Boolean decision diagrams and SAT-based representations

Transcription

1 Boolean decision diagrams and SAT-based representations 4th July 200

2 So far we have seen Kripke Structures 2 Temporal logics (and their semantics over Kripke structures) 3 Model checking of these structures

3 So far we have seen Kripke Structures 2 Temporal logics (and their semantics over Kripke structures) 3 Model checking of these structures Main problem The state space explosion.

4 So far we have seen Kripke Structures 2 Temporal logics (and their semantics over Kripke structures) 3 Model checking of these structures Main problem The state space explosion. What do we do when these problems get large?!?!

5 A simple example It is easy to construct a Kripke structure which has an infeasible number of states. Consider the parity function. PARITY n PARITY n is a Kripke structure (S, R, L) and AP = {v,..., v n } with S = {0, } n. 2 R = {(S, S ) S S 3 L(S)(v i ) = S i. n n S i + S i = mod 2}. i=0 i=0

6 Or in other words, PARITY n has a transition between any two states if both states have different parity. TOO BIG! As n gets larger, such state spaces are completely infeasible to consider directly.

7 Or in other words, PARITY n has a transition between any two states if both states have different parity. TOO BIG! As n gets larger, such state spaces are completely infeasible to consider directly. A long time... If you have 500 variables and a computer for every particle in the universe running in parallel at 6 billion Ghz each, then we would still take at least years to check every state...

8 (a) variables (b) 2 variables Figure: Parity LTS/Kripke Structures

9 (a) 3 variables (b) 4 variables (c) 5 variables Figure: Parity LTS/Kripke Structures

10 Overview Introduction Introduction 2 3

11 We can t check every state...

12 We can t check every state... However... We don t need to!

13 We can t check every state... However... We don t need to! We can use techniques from boolean function analysis, where they have considered such large functions. For example, consider BDDs.

14

15 Definition Introduction Binary Decision diagram A binary decision diagram is a binary, rooted, directed, acyclic graph representing a boolean function f : {0, } V {0, } such that any terminal (i.e. leaf) node is labeled with 0 or. 2 any non-terminal (i.e. internal) node is labeled by some v V. 3 for any path from the root to a terminal node, all labels are unique. 4 given any internal node v, there are two distinguished child nodes low(v) and high(v).

16 Example: Decision tree for Parity function Figure: Parity function

17 Ordered binary decision diagrams In general, a BDD can order the variables in whichever order it likes along different paths. Ordered BDD A BDD is ordered if there is a bijection index : V {,..., V } such that for any node v, we have index(v) < index(low(v)) and 2 index(v) < index(high(v)).

18 Example : An ordered boolean decision tree Figure: Parity function

19 How to improve? Introduction If we just considered trees, we wouldn t gain much. However... BDDs are not trees! They may share subgraphs!

20 Reduced order binary decision diagrams RBDDs A BDD is reduced if it contains no vertex v with low(v) = high(v), and 2 it contains no distinct vertices v, v such that subgraphs rooted at v and v are isomorphic. Note, from now on we consider ROBDDs, that is, reduced ordered binary decision diagrams. For a given ordering, any boolean function has a canonical ROBDD representation (see [Bry86]). Note: Due to the ordering requirement, there are functions with big ROBDDs but BDDs and even decision trees

21 So we go from... Introduction Figure: Parity function as decision tree

22 To... Introduction (a) 3 var parity 0 (b) 4 var parity

23 Introduction Now we have such BDDs, what do we do with them? Combine them!

24 Combining BDDs Introduction BDDs represent boolean functions, so when composing them, we consider the standard boolean connectives. That is, given any two BDDs A and B modelling boolean functions f A, f B : {0, } n {0, } respectively, then we want to compute BDDs to model f A vi =b - the function where v i has been replaced by constant b in f A. 2 f A - the negation of f A for all inputs. 3 f A f B - the conjunction of f A and f B for all inputs. 4 f A f B - the disjunction of f A and f B for all inputs. 5 f a (v,..., f b (u,..., u n ),..., v n ) - composition.

