Logique approchée Michel de Rougemont Université Paris II VERA: CORRECT:
1.Classical approximation for a function f: Knapsack Maxcut 2.Decision problem (boolean function) Complexity and Approximation
1.Satisfiability : Tree |= F 2.Approximate satisfiability Tree |= F Image on a class K of trees Approximate satisfiability
1. Kripke structure, Execution Tree, Specification F Tree |= F 2.Approximate verification (LICS 2002) Tree |= F is much easier than Tree |= F 3.XML data: (ICALP 2004) Verify that a large XML file is valid. (Satisfies a DTD). Estimate distance from a file to a DTD Rank documents on the Web Approximate verification
VERA: Vérification approchée 1.Logique, Testeurs et Correcteurs Testeurs et Correcteurs Arbres réguliers 2.Abstraction probabiliste de programmes Bornes inférieures sur OBDDs et automates Abstraction en Model Checking 3.Mécanismes et Jeux Calcul déquilibre
Logique, testeurs, correcteurs Un Testeur decide |= pour une formule F. Un Correcteur prend une structure U proche de K en entrée et calcule U dans K, proche de U. Problème: Une classe K définissable dans une logique L admet-elle un testeur et un correcteur? Théorème. (Alon and al. FOCS2000) Les mots reguliers sont testables pour la distance dEdition. Généralisation aux arbres réguliers. Application au test de fichiers XML et à la correction XML.
Programme P Spécification F (X,Y) Structure de donnée OBDD O = O Problème : taille des structures explose Complexité en Communication montre des bornes inférieures exponentielles. PF Vérification par Modèle
La spécification admet un testeur P (A) =1 ssi A est 3 coloriable Problème : comment appliquer le test à un programme? A est 3-coloriable  est 3-coloriable Testeurs et Vérification
P(A). Enumerate C: While (x <= n){ While (y <= n){ If A(x,y) check C(x)=C(y)}} Define an abstraction Abstraction probabiliste P(A). Enumerate C: While (x <= m){ While (y <= m){ If A(x,y) check C(x)=C(y)}}
Peut-on trouver une abstraction? Toute propriété Admet un testeur. Comment trouver une abstraction à partir dun programme P? Difficulté algorithmique.
Programmes probabilistes a b c d 0 1 (0.6) 1 (0.4) a p p p p q Random sampling may approximate this probability. (Peyronnets thesis)
Protocoles et jeux Mécanismes et Jeux Calcul déquilibre Comment vérifier quun programme distribué atteindra un équilibre satisfaisant une propriété P? Agents interagissent selon un modèle économique. Véracité du protocole (Truthfulness) Nash est approximable (Lipton 2003) Mécanismes de sécurité et de régulation
Let K be a class of finite structures and Examples: 1.Words –Edit distance –Edit distance with moves –Edit distance with moves, Cut, Paste 2.Trees 3.Graphs Distances on structures
1.Classical Edit Distance: Insertions, Deletions, Modifications 2.Edit Distance with moves Edit distance on Words
Tree-Edit-Distance a e b cd a e b c a e b c d f e Deletion Edge Insertion Node and Label Tree Edit distance with moves: a e b cd a e b cd 1 move
Binary trees : Distance with moves allows permutations Tree-Edit-Distance on binary trees Distance(T1,T2) =4 p-Distance (T1,T2) =2
1.Words P algorithm for small distances Efficent algorithms for Edit Distance with moves 2.Trees P algorithm NP complete, non-approximable for Edit Distance with moves. Efficient solution for small distances Estimating distances
CORRECT: XML files XML file= Tree automaton (DTD) + Colored Tree 1.Test if a large file is « valid ». Solution: O(1) !! 2. If the distance to a DTD is small, correct the file. Solution O(n). 3. Rank the Web: For DTDs find the distances. Solution: less than O(n)!!!
