1 / 59

Alpaga A Tool for Solving Parity Games with Imperfect Information

Alpaga A Tool for Solving Parity Games with Imperfect Information. Dietmar Berwanger 1 Krishnendu Chatterjee 2 Martin De Wulf 3 Laurent Doyen 3,4 Tom Henzinger 4. 1 ENS Cachan 2 UC Santa Cruz 3 ULB Brussels 4 EPFL Lausanne. TACAS 2009. Why imperfect information ?.

mura
Download Presentation

Alpaga A Tool for Solving Parity Games with Imperfect Information

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Alpaga A Tool for Solving Parity Games with Imperfect Information Dietmar Berwanger1 Krishnendu Chatterjee2 Martin De Wulf3Laurent Doyen3,4 Tom Henzinger4 1 ENS Cachan 2 UC Santa Cruz3 ULB Brussels 4 EPFL Lausanne TACAS 2009

  2. Why imperfect information ?

  3. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: got_lock++; } 4: if (got_lock != 0) { 5: unlock (); } 6: got_lock--; } while (*); } void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; }

  4. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: got_lock++; } 4: if (got_lock != 0) { 5: unlock (); } 6: got_lock--; } while (*); } void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; } Wrong!

  5. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: s0 | s1 | inc | dec; } 4: if (got_lock != 0) { 5: unlock (); } 6: s0 | s1 | inc | dec; } while (*); } s0 | s1 | inc | dec; s0 | s1 | inc | dec; s0 ≡ got_lock = 0 s1 ≡ got_lock = 1 Inc ≡ got_lock++ dec ≡ got_lock-- void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; }

  6. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: s0 | s1 | inc | dec; } 4: if (got_lock != 0) { 5: unlock (); } 6: s0 | s1 | inc | dec; } while (*); } s0 | s1 | inc | dec; s0 | s1 | inc | dec; Repair/synthesis as a game: • System vs. Environment • Turn-based game graph • ω-regular objective void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; }

  7. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: s0 | s1 | inc | dec; } 4: if (got_lock != 0) { 5: unlock (); } 6: s0 | s1 | inc | dec; } while (*); } s0 | s1 | inc | dec; s0 | s1 | inc | dec; void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; }

  8. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: s0 | s1 | inc | dec; } 4: if (got_lock != 0) { 5: unlock (); } 6: s0 | s1 | inc | dec; } while (*); } s0 | s1 | inc | dec; s0 | s1 | inc | dec; • A winning strategy may use the value of L to update got_lock accrodingly: • if L==0 then play s0 (got_lock = 0) • if L==1 then play s1 (got_lock = 1) void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; }

  9. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: s0 | s1 | inc | dec; } 4: if (got_lock != 0) { 5: unlock (); } 6: s0 | s1 | inc | dec; } while (*); } s0 | s1 | inc | dec; s0 | s1 | inc | dec; Repair/synthesis as a game of imperfect information: visible hidden void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; } States that differ only by the value of L have the same observation

  10. Example void main () { int got_lock = 0; do { 1: if (*) { 2: lock (); 3: s0 | s1 | inc | dec; } 4: if (got_lock != 0) { 5: unlock (); } 6: s0 | s1 | inc | dec; } while (*); } s0 | s1 | inc | dec; s0 | s1 | inc | dec; void lock () { assert(L == 0); L = 1; } void unlock () { assert(L == 1); L = 0; }

  11. Why Imperfect Information ? • Program repair/synthesis • Distributed synthesis of processes with public/private variables • Synthesis of robust controllers • Synthesis of automata specifications • Decision problems in automata theory • Planning with partial observabillity, information flow secrecy, …

  12. A model of imperfect information

  13. Imperfect information Token

  14. Imperfect information System: actions ,

  15. Imperfect information , , , System: actions , Environment: observations

  16. Imperfect information , , , System: actions , Environment: observations A play:

  17. Imperfect information , , , System: actions , Environment: observations A play: 

  18. Imperfect information , , , System: actions , Environment: observations A play:  

  19. Imperfect information , , , System: actions , Environment: observations A play:   

  20. Imperfect information , , , System: actions , Environment: observations A play:    

  21. Objectives • Reachability: eventually observe a good event • Safety: never observe a bad event • Parity: observation priorities – least one seen infinitely often is even • nested reachability & safety • generic for ω-regular specifications

