Results 1  10
of
14
Refinementoriented probability for CSP
, 1995
"... Jones and Plotkin give a general construction for forming a probabilistic powerdomain over any directedcomplete partial order [Jon90, JP89]. We apply their technique to the failures/divergences semantic model for Communicating Sequential Processes [Hoa85]. The resulting probabilistic model supports ..."
Abstract

Cited by 44 (7 self)
 Add to MetaCart
Jones and Plotkin give a general construction for forming a probabilistic powerdomain over any directedcomplete partial order [Jon90, JP89]. We apply their technique to the failures/divergences semantic model for Communicating Sequential Processes [Hoa85]. The resulting probabilistic model supports a new binary operator, probabilistic choice, and retains all operators of CSP including its two existing forms of choice. An advantage of using the general construction is that it is easy to see which CSP identities remain true in the probabilistic model. A surprising consequence however is that probabilistic choice distributes through all other operators; such algebraic mobility means that the syntactic position of the choice operator gives little information about when the choice actually must occur. That in turn leads to some interesting interaction between probability and nondeterminism. A simple communications protocol is used to illustrate the probabilistic algebra, and several sugg...
Proof Rules for Probabilistic Loops
 Proceedings of the BCSFACS 7th Refinement Workshop, Workshops in Computing
, 1996
"... Probabilistic predicate transformers provide a semantics for imperative programs containing both demonic and probabilistic nondeterminism. Like the (standard) predicate transformers popularised by Dijkstra, they model programs as functions from final results to the initial conditions sufficient to a ..."
Abstract

Cited by 41 (19 self)
 Add to MetaCart
(Show Context)
Probabilistic predicate transformers provide a semantics for imperative programs containing both demonic and probabilistic nondeterminism. Like the (standard) predicate transformers popularised by Dijkstra, they model programs as functions from final results to the initial conditions sufficient to achieve them. This paper presents practical proof rules, using the probabilistic transformers, for reasoning about iterations when probability is present. They are thoroughly illustrated by example: probabilistic binary chop, faulty factorial, the martingale gambling strategy and Herman's probabilistic selfstabilisation. Just as for traditional programs, weakestprecondition based proof rules for program derivation are an important step on the way to designing more general refinement techniques, or even a refinement calculus, for imperative probabilistic programming. 1 Introduction The standard predicate transformers described by Dijkstra [3] provide a model in which a program is a funct...
pGCL: formal reasoning for random algorithms
, 1999
"... Dijkstra's guardedcommand language GCL contains explicit `demonic' nondeterminism, representing abstraction from (or ignorance of) which of two program fragments will be executed. We introduce probabilistic nondeterminism to the language, calling the result pGCL. Important is that both fo ..."
Abstract

Cited by 40 (11 self)
 Add to MetaCart
Dijkstra's guardedcommand language GCL contains explicit `demonic' nondeterminism, representing abstraction from (or ignorance of) which of two program fragments will be executed. We introduce probabilistic nondeterminism to the language, calling the result pGCL. Important is that both forms of nondeterminism are present  both demonic and probabilistic: unlike earlier approaches, we do not deal only with one or the other. The programming logic of `weakest preconditions' for GCL becomes a logic of `greatest preexpectations' for pGCL: we embed predicates (Booleanvalued expressions over state variables) into arithmetic by writing [P ], an expression that is 1 when P holds and 0 when it does not. Thus in a trivial sense [P ] is the probability that P is true, and such embedded predicates are the basis for the more elaborate arithmetic expressions that we call "expectations". pGCL is suitable for describing random algorithms, at least over discrete distributions. In our presentation o...
Demonic, Angelic and Unbounded Probabilistic Choices in Sequential Programs
 ACTA INFORMATICA
, 1998
"... Probabilistic predicate transformers extend standard predicate transformers by adding probabilistic choice to (transformers for) sequential programs. Demonic nondeterminism is retained. For finite state spaces, the basic theory is set out elsewhere [15], together with a statement of the probabilisti ..."
Abstract

