Game-theoretic simulation
checking tool
Peter Bulychev,
Vladimir Zakharov, Igor Konnov
Moscow State University
What is (bi)simulation?



Simulation is a relation between models
(labeled transition systems). Intuitively
M_1 simulates M_2 iff M_1 can match
the moves of M_2
Bisimulation is an equivalence relation
There are different types of
(bi)simulations
Where can (bi)simulations be
applied?



(Bi)simulations preserve branching-time
and linear-time logics
Invariant-based approach to the
verification
Abstraction method
What have we done?


We designed the language for
describing (bi)simulations in gametheoretic form
We developed the tool for checking
different (bi)simulation relations
Outline



Different notions of (bi)simulations and
checking
Game-theoretic approach to
(bi)simulation checking
On the universal simulation-checking
tool
Example of strong simulation
a
a
a
>
b
c
b
c
Different notions of simulation


Tau-actions
Different types of simulation






Strong (preserves CTL*)
Weak (preserves LTL_X)
Quasi-block (is monotonic w.r.t. parallel
composition)
Stuttering (preserves CTL*_X)
Simulation and bisimulation
Models with fair constraints
Different approaches to
computing relations



Relational coarsest partition
(bisimulations only)
Fixed-point approach
Game-theoretic


Universal (fair/unfair,
simulation/bisimulation)
Efficient (strong simulation)
Game-theoretic approach


There are two players in the game,
Spoiler and Duplicator, Duplicator tries
to show that chosen relation is fulfilled,
Spoiler tries to stuck Duplicator
If Duplicator player wins then one
model simulates the other
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game for strong simulation
a
b
a
>
c
b
a
c
Game-theoretic approach
Simulation
definition
Definition
of game rules
Game
graph
Models
Answer
Reduction to game rules


Reduction can be obtained
automatically in some cases
It is necessary to write game rules by
hand for more complex relations. We
have written game rules for stuttering
(bi)simulation and proved their
correctness
Stuttering simulation
b
#
a
b
>
a
b
Stuttering simulation
b
#
a
b
>
a
b
Stuttering simulation
b
#
a
b
>
a
b
Stuttering simulation
b
#
a
b
>
a
b
Stuttering simulation
b
#
a
b
>
a
b
Theoretical results
Non fair
Fair
Stuttering
simulation
O(m2) time
O(m2) space
Stuttering
bisimulation
O(mn) time
O(m) space
O(m2n2) time
O(m2) space
O(m2n2) time
O(m2) space
Game-theoretic language

Observation:


Games for computing different notions of
simulation have a common framework.
Result:

We designed the language for describing
rules of simulation checking game.
Game-theoretic language

We have described a number of
(bi)simulations in our language:




Strong
Weak
Block
Stuttering
Game-theoretic language :
example
{The game for computing usual similarity on LTS with labeled
transitions}
types
S: (S1, S2);
D: (S1, S2, A);
initial
(A s1(I1))(E s2(I2)) S(s1, s2);
steps
S(s1, s2) -> D(s1', s2, a) : t(s1,a,s1');
D(s1, s2', a) -> S(s1, s2) : t(s2',a,s2);
Tool for simulation checking

We have developed the universal
simulation-checking tool. This tool checks
whether simulation given in theoretic-game
form exists between two models.
Simulation
definition
Definition
of game rules
using our
language
Models
(in Promela)
Game
graph
Answer
BDD




We have used BDD to store game graph and models
When we tested our tool with models consisting of
10^5 states, we ran out of memory: BDD of the
game was too large
We decided to construct BDD of the game on-the-fly
However BDD of the models should be given in
explicit form
Models



We debugged our tool on small models with
10^3 states such as an abstraction of dining
philosophers system and Milner scheduler
Then we used our tool to check stuttering
and block simulation between RSVP models
with different topology
Universal simulation checker tool is less
efficient than block simulation checker tool
written by Igor Konnov, but it is universal 
Results of tests
Model
Size
RSVP
25000x1300
(r3c4 vs r2c3)
Milner
3000x500
(M4 vs M3)
Space
Time
168M
1m24s
25M
1s
Implemetation details



Language: python
BDD library: Cudd (Colorado University
Decision Diagram)
OS: Linux
Future work




To apply our tool to checking whether
one model is an abstraction of other
Fair (bi)simulation
To speed up our tool
To compare with the similar tool
developed in University of Freiburg,
Germany
Thank you

Your questions