Learning Nominal AutomataWork partially supported by the Polish National Science Centre (NCN) grant 2012/07/E/ST6/03026.

Learning Nominal Automatathanks: Work partially supported by the Polish National Science Centre (NCN) grant 2012/07/E/ST6/03026.

Abstract

We present an Angluin-style algorithm to learn nominal automata, which are acceptors of languages over infinite (structured) alphabets. The abstract approach we take allows us to seamlessly extend known variations of the algorithm to this new setting. In particular we can learn a subclass of nominal non-deterministic automata. An implementation using a recently developed Haskell library for nominal computation is provided for preliminary experiments.

A
\authorinfo

Joshua MoermanRadboud University, The Netherlandsjoshua.moerman@cs.ru.nl \authorinfoMatteo Sammartino
Alexandra SilvaUniversity College London, UK{m.sammartino,alexandra.silva}@ucl.ac.uk \authorinfoBartek Klin
Michał SzynwelskiUniversity of Warsaw, Poland{klin,szynwelski}@mimuw.edu.pl \preprintfooterPaper accepted at POPL 2017 with DOI http://dx.doi.org/10.1145/3009837.3009879 \toappear

\category

D.1.1SoftwareProgramming Techniques \categoryF.4.3Mathematical Logic and Formal LanguagesFormal Languages \categoryI.3.2Artificial IntelligenceLearning

ctive Learning, (Non)Deterministic Finite Automata, Nominal Automata, Functional Programming

1 Introduction

Automata are a well established computational abstraction with a wide range of applications, including modelling and verification of (security) protocols, hardware, and software systems. In an ideal world, a model would be available before a system or protocol is deployed in order to provide ample opportunity for checking important properties that must hold and only then the actual system would be synthesized from the verified model. Unfortunately, this is not at all the reality: systems and protocols are developed and coded in short spans of time and if mistakes occur they are most likely found after deployment. In this context, it has become popular to infer or learn a model from a given system just by observing its behaviour or response to certain queries. The learned model can then be used to ensure the system is complying to desired properties or to detect bugs and design possible fixes.

Automata learning, or regular inference Angluin87, is a widely used technique for creating an automaton model from observations. The original algorithm Angluin87, by Dana Angluin, works for deterministic finite automata, but since then has been extended to other types of automata AngluinC97; Aarts10; Niese03, including Mealy machines and I/O automata, and even a special class of context-free grammars. Angluin’s algorithm is sometimes referred to as active learning, because it is based on direct interaction of the learner with an oracle (“the Teacher”) that can answer different types of queries. This is in contrast with passive learning, where a fixed set of positive and negative examples is given and no interaction with the system is possible.

In this paper, staying in the realm of active learning, we will extend Angluin’s algorithm to a richer class of automata. We are motivated by situations in which a program model, besides control flow, needs to represent basic data flow, where data items are compared for equality (or for other theories such as total ordering). In these situations, values for individual symbols are typically drawn from an infinite domain and automata over infinite alphabets become natural models, as witnessed by a recent trend Tomte15; DAntoni14; BojanczykKL14; BolligHLM13; Cassel16.

One of the foundational approaches to formal language theory for infinite alphabets uses the notion of nominal sets BojanczykKL14. The theory of nominal sets originates from the work of Fraenkel in 1922, and they were originally used to prove the independence of the axiom of choice and other axioms. They have been rediscovered in Computer Science by Gabbay and Pitts Pitts13, as an elegant formalism for modeling name binding, and since then they form the basis of many research projects in the semantics and concurrency community. In a nutshell, nominal sets are infinite sets equipped with symmetries which make them finitely representable and tractable for algorithms. We make crucial use of this feature in the development of a learning algorithm.

Our main contributions are the following.

  • A generalization of Angluin’s original algorithm to nominal automata. The generalization follows a generic pattern for transporting computation models from finite sets to nominal sets, which leads to simple correctness proofs and opens the door to further generalizations. The use of nominal sets with different symmetries also creates potential for generalization, e.g. to languages with time features BL12 or data dependencies represented as graphs MontanariS14.

  • An extension of the algorithm to nominal non-deterministic automata (nominal NFAs). To the best of our knowledge, this is the first learning algorithm for non-deterministic automata over infinite alphabets. It is important to note that, in the nominal setting, NFAs are strictly more expressive than DFAs. We learn a subclass of the languages accepted by nominal NFAs, which includes all the languages accepted by nominal DFAs. The main advantage of learning NFAs directly is that they can provide exponentially smaller automata when compared to their deterministic counterpart. This can be seen both as a generalization and as an optimization of the algorithm.