25 We can handle these operations using 4 basic operations. Reduction (REDUCE) 2 Restriction (RESTRICT) 3 Application (APPLY) 4 Composition Although there are other operations such as satisfaction etc which will be briefly mentioned later.

26 REDUCE Introduction Given an arbitrary OBDD B, REDUCE(B) constructs an ROBDD from B. Basic idea Label the nodes in the graph with label from the terminal nodes up to the root, in order of index (bottom up). 2 Given any terminal node v, if there exists labelled terminal node v with the same value as v, then label(v) = label(v ). 3 Given any non-terminal node v, if label(low(v)) = label(high(v)), then label(v) = label(low(v)). 4 Otherwise, given any non-terminal node v, if there exists a labelled node v already with label(low(v )) = label(low(v)), and 2 label(high(v )) = label(high(v)). then label label(v) = label(v ).

27 Example : Parity function (again!) Figure: Parity function

28 REDUCE example : Parity function (again!) I l 0 l2 Figure: Parity function

29 REDUCE example : Parity function (again!) II l 0 l2 l2 l 0 l2 l 0 l 0 l2 Figure: Parity function

30 REDUCE example : Parity function (again!) III l3 3 l 0 l2 l2 l 0 l2 l 0 l 0 l2 Figure: Parity function

31 REDUCE example : Parity function (again!) IV l7 l5 2 l6 2 l3 3 l4 3 l4 3 l3 3 l 0 l2 l2 l 0 l2 l 0 l 0 l2 Figure: Parity function

32 REDUCE example : Parity function (again!) IV l7 l5 2 l6 2 l3 3 l4 3 l 0 l2 Figure: Parity function

33 In such a way, with the correct data structures and algorithms (hash tables, bucket sorts etc), we can perform such an operation in time linear in the size of the original OBDD.

34 RESTRICT Introduction Definition Given a ROBDD A representing a boolean f A, variable v i and boolean value b {0, } construct a new BDD representing the function f A vi =b = f A (v,..., b,..., v n ).

35 RESTRICT Introduction Definition Given a ROBDD A representing a boolean f A, variable v i and boolean value b {0, } construct a new BDD representing the function f A vi =b = f A (v,..., b,..., v n ). This is very simple to implement. Idea Traverse A looking for nodes for variable v i. 2 For any node v with value v i, if b = 0, replace this node with low(v), otherwise with high(v). 3 The result may not be reduced, so run REDUCE on the result.

36 Example : Reduce (v 2 = )

37 APPLY Introduction Definition Given two ROBDDs A and B (with a given ordering), representing boolean functions f A, f B : {0, } n {0, }, we have that APPLY(, A, B) yields an ROBDD representing f A f B for any binary boolean operation.

38 APPLY Introduction Definition Given two ROBDDs A and B (with a given ordering), representing boolean functions f A, f B : {0, } n {0, }, we have that APPLY(, A, B) yields an ROBDD representing f A f B for any binary boolean operation. We can do this by using the Shannon expansion for boolean functions, and applying the operation recursively.

39 APPLY I Introduction As we have ROBDDs, we have an ordering on the variables of the two ROBDDs/functions. Therefore, consider the roots v A and v B of A and B. We have several cases If v A and v B are terminal vertices, then construct a terminal vertex with value value(v A ) value(v B ). 2 If index(v A ) = index(v B ), then construct BDDs A,...,4 for f A va =0, f A va =, f B va =0, f B va =, 2 construct BDDs L, R recursively for f A va =0 f B va =0 and f A va = f B va =, 3 construct the resultant BDD by taking a node v with value v A as the root, with low(v) = L and high(v) = R.

