Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Verification and Synthesis in
Description Logic-Based Dynamic Systems
Marco Montali
KRDB Research Centre for Knowledge and ...
Motivation
The information assets of an organization are constituted by:
• data, and
• processes, that determine how data ...
Motivation
The information assets of an organization are constituted by:
• data, and
• processes, that determine how data ...
Motivation
The information assets of an organization are constituted by:
• data, and
• processes, that determine how data ...
Goals
Formalization
Devise a general framework for DL-based Dynamic Systems
(cf. data-driven processes - Libkin’s keynote ...
Concrete Example
Dynamic web applications.
• Current data fields, text, highlights.
Include status attributes.
• Actions bu...
Concrete Example
Dynamic web applications.
• Current data fields, text, highlights.
Include status attributes.
• Actions bu...
Direct Combination of KBs and Actions
Idea: combine DL KB and actions into a single logical theory.
Problem
This gives rai...
Direct Combination of KBs and Actions
Idea: combine DL KB and actions into a single logical theory.
Problem
This gives rai...
Direct Combination of KBs and Actions
Idea: combine DL KB and actions into a single logical theory.
Problem
This gives rai...
Levesque’s Functional Approach
Radical solution: functional view of KBs [Levesque, AIJ1984].
Levesque’s Functional approac...
Description Logic-Based Dynamic Systems
Parametric wrt DL and progression mechanism.
DLDS
Tuple (T, A0, Γ), where
• (T, A0...
Description Logic-Based Dynamic Systems
Parametric wrt DL and progression mechanism.
DLDS
Tuple (T, A0, Γ), where
• (T, A0...
Description Logic-Based Dynamic Systems
Parametric wrt DL and progression mechanism.
DLDS
Tuple (T, A0, Γ), where
• (T, A0...
Description Logic-Based Dynamic Systems
Parametric wrt DL and progression mechanism.
DLDS
Tuple (T, A0, Γ), where
• (T, A0...
Description Logic-Based Dynamic Systems
Parametric wrt DL and progression mechanism.
DLDS
Tuple (T, A0, Γ), where
• (T, A0...
Example
Registration of credit card number(s)
m<Travel Info>
Traveler(john)
ask
⇡
12345
T
traveler
current state
<Travel I...
Execution Semantics
Infinite-state transition system Υ.
• States: KBs.
• (Labeled) transitions: actions+param assignments.
...
Verification
Given a DLDS K and a dynamic/temporal property Φ, check if ΥK |= Φ.
Verification logic µDLp
Variant of first-ord...
Towards Decidability
Problem
DLDSs encode Turing machines.
verification undecidable (even for propositional CTL/LTL).
Need ...
Towards Decidability
Problem
DLDSs encode Turing machines.
verification undecidable (even for propositional CTL/LTL).
Need ...
Towards Decidability
Problem
DLDSs encode Turing machines.
verification undecidable (even for propositional CTL/LTL).
Need ...
Genericity: Intuition
Travel payment
register
credit card
cc number
...
pay
bank status
...
...
...
status = "OK"
status =...
Genericity
Consider action (π, τ).
A1 asktell
A2
asktell
hif
h is a bijection that is the identity over C.
Calvanese, De G...
Genericity
Consider action (π, τ).
m2
m1
A1 asktell
⇡
d1 d2 ... dN
P1 P2 PN
v1 v2 ... vN
P1 P2 PN
...
...
h
A2
asktell
h
⇡...
Genericity
Consider action (π, τ).
m2
m1
A1 asktell
⇡
d1 d2 ... dN
⌧P1 P2 PN
v1 v2 ... vN
P1 P2 PN
...
...
h
⌧
h
A'1 askte...
Example
Registration of credit card number(s)
m…
Traveler(john)
⇡
12345
T
CC number
m
…
Traveler(bob)
⇡
6574
T
CC number
j...
Example
Registration of credit card number(s)
m…
Traveler(john)
⇡
12345
T
…
Traveler(john)
cc(john,12345)
T
⌧CC number
m
…...
Decidability of Verification
Theorem
Verification of µDLp over a state-bounded, generic DLDS K is decidable.
Reduced to mode...
Decidability of Verification
Theorem
Verification of µDLp over a state-bounded, generic DLDS K is decidable.
Reduced to mode...
Decidability of Verification
Theorem
Verification of µDLp over a state-bounded, generic DLDS K is decidable.
