CDC related research at the
Dept. of Computer Science
TUT
Jüri Vain
CDC Workshop - Tallinn, Jan. 21-22, 2008
Research lines
model-based
planning in...
FMs for
model checking
using...
model-based
test generation
in...
single agent
systems
multi-agent
systems
(Timed) automata
learning
Proof techniques for
swarm coordination
algorithms
State isomorphism
based symmetry
reduction
state space
reduction by
abstraction
Iterated search
refinement with
bit-state pruning
determinitic
systems
Test trace generation
using MC
non-deterministic systems
Synthesis of test goal
directed reactive
testers
Research lines
model-based
planning in...
FMs for
model checking
using...
model-based
test generation
in...
single agent
systems
multi-agent
systems
(Timed) automata
learning
Proof techniques for
swarm coordination
algorithms
State isomorphism
based symmetry
reduction
state space
reduction by
abstraction
Iterated search
refinement with
bit-state pruning
determinitic
systems
Test trace generation
using MC
non-deterministic systems
Synthesis of test goal
directed reactive
testers
State isomorphism based symmetry
reduction

Problem

Exploit symmetries to reduce the effects of state
space explosion in explicit state reachability
State isomorphism based symmetry
reduction

Solution

Given a model in terms of unordered data structures, like
sets and maps, and objects:



Construct the state graphs of the states at run
time and
Use the computation of graph isomorphism to
determine whether a state with similar structure
has been seen.
Results developed with Margus Veanes and Colin Campell
and published at FORTE 2007 (June 2007) and in the PhD
thesis of J. Ernits (Nov. 2007)
State isomorphism based symmetry
reduction

Applications:

Method is implemented in model-testing toolkit
called NModel
(by Margus Veanes et al, MS Research Redmond)

There is similar implementation developed
independently by Arend Rensink in the GROOVE
project
Research lines
model-based
planning in...
FMs for
model checking
using...
model-based
test generation
in...
single agent
systems
multi-agent
systems
(Timed) automata
learning
Proof techniques for
swarm coordination
algorithms
State isomorphism
based symmetry
reduction
state space
reduction by
abstraction
Iterated search
refinement with
bit-state pruning
determinitic
systems
Test trace generation
using MC
non-deterministic systems
Synthesis of test goal
directed reactive
testers
Iterated search refinement with bitstate pruning

Problem

Calculate reachability in models that



Run out of resources without producing results with
known methods
Produce too long traces to the error/desired state with
known methods
Such reachability problems can be used for
solving problems related to



Scheduling
Hardware synthesis
Offline test generation
Iterated search refinement with bitstate pruning

Solution

Combine two well known methods in a new way:



The key idea is to use collisions in bitstate hash
table to randomly filter the search space.
Each iteration requires very small amounts of memory
 A lot of prefixes of paths are covered multiple times, but
 Provides good results in several examples.
Results published in the PhD thesis of J. Ernits (Nov. 2007)


Iterated Search Refinement, and
Bitstate hashing
Iterated search refinement with bitstate pruning

Practical applications

2 well researched case studies:



Synthesis of a memory arbiter for a radar memory case
study (J. Ernits, 2005)
Calculating offline test sequences for model-based
testing (J. Ernits, A. Kull, K. Raiend, J. Vain, 2006)
The method cannot be used for disproving the
reachability, but provides a new alternative for finding a
witness trace.
Pre-set test trace generation using
MC
Case study: modified INRES protocol
Pre-set test trace generation using
MC

Results


Time spent for finding
sequences for the 2-switch
coverage criterion
Experiments made with
Uppaal Cora
Research lines
model-based
planning in...
FMs for
model checking
using...
model-based
test generation
in...
single agent
systems
multi-agent
systems
(Timed) automata
learning
Proof techniques for
swarm coordination
algorithms
State isomorphism
based symmetry
reduction
state space
reduction by
abstraction
Iterated search
refinement with
bit-state pruning
determinitic
systems
Test trace generation
using MC
non-deterministic systems
Synthesis of test goal
directed reactive
testers
Synthesis of test goal directed
reactive testers

Problem:

Given a



Non-deterministic EFSM MSUT of System Under Test
testing goal in terms of a set Trp of MSUT transitions
Find EFSM MTSR s.t..



