Abstract
Computer programs are increasingly being deployed in partially-observable environments. A partially observable environment is an environment whose state is not completely visible to the program, but from which the program receives partial observations. Developers typically deal with partial observability by writing a state estimator that, given observations, attempts to deduce the hidden state of the environment. In safety-critical domains, to formally verify safety properties developers may write an environment model. The model captures the relationship between observations and hidden states and is used to prove the software correct.
In this paper, we present a new methodology for writing and verifying programs in partially observable environments. We present belief programming, a programming methodology where developers write an environment model that the program runtime automatically uses to perform state estimation. A belief program dynamically updates and queries a belief state that captures the possible states the environment could be in. To enable verification, we present Epistemic Hoare Logic that reasons about the possible belief states of a belief program the same way that classical Hoare logic reasons about the possible states of a program. We develop these concepts by defining a semantics and a program logic for a simple core language called BLIMP. In a case study, we show how belief programming could be used to write and verify a controller for the Mars Polar Lander in BLIMP. We present an implementation of BLIMP called CBLIMP and evaluate it to determine the feasibility of belief programming.
Supplemental Material
Available for Download
Appendices to the paper.
- Carlos Areces, Pascal Fontaine, and Stephan Marz. 2015. Modal Satisfiability via SMT Solving. In Software, Services, and Systems. Springer.Google Scholar
- Ralph-Johan Back. 1978. On the Correctness of Refinement Steps in Program Development. Ph.D. Dissertation. University of Helsinki.Google Scholar
- Alexandru Baltag and Lawrence S. Moss. 2004. Logics for Epistemic Programs. Synthese 139 (03 2004 ), 165-224.Google Scholar
- Guillaume Baudart, Louis Mandel, Eric Atkinson, Benjamin Sherman, Marc Pouzet, and Michael Carbin. 2020. Reactive Probabilistic Programming. In Conference on Programming Language Design and Implementation.Google Scholar
- Dimitri P. Bertsekas. 1971. Control of uncertain systems with a set-membership description of the uncertainty. Ph.D. Dissertation. MIT.Google Scholar
- Thomas Caridroit, Jean-Marie Lagniez, Daniel Le Barre, Tiago de Lima, and Valentin Montmirail. 2017. A SAT-based Approach to Solving the Modal Logic S5-Satisfiability Problem. In AAAI Conference on Artificial Intelligence.Google Scholar
- Souray Chatterjee and Persi Diaconis. 2018. The Sample Size Required in Importance Sampling. Annals of Applied Probability 28 (04 2018 ), 1099-1135. Issue 2.Google Scholar
- G. Cimmino. 1938. Calcolo aprossimato per le souzioni dei sistemi di equazioni lineari. La Ricera Scientifica, Series II 9 ( 1938 ), 326-333.Google Scholar
- P.L. Combettes. 1993. Foundations of Set-Theoretic Estimation. Proc. IEEE 81 ( 02 1993 ), 182-208. Issue 2.Google Scholar
Cross Ref
- Mary Kathryn Cowles and Bradley P. Carlin. 1996. Markov Chain Monte Carlo Convergence Diagnostics: A Comparative Review. J. Amer. Statist. Assoc. 91 ( 06 1996 ), 883-904. Issue 434.Google Scholar
- Pierre Del Moral, Arnaud Doucet, and Ajay Jasra. 2006. Sequential Monte Carlo samplers. Journal of the Royal Statistical Society: Series B (Statistical Methodology) 68 (06 2006 ), 411-436. Issue 3.Google Scholar
- Benjamin Delaware, Clément Pit-Claudel, Jason Gross, and Adam Chlipala. 2015. Fiat: Deductive Synthesis of Abstract Data Types in a Proof Assistant. In Symposium on Principles of Programming Languages.Google Scholar
Digital Library
- Edsger W. Dijkstra. 1975. Guarded Commands, Nondeterminacy, and Formal Derivations of Programs. Commun. ACM 18 ( 08 1975 ), 453-457. Issue 8.Google Scholar
- Cormac Flanagan and K Rustan M Leino. 2001. Houdini, an annotation assistant for ESC/Java. In International Symposium on Formal Methods Europe.Google Scholar
Cross Ref
- R.W. Floyd. 1967. Assigning Meanings to Programs. In Symposium in Applied Mathematics.Google Scholar
Cross Ref