  22. Parity games with imperfect information • Questions: • decide if System wins from the initial state • construct a winning strategy • Assumptions: • Visible objective • Sure-winning

  23. Algorithms

  24. Classical solution • Powerset construction [Reif84]: • keeps track of the knowledge of System • yields equivalent game of perfect information initial cell

  25. Classical solution • Powerset construction [Reif84]: • keeps track of the knowledge of System • yields equivalent game of perfect information 

  26. Classical solution • Powerset construction [Reif84]: • keeps track of the knowledge of System • yields equivalent game of perfect information  

  27. Classical solution • Powerset construction [Reif84]: • keeps track of the knowledge of System • yields equivalent game of perfect information   

  28. Classical solution • Powerset construction [Reif84]: • keeps track of the knowledge of System • yields equivalent game of perfect information    

  29. Classical solution • Powerset construction [Reif84]: • keeps track of the knowledge of System • yields equivalent game of perfect information Memoryless strategies (in perfect-information) translate to finite-memory strategies (memory automaton tracks set of possible positions)

  30. Complexity • Problem is EXPTIME-complete (even for safety and reachability) • Exponential memory might be needed • The powerset solution [Reif84] • is an exponential construction • is not on-the-fly • is independent of the objective Can we do better ?

  31. Antichains

  32. Antichains • Winning knowledge-sets are downward-closed: s If System wins from s, then she also wins from s’ s’

  33. Antichains • Winning knowledge-sets are downward-closed: s If System wins from s, then she also wins from s’ s’ • Useful operations preserve downward-closedness , , Cpre Cpre(X) = {Y from which System can force the play into X}

  34. Antichains • Winning knowledge-sets are downward-closed • Useful operations preserve downward-closedness Compact representation using maximal elements  Antichains

  35. Antichain algorithm • [CSL’06] computes winning sets of positions as a μ-calculus formula over the lattice of antichains

  36. Antichain algorithm • [CSL’06] computes winning sets of positions as a μ-calculus formula over the lattice of antichains Y s1 s3 CPre(Y) = ? s2 Y = {s1, s2, s3} set of winning positions so far

  37. Antichain algorithm • [CSL’06] computes winning sets of positions as a μ-calculus formula over the lattice of antichains Y s1 s3 s post s2 s  CPre(Y) if for all , there exists a set in Y that contains post(s) 

  38. Antichain algorithm • [CSL’06] computes winning sets of positions as a μ-calculus formula over the lattice of antichains Y s1 s3 s post • combinatorially hard to compute • implemented using BDDs s2 s  CPre(Y) if for all , there exists a set in Y that contains post(s) 

  39. Antichain algorithm • [CSL’06] computes winning sets of positions as a μ-calculus formula over the lattice of antichains • [Concur’08] computes winning strategy recursively for a combination of safety & reachability objectives

  40. Antichain algorithm • [CSL’06] computes winning sets of positions as a μ-calculus formula over the lattice of antichains • [Concur’08] computes winning strategy recursively for a combination of safety & reachability objectives • Safety: extract strategy from fixpoint • Reachability: fixpoint is not sufficient

  41. Reachability

  42. Reachability

  43. Reachability • From {1} play a

  44. Reachability • From {1} play a • From {1,2} play b

  45. Reachability • From {1} play a • From {1,2} play b • From {1,2,3} play a

  46. Reachability • From {1} play a • From {1,2} play b • From {1,2,3} play a Fixpoint of winning cells: {{1,2,3}} Winning strategy ??

  47. Reachability • From {1} play a • From {1,2} play b • From {1,2,3} play a Fixpoint of winning (cell, action): {{1,2,3}a,{1,2}b} Winning strategy ??

  48. Reachability • From {1} play a • From {1,2} play b • From {1,2,3} play a Winning strategy Current knowledge K: select earliest (cell,action) such that K  cell, play action

  49. Strategy simplification #1 • From {1,2,3} play a • From … play … • From … play … • From … play … • From {2} play a computed later

  50. Strategy simplification #1 • From {1,2,3} play a • From … play … • From … play … • From … play … • From {2} play a computed later Not necessary ! Rule 1: delete subsumed pairs computed later

More Related