Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Similar documents
Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

SFM-11:CONNECT Summer School, Bertinoro, June 2011

Quantitative Verification

MARKOV PROCESSES. Valerio Di Valerio

Markov Chains. X(t) is a Markov Process if, for arbitrary times t 1 < t 2 <... < t k < t k+1. If X(t) is discrete-valued. If X(t) is continuous-valued

Outlines. Discrete Time Markov Chain (DTMC) Continuous Time Markov Chain (CTMC)

Probabilistic Model Checking and Strategy Synthesis for Robot Navigation

Probabilistic model checking with PRISM

Counterexamples in Probabilistic LTL Model Checking for Markov Chains

Stochastic Model Checking

Availability. M(t) = 1 - e -mt

2 Discrete-Time Markov Chains

Markov Chains and Stochastic Sampling

2. Transience and Recurrence

PRISM An overview. automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation,

Probabilistic Model Checking (1)

Lecture 20 : Markov Chains

Discrete time Markov chains. Discrete Time Markov Chains, Limiting. Limiting Distribution and Classification. Regular Transition Probability Matrices

From Stochastic Processes to Stochastic Petri Nets

Markov Chains (Part 3)

Markov chains. Randomness and Computation. Markov chains. Markov processes

Irreducibility. Irreducible. every state can be reached from every other state For any i,j, exist an m 0, such that. Absorbing state: p jj =1

Lecture 11: Introduction to Markov Chains. Copyright G. Caire (Sample Lectures) 321

1 Random Walks and Electrical Networks

4.7.1 Computing a stationary distribution

Stochastic Petri Net

Markov Processes Hamid R. Rabiee

TMA 4265 Stochastic Processes Semester project, fall 2014 Student number and

Probabilistic model checking with PRISM

At the boundary states, we take the same rules except we forbid leaving the state space, so,.

Verification of Probabilistic Systems with Faulty Communication

Markov Chains Handout for Stat 110

The Theory behind PageRank

Limiting Behavior of Markov Chains with Eager Attractors

Model Counting for Logical Theories

Computing rewards in probabilistic pushdown systems

MATH 56A: STOCHASTIC PROCESSES CHAPTER 1

Variations on Itai-Rodeh Leader Election for Anonymous Rings and their Analysis in PRISM

Stochastic Models: Markov Chains and their Generalizations

ISE/OR 760 Applied Stochastic Modeling

IEOR 6711: Professor Whitt. Introduction to Markov Chains

Lecture 9 Classification of States

Examples of Countable State Markov Chains Thursday, October 16, :12 PM

8. Statistical Equilibrium and Classification of States: Discrete Time Markov Chains

Web Information Retrieval Dipl.-Inf. Christoph Carl Kling

Formal Verification via MCMAS & PRISM

P i [B k ] = lim. n=1 p(n) ii <. n=1. V i :=

1 Ways to Describe a Stochastic Process

Infinite Games. Sumit Nain. 28 January Slides Credit: Barbara Jobstmann (CNRS/Verimag) Department of Computer Science Rice University

Decision Theory: Markov Decision Processes

= P{X 0. = i} (1) If the MC has stationary transition probabilities then, = i} = P{X n+1

Probability, Random Processes and Inference

Quantitative Evaluation of Emedded Systems Solution 2: Discrete Time Markov Chains (DTMC)

Finite-State Model Checking

Lecture Notes: Markov chains Tuesday, September 16 Dannie Durand

Automata-based Verification - III

Discrete Markov Chain. Theory and use

CS145: Probability & Computing Lecture 18: Discrete Markov Chains, Equilibrium Distributions

Ratio and Weight Objectives in Annotated Markov Chains

Bayesian Methods for Machine Learning

Quantitative Verification and Synthesis of Attack-Defence Scenarios

Probabilistic model checking with PRISM

An Introduction to Entropy and Subshifts of. Finite Type

Markov chain Monte Carlo

Probabilistic Model Checking for Biochemical Reaction Systems

Markov Chain Model for ALOHA protocol

Lecture 7. µ(x)f(x). When µ is a probability measure, we say µ is a stationary distribution.

Powerful tool for sampling from complicated distributions. Many use Markov chains to model events that arise in nature.