Reduced to mode...
Decidability of Verification
Theorem
Verification of µDLp over a state-bounded, generic DLDS K is decidable.
Reduced to mode...
Decidability of Verification
Theorem
Verification of µDLp over a state-bounded, generic DLDS K is decidable.
Reduced to mode...
Decidability of Verification
Theorem
Verification of µDLp over a state-bounded, generic DLDS K is decidable.
Reduced to mode...
Adversarial Synthesis
DL-based two-player game structure (DL2GS)
DLDS with actions partitioned into environment and system...
System Properties
System properties: logics a l`a ATL.
• Goals/desired behaviors the system wants to guarantee/realize.
• ...
Existence vs Synthesis of Winning Strategies
Theorem
Verification of µADLp properites over a state-bounded, generic DLDS K
...
Strategies in the Finite-State Setting
Synthesis via model checking.
• Remember: the property alternates [−] and − moves o...
Strategies in the Finite-State Setting
Synthesis via model checking.
• Remember: the property alternates [−] and − moves o...
Strategies in the Infinite-State Setting
Theorem
Given a state-bounded, generic DL2GS K and a µADLp formula Φ, if
ΥK |= Φ t...
Lazy Strategy Concretization
System: repeat forever
T
T
......
......
......
concrete TS
faithful
abstraction
Calvanese, D...
Lazy Strategy Concretization
System: repeat forever
1 Environment moves
update concrete history. T
T
......
......
......
...
Lazy Strategy Concretization
System: repeat forever
1 Environment moves
update concrete history.
2 Match concrete with abs...
Lazy Strategy Concretization
System: repeat forever
1 Environment moves
update concrete history.
2 Match concrete with abs...
Lazy Strategy Concretization
System: repeat forever
1 Environment moves
update concrete history.
2 Match concrete with abs...
Instantiating the Framework
Decidability results carry over any system that can be expressed as a
generic DLDS (under stat...
Instantiating the Framework on KABs
Complexity of verification/synthesis for state-bounded KABs
Instance Checking Epistemic...
Conclusions
• Our work is grounded in real-world data-aware processes.
• We study robust conditions for decidability.
no c...
Upcoming SlideShare
Loading in …5
×

RR 2013 - Montali - Verification and Synthesis in Description Logic Based Dynamic Systems

159 views

Published on

Presentation of the paper "Verification and Synthesis in Description Logic Based Dynamic Systems" at the 7th International Conference on Web Reasoning and Rule Systems (RR-2013). The paper received the best paper award.

  • Be the first to comment

  • Be the first to like this

RR 2013 - Montali - Verification and Synthesis in Description Logic Based Dynamic Systems

  1. 1. Verification and Synthesis in Description Logic-Based Dynamic Systems Marco Montali KRDB Research Centre for Knowledge and Data Free University of Bozen-Bolzano Joint work with Diego Calvanese, Giuseppe De Giacomo, Fabio Patrizi RR 2013 Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 1 / 24
  2. 2. Motivation The information assets of an organization are constituted by: • data, and • processes, that determine how data change and evolve over time. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 2 / 24
  3. 3. Motivation The information assets of an organization are constituted by: • data, and • processes, that determine how data change and evolve over time. Conceptual Modeling Both aspects are modelled conceptually, but: • Using different modeling tools • By different teams with different competences • Their connection is NOT modelled conceptually, but should! See a series of 2009 reports by Forrester. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 2 / 24
  4. 4. Motivation The information assets of an organization are constituted by: • data, and • processes, that determine how data change and evolve over time. Conceptual Modeling Both aspects are modelled conceptually, but: • Using different modeling tools • By different teams with different competences • Their connection is NOT modelled conceptually, but should! See a series of 2009 reports by Forrester. Consequence Full reasoning support, e.g., for verification taking into account both process and data, is not possible! Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 2 / 24
  5. 5. Goals Formalization Devise a general framework for DL-based Dynamic Systems (cf. data-driven processes - Libkin’s keynote today): • Static component: full-fledged Description Logic KB. • Dynamic component: parametric actions. Progress the system by evolving the ABox -TBox is fixed. Parameters: inject new values from the external world. Verification Check whether the system satisfies temporal/dynamic properties. • Analyzing all possible executions. Adversarial Synthesis Action separation+alternation: system actions vs environment actions. System goal: force the execution to satisfy a desired property. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 3 / 24
