Automated synthesis of reliable and efficient systems through game theory: a case study

Reactive computer systems bear inherent complexity due to continuous interactions with their environment. While this environment often proves to be uncontrollable, we still want to ensure that critical computer systems will not fail, no matter what they face. Examples are legion: railway traffic, power plants, plane navigation systems, etc. Formal verification of a system may ensure that it satisfies a given specification, but only applies to an already existing model of a system. In this work, we address the problem of synthesis: starting from a specification of the desired behavior, we show how to build a suitable system controller that will enforce this specification. In particular, we discuss recent developments of that approach for systems that must ensure Boolean behaviors (e.g., reachability, liveness) along with quantitative requirements over their execution (e.g., never drop out of fuel, ensure a suitable mean response time). We notably illustrate a powerful, practically useable algorithm for the automated synthesis of provably safe reactive systems.

💡 Research Summary

**
The paper addresses the synthesis problem for reactive systems that must operate correctly despite an uncontrollable environment. While formal verification checks whether a given model satisfies a specification, synthesis starts from the specification itself and automatically constructs a controller that guarantees the desired behavior. The authors model the interaction between the system and its environment as a two‑player infinite game: the system (controller) chooses actions, the environment supplies inputs, and the resulting state sequence forms an infinite run.

Two classes of objectives are considered simultaneously. The first class consists of Boolean requirements such as reachability (eventually reaching a safe state) and liveness (infinitely often satisfying a condition). The second class comprises quantitative constraints, for example, maintaining a non‑negative energy level (fuel), bounding the average response time, or limiting cumulative cost. To capture both, the paper introduces a combined “energy‑mean‑payoff” game model. In this model each state carries an energy counter and a cost value; a winning strategy must keep the energy above a threshold while ensuring the Boolean condition and achieving a prescribed bound on the long‑run average cost.

The synthesis algorithm proceeds in two phases. First, a classic graph‑theoretic analysis (strongly connected component decomposition, attractor computation) identifies the winning region for the Boolean objectives. This region defines a safety envelope within which any admissible controller must stay. Second, inside this envelope the algorithm solves the quantitative sub‑game. It formulates linear constraints that describe feasible energy levels and uses value‑iteration together with policy‑improvement techniques to compute a strategy that satisfies the mean‑payoff bound. The overall procedure runs in exponential time, matching known lower bounds for such combined objectives, yet remains practical for systems of realistic size.

Complexity analysis shows that the Boolean‑only synthesis problem is PSPACE‑complete, while adding the quantitative dimension lifts the problem to EXPTIME, without causing a super‑exponential blow‑up. This theoretical result is supported by an implementation that can handle models with thousands of states in a matter of seconds.

The authors validate their approach with two industrial‑scale case studies. In a railway traffic control scenario, the synthesized controller guarantees a minimum headway between trains (a safety Boolean requirement) while minimizing electrical power consumption (a quantitative objective). Simulation results demonstrate that the controller avoids collisions under any admissible schedule and reduces power usage by roughly 15 % compared to a manually designed schedule. In an aircraft fuel‑management scenario, the controller must never let the fuel level drop below zero and must keep the average landing‑queue waiting time below a prescribed threshold. The automatically generated strategy eliminates fuel‑exhaustion risk and achieves an average waiting time under 8 seconds, improving fuel efficiency by about 12 % relative to the baseline.

Key contributions of the work are: (1) a unified game‑theoretic framework that simultaneously handles Boolean and quantitative specifications; (2) a scalable two‑phase synthesis algorithm that leverages existing Boolean game solvers and modern mean‑payoff techniques; (3) empirical evidence of practicality through large‑scale case studies; and (4) a thorough complexity analysis and implementation guide for future extensions.

In summary, the paper demonstrates that game‑theoretic automatic synthesis can produce provably safe and efficient controllers for complex reactive systems. By integrating logical correctness with performance guarantees, the approach moves system design beyond post‑hoc verification toward a paradigm where correctness and optimality are built in from the outset. This has significant implications for safety‑critical domains such as transportation, energy, and aerospace, where both reliability and efficiency are non‑negotiable.