Finding the Best Partitioning Policy for Efficient Verification of Autonomous Systems at Runtime

💡 Research Summary

The paper addresses the challenge of performing runtime verification of autonomous systems whose models are large and subject to frequent changes caused by uncertain environments. Traditional model‑driven verification is theoretically possible but impractical due to the state‑space explosion and timing constraints of resource‑limited platforms. To mitigate this, the authors adopt an incremental approximation approach that partitions the model into independent components (e.g., strongly connected components) and re‑verifies only those components affected by a change.

The central research problem is to determine which policy, among a set of admissible policies, yields the most efficient partitioning. The system is modeled as a parametric Markov Decision Process (pMDP) M = (S, A, V, P, R), where V denotes parameters that capture environmental variations. Policies are functions mapping states to probability distributions over actions. The authors distinguish between available policies (Πₐ) and unavailable policies (Πᵤ). First, all Πᵤ are eliminated, reducing the state set S to S₀ and transition set T to T₀. Then a specific policy πᵢ ∈ Πₐ is selected, further pruning the model to S″ and T″. The resulting model is partitioned into components C (e.g., SCCs). The goal is to find the policy that maximizes the number of fine‑grained components while minimizing their size, thereby reducing verification effort.

To quantitatively evaluate the quality of a partition, the authors introduce two metrics:

1. Balancing (Bal) – measures how evenly the component sizes are distributed. For each component size i, |Cᵢ| denotes the number of components with i states. The metric computes a weighted sum of the differences between the maximum component size and each size i, normalized by the total number of multi‑state components. Smaller Bal values indicate a more balanced partition with fewer large components.

2. Variation (Var) – captures the impact of parameter changes on the components. It aggregates, for each parameter pᵢ, the product of pᵢ and the number of components it influences (|Cᵢ|), as well as terms for adjacent parameter pairs and higher‑order interactions, then normalizes by the total weighted parameter sum. Lower Var values imply that parameter variations affect fewer components, increasing the chance that previously verified components can be reused.

The authors define the additive score Bal + Var for each policy. The policy with the minimal additive score is declared the best partitioning policy (π_best). Lemma 1 formalizes this claim, and its proof is provided in an appendix.

The methodology is validated on a self‑adaptive solar energy harvesting system. The system comprises an environmental model (hourly solar energy availability), a battery model, and a sensor network where each sensor can operate in busy, idle, standby, or sleep modes. The model is encoded in PRISM as a pMDP, and nine policy categories are constructed based on different energy and battery level scenarios. For each category, all admissible policies are evaluated using the Bal and Var metrics. Table 1 reports, for each policy, the number of components (#C), number of single‑state components (#SS), average component size (S:#C), and the computed Bal + Var value. The results show that policies with the lowest Bal + Var consistently produce the smallest, most balanced partitions, confirming Lemma 1 empirically.

The paper’s contributions are threefold: (i) the introduction of two quantitative metrics that enable automatic selection of a partition‑optimizing policy; (ii) a hierarchical elimination process that first removes infeasible policies and then selects the best among the feasible ones; (iii) an experimental demonstration that the approach reduces runtime verification effort in a realistic autonomous system. The authors acknowledge that the metrics rely on parameter weightings and component counts, which may need adaptation for domains with highly volatile parameters. Future work includes extending the approach to other partitioning schemes (e.g., modular or hierarchical decomposition) and integrating reinforcement‑learning techniques to generalize policy selection beyond the predefined categories.