Results 1  10
of
25
Logical, Metric, and Algorithmic Characterisations of Probabilistic Bisimulation
, 2011
"... Many behavioural equivalences or preorders for probabilistic processes involve a lifting operation that turns a relation on states into a relation on distributions of states. We show that several existing proposals for lifting relations can be reconciled to be different presentations of essentially ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
(Show Context)
Many behavioural equivalences or preorders for probabilistic processes involve a lifting operation that turns a relation on states into a relation on distributions of states. We show that several existing proposals for lifting relations can be reconciled to be different presentations of essentially the same lifting operation. More interestingly, this lifting operation nicely corresponds to the Kantorovich metric, a fundamental concept used in mathematics to lift a metric on states to a metric on distributions of states, besides the fact the lifting operation is related to the maximum flow problem in optimisation theory. The lifting operation yields a neat notion of probabilistic bisimulation, for which we provide logical, metric, and algorithmic characterisations. Specifically, we extend the HennessyMilner logic and the modal mucalculus with a new modality, resulting in an adequate and an expressive logic for probabilistic bisimilarity, respectively. The correspondence of the lifting operation and the Kantorovich metric leads to a natural characterisation of bisimulations as pseudometrics which are postfixed points of a monotone function. We also present an “on the fly ” algorithm to check if two states in a finitary system are related by probabilistic bisimilarity, exploiting the close relationship
Approximating a behavioural pseudometric without discount
 Proceedings of FoSSaCS’07
"... a family of behavioural pseudometrics for probabilistic transition systems. These pseudometrics are a quantitative analogue of probabilistic bisimilarity. Distance zero captures probabilistic bisimilarity. Each pseudometric has a discount factor, a real number in the interval (0, 1]. The smaller the ..."
Abstract

Cited by 10 (0 self)
 Add to MetaCart
(Show Context)
a family of behavioural pseudometrics for probabilistic transition systems. These pseudometrics are a quantitative analogue of probabilistic bisimilarity. Distance zero captures probabilistic bisimilarity. Each pseudometric has a discount factor, a real number in the interval (0, 1]. The smaller the discount factor, the more the future is discounted. If the discount factor is one, then the future is not discounted at all. Desharnais et al. showed that the behavioural distances can be calculated up to any desired degree of accuracy if the discount factor is smaller than one. In this paper, we show that the distances can also be approximated if the future is not discounted. A key ingredient of our algorithm is Tarski’s decision procedure for the first order theory over real closed fields. By exploiting the KantorovichRubinstein duality theorem we can restrict to the existential fragment for which more efficient decision procedures exist. 1
Information Flow in Interactive Systems
, 2010
"... Abstract. We consider the problem of defining the information leakage in interactive systems where secrets and observables can alternate during the computation. We show that the informationtheoretic approach which interprets such systems as (simple) noisy channels is not valid anymore. However, the ..."
Abstract

Cited by 10 (7 self)
 Add to MetaCart
(Show Context)
Abstract. We consider the problem of defining the information leakage in interactive systems where secrets and observables can alternate during the computation. We show that the informationtheoretic approach which interprets such systems as (simple) noisy channels is not valid anymore. However, the principle can be recovered if we consider more complicated types of channels, that in Information Theory are known as channels with memory and feedback. We show that there is a complete correspondence between interactive systems and such kind of channels. Furthermore, we show that the capacity of the channels associated to such systems is a continuous function of the Kantorovich metric. 1
Kantorovich Metric in Computer Science: A Brief Survey
"... In contrast to its wealth of applications in mathematics, the Kantorovich metric started to be noticed in computer science only in recent years. We give a brief survey of its applications in probabilistic concurrency, image retrieval, data mining, and bioinformatics. This paper highlights the useful ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
In contrast to its wealth of applications in mathematics, the Kantorovich metric started to be noticed in computer science only in recent years. We give a brief survey of its applications in probabilistic concurrency, image retrieval, data mining, and bioinformatics. This paper highlights the usefulness of the Kantorovich metric as a general mathematical tool for solving various kinds of problems in rather unrelated domains.
Symbolic Bisimulations for Probabilistic Systems
"... The paper introduces symbolic bisimulations for a simple probabilistic πcalculus to overcome the infinite branching problem that still exists in checking ground bisimulations between probabilistic systems. Especially the definition of weak (symbolic) bisimulation does not rely on the random capabil ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
The paper introduces symbolic bisimulations for a simple probabilistic πcalculus to overcome the infinite branching problem that still exists in checking ground bisimulations between probabilistic systems. Especially the definition of weak (symbolic) bisimulation does not rely on the random capability of adversaries and suggests a solution to the open problem on the axiomatization for weak bisimulation in the case of unguarded recursion. Furthermore, we present an efficient characterization of symbolic bisimulations for the calculus, which allows the ”onthefly ” instantiation of bound names and dynamic construction of equivalence relations for quantitative evaluation. This directly results in a local decision algorithm that can explore just a minimal portion of the state spaces of the probabilistic processes in question. 1
Quantitative Information Flow in Interactive Systems
 JOURNAL OF COMPUTER SECURITY (2011)
, 2011
"... We consider the problem of defining the information leakage in interactive systems where secrets and observables can alternate during the computation. We show that the informationtheoretic approach which interprets such systems as (simple) noisy channels is no longer valid. However, the principle ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
We consider the problem of defining the information leakage in interactive systems where secrets and observables can alternate during the computation. We show that the informationtheoretic approach which interprets such systems as (simple) noisy channels is no longer valid. However, the principle can be recovered if we consider channels of a more complicated kind, that in Information Theory are known as channels with memory and feedback. We show that there is a complete correspondence between interactive systems and such kind of channels. Furthermore, we show that the capacity of the channels associated to such systems is a continuous function of a pseudometric based on the Kantorovich metric.