- C.A.R. Hoare. 1969. An Axiomatic Basis for Computer Programming. Commun. ACM 12 ( 10 1969 ), 576-580. Issue 10.Google Scholar
- JPL Special Review Board. 2000. Report on the Loss of the Mars Polar Lander and Deep Space 2 Missions. Technical Report. Jet Propulsion Laboratory.Google Scholar
- Stefan Kaczmarz. 1937. Angenaherte Auflosung von Systemen linearer Gleichungen. In Bulletin International de l' Academie Polonaise des Sciences et des Lettres. Classe des Sciences Mathematiques et Naturelles. Serie A, Sciences Mathematiques.Google Scholar
- Tessa Lau, Pedro Domingos, and Daniel S. Weld. 2000. Version Space Algebra and its Application to Programming by Demonstration. In International Conference on Machine Learning.Google Scholar
- Jun S. Liu. 1996. Metropolized Independent Sampling with Comparisons to Rejection Sampling and Importance Sampling. Statistics and Computing 6 ( 06 1996 ), 113-119.Google Scholar
- Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An Eficient SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems.Google Scholar
- Jan Plaza. 2007. Logics of Public Communications. Synthese 158 (09 2007 ), 165-179.Google Scholar
- Stuart Russel and Peter Norvig. 2020. Artificial Intelligence: A Modern Approach (4 ed.). Pearson.Google Scholar
- Hesam Samimi, Ei Darli Aung, and Todd Millstein. 2010. Falling Back on Executable Specification Languages. In European Conference Object-Oriented Programming.Google Scholar
- Adrian Sampson, Pavel Panchekha, Todd Mytkowicz, Kathryn S. McKinley, Dan Grossman, and Luis Ceze. 2014. Expressing and Verifying Probabilistic Assertions. In Conference on Programming Language Design and Implementation.Google Scholar
- Tetsuya Sato, Alejandro Aguirre, Gilles Barthe, Marco Gaboardi, Deepak Garg, and Justin Hsu. 2019. Formal Verification of Higher-order Probabilistic Programs: Reasoning About Approximation, Convergence, Bayesian Inference, and Optimization. In Symposium on Principles of Programming Languages.Google Scholar
Digital Library
- Fred C. Schweppe. 1973. Uncertain Dynamic Systems. Prentice-Hall.Google Scholar
- Richard D. Smallwood and Edward J. Sondik. 1973. The Optimal Control of Partially Observable Markov Processes Over a Finite Horizon. Operations Research 21 ( 10 1973 ), 1071-1088. Issue 5.Google Scholar
- Armando Solar-Lezama, Liviu Tancau, Rastislav Bodik, Vijay Saraswat, and Sanjit Seshia. 2006. Combinatorial Sketching for Finite Programs. In International Conference on Architectural Support for Programming Languages and Operating Systems.Google Scholar
- Sparkfun. 2020. GPS Buying Guide-SparkFun Electronics. https://www.sparkfun.com/GPS_Guide. Accessed 2020-07-16.Google Scholar
- Sam Staton. 2017. Commutative Semantics for Probabilistic Programming. In European Symposium on Programming.Google Scholar
- Jian Wan, Sanjay Sharma, and Robert Sutton. 2018. Guaranteed State Estimation for Nonlinear Discrete-Time Systems via Indirectly Implemented Polytopic Set Computation. IEEE Trans. on Automatic Control 63 ( 12 2018 ), 4317-4322. Issue 12.Google Scholar
Cross Ref
- Glynn Winskel. 1993. The Formal Semantics of Programming Languages. MIT Press.Google Scholar
Digital Library
- Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A Language for Automatically Enforcing Privacy Policies. In Symposium on Principles of Programming Languages.Google Scholar
Digital Library
Index Terms
Programming and reasoning with partial observability
Recommendations
Constructive Methods in Program Verification
Most current approaches to mechanical program verification transform a program and its specifications into first-order formulas and try to prove these formulas valid. Since the first-order predicate calculus is not decidable, such approaches are ...
Reasoning about memoryless strategies under partial observability and unconditional fairness constraints
Alternating-time Temporal Logic is a logic to reason about strategies that agents can adopt to achieve a specified collective goal.A number of extensions for this logic exist; some of them combine strategies and partial observability, some others ...
A program of physical research in classical mechanics
ZusammenfassungNach einigen Bemerkungen über die Grundlagen der klassischen Mechanik behandelt dieser Artikel die allgemeine Natur der nichtlinearen Elastizität und Viskosität. Die Experimente, die das Vorhandensein von eigentlich nichtlinearen ...






Comments