Model Checking Gigantic Markov Models

Probabilistic model checking – the verification of models incorporating random phenomena – has enjoyed a rapid increase of interest. Thanks to the availability of mature tool support and efficient verification algorithms, probabilistic model checking has been successfully applied to case studies from various areas, such as randomized (distributed) algorithms, planning and AI, security, hardware , stochastic scheduling, reliability analysis, and systems biology [9]. In addition , model-checking techniques have been adopted by mainstream model-based performance and dependability tools as effective analysis means. Probabilistic model checking can thus be viewed as a viable alternative and extension to traditional model-based performance analysis [1]. Typical properties that are checked are quantitative reachability objectives, such as: does the probability to reach a certain set of goal states (by avoiding illegal states) exceed 1 2 ? Extra constraints can be incorporated as well that e.g., require the goal to be reached within a certain number of transitions, within a certain budget, or within a real-time deadline. For models exhibiting both transition probabilities and non-determinism, maximal and minimal probabilities are considered. Intricate combinations of numerical (or simulation) techniques for Markov chains, optimization algorithms, and traditional CTL or LTL model-checking algorithms result in simple, yet very efficient verification procedures [2, 10]. Verifying time-bounded reachability properties on continuous-time models of tens of millions of states usually is a matter of seconds. Using symbolic representation techniques such as multi-terminal BDDs, much larger systems can be treated efficiently as well. A gentle introduction can be found in [5]. Like in the traditional setting, probabilistic model checking suffers from the curse of dimensionality: the number of states grows exponentially in the number of system components and cardinality of data domains. This hampers the analysis of real-life systems such as biological models involving thousands of molecules [12], and software models of on-board aerospace systems that incorporate probabilistic error models of various system components on top of the " nominal " system behaviour [3]. This talk considers the theory and practice of aggressive abstraction of discrete-time and continuous-time Markov models. Our abstraction technique is based on a partitioning of the concrete state space that is typically much coarser than e.g., bisimulation minimisation. We exploit three-valued abstraction [4] in which a temporal logic formula evaluates to either true, false, or indefinite. In this setting, abstraction is conservative for both positive and negative verification results; in our setting this means that the analysis yields bounds …