MTSR is I/O compliant with MSUT
any trace of MSUT || MTSR includes labels of all transitions
in Trp
MTSR chooses a transition from those labelled with
current input from MSUT that maximizes some gain
function G.
Synthesis of test goal directed
reactive testers

Solution:


Complexity:



Algorithm of constructing MTSR
For all controllable transitions of the MTSR the
upper bound of the complexity of the
computations of the gain functions is O(|ESUT|3).
At runtime each choice by the tester takes
O(|ESUT|2) arithmetic operations to evaluate the
gain functions
(ASE2007, Vain, Raiend, Kull, Ernits)
Synthesis of test goal directed
reactive testers
 Experimental results
All Transition Test Purpose
One Transition Test Purpose
Research lines
model based
planning in...
FMs for
model checking
using...
model based
test generation
in...
single agent
systems
multi-agent
systems
(Timed) automata
learning
Proof techniques for
swarm coordination
algorithms
State isomorphism
based symmetry
reduction
state space
reduction by
abstraction
Iterated search
refinement with
bit-state pruning
determinitic
systems
Test trace generation
using MC
non-deterministic systems
Synthesis of test goal
directed reactive
testers
Proof techniques for swarm
coordination algorithms

Problem:



proving properties of swarm (distributed)
coordination algorithms
self-stabilization, covergence, ... can be reduced to
reachability analysis
reachability analysis collides with scalability barrier
Proof techniques for swarm coordination
algorithms (ongoing work)

Some solutions:


Pattern based problem encoding provides right level of
abstraction (spec. patterns are problem oriented)
General principles of proving:


Compositional approach combining different
techniques of component proofs – MC, deduction,...
Global properties by structural induction on the size
of swarm/task

Base: prove sufficiency of assumptions on a swarm fragment of
some tractable size, e.g., using MC with symmetry reduction,
(typically the size of fragment can’t be trivial either)
(see Int. WS on HAM, Vain, Kuusik, Tammet, 2006)

Step: Show that the induction step does not violate the assume
part for the new fragment defined by the step
Proof techniques for swarm
coordination algorithms
Demo: dynamic cleaning problem





different zones of the room deteriorate with different rate
a swarm of cleaning robots should keep deterioration below
treshold
robots of the swarm communicate trough pherromone trace
Problem: given a treshold CTresh and initial value of the
deterioration vector Sdet(0), s.t. Sidet(0) > CTresh for all i,

1)
1)
prove that
the swarm is always able to reach the state Sdet(t), s.t.
Sidet(t) < CTresh for all i,
and
for all t’ > t, condition Stdet (t’ ) < CTresh is invariantly true.
Proof techniques for swarm
coordination algorithms

Demo
Research lines
model based
planning in...
FMs for
model checking
using ...
model based
test generation
in ...
single agent
systems
multi-agent
systems
(Timed) automata
learning
Proof techniques for
swarm coordination
algorithms
State isomorphism
based symmetry
reduction
state space
reduction by
abstraction
Iterated search
refinement with
bit-state pruning
determinitic
systems
Test trace generation
using MC
non-deterministic systems
Synthesis of test goal
directed reactive
testers
(Timed) automata learning

Problem: Planner synthesis for a human adaptive
Scrub Nurse Robot (SNR)


human adaptive = on-line learning from H-H/H-R
interactions
learning = constructing/modifying a human motion model
(Timed) automata learning
Context: SNR control architecture
Deliberative ctrl. layer
Reactive action planning
NN model
of Surgeon’s
motions
Motion recognition
SNR’s “world” model
Scenario of the surgery
Predicted
Recognized further motions
motion
SNR action to
be taken
Targeting and motion
control
Hand position data
samplings
Reactive ctrl. layer

Surgeon’s behaviour
model
Nurse’s behaviour model
Control
Fource & position
parameters feedback
Collision avoidance
3D position tracking
Direct manipulator control
(Timed) automata learning

Learning algorithm

Input:


Time-stamped sequences of observations of phase
switching (set of timed traces TrT(Obs))
Parameters for




state rescaling operator - 
distinquishing model observables/controllables - TA
defining quotient state space
Output:

Extended (Uppaal version) timed automaton TA s.t.
TrT(TA) = (TrT(Obs)| ) /~ % bisimilarity of timed traces
TA
(see also Vain, Miyawaki, MIC 2008, Insbruck)
(Timed) automata learning (example)
Time
Chest
X
Elbow
X
Chest
Y
Elbow
Y
Chest
Z
Elbow
Z
Action
1
153
60
158
189
342
151
idle
17
126
127
147
255
356
150
prepare_instr
42
13
562
126
464
341
156
pick_instr
48
27
551
135
465
340
159
hold_wait
70
50.3
402
174
455
338
171
pass
78
152
115
171
258
352
164
withraw
88
153
60.2
158
189
342
151
idle
109
147
84
163
219
360
169
stretch
122
126
109
157
253
359
164
wait_return
139
96
159
151
286
358
157
receive
146
59
591
134
444
367
158
move_back
152
35
549
155
461
367
158
put_on_tray
156
153
60
158
189
342
151
idle
175
14
561
127
463
340
157
pick_instr
182
27
550
134
467
343
161
hold_wait
196
50
401
172
457
337
171
pass
205
128
110
158
253
357
161
wait_return
225
95
160
149
287
356
155
receive
233
56
589
133
445
366
159
move_back
239
34
548
156
460
369
157
put_on_tray
243
153
60
157
189
342
150
idle

Thank You!