Cited by 20 (8 self)
 Add to MetaCart
Probabilistic predicate transformers extend standard predicate transformers by adding probabilistic choice to (transformers for) sequential programs. Demonic nondeterminism is retained. For finite state spaces, the basic theory is set out elsewhere [15], together with a statement of the probabilistic `healthiness conditions' that generalise the `positive conjunctivity' of ordinary predicate transformers. Here we extend the earlier results to infinite state spaces, and investigate the structure of the transformer space generally: as Back and von Wright [1] did for `standard' (nonprobabilistic) transformers, we nest deterministic, demonic and demonic/angelic transformers, showing how each can be constructed from the one before. In the end we thus find healthiness conditions for a system in which deterministic, demonic, probabilistic and angelic choices all coexist.
The Generalised Substitution Language extended to probabilistic programs
 In Proceedings B’98: the 2nd International B Conference, volume 1393 of LNCS
, 1998
"... . Let predicate P be converted from Boolean to numeric type by writing hP i, with hfalsei being 0 and htruei being 1, so that in a degenerate sense hP i can be regarded as `the probability that P holds in the current state'. Then add explicit numbers and arithmetic operators, to give a richer l ..."
Abstract

Cited by 12 (5 self)
 Add to MetaCart
(Show Context)
. Let predicate P be converted from Boolean to numeric type by writing hP i, with hfalsei being 0 and htruei being 1, so that in a degenerate sense hP i can be regarded as `the probability that P holds in the current state'. Then add explicit numbers and arithmetic operators, to give a richer language of arithmetic formulae into which predicates are embedded by h\Deltai. Abrial's generalised substitution language GSL can be applied to arithmetic rather than Boolean formulae with little extra effort. If we add a new operator p \Phi for probabilistic choice, it then becomes `pGSL': a smooth extension of GSL that includes random algorithms within its scope. Keywords: Probability, program correctness, generalised substitutions, weakest preconditions, B, GSL. 1 Introduction Abrial's Generalised Substitution Language GSL [1] is a weakestprecondition based method of describing computations and their meaning; it is complemented by the structures of Abstract Machines, together with which it ...
Partial Correctness for Probabilistic Demonic Programs
 Theoretical Computer Science
, 1997
"... Recent work in sequential program semantics has produced both an operational [4] and an axiomatic [13, 17] treatment of total correctness for probabilistic demonic programs, extending Kozen's original work [9, 10] that did not include demonic nondeterminism. For practical applications however ( ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
(Show Context)
Recent work in sequential program semantics has produced both an operational [4] and an axiomatic [13, 17] treatment of total correctness for probabilistic demonic programs, extending Kozen's original work [9, 10] that did not include demonic nondeterminism. For practical applications however (eg. combining loop invariants with termination constraints) it is important to retain the traditional distinction between partial and total correctness. Jones [6] defines probabilistic partial correctness for probabilistic, but again not demonic programs. In this paper we combine all the above, giving an operational and axiomatic framework for both partial and total correctness of probabilistic and demonic sequential programs; among other things that provides the theory to support practical reasoning about probabilistic demonic loops [11]. 1 Introduction Deterministic computation over a state space S can be modelled as functions of type S ! S, from initial to final states. A `powerdomain' constr...
Probabilistic Imperative Programming: A Rigorous Approach
 Formal Methods Pacific '97
, 1997
"... Recent work has extended Kozen's probabilistic semantics [8, 9] to include demonic nondeterminism both at the operational [5] and the logical level [12]. That makes it now possible in principle to treat probabilistic program development with the same standards of rigour that apply, when appropr ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
(Show Context)
Recent work has extended Kozen's probabilistic semantics [8, 9] to include demonic nondeterminism both at the operational [5] and the logical level [12]. That makes it now possible in principle to treat probabilistic program development with the same standards of rigour that apply, when appropriate, to imperative programming [3]. In this report we treat several practical aspects of the new models, not discussed in their more theoretical presentations [5, 12]: a gamelike interpretation of probabilistic and demonic choice acting jointly; the intuition behind the probabilistic `healthiness conditions' for predicate transformers, linking them to standard probability theory; and the use of predicate transformers to measure expected efficiency. 1 Introduction Kozen's operational [8] and predicatetransformer [9] approaches to probabilistic semantics were restricted to deterministic programs; yet during the same period and subsequently the trend in standard (nonprobabilistic) program develo...
Argument duplication in probabilistic CSP
, 1995
"... In [2] a space PCSP of probabilistic processes is constructed uniformly from the standard CSP failuresdivergences model. Laws of CSP are shown to be valid in PCSP also, provided they have no duplication on either side of = or v separately: thus for example A u B = B u A carries over to PCSP; but A ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
In [2] a space PCSP of probabilistic processes is constructed uniformly from the standard CSP failuresdivergences model. Laws of CSP are shown to be valid in PCSP also, provided they have no duplication on either side of = or v separately: thus for example A u B = B u A carries over to PCSP; but AuA = A does not, because of the duplication on its lefthand side. Here we propose two devices for retaining more of CSP's laws within PCSP: the first introduces a limited form of state; the second allows multiple occurrences of a term to be abstracted to a single syntactic location. Either [2] or its published revision are prerequisites for understanding this report fully, although skimming Sec. 4 and App. A may give an idea of what has been achieved. 1 Introduction The law A u A = A fails in PCSP only when A is properly nondeterministic; and when that is so, the reason for its failure is the possibly independent resolution of probabilistic choice in the two copies. For example, (B 1 2 \...
Cost analysis of games using program logic
 In Proc. of the 8th AsiaPacific Software Engineering Conference (APSEC 2001
, 2001
"... Recent work in programming semantics has provided a relatively simple probablistic extension to predicate transformers, making it possible to treat small imperative probabilistic programs containing both demonic and angelic nondeterminism [11, 12, 20]. That work in turn was extended to provide a pr ..."
Abstract

