Learning-based black box checking for [formula omitted]-safety hyperproperties

Abstract

The L∗ algorithm proposed by Angluin is a standard approach to automata learning of unknown systems that generate regular languages. Black box checking (BBC) based on the L∗ algorithm is a promising formal verification of unknown systems. On the other hand, a k-safety hyperproperty is a hyperproperty that proscribes “bad things”. For example, it can express safety policies for safety-critical and safety-related systems. However, conventional BBC methods based on the L∗ algorithm focuses only on properties, not on hyperproperties. Therefore, this paper proposes an algorithm that checks whether a black box system satisfies a regular k-safety hyperproperty based on the Angluin’s L∗ algorithm. In the proposed algorithm, k-bad prefix automata that violate the regular k-safety hyperproperty are generated from the regular k-safety hyperproperty described as a HyperLTL formula. Because the generated k-bad prefix automata are finite automata, the verification of the k-safety hyperproperty for black box systems can be conducted by automata-theoretic model checking. It is demonstrated that the proposed algorithm can verify noninterference, described as a 2-safety hyperproperty, with an illustrative example.