  • An implementation using our recently developed Haskell library tailored to nominal computation – NLambda nlambda-paper. Our implementation is the first non-trivial application of a novel programming paradigm of functional programming over infinite structures, which allows the programmer to rely on convenient intuitions of searching through infinite sets in finite time.

The paper is organized as follows. In Section 2, we present an overview of our contributions (and the original algorithm) highlighting the challenges we faced in the various steps. In Section 3, we revise some basic concepts of nominal sets and automata. Section 4 contains the core technical contributions of our paper: the new algorithm and proof of correctness. In Section 5, we describe an algorithm to learn nominal non-deterministic automata. Section 6 contains a description of NLambda, details of the implementation, and results of preliminary experiments. Section 7 contains a discussion of related work. We conclude the paper with a discussion section where also future directions are presented.

{codebox}\Procname

\li \li\Repeat\li\While is not closed or not consistent \li\If is not closed \li\Then find , such that \zi  , for all \li \End \li\If is not consistent \li\Thenfind , , and such that \zi   and \li \End \liMake the conjecture \li\Ifthe Teacher replies no, with a counter-example \li\Then \End\li\Untilthe Teacher replies yes to the conjecture . \li\Return

Figure 1: Angluin’s algorithm for deterministic finite automata Angluin87

2 Overview of the approach

In this section, we give an overview of the work developed in the paper through examples. We will start by explaining the original algorithm for regular languages over finite alphabets, and then explain the challenges in extending it to nominal languages.

Angluin’s algorithm  provides a procedure to learn the minimal DFA accepting a certain (unknown) language . The algorithm has access to a teacher which answers two types of queries:

  • membership queries, consisting of a single word , to which the teacher will reply whether or not;

  • equivalence queries, consisting of a hypothesis DFA , to which the teacher replies yes if , and no otherwise, providing a counterexample ( denotes the symmetric difference of two languages).

The learning algorithm works by incrementally building an observation table, which at each stage contains partial information about the language . The algorithm is able to fill the table with membership queries. As an example, and to set notation, consider the following table (over ).

This table indicates that contains at least and definitely does not contain the words . Since is fully determined by the language , we will from now on refer to an observation table as a pair , leaving the language implicit.

Given an observation table one can construct a deterministic automaton where

  • is a finite set of states;

  • is the set of final states;

  • is the initial state;

  • is the transition function given by .

For this to be well-defined, we need to have (for the initial state) and (for final states), and for the transition function there are two crucial properties of the table that need to hold: closedness and consistency. An observation table is closed if for all there exists an such that . An observation table is consistent if, whenever and are elements of such that , for all , . Each time the algorithm constructs an automaton, it poses an equivalence query to the teacher. It terminates when the answer is yes, otherwise it extends the table with the counterexample provided.

2.1 Simple example of execution

Angluin’s algorithm is displayed in Figure 1. Throughout this section, we will consider the language(s)

If the alphabet is finite then is regular for any , and there is a finite DFA accepting it.

The language looks trivial, but the minimal DFA recognizing it has as many as 5 states. Angluin’s algorithm will terminate in (at most) 5 steps. We illustrate some relevant ones.

Step .

We start from , and we fill the entries of the table below by asking membership queries for , and . The table is closed and consistent, so we construct the hypothesis .

The Teacher replies no and gives the counterexample , which is in but it is not accepted by . Therefore, line 12 of the algorithm is triggered and we set .

Step .

The table becomes the one on the left below. It is closed, but not consistent: rows and are identical, but appending leads to different rows, as depicted. Therefore, line 9 is triggered and an extra column , highlighted in red, is added. The new table is closed and consistent and a new hypothesis is constructed.

The Teacher again replies no and gives the counterexample , which should be accepted by but it is not. Therefore we put .

Step .

The new table is the one on the left. It is closed, but and violate consistency, when is appended. Therefore we add the column and we get the table on the right, which is closed and consistent. The new hypothesis is .

The Teacher replies no and provides the counterexample , so .

Step .

One more step brings us to the correct hypothesis (details are omitted).

2.2 Learning nominal languages

Consider now an infinite alphabet . The language becomes . Classical theory of finite automata does not apply to this kind of languages, but one may draw an infinite deterministic automaton that recognizes in the standard sense:

where and stand for the infinitely-many transitions labelled by elements of and , respectively. This automaton is infinite, but it can be finitely presented in a variety of ways, for example: