Symbolic Automata = Automata + SMT solvers

Loris D’Antoni Rajeev Alur

Margus Veanes

01/24/14, POPL14

Symbolic Finite Automaton (SFA)

2

λx. x mod 2=0

λx. x mod 2=1

q0 q

λx. x mod 2=0λx. x mod 2=1

A = (Q,q0,F,δ,σ) Input sort: in this case int

Separate theory for the input

alphabetSMT SOLVER

Symbolic Finite Automata (SFA)

3

λx. x mod 2=0

λx. x mod 2=1

p q

λx. x mod 2 =0λx. x mod 2=1

1 2 5 3

p p q p p

p is final accept the input

Exe

cuti

on

E

xam

ple

Generalizing Classical Constructions

4

p1 q1

1

p2 q2

2

A1:

A2:

p1

p2

12A1A2:q1

q2X

delete when 12 unsatisfiable

REQUIREMENTS:Input theory must be a Boolean algebra, and

Decidable (SMT solver)

5

Hopcroft’s algorithm for Minimization

P := {F, Q\F}W := {if |F|< |Q\F| then F else Q\F}while W != { }

R:=pickFrom(W)foreach a in Σ

S := δ-1(R,a)

while ∃ T ∈ P. T∩S ≠ {} ∧ T \S ≠ {}P,W := split(P, P∩S , P\S)

return partitioned DFA

D’Antoni, Veanes. Minimization of Symbolic Automata [POPL14]

Symbolic Finite Transducers (SFT)

6

p

even(x)/ [x+1,x-1]1 2 5 3

Exe

cuti

on

E

xam

ple

odd(x)/ [x+2%4]3 1 3 3 1

7

Advantages of Symbolic Automata

• Infinite alphabets• Separation of concerns between automaton and

alphabet– UTF16 abstracted using BDDs – Integer using predicates over integers

• Succinctness– One transition captures many symbols

• Same closure and decidability properties of finite automata – Boolean closure and decidable equivalence– Closure under composition

An interesting property

8

p

even(x)/ [x+1,x-1]

odd(x)/ [x+2%4]

q

odd(x)

T: O:

Is it true that this transducer always outputs a list of odd numbers? YES

It can be checked automatically: isEmpty(ToO)

9

Applications [Fast, PLDI14]

10

ConclusionResultsMinimization [POPL14]Analysis of string encoders [VMCAI13, CAV13]Analysis of List/Tree Manipulating Programs [PLDI14]Symbolic Nested Word Automata [Submitted CAV14]Crowd Sourcing Regular Expressions [Submitting to HCOMP14]

Future workLearningExtend to more complex models