Automata learning is a technique that has successfully been applied in verification, with the automaton type

varying depending on the application domain. Adaptations of automata learning algorithms for increasingly

complex types of automata have to be developed from scratch because there was no abstract theory offering

guidelines. This makes it hard to devise such algorithms, and it obscures their correctness proofs.

We introduce a simple category-theoretic formalism that provides an appropriately abstract foundation for

studying automata learning. Furthermore, our framework establishes formal relations between algorithms for

learning, testing, and minimization. We illustrate its generality with two examples: deterministic and weighted

automata.

]]>First, given a ﬁnite LPES, it is shown how to synthesize a Petri net with acyclic behavior, such that the unfolding of the synthesized net preserves common preﬁxes and concurrency of runs of the LPES. The partial language of this unfolding is the minimal partial language of an unfolding of a Petri net, which includes the partial language of LPES. This result extend the class of non-sequential behaviour,for which Petri nets can be synthesized, because in comparison to a partial language, an LPES enables to deﬁne which common history of runs should be preserved in the synthesized net.

Second, given an inﬁnite LPES represented by some ﬁnite preﬁx equipped with a cutting context and cut-off events it is shown how to synthesize a bounded Petri net, such that the unfolding of the synthesized net preserves common preﬁxes and concurrency of runs of the LPES. The partial language of this unfolding is the minimal partial language of an unfolding of a Petri net, which includes the partial language of LPES. This result extends the class of non-sequential behaviour, for which Petri nets can be synthesized, because ﬁnite representations of inﬁnite LPES by a ﬁnite preﬁx equipped with a cutting context and cut-off events are more expressive than ﬁnite representations of inﬁnite partial languages by terms.

]]>Parity games are deceptively simple two-player games on directed graphs

labeled with numbers.

Parity games have important practical applications in formal

verification and synthesis, especially to solve the model-checking problem

of the modal mu-calculus. They are also interesting from the theory

perspective, because they are widely believed to admit a polynomial

solution, but so far no such algorithm is known. In recent years, a number

of new algorithms and improvements to existing algorithms have been

proposed.

In this talk, we introduce parity games in an accessible way and discuss

why they are so interesting. We present various solutions that have been

proposed over the years. We also present a comprehensive empirical evaluation

of modern parity game algorithms and solvers, both on real world benchmarks

and randomly generated games.

Symbolic executions (and their recent variants called dynamic symbolic

executions) are an important technique in automated testing. Instead

of analysing only concrete executions of a program, one could treat

such executions symbolically (i.e. with some variables that are not

bound to concrete values) and use constraint solvers to determine this

(symbolic) path feasibility so as to guide the path explorations of

the system under test, which in combination with dynamic analysis

gives the best possible path coverage. For string-manipulating

programs, solvers need to be able to handle constraints over the

string domain. This gives rise to the following natural question: what

is an ideal decidable logic over strings for reasoning about path

feasibility in a program with strings? This is a question that is

connected to a number of difficult results in theoretical computer

science (decidability of the theory of strings with concatenations,

a.k.a., word equations) and long-standing open problems (e.g.

decidability of word equations with length constraints). Worse yet,

recent examples from cross-site scripting vulnerabilities suggest that

more powerful string operations (e.g. finite-state transducers) might

be required as first class citizens in string constraints. Even though

putting all these string operations in a string logic leads to

undecidability, recent results show that there might be a way to

recover decidability while retaining expressivity for applications in

symbolic execution. In this talk, I will present one such result from

my POPL’16 paper (with P. Barcelo). The string logic admits

concatenations, regular constraints, finite-state transductions,

letter-counting and length constraints (which can consequently express

charAt operator, and string disequality). I will provide a number of

examples from the cross-site scripting literature that shows how a

string logic can, for the first time, be used to discover a bug in or

prove correctness of the programs. I will conclude by commenting on a

new decision procedure for the logic that leads to an efficient

implementation (POPL’18 with L. Holik, P. Janku, P. Ruemmer, and T.

Vojnar) and a recent attempt to incorporate the fully-fledged

replace-all operator into a string logic (POPL’18 with T. Chen, Y.

Chen, M. Hague, and Z. Wu). ]]>

Buggy and insecure software could have serious consequences including

the loss of human lives, financial losses, and confidential

information leakage, to name a few. Program analysis is a field that

concerns the problem of analysing the behaviour of programs especially

with respect to the issue of correctness. Over the years computational

logic has played an important role in program analysis particularly in

the development of precise automatic methods for verifying the

correctness and optimising the performance of programs. In this talk I

will illustrate how logic can help program analysis, drawing examples

from my own research inspired by challenges in web security (e.g. how

to detect/prevent cross-site scripting vulnerabilities), web

performance optimisation (e.g. how to remove code redundancies in web

pages), and verification of distributed protocols. A theme that will

emerge during the talk is that there is often a tight connection

between logic and automata that can be exploited when designing (often

theoretically optimal) algorithms. ]]>

The rapid growth in the size and scope of datasets in science and technology has created a need for novel foundational perspectives on data analysis that blendthe inferential and computational sciences. That classical perspectives from these fields are not adequate to address emerging problems in Data Science is apparent from their sharply divergent nature at an elementary level—in computer science, the growth of the number of data points is a source of “complexity” that must be tamed via algorithms or hardware, whereas in statistics, the growth of the number of data points is a source of “simplicity” in that inferences are generally stronger and asymptotic results can be invoked. On a formal level, the gap is made evident by the lack of a role for computational concepts such as “runtime” in core statistical theory and the lack of a role for statistical concepts such as “risk” in core computational theory. I present several research vignettes aimed at bridging computation and statistics, including the problem of inference under privacy and communication constraints, and including a surprising cameo role for symplectic geometry.

]]>