Acta Informatica

, Volume 51, Issue 3–4, pp 193–220 | Cite as

Synthesizing robust systems

  • Roderick Bloem
  • Krishnendu Chatterjee
  • Karin Greimel
  • Thomas A. Henzinger
  • Georg Hofferek
  • Barbara Jobstmann
  • Bettina Könighofer
  • Robert KönighoferEmail author
Original Article


Systems should not only be correct but also robust in the sense that they behave reasonably in unexpected situations. This article addresses synthesis of robust reactive systems from temporal specifications. Existing methods allow arbitrary behavior if assumptions in the specification are violated. To overcome this, we define two robustness notions, combine them, and show how to enforce them in synthesis. The first notion applies to safety properties: If safety assumptions are violated temporarily, we require that the system recovers to normal operation with as few errors as possible. The second notion requires that, if liveness assumptions are violated, as many guarantees as possible should be fulfilled nevertheless. We present a synthesis procedure achieving this for the important class of GR(1) specifications, and establish complexity bounds. We also present an implementation of a special case of robustness, and show experimental results.



This work was supported in part by the Austrian Science Fund (FWF) through the national research network RiSE (S11402-N23, S11406-N23, S11407-N23) and through Grant Nr. P23499-N23, by an ERC Start Grant (279307: Graph Games), by a Microsoft faculty fellows award, and by the European Research Council (ERC) through the Advanced Grant QUAREM (Quantitative Reactive Modeling).