Cited by 4 (4 self)
 Add to MetaCart
Recent work in programming semantics has provided a relatively simple probablistic extension to predicate transformers, making it possible to treat small imperative probabilistic programs containing both demonic and angelic nondeterminism [11, 12, 20]. That work in turn was extended to provide a probabilistic basis for the modal µcalculus [13], and leads to a quantitative µcalculus [16, 18]. Standard (nonprobabilistic) µcalculus can be interpreted either ‘normally’, over its semantic domain, or as a twoplayer game between an ‘angel ’ and a ‘demon ’ representing the two forms of choice. It has been argued [23] that the two interpretations correspond. Quantitative µcalculus can be interpreted both ways as well, with the novel interpretation being the second one: a probabilistic game involving an angel and a demon. Each player seeks a strategy to maximise (resp. minimise) the game’s ‘outcome’, with the steps in the game now being stochastic. That suggests a connection with Markov decision processes, in which players compete for high (resp. low) ‘rewards ’ over a Markov transition system. In this paper we explore ‘the Markov connection’, showing for example how discounted Markov decision processes (MDP’s) and terminating MDP’s can be written as quantitative µformulae. The ‘normal’ interpretation of those formulae (i.e. over the semantic domain) then
Hierarchical Reasoning in Probabilistic CSP
, 1996
"... Probabilistic CSP extends the language of CSP with an operator for probabilistic choice. However reasoning about an intricate combination of nondeterminism, communication and probabilistic behaviour can be complicated. In standard CSP such complication is overcome (when possible) by use of hierarchi ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Probabilistic CSP extends the language of CSP with an operator for probabilistic choice. However reasoning about an intricate combination of nondeterminism, communication and probabilistic behaviour can be complicated. In standard CSP such complication is overcome (when possible) by use of hierarchical reasoning. In this paper we provide a foundation for lifting such reasoning to the probabilistic setting. First we formalise the common observation that the standard models of CSP (traces, refusals and refusals/divergences) form a hierarchy, by showing that they are linked by embeddingprojection pairs. Such structure underlies hierarchical reasoning in which complex process behaviour is reasoned about in terms of its simpler projections. Then we show how that hierarchy can be extended to a corresponding hierarchy between the probabilistic models, by using each of those three models of standard CSP as a basis for a probabilistic extension. Finally we show that there is a projection from ...