XML <!DOCTYPE a [ ]> > ….. ….. XML corrector :
(q0, q0) q1 (q0,q1) q1 Tree automata q0 q1 q0 q1 q2 (q1,q1) q2 (q1,q0) q2 (q2,-) q2 (-,q2) q2
Definition : a subtree t is feasible for L if there are subtrees (for its leaves) which reach states (q1...ql) such that the state of the root q=t(q1...ql) can reach an accepting state (in the automaton for L). A subtree is infeasible if it is not feasible Feasible and infeasible subtrees feasible infeasible
Fact. If then the number of unfeasible subtrees of length a is O(n). Fact. If the distance is small, there are few infeasibles trees. Intuition : make local corrections at the root of the infeasible trees Infeasible subtrees
Phase 1 : (Bottom-up) Marking of * nodes, roots of infeasible subtrees. Phase 2 : (Top-down) Recursive analysis of the * subtrees to make root accept. Phase 3 : (Bottom –up) Local corrections Structure of the corrector Tree-Edit Distance q0 q1
Structure of the corrector Tree-Edit Distance with moves q0 q1 1 move
Phase 1 : bottom-up marking Definitions: 1.A terminal *-node is the first sink node of a run 2.A * subtree of a node v is the subtree whose root is v reaching leaves or *-node 3.A node v is a *-node if its state is a sink node when all possible reachable states replace the *-nodes of its *-subtree. 4. Compute the size of the subtrees * * Runs with all possible reachable states (q,q) reach a sink. * O(n) procedure.
Phase 2 : top-down possible states * * Let (q,q) a possible choice at the top *-subtree. Let q a possible state for the *-node of the left *-subtree Lemma 1: If Dist(T,L)<k, there are at most k *-nodes. * q1 q2 q instead of *
Hypothesis : q1 in Ci q2 in Cj q in Ck Case a: P such that Ci < Ck and Cj < Ck Find t1 and t2 as in case 1.a General Correction q1 q2 q q q q q1 q2 t2 t1
Case b,c : P such that Ci >Ck and Cj < Ck Find t2 and let Cp=inf(Ci,Ck). Cut the left branch until Cp. Case d: P such that Ci >Ck and Cj > Ck Let Cp=inf(Ci,Ck). Cut the left branch until Cp. Let Cq=inf(Cj,Ck). Cut the right branch until Cq. Case 2: b and c q1 q2 q q q t2 q1 q2 q q
1.Tree-Edit Distance Fact 1: finitely many insertions Fact 2: deletions unpredictable Consequences: no easy bound on the distance between T and T. Correction up to a constant distance. 2. Tree-Edit Distance with moves. Correction up to. Estimate the distance, although the problem is NP- hard, non-approximable. Analysis of the corrector
Theorem: If Dist(T,L) <k, the general corrector finds T such that Dist(T,T) <c.k. Proof : # *-nodes < k Case 1: 0 *-node: easy correction Case 2: at least 1 *-node. Looking at all possible k- variations will correct the errors in the *- subtree and diminish the *-nodes. General result
Recall: Which games characterize ? Game 1: two players I and II. Game 2: one player II against nature (player I) Approximate structures
Two players I and II on U, V Phase 1 : II choose U, V at distance ε Phase 2 : I and II play EF of order k on U,V II wins if Game 1 U U V V
Two players and nature on U, V Phase 1 : nature plays p points in U or V Phase 2 : II answers with p points in V Phase 3 : I and II play EF(q) II wins if Game 2 (p,q) U V
Game 1 Game 2 for p(k, ε), q(k, ε) Comparisons of Games 1 and 2 If there is a FO (k) formula which distinguishes U and V, there is an automaton A which distinguishes U and V. A tester for A would distinguish U and V with high probability.
Let A an automaton which distinguishes U and V. The tester accepts U and rejects V with high probability. There is an admissible path Z for which some sample of length at most q is feasible for U and infeasible for V In a game of order q, I would win with high probability. Comparisons of Games 1 and 2
Conclusion Vérifier exactement peut être trop difficile. Vérifier approximativement peut être réalisable. 1.Testeurs et Correcteurs 2.Vérification probabiliste de programmes. Abstraction probabiliste Vérification de programmes probabilistes Validité de fichiers XML 3.Vérification approchée déquilibres de protocole.