  1. 1.
    Alpern, B., Schneider, F.B.: Defining liveness. Inf. Process. Lett. 21(4), 181–185 (1985)CrossRefzbMATHMathSciNetGoogle Scholar
  2. 2.
    Alur, R., Kanade, A., Weiss, G.: Ranking automata and games for prioritized requirements. In: Gupta and Malik [32], pp. 240–253Google Scholar
  3. 3.
    Anderson, T., Knight, J.C.: A framework for software fault tolerance in real-time systems. IEEE Trans. Softw. Eng. 9(3), 355–364 (1983)CrossRefMathSciNetGoogle Scholar
  4. 4.
    Arora, A., Gouda, M.G.: Closure and convergence: a foundation of fault-tolerant computing. IEEE Trans. Softw. Eng. 19(11), 1015–1027 (1993)CrossRefGoogle Scholar
  5. 5.
    Attie, P.C., Arora, A., Emerson, A.E.: Synthesis of fault-tolerant concurrent programs. ACM Trans. Program. Lang. Syst. 26(1), 125–185 (2004)CrossRefGoogle Scholar
  6. 6.
    Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C.E.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Secur. Comput. 1(1), 11–33 (2004)CrossRefGoogle Scholar
  7. 7.
    Bloem, R., Chatterjee, K., Greimel, K., Henzinger, T.A., Jobstmann, B.: Robustness in the presence of liveness. In: Touili et al. (eds) [49], pp. 410–424Google Scholar
  8. 8.
    Bloem, R., Chatterjee, K., Henzinger, T.A., Jobstmann, B.: Better quality in synthesis through quantitative objectives. In: Bouajjani and Maler [14], pp. 140–156Google Scholar
  9. 9.
    Bloem, R., Cimatti, A., Greimel, K., Hofferek, G., Könighofer, R., Roveri, M., Schuppan, V., Seeber, R.: Ratsy—a new requirements analysis tool with synthesis. In: Touili et al. [49], pp. 425–429Google Scholar
  10. 10.
    Bloem, R., Galler, S.J., Jobstmann, B., Piterman, N., Pnueli, A., Weiglhofer, M.: Interactive presentation: automatic hardware synthesis from specifications: a case study. In: Lauwereins, R., Madsen, J. (eds.) DATE, pp. 1188–1193. ACM (2007)Google Scholar
  11. 11.
    Bloem, R., Galler, S.J., Jobstmann, B., Piterman, N., Pnueli, A., Weiglhofer, M.: Specify, compile, run: hardware from PSL. Electr. Notes Theor. Comput. Sci. 190(4), 3–16 (2007)CrossRefGoogle Scholar
  12. 12.
    Bloem, R., Gamauf, H.-J., Hofferek, G., Könighofer, B., Könighofer, R.: Synthesizing robust systems with RATSY. In: Peled, D., Schewe, S. (eds.) SYNT, Volume 84 of EPTCS, pp. 47–53 (2012)Google Scholar
  13. 13.
    Bloem, R., Greimel, K., Henzinger, T.A., Jobstmann, B.: Synthesizing robust systems. In: FMCAD, pp. 85–92. IEEE (2009)Google Scholar
  14. 14.
    Bouajjani, A., Maler, O. (eds): Computer Aided Verification, 21st International Conference, CAV 2009, Grenoble, France, June 26–July 2, 2009. In: Proceedings, Volume 5643 of Lecture Notes in Computer Science. Springer, Berlin (2009)Google Scholar
  15. 15.
    Chatterjee, K., Doyen, L. (2010) Energy parity games. In: Abramsky, S., Gavoille, C., Kirchner, C., Friedhelm Meyer auf der Heide, Spirakis, P.G. (eds) ICALP (2), Volume 6199 of Lecture Notes in Computer Science, pp. 599–610. Springer, BerlinGoogle Scholar
  16. 16.
    Chatterjee, K., Henzinger, T.A., Jobstmann, B.: Environment assumptions for synthesis. In: van Breugel, F., Chechik, M. (eds.) CONCUR, Volume 5201 of Lecture Notes in Computer Science, pp. 147–161. Springer, Berlin (2008)Google Scholar
  17. 17.
    Chatterjee, K., Henzinger, T.A., Jurdzinski, M.: Mean-payoff parity games. In: LICS, pp. 178–187. IEEE Computer Society (2005)Google Scholar
  18. 18.
    Chaudhuri, S., Gulwani, S., Lublinerman, R.: Continuity and robustness of programs. Commun. ACM 55(8), 107–115 (2012)CrossRefGoogle Scholar
  19. 19.
    Cheng, C.-H., Rueß, H., Knoll, A., Buckl, C.: Synthesis of fault-tolerant embedded systems using games: from theory to practice. In: Jhala, R., Schmidt, D.A. (eds.) VMCAI, Volume 6538 of Lecture Notes in Computer Science, pp. 118–133. Springer, Berlin (2011)Google Scholar
  20. 20.
    Church, A.: Logic, arithmetic, and automata. In: Proceedings of the International Congress of Mathematicians (Stockholm, 1962), pp. 23–35. Institut Mittag-Leffler, Djursholm (1963)Google Scholar
  21. 21.
    Cury, J.E.R., Krogh, B.H.: Robustness of supervisors for discrete-event systems. Autom. Control IEEE Trans. 44(2), 376–379 (1999)CrossRefzbMATHMathSciNetGoogle Scholar
  22. 22.
    Dijkstra, E.W.: Self-stabilizing systems in spite of distributed control. Commun. ACM 17(11), 643–644 (1974)CrossRefzbMATHGoogle Scholar
  23. 23.
    Doyen, L., Henzinger, T.A., Legay, A., Nickovic, D.: Robustness of sequential circuits. In: Gomes, L., Khomenko, V., Fernandes, J.M. (eds.) ACSD, pp. 77–84. IEEE Computer Society (2010)Google Scholar
  24. 24.
    D’Souza, D., Gopinathan, M.: Conflict-tolerant features. In: Gupta and Malik [32], pp. 227–239Google Scholar
  25. 25.
    Ebnenasir, A., Kulkarni, S.S., Arora, A.: Ftsyn: a framework for automatic synthesis of fault-tolerance. STTT 10(5), 455–471 (2008)CrossRefGoogle Scholar
  26. 26.
    Eisner, C.: Using symbolic model checking to verify the railway stations of hoorn-kersenboogerd and heerhugowaard. In: Pierre, L., Kropf, Th (eds.) CHARME, volume 1703 of Lecture Notes in Computer Science, pp. 97–109. Springer, Berlin (1999)Google Scholar
