Game-theoretic approach to the
simulation checking problem
Peter Bulychev
Vladimir Zakharov
Lomonosov Moscow State University
Model Checking



The main goal of model checking is to
verify whether a given model satisfies a
required property (specification).
Simulation relations preserve
satisfiability of specifications given in
the form of temporal logic formulas.
Simulation is used to prove that one
model is a refinement/abstraction of the
other.
Varieties of simulation

Various types of simulation






Strong simulation (preserves CTL*)
Weak simulation (preserves LTL-X)
Quasi-block simulation (is monotonic w.r.t. parallel
composition)
Stuttering simulation (preserves CTL*-X)
Equivalence relations and preorders
(simulations and bisimulations)
Models with fair constraints
(Bi)simulation checking
approaches



Relational coarsest partition
(bisimulations only)
Fixed-point approach
Game-theoretic


Universal (fair/unfair,
simulation/bisimulation)
Efficient (strong simulation)
Game-theoretic approach
Simulation
definition
Definition
of game rules
Game
graph
Models
Answer
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Reduction to game rules


In some cases reduction can be
obtained automatically,
For more complex relations it is
necessary to write game rules by hand.
We have written game rules for
stuttering (bi)simulation and proved
their correctness.
Theoretical results
Non fair
Fair
Stuttering
simulation
O(m2) time
O(m2) space
Stuttering
bisimulation
O(mn) time
O(m) space
O(m2n2) time
O(m2) space
O(m2n2) time
O(m2) space
Game-theoretic language

Observation:


Games for computing different kinds of
simulation have much in common.
Result:

We designed the language for describing
rules of simulation checking games.
Game-theoretic language :
example
{The game for checking strong simulation on LTS with labeled
transitions}
types
S: (S1, S2);
D: (S1, S2, A);
rules
(A s1)(E s2) S(s1, s2);
steps
S(s1, s2) -> D(s1', s2, a) : t(s1,a,s1');
D(s1, s2', a) -> S(s1, s2) : t(s2',a,s2);
Game-theoretic language

We have described a number of
(bi)simulations in our language:




Strong
Weak
Block
Stuttering
Simulation checking tool

Our simulation checking tool checks whether
there exists a simulation defined in gametheoretic terms between two models.
Models
Game rules
Model’s
BDDs
Game’s
BDD
Game solver
Answer
(counterexample)
BDD




We have used BDD to describe symbolically
game graph and models to be checked.
When we tested our tool with models that
consist of 105 states, we ran out of memory:
BDD of the game was too large
Therefore, we decided to construct BDD of
the game on-the-fly.
However, BDD of the models must be in
explicit form.
Where are we now?

We are trying to answer the following
questions:



If there is a winning strategy, how can we
find it as fast as possible?
Otherwise, how can we maximally fast find
a counterexample?
What is the optimal order for BDD
variables?
Timed automatons


Timed automatons are used to model continuous
and monotonous processes
UPPAAL tool developed by K.G.Larsen group at
Aaalborg University (Denmark) can be used to
analyze timed automatons
press?
Off
press?
X:=0
press?
X>3
Soft
press?
X<=3 Bright
Model of two-level light controller:
user should press it twice quickly to
turn on bright light or press once
to turn on soft light.
Timed simulations



We defined several timed simulations and
proposed game-theoretic algorithms for
solving them jointly with the K.G.Larsen
group
The sets of winning clock valuations are
stored in the symbolic form in the game
states
These algorithms will be implemented in the
UPPAAL tool
Questions?