40 APPLY II Introduction 3 If index(v A ) < index(v B ), in which case, due to ordering f B doesn t depend on v A, and therefore we have the same case as 3 with no restriction for f B. 4 If index(v B ) < index(v A ), then this is similar to v A ) < v B ). Complexity Due to the shared isomorphic subgraphs, and the ability to use dynamic programming, such operations can be performed in O( A. B ).

41 Composition Introduction Definition Given two BDDs A and B, representing boolean functions f A, f B, the composition of A and B with respect to variable i, is the BDD representing f A vi =f B. Same basic idea as RESTRICT, except we use BDDs for F B instead of a constant value. With some tweaks to the use of APPLY, we get a O( A 2 B ) algorithm, rather than the intuitive O( A 2. B 2 ) but either way, a polynomial time algorithm.

42 So... Introduction What was the point?

43 The point was... We wanted to use BDDs to model Kripke Structures. How to do this?

44 Modelling Kripke structures using BDDs For a Kripke structure (S, T, L), we simply construct BDDs representing the states, transitions and labelling...

45 Modelling Kripke structures using BDDs For a Kripke structure (S, T, L), we simply construct BDDs representing the states, transitions and labelling... Modelling BDD for S - map every state to a vector in {0, } n, and construct the BDD for the function f S which is true for x {0, } n if x represents a valid state. If we assume we have 2 n states, then we can simply take the trivial constant BDD.

46 Modelling Kripke structures using BDDs : I Modelling (cont) BDD for T - construct the BDD for the boolean function f T : {0, } 2n {0, } where f T (s, s 2 ) = if and only if there is a transition from s to s 2. BDD for L - have a BDD for each p AP which represents the function which is true if the state satisfies the property..

47 Example : PARITY 2 i i2 i2 o o o2 o2 p 0 (a) Transition 0 (b) p-label

48 Advantage! Introduction So why did we do this? PARITY n without BDDs PARITY n has exactly 2 n states... TOO MANY! PARITY n modelled as a ROBDD The BDD representing PARITY n has 2n + nodes (including terminals) for the transition function. Exactly three node per atomic propositional in AP. So we can represent much larger Kripke structures in a much more compressed way...

49 Advantage! Introduction So why did we do this? PARITY n without BDDs PARITY n has exactly 2 n states... TOO MANY! PARITY n modelled as a ROBDD The BDD representing PARITY n has 2n + nodes (including terminals) for the transition function. Exactly three node per atomic propositional in AP. So we can represent much larger Kripke structures in a much more compressed way... with (often) efficient algorithms.

50 Are there other ways we can do this?

51

52 SAT Given a propositional formula φ over AP using operators,,, the SAT problem asks : is there an assignment f : {0, } n {0, } such that f (φ) =. Advantages Simple formulation as propositional formulae. 2 Highly optimised SAT solvers (Minisat, Picosat, March, zchaff,... ) 3... which use a variety of algorithms.

53 Representations We represent Kripke structures is essentially the same way as with BDDs (model S,T,L boolean functions as propositional formulae). Translations from boolean functions Direct translation 2 Finding small representations (without new variables) 3 Adding new variables

54 Example : SAT translation So for the SAT translation, we have the following example for PARITY 2 (as CNFs). Direct (i i 2 o o 2 ) ( i i 2 o o 2 ) ( i i 2 o o 2 ) (i i 2 o o 2 ) ( i i 2 o o 2 ) (i i 2 o o 2 ) (i i 2 o o 2 ) ( i i 2 o o 2 )

55 Model checking Given either of these models of a given Kripke structure, and 2 a formula representing a property that one wishes to hold over the structure, we can use these models to check whether the model is a model of the formula. However... This is Phil s job!

56 Thanks!

57 References Introduction Armin Biere, Alessandro Cimatti, Edmund Clarke, and Yunshan Zhu. Symbolic model checking without BDDs. Tools and Algorithms for the Construction and Analysis of Systems, pages , 999. Randal E. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Transactions on computers, 00(35):677 69, 986.