  6. 6. Concrete Example Dynamic web applications. • Current data fields, text, highlights. Include status attributes. • Actions buttons, links. • Input params writable fields. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 4 / 24
  7. 7. Concrete Example Dynamic web applications. • Current data fields, text, highlights. Include status attributes. • Actions buttons, links. • Input params writable fields. Their number depends on the current data! Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 4 / 24
  8. 8. Direct Combination of KBs and Actions Idea: combine DL KB and actions into a single logical theory. Problem This gives raise to a many-dimensional modal logic undecidability. DL dimension temporal dimension Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 5 / 24
  9. 9. Direct Combination of KBs and Actions Idea: combine DL KB and actions into a single logical theory. Problem This gives raise to a many-dimensional modal logic undecidability. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 5 / 24
  10. 10. Direct Combination of KBs and Actions Idea: combine DL KB and actions into a single logical theory. Problem This gives raise to a many-dimensional modal logic undecidability. Decidability regained with restrictions on the combination. • E.g., restricted to concepts only. Conclusion Unsuitable for combining data+processes. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 5 / 24
  11. 11. Levesque’s Functional Approach Radical solution: functional view of KBs [Levesque, AIJ1984]. Levesque’s Functional approach Knowledge base supports: • ask(q, KBcur ), which returns the certain answers to a query q that are logically implied by KBcur , • tell(a, KBcur ), which produces a new ontology KBnew as a result of the application of an action a to KBcur . Actions represented outside the KB. (+) Decoupling between static knowledge and dynamics of computation. (–) Knowledge and truth become indistinguishable [Sardina et al., KR06]. Goal Formalize Description Logic-Based Dynamic Systems (DLDS) following Levesque’s functional approach. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 6 / 24
  12. 12. Description Logic-Based Dynamic Systems Parametric wrt DL and progression mechanism. DLDS Tuple (T, A0, Γ), where • (T, A0): initial DL KB during system progression: A0 evolves. • Γ: parametric actions (π, τ) that evolve the system. Given ABox A: π: determines action params depending on A. τ: given A+param values is undef. or gives new T-consistent ABox. A asktell T current state Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 7 / 24
  13. 13. Description Logic-Based Dynamic Systems Parametric wrt DL and progression mechanism. DLDS Tuple (T, A0, Γ), where • (T, A0): initial DL KB during system progression: A0 evolves. • Γ: parametric actions (π, τ) that evolve the system. Given ABox A: π: determines action params depending on A. τ: given A+param values is undef. or gives new T-consistent ABox. A asktell ⇡ param selection T current state P1 P2 PN ... Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 7 / 24
  14. 14. Description Logic-Based Dynamic Systems Parametric wrt DL and progression mechanism. DLDS Tuple (T, A0, Γ), where • (T, A0): initial DL KB during system progression: A0 evolves. • Γ: parametric actions (π, τ) that evolve the system. Given ABox A: π: determines action params depending on A. τ: given A+param values is undef. or gives new T-consistent ABox. m A asktell ⇡ param selection d1 d2 ... dN param assignment T external actors/services current state P1 P2 PN ... Note: param values taken from countably infinite set. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 7 / 24
  15. 15. Description Logic-Based Dynamic Systems Parametric wrt DL and progression mechanism. DLDS Tuple (T, A0, Γ), where • (T, A0): initial DL KB during system progression: A0 evolves. • Γ: parametric actions (π, τ) that evolve the system. Given ABox A: π: determines action params depending on A. τ: given A+param values is undef. or gives new T-consistent ABox. m A asktell ⇡ param selection d1 d2 ... dN param assignment effect function T external actors/services current state Anew asktell T next state ⌧P1 P2 PN ... Note: adom(Anew) ⊆ adom(A) ∪ im(m). Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 7 / 24
  16. 16. Description Logic-Based Dynamic Systems Parametric wrt DL and progression mechanism. DLDS Tuple (T, A0, Γ), where • (T, A0): initial DL KB during system progression: A0 evolves. • Γ: parametric actions (π, τ) that evolve the system. Given ABox A: π: determines action params depending on A. τ: given A+param values is undef. or gives new T-consistent ABox. A T Anew T (labeled) transition ((⇡, ⌧), m) Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 7 / 24