  27. 27.
    Faella, M.: Games you cannot win. In: Workshop on Games and Automata for Synthesis and Validation (2007)Google Scholar
  28. 28.
    Fey, G., Drechsler, R.: A basis for formal robustness checking. In: ISQED, pp. 784–789. IEEE Computer Society (2008)Google Scholar
  29. 29.
    Filiot, E., Jin, N., Raskin, J.-F.: An antichain algorithm for LTL realizability. In: Bouajjani and Maler [14], pp. 263–277Google Scholar
  30. 30.
    Gärtner, F.C.: Fundamentals of fault-tolerant distributed computing in asynchronous environments. ACM Comput. Surv. 31(1), 1–26 (1999)CrossRefGoogle Scholar
  31. 31.
    Girault, A., Rutten, É.: Automating the addition of fault tolerance with discrete controller synthesis. Formal Methods Syst. Des. 35(2), 190–225 (2009)CrossRefzbMATHGoogle Scholar
  32. 32.
    Gupta, A., Malik, S. (eds): Computer Aided Verification, 20th International Conference, CAV 2008, Princeton, NJ, USA, July 7–14, 2008. Proceedings, Volume 5123 of Lecture Notes in Computer Science. Springer, Berlin (2008)Google Scholar
  33. 33.
    Gurevich, Y., Harrington, L.: Trees, automata, and games. In: STOC’82, pp. 60–65. ACM Press (1982)Google Scholar
  34. 34.
    Henzinger, T.: Two challenges in embedded systems design: predictability and robustness. Philos. Trans. R. Soc. 366, 3727–3736 (2008)Google Scholar
  35. 35.
    Jobstmann, B., Bloem, R.: Optimizations for LTL synthesis. In: FMCAD, pp. 117–124. IEEE Computer Society (2006)Google Scholar
  36. 36.
    Jobstmann, B., Galler, S.J., Weiglhofer, M., Bloem, R.: Anzu: a tool for property synthesis. In: Damm, W., Hermanns, H. (eds.) CAV, Volume 4590 of Lecture Notes in Computer Science, pp. 258–262. Springer, Berlin (2007)Google Scholar
  37. 37.
    Kulkarni, S.S., Ebnenasir, A.: Complexity issues in automated synthesis of failsafe fault-tolerance. IEEE Trans. Dependable Secur. Comput. 2(3), 201–215 (2005)CrossRefGoogle Scholar
  38. 38.
    Majumdar, R., Render, E., Tabuada, P.: Robust discrete synthesis against unspecified disturbances. In: Caccamo, M., Frazzoli, E., Grosu, R. (eds.) HSCC, pp. 211–220. ACM, UK (2011)Google Scholar
  39. 39.
    Morgenstern, A., Schneider, K.: Exploiting the temporal logic hierarchy and the non-confluence property for efficient LTL synthesis. In: Montanari, A., Napoli, M., Parente, M. (eds) GANDALF, Vvolume 25 of EPTCS, pp. 89–102 (2010)Google Scholar
  40. 40.
    Navarro, G.: A guided tour to approximate string matching. ACM Comput. Surv. 33(1), 31–88 (2001)CrossRefGoogle Scholar
  41. 41.
    Piterman, N., Pnueli, A.: Faster solutions of rabin and streett games. In: LICS, pp. 275–284. IEEE Computer Society (2006)Google Scholar
  42. 42.
    Piterman, N., Pnueli, A., Sa’ar, Y.: Synthesis of reactive(1) designs. In: Emerson, A.E., Namjoshi, K.S. (eds.) VMCAI, Volume 3855 of Lecture Notes in Computer Science, pp. 364–380. Springer, Berlin (2006)Google Scholar
  43. 43.
    Pnueli, A., Rosner, R.: On the synthesis of a reactive module. In: POPL, pp. 179–190. ACM Press (1989)Google Scholar
  44. 44.
    Ramadge, P.J.G., Wonham, W.M.: The control of discrete event systems. Proc. IEEE 77(1), 81–98 (1989)CrossRefGoogle Scholar
  45. 45.
    Rinard, M.C.: Acceptability-oriented computing. In: Crocker, R., Steele Jr, G.L. (eds.) OOPSLA Companion, pp. 221–239. ACM (2003)Google Scholar
  46. 46.
    Schewe, S., Finkbeiner, B.: Bounded synthesis. In: Namjoshi, K.S., Yoneda, T., Higashino, T., Okamura, Y. (eds.) ATVA, Volume 4762 of Lecture Notes in Computer Science, pp. 474–488. Springer, Berlin (2007)Google Scholar
  47. 47.
    Shivakumar, P., Kistler, M., Keckler, S.W., Burger, D., Alvisi, L.: Modeling the effect of technology trends on the soft error rate of combinational logic. In: DSN, pp. 389–398. IEEE Computer Society (2002)Google Scholar
  48. 48.
    Thomas, W.: Languages, automata, and logic. In: Handbook of Formal Languages, Volume 3, Chapter 7, pp. 389–455. Springer, Berlin (1997)Google Scholar
  49. 49.
    Touili, T., Cook, B., Jackson, P. (eds.): Computer Aided Verification, 22nd International Conference, CAV 2010, Edinburgh, UK, July 15–19, 2010. In: Proceedings, Volume 6174 of Lecture Notes in Computer Science. Springer, Berlin (2010)Google Scholar
  50. 50.
    Zwick, U., Paterson, M.: The complexity of mean payoff games on graphs. Theor. Comput. Sci. 158(1 &2), 343–359 (1996)CrossRefzbMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Roderick Bloem
    • 1
  • Krishnendu Chatterjee
    • 2
  • Karin Greimel
    • 3
  • Thomas A. Henzinger
    • 2
  • Georg Hofferek
    • 1
  • Barbara Jobstmann
    • 4
  • Bettina Könighofer
    • 1
  • Robert Könighofer
    • 1
    Email author
  1. 1.Graz University of TechnologyGrazAustria
  2. 2.IST AustriaKlosterneuburgAustria
  3. 3.NXP Semiconductors AustriaGratkornAustria
  4. 4.Jasper Design Automaton and Ècole Polytechnique Fédérale de LausanneLausanneSwitzerland

Personalised recommendations