Verifying Randomized Distributed Algorithms with PRISM

Lecture Notes 3 Convergence (Chapter 5)

ECEN 689 Special Topics in Data Science for Communications Networks

6.842 Randomness and Computation Lecture 5

Readings: Finish Section 5.2

Markov Chains and MCMC

CMPSCI 240: Reasoning Under Uncertainty

Monopoly An Analysis using Markov Chains. Benjamin Bernard

1 Introduction. 1.1 The Problem Domain. Self-Stablization UC Davis Earl Barr. Lecture 1 Introduction Winter 2007

ECE-517: Reinforcement Learning in Artificial Intelligence. Lecture 4: Discrete-Time Markov Chains

INTRODUCTION TO MCMC AND PAGERANK. Eric Vigoda Georgia Tech. Lecture for CS 6505

Markov Chains. Arnoldo Frigessi Bernd Heidergott November 4, 2015

MS&E 321 Spring Stochastic Systems June 1, 2013 Prof. Peter W. Glynn Page 1 of 10. x n+1 = f(x n ),

Markov properties for undirected graphs

STOCHASTIC PROCESSES Basic notions

Module 6:Random walks and related areas Lecture 24:Random woalk and other areas. The Lecture Contains: Random Walk.

Quantitative Model Checking (QMC) - SS12

Automata-based Verification - III

Probabilistic Model Checking of Randomised Distributed Protocols using PRISM

LIMITING PROBABILITY TRANSITION MATRIX OF A CONDENSED FIBONACCI TREE

Lesson Plan. AM 121: Introduction to Optimization Models and Methods. Lecture 17: Markov Chains. Yiling Chen SEAS. Stochastic process Markov Chains

Essentials on the Analysis of Randomized Algorithms

Countable state discrete time Markov Chains

Link Analysis. Leonid E. Zhukov

MAS275 Probability Modelling Exercises

Interlude: Practice Final

The decoupling assumption in large stochastic system analysis Talk at ECLT

Modeling and Simulation NETW 707

Organisation-Oriented Coarse Graining and Refinement of Stochastic Reaction Networks Mu, Chunyan; Dittrich, Peter; Parker, David; Rowe, Jonathan

Transcription:

Probabilistic Model Checking Michaelmas Term 20 Dr. Dave Parker Department of Computer Science University of Oxford

Next few lectures Today: Discrete-time Markov chains (continued) Mon 2pm: Probabilistic temporal logics Wed 3pm: PCTL model checking for DTMCs Thur 2pm: PRISM DP/Probabilistic Model Checking, Michaelmas 20 2

Overview Transient state probabilities Long-run / steady-state probabilities Qualitative properties repeated reachability persistence DP/Probabilistic Model Checking, Michaelmas 20 3

Transient state probabilities What is the probability, having started in state s, of being in state s at time k? i.e. after exactly k steps/transitions have occurred this is the transient state probability: π s,k (s ) Transient state distribution: π s,k vector π s,k i.e. π s,k (s ) for all states s Note: this is a discrete probability distribution so we have π s,k : S [0,] rather than e.g. Pr s : Σ Path(s) [0,] where Σ Path(s) 2 Path(s) DP/Probabilistic Model Checking, Michaelmas 20 4

Transient distributions k=0: k=: k=2: k=3: DP/Probabilistic Model Checking, Michaelmas 20 5

Computing transient probabilities Transient state probabilities: π s,k (s ) = Σ s S P(s,s ) π s,k- (s ) (i.e. look at incoming transitions) Computation of transient state distribution: π s,0 is the initial probability distribution e.g. in our case π s,0 (s ) = if s =s and π s,0 (s ) = 0 otherwise π s,k = π s,k- P i.e. successive vector-matrix multiplications DP/Probabilistic Model Checking, Michaelmas 20 6

Computing transient probabilities s 0 s s 2 π s0,0 = [,0,0,0,0,0 ] π s0, = [ 0,,0,,0,0 ] 2 2 s 3 s 4 s 5 0 0 0 0 0 0 0 0 0 0 0 0 P = 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 π s0,2 = π s0,3 = [,0,,,,0 ] 4 8 2 8 [ 0,,0, 5,, ] 8 8 8 8 DP/Probabilistic Model Checking, Michaelmas 20 7

Computing transient probabilities π s,k = π s,k- P = π s,0 Pk k th matrix power: P k P gives one-step transition probabilities P k gives probabilities of k-step transition probabilities i.e. P k (s,s ) = π s,k (s ) A possible optimisation: iterative squaring e.g. P 8 = ((P 2 ) 2 ) 2 only requires log k multiplications but potentially inefficient, e.g. if P is large and sparse in practice, successive vector-matrix multiplications preferred DP/Probabilistic Model Checking, Michaelmas 20 8