  17. 17. Example Registration of credit card number(s) m<Travel Info> Traveler(john) ask ⇡ 12345 T traveler current state <Travel Info> Traveler(john) cc(john,12345) asktell T next state ⌧CC number tell Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 8 / 24
  18. 18. Execution Semantics Infinite-state transition system Υ. • States: KBs. • (Labeled) transitions: actions+param assignments. Construction: 1 Start from A0 2 Apply each action + param assignments in all possible ways 3 Recur over newly generated states. ... . . . ... . . . ... . . . A1 T A2 T A0 T A2 T . . . Sources of infinity: • Infinite branching - infinitely many param assignments. • Infinite runs - usage of values obtained from action steps. • Unbounded Aboxes - accumulation of such values. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 9 / 24
  19. 19. Verification Given a DLDS K and a dynamic/temporal property Φ, check if ΥK |= Φ. Verification logic µDLp Variant of first-order µ-calculus. Φ ::=Q | ¬Φ | Φ1 ∧ Φ2 | ∃x.live(x)∧Φ | Z | µZ.Φ | live(x)∧ − Φ(x) | live(x)∧[−]Φ(x) • Query the KBs: any language with decidable KB query entailment. • Dynamics: next-state operators and fixpoint constructs. µ-calculus subsumes PDL, CTL, LTL, CTL∗ , . . . . • Evolution of objects: first-order quantification across states. Only over objects that persist in the active domain. Example • νZ.(∀x.Traveler(x) → µW .(∃y.booked(y, x) ∨ (live(x) ∧ − W )) ∧ [−]Z) • νZ.(∀x.Travel(x) → νW .(Processed(x) ∨ (live(x) → − W )) ∧ [−]Z) Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 10 / 24
  20. 20. Towards Decidability Problem DLDSs encode Turing machines. verification undecidable (even for propositional CTL/LTL). Need to pose limitations on the DLDS itself. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 11 / 24
  21. 21. Towards Decidability Problem DLDSs encode Turing machines. verification undecidable (even for propositional CTL/LTL). Need to pose limitations on the DLDS itself. State Boundedness Each ABox contains at most a bounded namer of named individuals. • The transition system is still infinite-state! Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 11 / 24
  22. 22. Towards Decidability Problem DLDSs encode Turing machines. verification undecidable (even for propositional CTL/LTL). Need to pose limitations on the DLDS itself. State Boundedness Each ABox contains at most a bounded namer of named individuals. • The transition system is still infinite-state! Genericity Actions can only distinguish a bounded number of individuals C (adom(A0) ⊆ C): • those: could affect the behavior of the actions. • for the others: invariance of behavior (modulo renaming). Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 11 / 24
  23. 23. Genericity: Intuition Travel payment register credit card cc number ... pay bank status ... ... ... status = "OK" status = "ERR" else + For analyzing the system (considering all possible executions): • The actual credit card number does not matter. • What matters is the outcome of the payment. The process behavior: • Distinguishes the bank status. • Does not “see” the actual cc number only how it relates with the other objects! Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 12 / 24
  24. 24. Genericity Consider action (π, τ). A1 asktell A2 asktell hif h is a bijection that is the identity over C. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 13 / 24
  25. 25. Genericity Consider action (π, τ). m2 m1 A1 asktell ⇡ d1 d2 ... dN P1 P2 PN v1 v2 ... vN P1 P2 PN ... ... h A2 asktell h ⇡ andif h is a bijection that is the identity over C. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 13 / 24
  26. 26. Genericity Consider action (π, τ). m2 m1 A1 asktell ⇡ d1 d2 ... dN ⌧P1 P2 PN v1 v2 ... vN P1 P2 PN ... ... h ⌧ h A'1 asktell A'2 asktell then A2 asktell h ⇡ andif h is a bijection that is the identity over C. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 13 / 24
  27. 27. Example Registration of credit card number(s) m… Traveler(john) ⇡ 12345 T CC number m … Traveler(bob) ⇡ 6574 T CC number john ⇿ bob 12345 ⇿ 6574 Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 14 / 24
  28. 28. Example Registration of credit card number(s) m… Traveler(john) ⇡ 12345 T … Traveler(john) cc(john,12345) T ⌧CC number m … Traveler(bob) ⇡ 6574 T … Traveler(bob) cc(bob,6574) T ⌧CC number john ⇿ bob 12345 ⇿ 6574 Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 14 / 24
  29. 29. Decidability of Verification Theorem Verification of µDLp over a state-bounded, generic DLDS K is decidable. Reduced to model checking of propositional µ-calculus over finite-state TS. • # states: at most exponential in the size of K. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 15 / 24
