate candidate specifications, (2) programs are decomposed to direct the attention of LLMs, and (3) candidate specifications are validated in each round to avoid error accumulation during the interaction with LLMs. In this way, AutoSpec can incrementally and iteratively generate satisfiable and adequate specifications. The evaluation shows its effectiveness and usefulness, as it outperforms existing works by successfully verifying 79% of programs through automatic specification synthesis, a significant improvement of 1.592x. It can also be successfully applied to verify the programs in a real-world X509-parser project.

Software Engineering

William Murphy,Nikolaus Holzer,Feitong Qiao,Leyi Cui,Raven Rothkopf,Nathan Koenig,Mark Santolucito

2024-09-18

Abstract:In the past few years, Large Language Models (LLMs) have exploded in usefulness and popularity for code generation tasks. However, LLMs still struggle with accuracy and are unsuitable for high-risk applications without additional oversight and verification. In particular, they perform poorly at generating code for highly complex systems, especially with unusual or out-of-sample logic. For such systems, verifying the code generated by the LLM may take longer than writing it by hand. We introduce a solution that divides the code generation into two parts; one to be handled by an LLM and one to be handled by formal methods-based program synthesis. We develop a benchmark to test our solution and show that our method allows the pipeline to solve problems previously intractable for LLM code generation.

Software Engineering,Machine Learning,Logic in Computer Science

Hadi Ravanbakhsh,Sriram Sankaranarayanan

DOI: https://doi.org/10.48550/arXiv.1510.06108

2016-02-10

Abstract:In this article, the problem of synthesizing switching controllers is considered through the synthesis of a "control certificate". Control certificates include control barrier and Lyapunov functions, which represent control strategies, and allow for automatic controller synthesis. Our approach encodes the controller synthesis problem as quantified nonlinear constraints. We extend an approach called Counterexample Guided Inductive Synthesis (CEGIS), originally proposed for program synthesis problems, to solve the resulting constraints. The CEGIS procedure involves the use of satisfiability-modulo theory (SMT) solvers to automate the problem of synthesizing control certificates. In this paper, we examine generalizations of CEGIS to attempt a richer class of specifications, including reach-while-stay with obstacles and control under disturbances. We demonstrate the ability of our approach to handle systems with nonpolynomial dynamics as well. The abilities of our general framework are demonstrated through a set of interesting examples. Our evaluation suggests that our approach is computationally feasible, and adds to the growing body of formal approaches to controller synthesis.

Systems and Control

Yushan Chen,Xu Chu Ding,Calin Belta

DOI: https://doi.org/10.48550/arXiv.1109.1251

2011-09-07

Abstract:We introduce a technique for synthesis of control and communication strategies for a team of agents from a global task specification given as a Linear Temporal Logic (LTL) formula over a set of properties that can be satisfied by the agents. We consider a purely discrete scenario, in which the dynamics of each agent is modeled as a finite transition system. The proposed computational framework consists of two main steps. First, we extend results from concurrency theory to check whether the specification is distributable among the agents. Second, we generate individual control and communication strategies by using ideas from LTL model checking. We apply the method to automatically deploy a team of miniature cars in our Robotic Urban-Like Environment.

Robotics,Systems and Control,Optimization and Control