Notion of time in DTMCs Two possible views on the timing aspects of a system modelled as a DTMC: Discrete time-steps model time accurately e.g. clock ticks in a model of an embedded device or like dice example: interested in number of steps (tosses) Time-abstract no information assumed about the time transitions take e.g. simple Zeroconf model In the latter case, transient probabilities are not very useful In both cases, often beneficial to study long-run behaviour DP/Probabilistic Model Checking, Michaelmas 20 9

Long-run behaviour Consider the limit: π s = lim k π s,k where π s,k is the transient state distribution at time k having starting in state s this limit, where it exists, is called the limiting distribution Intuitive idea the percentage of time, in the long run, spent in each state e.g. reliability: in the long-run, what percentage of time is the system in an operational state DP/Probabilistic Model Checking, Michaelmas 20 0

Limiting distribution Example: π s0,0 = [,0,0,0,0,0 ] π s0, = [ 0,,0,,0,0 ] 2 2 s 0 π s0,2 = [,0,,,,0 ] 4 8 2 8 π s0,3 = [ 0,,0, 5,, ] 8 8 8 8 π s0 = [ 0,0,, 2,, ] 2 3 6 2 DP/Probabilistic Model Checking, Michaelmas 20

Long-run behaviour Questions: when does this limit exist? does it depend on the initial state/distribution? s s 0 s s 0 s 2 Need to consider underlying graph (V,E) where V are vertices and E VxV are edges V = S and E = { (s,s ) s.t. P(s,s ) > 0 } DP/Probabilistic Model Checking, Michaelmas 20 2

Graph terminology A state s is reachable from s if there is a finite path starting in s and ending in s A subset T of S is strongly connected if, for each pair of states s and s in T, s is reachable from s passing only through states in T A strongly connected component (SCC) is a maximally strongly connected set of states (i.e. no superset of it is also strongly connected) A bottom strongly connected component (BSCC) is an SCC T from which no state outside T is reachable from T Alternative terminology: s communicates with s, communicating class, closed communicating class DP/Probabilistic Model Checking, Michaelmas 20 3

Example - (B)SCCs SCC s 0 s s 2 BSCC s 3 s 4 s 5 BSCC BSCC DP/Probabilistic Model Checking, Michaelmas 20 4

Graph terminology Markov chain is irreducible if all its states belong to a single BSCC; otherwise reducible A state s is periodic, with period d, if s 0 s the greatest common divisor of the set { n f s (n) >0} equals d where f s (n) is the probability of, when starting in state s, returning to state s in exactly n steps A Markov chain is aperiodic if its period is DP/Probabilistic Model Checking, Michaelmas 20 5

Steady-state probabilities For a finite, irreducible, aperiodic DTMC limiting distribution always exists and is independent of initial state/distribution These are known as steady-state probabilities (or equilibrium probabilities) effect of initial distribution has disappeared, denoted π These probabilities can be computed as the unique solution of the linear equation system: DP/Probabilistic Model Checking, Michaelmas 20 6

Steady-state - Balance equations Known as balance equations That is: π(s ) = Σ s S π(s) P(s,s ) Σ s S π(s) = balance the probability of leaving and entering a state s normalisation DP/Probabilistic Model Checking, Michaelmas 20 7

Steady-state - Example Let x = π Solve: x P = x, Σ s x(s) = {fail} s {try} 0.0 2 s 0 s 0.98 s 3 0.0 {succ} x 2 +x 3 = x 0 x 0 +0.0x = x 0.0x = x 2 0.98x = x 3 x 0 +x +x 2 +x 3 = x 0 +(00/99)x 0 +x 0 = x 0 = 99/298 x [ 0.33225, 0.335570, 0.003356, 0.328859 ] DP/Probabilistic Model Checking, Michaelmas 20 8

Steady-state - Example Let x = π Solve: x P = x, Σ s x(s) = x [ 0.33225, 0.335570, 0.003356, 0.328859 ] {fail} s {try} 0.0 2 s 0 s 0.98 s 3 0.0 {succ} Long-run percentage of time spent in the state try 33.6% Long-run percentage of time spent in fail / succ 0.003356 + 0.328859 33.2% DP/Probabilistic Model Checking, Michaelmas 20 9

Periodic DTMCs For (finite, irreducible) periodic DTMCs, this limit: s 0 s does not exist, but this limit does: (and where both limits exist, e.g. for aperiodic DTMCs, these 2 limits coincide) Steady-state probabilities for these DTMCs can be computed by solving the same set of linear equations: DP/Probabilistic Model Checking, Michaelmas 20 20