  30. 30. Decidability of Verification Theorem Verification of µDLp over a state-bounded, generic DLDS K is decidable. Reduced to model checking of propositional µ-calculus over finite-state TS. • # states: at most exponential in the size of K. Crux of the proof (inspired by [Bagheri-Hariri et al., PODS2013]) Construction of a finite-state faithful abstraction for ΥK. . . . . . . ... . . . ...... T TT T ... . . .T Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 15 / 24
  31. 31. Decidability of Verification Theorem Verification of µDLp over a state-bounded, generic DLDS K is decidable. Reduced to model checking of propositional µ-calculus over finite-state TS. • # states: at most exponential in the size of K. Crux of the proof (inspired by [Bagheri-Hariri et al., PODS2013]) Construction of a finite-state faithful abstraction for ΥK. 1 Genericity prune infinite branching. Isomorphic types instead of actual param values. . . . . . . ... . . . ...... T TT T ... . . .T Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 15 / 24
  32. 32. Decidability of Verification Theorem Verification of µDLp over a state-bounded, generic DLDS K is decidable. Reduced to model checking of propositional µ-calculus over finite-state TS. • # states: at most exponential in the size of K. Crux of the proof (inspired by [Bagheri-Hariri et al., PODS2013]) Construction of a finite-state faithful abstraction for ΥK. 1 Genericity prune infinite branching. Isomorphic types instead of actual param values. Keep only one successor for every type. . . . . . .T TT T . . . Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 15 / 24
  33. 33. Decidability of Verification Theorem Verification of µDLp over a state-bounded, generic DLDS K is decidable. Reduced to model checking of propositional µ-calculus over finite-state TS. • # states: at most exponential in the size of K. Crux of the proof (inspired by [Bagheri-Hariri et al., PODS2013]) Construction of a finite-state faithful abstraction for ΥK. 1 Genericity prune infinite branching. Isomorphic types instead of actual param values. Keep only one successor for every type. 2 State boundedness + µDLp make runs finite. Recycle old (forgotten) objects as new param values. µDLp does not distinguish the difference. T TT T Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 15 / 24
  34. 34. Decidability of Verification Theorem Verification of µDLp over a state-bounded, generic DLDS K is decidable. Reduced to model checking of propositional µ-calculus over finite-state TS. • # states: at most exponential in the size of K. Crux of the proof (inspired by [Bagheri-Hariri et al., PODS2013]) Construction of a finite-state faithful abstraction for ΥK. 1 Genericity prune infinite branching. Isomorphic types instead of actual param values. Keep only one successor for every type. 2 State boundedness + µDLp make runs finite. Recycle old (forgotten) objects as new param values. µDLp does not distinguish the difference. 3 Prove that the abstraction preserves all µDLp formulae. T TT T Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 15 / 24
  35. 35. Adversarial Synthesis DL-based two-player game structure (DL2GS) DLDS with actions partitioned into environment and system actions. • The environment is autonomous, we control the system. Execution by alternation of moves. • Move = choice of action + param assignment. • Starting from A0, repeat forever: environment moves, system replies. Resulting TS: two-player game structure [De Giacomo et al., AAAI2010]. . . . (e) (s) (s) (s) (e) (e) (e) (e) . . . . . . . . . ... . . . ... . . . ... . . . ... . . . Basis for many synthesis problems: • conditional planning with full-observability; • behavior composition; • . . . Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 16 / 24
  36. 36. System Properties System properties: logics a l`a ATL. • Goals/desired behaviors the system wants to guarantee/realize. • “Next Φ” “system can force Φ to hold in the next state”. Synthesis logic µADLp Fragment of µDLp: properties satisfied by system in spite of environment. Φ ::= Q | ¬Q | Φ1 ∧ Φ2 | Φ1 ∨ Φ2 | Z | µZ.Φ | νZ.Φ | ∃x.live(x) ∧ Φ | ∀x.live(x) → Φ| live(x)∧[−]sΦ(x) | live(x) →[−]sΦ(x) | live(x)∧[−]wΦ(x) | live(x) →[−]wΦ(x) Idea: [−]Φ = [−] for every environment move, − system can lead to Φ. But does the environment persist the quantified objects? Two possibilites: • [−]sΦ = for every environment move: environment persists x, system replies leading to Φ. • [−]wΦ = for every environment move that persist x: system replies leading to Φ. In addition: system must persist (live(x)∧ . . .) or can drop (live(x) → . . .) x. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 17 / 24
