Counterexample-guided inductive synthesis for probabilistic systems

This paper presents counterexample-guided inductive synthesis (CEGIS) to automatically synthesise probabilistic models. The starting point is a family of finite-stateMarkov chains with related but distinct topologies. Such families can succinctly be described by a sketch of a probabilistic program. Program sketches are programs containing holes. Every hole has a finite repertoire of possible program snippets by which it can be filled.We study several synthesis problems-feasibility, optimal synthesis, and complete partitioning-for a given quantitative specification phi. Feasibility amounts to determine a family member satisfying., optimal synthesis amounts to find a family member that maximises the probability to satisfy., and complete partitioning splits the family in satisfying and refuting members. Each of these problems can be considered under the additional constraint of minimising the total cost of instantiations, e.g., what are all possible instantiations for phi that are within a certain budget? The synthesis problems are tackled using a CEGIS approach. The crux is to aggressively prune the search space by using counterexamples provided by a probabilistic model checker. Counterexamples can be viewed as sub-Markov chains that rule out all family members that share this sub-chain. Our CEGIS approach leverages efficient probabilistic model checking, modernSMTsolving, and programsnippets as counterexamples. Experiments on case studies froma diverse nature-controller synthesis, program sketching, and security-show that synthesis among up to a million candidate designs can be done using a few thousand verification queries.