Steady-state - General case General case: reducible DTMC compute vector π s (note: distribution depends on initial state s) Compute BSCCs for DTMC; then two cases to consider: () s is in a BSCC T compute steady-state probabilities x in sub-dtmc for T π s (s ) = x(s ) if s in T π s (s ) = 0 if s not in T (2) s is not in any BSCC compute steady-state probabilities x T for sub-dtmc of each BSCC T and combine with reachability probabilities to BSCCs π s (s ) = ProbReach(s, T) x T (s ) if s is in BSCC T π s (s ) = 0 if s is not in a BSCC DP/Probabilistic Model Checking, Michaelmas 20 2

Steady-state - Example 2 π s depends on initial state s s 0 s s 2 π s3 = [ 0 0 0 0 0 ] π s4 = [ 0 0 0 0 0 ] π s2 = π s5 = [ 0,0,,0,0, ] 2 2 s 3 s 4 s 5 π s0 = [ 0,0,, 2,, ] 2 3 6 2 π s = DP/Probabilistic Model Checking, Michaelmas 20 22

Qualitative properties Quantitative properties: what is the probability of event A? Qualititative properties: the probability of event A is ( almost surely A ) or: the probability of event A is > 0 ( possibly A ) For finite DTMCs, qualititative properties do not depend on the transition probabilities - only need underlying graph e.g. to determine is target set T reached with probability? (see DTMC model checking lecture) computing BSCCs of a DTMCs yields information about long-run qualitative properties DP/Probabilistic Model Checking, Michaelmas 20 23

Fundamental property Fundamental property of (finite) DTMCs With probability, a BSCC will be reached and all of its states visited infinitely often s 0 s s 2 s 3 s 4 s 5 Formally: Pr s0 ( s 0 s s 2 i 0, BSCC T such that j i s j T and s T s k = s for infinitely many k ) = DP/Probabilistic Model Checking, Michaelmas 20 24

2 BSCCs: {s 6 }, {s 8 } Zeroconf example Probability of trying to acquire a new address infinitely often is 0 q p p p {start} s 0 s s 2 s 3 s 4 -p -q -p -p p s 7 -p s 5 {ok} s 8 s 6 {error} DP/Probabilistic Model Checking, Michaelmas 20 25

Aside: Infinite Markov chains Infinite-state random walk p p p -p s 0 s s 2 s 3 -p -p -p Value of probability p does affect qualitative properties ProbReach(s, {s 0 }) = if p ProbReach(s, {s 0 }) < if p > DP/Probabilistic Model Checking, Michaelmas 20 26

Repeated reachability Repeated reachability: always eventually, infinitely often Pr s0 ( s 0 s s 2 i 0 j i s j B ) where B S is a set of states e.g. what is the probability that the protocol successfully sends a message infinitely often? Is this measurable? Yes set of satisfying paths is: where C m is the union of all cylinder sets Cyl(s 0 s s m ) for finite paths s 0 s s m such that s m B DP/Probabilistic Model Checking, Michaelmas 20 27

Qualitative repeated reachability Pr s0 ( s 0 s s 2 i 0 j i s j B ) = Pr s0 ( always eventually B ) = if and only if T B for each BSCC T that is reachable from s 0 Example: B = { s 3, s 4, s 5 } s 0 s s 2 s 3 s 4 s 5 DP/Probabilistic Model Checking, Michaelmas 20 28

Persistence Persistence properties: eventually forever Pr s0 ( s 0 s s 2 i 0 j i s j B ) where B S is a set of states e.g. what is the probability of the leader election algorithm reaching, and staying in, a stable state? e.g. what is the probability that an irrecoverable error occurs? Is this measurable? Yes FG B = GF (S\B) DP/Probabilistic Model Checking, Michaelmas 20 29

Qualitative persistence Pr s0 ( s 0 s s 2 i 0 j i s j B ) = Pr s0 ( eventually forever B ) = if and only if T B for each BSCC T that is reachable from s 0 Example: B = { s 2, s 3, s 4, s 5 } s 0 s s 2 s 3 s 4 s 5 DP/Probabilistic Model Checking, Michaelmas 20 30

Summing up Transient state probabilities successive vector-matrix multiplications Long-run/steady-state probabilities requires graph analysis irreducible case: solve linear equation system reducible case: steady-state for sub-dtmcs + reachability Qualitative properties repeated reachability persistence DP/Probabilistic Model Checking, Michaelmas 20 3

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback