Title | Spezifikation und Verifikation (Specification and Verification) |

Term | Summer 2020 |

Module Type |
Bachelor-Praktikum (Practical Course for BSc students, IN0012) Master-Praktikum (Practical Course for MSc students, IN2106) |

Preliminaries | Basic knowledge of Isabelle (e.g. Functional Data Structures (IN2347), Semantics (IN2055), Interactive Software Verification (IN3350)) |

ECTS | 10 |

Organisation | Maximilian Haslbeck, Tobias Nipkow |

Participants will work on a project by themselves using the interactive theorem prover Isabelle. The practical course will run throughout the semester.

The application will be through the Matching Platform. There will be a **kick-off meeting** **Monday February 3 at 14:00 in 00.09.038** (Turing) explaining some details about the Praktikum; in any case contact Maximilian Haslbeck via email in advance (i.e. before the matching starts) and indicate what prior experience you have with Isabelle (e.g. through one of the above-mentioned lectures) and possibly what particular topics you are interested in.

Note that prior experience with Isabelle is **mandatory**.

The book "Concrete Semantics" [1] presents a simple abstract interpretation framework for the imperative toy language IMP. The most sophisticated abstract interpretation technique it provides is the interval domain. This domain suffers from a well-known shortcoming: dependencies between variables cannot be tracked. The goal of this project is to extend this abstract interpretation framework to some popular domains that can track variable inter-dependencies based on difference constraints. Concretely, this work would consist of the following steps:

- Extend the abstract interpretation interface such that variable inter-dependencies can be tracked. The classic reference is Cousot and Cousot [2].
- Instantiate the framework for the DBM domain [3]. DBMs have already been formalized in Isabelle/HOL [6] but some additional operations would have to be added.
- Instantiate the framework for the octagon domain [4]. This can be based on the formalization of the DBM domain.
- Possible extensions: polyhedra domain [5], certification of abstract interpretation results from external tools.

This project should be a perfect fit for any students that have just finished the Semantics course (or read the book)!

References:

[1] Nipkow, T., Gerwin, K.: Concrete Semantics

[2] Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints

[3] Antoine Miné: A New Numerical Abstract Domain Based on Difference-Bound Matrices

[4] Antoine Miné: The Octagon Abstract Domain

[5] Cousot, P., Halbwachs, N.: Automatic Discovery of Linear Restraints Among Variables of a Program

[6] Simon Wimmer: Timed Automata

Advisor: Simon Wimmer

Edmond's blossom shrinking algorithm is one of the fundamental algorithms in combinatorial optimisation. It was recently verified in Isabelle/HOL. In this project the student will have the task of porting Edmond's algorithm to the Isabelle Refinement Framework and, if successful, show worst-case running time bounds on the algorithm.

Advisor: Mohammad Abdulaziz, Maximilian Haslbeck

This topic aims to formalize some parts of the zoo of NP-complete problems and the polynomial-time reductions between them. See Figure 6 of [1] for an overview of a plethora of such problems and their interrelations. This could include one or more of the following subtasks:

- Formalizing classic Karp and Cook reductions between NP-hard problems in an abstract language.
- Complexity-preserving synthesis of WHILE programs from such abstract algorithms.
- Translation from WHILE-programs to Turing Machines (and vice versa).

Further reading: [1]

Advisor: Simon Wimmer, Maximilian Haslbeck

State space search is a successful technique to solve classical AI planning problems, i.e. deterministic problems with finite states. The main task of this project is to (partially) build a formally verified A* based planning algorithm. Tasks in this project include

- formalising existing heuristics for classical planning in Isabelle/HOL and verifying that they are admissible. There are many such heuristics, and they are reviewed in sections 2.3 and 2.7.9 in a book by Ghallab et al. [1]. A first step is to verify abstraction based heuristics like pattern databases and/or merge-and-shrink.
- integrating an existing Isabelle formalisation of A* with 1) already formalised semantics of planning problems to obtain a version of A* that operates on planning state spaces and 2) planning heuristics that are verified.
- refining the integrated A* to executable code.

[1] Malik Ghallab, Danna Nau, Paolo Traverso -- Automated Planning and Acting

Advisors: Mohammad Abdulaziz

There are a number of simple approximation algorithms for NP-complete problems that can be shown to produce a result which is no worse than the optimal result within some factor. A typical example is the vertex cover problem which has a simple 2-approximation algorithm, i.e. the result is at most twice as bad as the optimal solution. We have verified this particular result. Here are two similar projects:

[CLRS] Cormen, Leiserson, Rivest and Stein. Introduction to Algorithms. 3rd edition, 2009.

[KT] Jon Kleinberg and Eva Tardos. Algorithm Design. 2006.

Advisors: Mohammad Abdulaziz, Tobias Nipkow

Newton's method is a simple method for finding approximations of roots of non-linear real functions. The goal is to develop a generic framework for this that can be instantiated for particular functions and connecting it with Isabelle's existing packages for interval arithmetic and Taylor models.

Advisor: Manuel Eberl

You are welcome to propose an algorithm or data structure and discuss the realizability with your advisor. Some examples of algorithms and data structures that were verified in past lab courses: Knuth-Morris-Pratt, A*, Kruskal, Finger Trees, Skew Binomial Queues, Dijkstra's Algorithm, Conversion Between Regular Expressions and Finite Automata.

Ideas: String Search Algorithms (Boyer-Moore), Graph Algorithms (Bellman-Ford), B-trees

Advisor: Maximilian Haslbeck, Simon Wimmer

Factored transition systems succinctly represent state spaces in applications such as Artificial Intelligence (AI) planning and model checking. Many problems defined on such systems are graph theoretic problems on their state space, such as computing reachability or the diameter of the state space. A problem with naively using state-of-the-art graph theoretic algorithms is that they would require the construction of the state space, which can be exponentially bigger than the input factored system, a problem referred to as the state space explosion problem. Compositional algorithms are one approach to alleviate state space explosion, where only state spaces of abstractions are constructed. This project concerns formalising some aspects of compositional algorithms from existing AI planning or model checking literature in Isabelle. Example from the literature discussing compositional algorithms are given below.

Advisor: Mohammad Abdulaziz

Many basic graph theoretic problems are either NP-hard or cannot be solved in better than polynomial time. This makes solving those problems prohibitive if not impossible for real-world graphs. Approximation algorithms circumvent that by using less resources than exact algorithms, at the expense of providing only approximate solutions. In this project the student would formally verify that 1) the approximate solutions of those algorithms meet a certain quality citerion, 2) the upper bounds on their runtimes are correct. A particularly interesting algorithm is the algorithm described below for approximating the diameter of an undirected graph due to Aingworth et al..

Further Reading: [1]

Advisor: Mohammad Abdulaziz

This project would formalize a number of simple program analyses on UPPAAL byte code. The goal is to establish a number of properties that are relevant for model checking (no knowledge on this part is needed). The project can start from an existing formalization of the semantics of the byte code.

Advisor: Simon Wimmer

Machine learning is one of the fastest growing areas of computer science. While it seems to perform well in a wide variety of information processing tasks, its foundations are far from understood and accurate guarantees can hardly be established. The idea of this topic is to explore the principles of machine learning and formalize basic results as a background for the analysis of various techniques (i.e. Least Squares, Kernel Methods, Neural Networks). [1,2] might serve as a starting point.

Advisor: Max Haslbeck

Bayesian networks (BNs) are probabilistic graphical models for describing complex joint probability distributions. This project‘s goal is to formalize BNs and possibly link them up with probabilistic programs in pGCL following recent work by Batz et al. [1].

Further reading: [1]

Advisor: Max Haslbeck

Many efficient data structures use sharing of data in order to save space (e.g. CoDBMs) or to improve run time (e.g. Fibonnaci Heaps). Programs manipulating mutable data structures with intrinsic sharing present a challenge for verification.

A classic approach to modular verification of data structures is separation logic. As sharing and separation seem contradictory, separation logic alone does not suffice. There are at least two recent approaches to cope with that: Ramifications [1] and flow interfaces [2]. Understanding and formalizing one of these is the goal of this project.

One direct and hot application of this work would be the verification of efficient Compact Difference Bound Matrices (CoDBMs) (Paper from APLAS 2017: [3]) used in static program analysis and model checking.

Further reading: [1], [2], [3]

Advisors: Simon Wimmer, Max Haslbeck

AI planning is the discipline that aims building computer programs that act rationally to achieve a certain goal, given a declarative description of the environment and the actions it has to change that environment. In many practical applications, like autonomous vehicles driving among others, it is not possible to model the exact effects of actions. Planning in such cases, known as planning under certainty, a planning problem is modelled as a (factored) Markov Decision Process (MDP), where the result of executing an action is one of many states, each with a different probability. Multiple methods to solve this kind of problems are in the AI and planning literature. In this project the student would specify and verify in Isabelle one of the basic algorithms that are used to solve planning problems that have uncertainty in them. Example algorithms are value iteration and policy iteration.

Advisors: Mohammad Abdulaziz