  37. 37. Existence vs Synthesis of Winning Strategies Theorem Verification of µADLp properites over a state-bounded, generic DLDS K is decidable. Proof µADLp is a fragment of µDLp. Strategy: given a history of moves, tells the system what to do next. Existence of strategies Given a µADLp property Φ, if ΥK |= Φ then there exists a winning strategy for the system to force Φ. But which??? Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 18 / 24
  38. 38. Strategies in the Finite-State Setting Synthesis via model checking. • Remember: the property alternates [−] and − moves over next states. T |= ? 1 Model check the property against the system. 2 Property not satisfied no strategy. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 19 / 24
  39. 39. Strategies in the Finite-State Setting Synthesis via model checking. • Remember: the property alternates [−] and − moves over next states. |=T 1 Model check the property against the system. 2 Property not satisfied no strategy. Property satisfied model checker returns a witness. Labeling of the states. 3 See the labeling as a strategy. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 19 / 24
  40. 40. Strategies in the Infinite-State Setting Theorem Given a state-bounded, generic DL2GS K and a µADLp formula Φ, if ΥK |= Φ then there exists an algorithm that realizes a concrete strategy for the system to force Φ. Proof idea • Design-time: 1 Construct the finite-state, faithful abstraction for ΥK. 2 Extract an abstract strategy. Corresponds to an infinite family of concrete strategies. Cannot be concretized at design-time. • Run-time: system lazily lifts the abstract strategy into a concrete one. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 20 / 24
  41. 41. Lazy Strategy Concretization System: repeat forever T T ...... ...... ...... concrete TS faithful abstraction Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 21 / 24
  42. 42. Lazy Strategy Concretization System: repeat forever 1 Environment moves update concrete history. T T ...... ...... ...... concrete TS faithful abstraction Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 21 / 24
  43. 43. Lazy Strategy Concretization System: repeat forever 1 Environment moves update concrete history. 2 Match concrete with abstract history. T T ...... ...... ...... concrete TS faithful abstraction Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 21 / 24
  44. 44. Lazy Strategy Concretization System: repeat forever 1 Environment moves update concrete history. 2 Match concrete with abstract history. 3 Apply abstract strategy get action + abstract params. T T ...... ...... ...... concrete TS faithful abstraction Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 21 / 24
  45. 45. Lazy Strategy Concretization System: repeat forever 1 Environment moves update concrete history. 2 Match concrete with abstract history. 3 Apply abstract strategy get action + abstract params. 4 Choose concrete params respecting the isomorphic type of abstract params move. T T ...... ...... ...... concrete TS faithful abstraction choose params Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 21 / 24
  46. 46. Instantiating the Framework Decidability results carry over any system that can be expressed as a generic DLDS (under state-boundedness). Example: Knowledge and Action Bases [Bagheri Hariri et al., JAIR2013]. • Specify actions by means of effect rules relating queries on the current state with facts asserted in the next state. • Effects can call external services to incorporate new values. KABs can be seen as generic DLDSs. • With sufficient syntactic conditions to check state-boundedness (see [Bagheri Hariri et al., JAIR2013-PODS2013]). Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 22 / 24
  47. 47. Instantiating the Framework on KABs Complexity of verification/synthesis for state-bounded KABs Instance Checking Epistemic CQs DL-Lite ExpTime ExpTime ALCQI ExpTime 2ExpTime Note Complexity can be refined by isolating “changeable memory slots”. • Process can only change those. • See relational transducers, register automata, . . . Exponentiality is in the number of changeable slots! Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 23 / 24
  48. 48. Conclusions • Our work is grounded in real-world data-aware processes. • We study robust conditions for decidability. no conditions on the structure of the ontology; the extensional knowledge changes over time; suitable restrictions are posed on the actions. • Complexity wise, our techniques are exponential in the size of the initial ABox / changeable slots. • Most often processes change only a small portion of the entire data. Logarithmic? • Next steps: formalize this intuition, moving towards practical implementation; investigate the connection with concrete instantiations; study other forms of abstraction. Calvanese, De Giacomo, Montali, Patrizi Verification and Synthesis in DLDS RR 2013 24 / 24

×