Security, probability and nearly fair coins in the cryptographers’ cafe
 Proc FM ’09, volume 5850 of LNCS
, 2009
"... Abstract. Security and probability are both artefacts that we hope to bring increasingly within the reach of refinementbased Formal Methods; although we have worked on them separately, in the past, the goal has always been to bring them together. In this report we describe our ongoing work in that ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Security and probability are both artefacts that we hope to bring increasingly within the reach of refinementbased Formal Methods; although we have worked on them separately, in the past, the goal has always been to bring them together. In this report we describe our ongoing work in that direction: we relate it to a well known problem in security, Chaum’s Dining Cryptographers, where the various criteria of correctness that might apply to it expose precisely the issues we have found to be significant in our efforts to deal with security, probability and abstraction all at once. Taking our conviction into this unfamiliar and demanding territory, that abstraction and refinement are the key tools of software development, has turned out to be an exciting challenge. 1
Optimal Supervisory Control of Probabilistic Discrete Event Systems
 IEEE TRANSACTIONS ON AUTOMATIC CONTROL
, 2011
"... Probabilistic discrete event systems (PDES) are modeled as generators of probabilistic languages and the supervisors employed are a probabilistic generalization of deterministic supervisors used in standard supervisory control theory. In the case when there exists no probabilistic supervisor such th ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
Probabilistic discrete event systems (PDES) are modeled as generators of probabilistic languages and the supervisors employed are a probabilistic generalization of deterministic supervisors used in standard supervisory control theory. In the case when there exists no probabilistic supervisor such that the behaviour of a plant under control exactly matches the probabilistic language given as the requirements specification, we want to find a probabilistic control such that the behaviour of the plant under control is “as close as possible ” to the desired behaviour. First, as a measure of this proximity, a pseudometric on states of generators is defined. Two algorithms for the calculation of the distance between states in this pseudometric are described. Then, an algorithm to synthesize a probabilistic supervisor that minimizes the distance between generators representing the achievable and required behaviour of the plant is presented.
Guessing Attacks in the picalculus with a Computational Justification
"... Abstract. This paper presents an extension of the picalculus that can reason about brute force and guessing attacks. We relate new name declarations in the picalculus with random sampling in the computational model of security. The scope of a new name can then be expanded at a comparable cost as i ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract. This paper presents an extension of the picalculus that can reason about brute force and guessing attacks. We relate new name declarations in the picalculus with random sampling in the computational model of security. The scope of a new name can then be expanded at a comparable cost as it would take to guess the randomly sampled value in the computational setting. We provide a function that calculates the cost of a given attack, taking into account the ease with which the attacker can confirm its guesses. We argue the correctness of this calculus by relating it to the computational model of security. We show that if the cost of an attack in the calculus is less than exponential in a security parameter, then there exists a polynomial time Turing machine that can defeat the process with nonnegligible probability. On the other hand, if there is no subexponential cost attack, then the process is just as safe as its spicalculus counterpart, and so the use of guessable names does not help the attacker. 1
Use of a metric in supervisory control of probabilistic discrete event systems
 in Proceedings of the 10th International Workshop on Discrete Event Systems
, 2010
"... (email: pantelv at mcmaster dot ca, lawford at mcmaster dot ca) Abstract: This work represents a natural extension of our work on optimal probabilistic supervisory control of probabilistic discrete event systems (PDESs). In that work, a pseudometric on the initial states of two probabilistic automa ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(email: pantelv at mcmaster dot ca, lawford at mcmaster dot ca) Abstract: This work represents a natural extension of our work on optimal probabilistic supervisory control of probabilistic discrete event systems (PDESs). In that work, a pseudometric on the initial states of two probabilistic automata that represent probabilistic systems is used to measure the distance between two systems. The pseudometric is given a fixed point characterization. This paper gives a logical characterization of the same pseudometric that justifies the intuition that two systems are close if they satisfy similar properties. A trace characterization of the pseudometric is then derived from the logical characterization. Further, the solution of the problem of approximation of a given probabilistic automaton with another automaton is suggested such that the new model is as close as possible to the original one in the pseudometric. The significance of the approximation is then discussed.