A Demonic Outcome Logic for Randomized Nondeterminism
Article No.: 19, Pages 539 - 568
Abstract
Programs increasingly rely on randomization in applications such as cryptography and machine learning. Analyzing randomized programs has been a fruitful research direction, but there is a gap when programs also exploit nondeterminism (for concurrency, efficiency, or algorithmic design). In this paper, we introduce Demonic Outcome Logic for reasoning about programs that exploit both randomization and nondeterminism. The logic includes several novel features, such as reasoning about multiple executions in tandem and manipulating pre- and postconditions using familiar equational laws—including the distributive law of probabilistic choices over nondeterministic ones. We also give rules for loops that both establish termination and quantify the distribution of final outcomes from a single premise. We illustrate the reasoning capabilities of Demonic Outcome Logic through several case studies, including the Monty Hall problem, an adversarial protocol for simulating fair coins, and a heuristic based probabilistic SAT solver.
References
[1]
Alejandro Aguirre and Lars Birkedal. 2023. Step-Indexed Logical Relations for Countable Nondeterminism and Probabilistic Choice. Proc. ACM Program. Lang., 7, POPL (2023), 33–60. https://doi.org/10.1145/3571195
[2]
Alejandro Aguirre, Philipp G. Haselwarter, Markus de Medeiros, Kwing Hei Li, Simon Oddershede Gregersen, Joseph Tassarotti, and Lars Birkedal. 2024. Error Credits: Resourceful Reasoning about Error Bounds for Higher-Order Probabilistic Programs. Proc. ACM Program. Lang., 8, ICFP (2024), Article 246, Aug., 33 pages. https://doi.org/10.1145/3674635
[3]
Krzysztof Apt and Gordon Plotkin. 1986. Countable nondeterminism and random assignment. J. ACM, 33, 4 (1986), aug, 724–767. issn:0004-5411 https://doi.org/10.1145/6490.6494
[4]
Gilles Barthe, Thomas Espitau, Marco Gaboardi, Benjamin Grégoire, Justin Hsu, and Pierre-Yves Strub. 2018. An Assertion-Based Program Logic for Probabilistic Programs. In Programming Languages and Systems. Springer International Publishing, Cham. 117–144. isbn:978-3-319-89884-1 https://doi.org/10.1007/978-3-319-89884-1_5
[5]
Jon Beck. 1969. Distributive laws. In Seminar on Triples and Categorical Homology Theory, B. Eckmann (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 119–140. isbn:978-3-540-36091-9 https://doi.org/10.1007/BFb0083084
[6]
Filippo Bonchi, Alexandra Silva, and Ana Sokolova. 2021. Distribution Bisimilarity via the Power of Convex Algebras. Logical Methods in Computer Science, Volume 17, Issue 3 (2021), July, https://doi.org/10.46298/lmcs-17(3:10)2021
[7]
Filippo Bonchi, Ana Sokolova, and Valeria Vignudelli. 2019. The Theory of Traces for Systems with Nondeterminism and Probability. In 2019 34th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS). 1–14. https://doi.org/10.1109/lics.2019.8785673
[8]
Filippo Bonchi, Ana Sokolova, and Valeria Vignudelli. 2021. Presenting Convex Sets of Probability Distributions by Convex Semilattices and Unique Bases. In 9th Conference on Algebra and Coalgebra in Computer Science (CALCO 2021), Fabio Gadducci and Alexandra Silva (Eds.) (Leibniz International Proceedings in Informatics (LIPIcs), Vol. 211). Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Dagstuhl, Germany. 11:1–11:18. isbn:978-3-95977-212-9 issn:1868-8969 https://doi.org/10.4230/LIPIcs.CALCO.2021.11
[9]
Filippo Bonchi, Ana Sokolova, and Valeria Vignudelli. 2022. The Theory of Traces for Systems with Nondeterminism, Probability, and Termination. Logical Methods in Computer Science, Volume 18, Issue 2 (2022), June, https://doi.org/10.46298/lmcs-18(2:21)2022
[10]
Aleksandar Chakarov and Sriram Sankaranarayanan. 2013. Probabilistic Program Analysis with Martingales. In Computer Aided Verification, Natasha Sharygina and Helmut Veith (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 511–526. isbn:978-3-642-39799-8 https://doi.org/10.1007/978-3-642-39799-8_34
[11]
Ricardo Corin and Jerry den Hartog. 2006. A Probabilistic Hoare-style Logic for Game-Based Cryptographic Proofs. In Automata, Languages and Programming. Springer Berlin Heidelberg, Berlin, Heidelberg. 252–263. isbn:978-3-540-35908-1
[12]
Thibault Dardinier and Peter Müller. 2024. Hyper Hoare Logic: (Dis-)Proving Program Hyperproperties. Proc. ACM Program. Lang., 8, PLDI (2024), Article 207, jun, 25 pages. https://doi.org/10.1145/3656437
[13]
Jerry den Hartog. 1998. Comparative semantics for a process language with probabilistic choice and non-determinism. Vrije Universiteit, Netherlands. Imported from DIES.
[14]
Jerry den Hartog. 1999. Verifying Probabilistic Programs Using a Hoare like Logic. In Advances in Computing Science — ASIAN’99, P. S. Thiagarajan and Roland Yap (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 113–125. isbn:978-3-540-46674-1
[15]
Jerry den Hartog. 2002. Probabilistic Extensions of Semantical Models. Ph.D. Dissertation. Vrije Universiteit Amsterdam. https://core.ac.uk/reader/15452110
[16]
Jerry den Hartog and Erik de Vink. 1999. Mixing Up Nondeterminism and Probability: a preliminary report. Electronic Notes in Theoretical Computer Science, 22 (1999), 88–110. issn:1571-0661 https://doi.org/10.1016/S1571-0661(05)82521-6 PROBMIV’98, First International Workshop on Probabilistic Methods in Verification.
[17]
Edsger W. Dijkstra. 1975. Guarded Commands, Nondeterminacy and Formal Derivation of Programs. Commun. ACM, 18, 8 (1975), Aug, 453–457. issn:0001-0782 https://doi.org/10.1145/360933.360975
[18]
Edsger W. Dijkstra. 1976. A Discipline of Programming. Prentice-Hall. isbn:013215871X
[19]
Joshua Gancher, Kristina Sojakova, Xiong Fan, Elaine Shi, and Greg Morrisett. 2023. A Core Calculus for Equational Proofs of Cryptographic Protocols. Proc. ACM Program. Lang., 7, POPL (2023), Article 30, jan, 27 pages. https://doi.org/10.1145/3571223
[20]
Heng Guo, Mark Jerrum, and Jingcheng Liu. 2019. Uniform Sampling Through the Lovász Local Lemma. J. Acm, 66, 3 (2019), Article 18, apr, 31 pages. issn:0004-5411 https://doi.org/10.1145/3310131
[21]
Jifeng He, Karen Seidel, and Annabelle McIver. 1997. Probabilistic models for the guarded command language. Science of Computer Programming, 28, 2 (1997), 171–192. issn:0167-6423 https://doi.org/10.1016/S0167-6423(96)00019-6 Formal Specifications: Foundations, Methods, Tools and Applications.
[22]
Charles Antony Richard Hoare. 1969. An Axiomatic Basis for Computer Programming. Commun. ACM, 12, 10 (1969), Oct., 576–580. issn:0001-0782 https://doi.org/10.1145/363235.363259
[23]
Tony Hoare, Bernhard Möller, Georg Struth, and Ian Wehrman. 2011. Concurrent Kleene Algebra and its Foundations. J. Log. Algebraic Methods Program., 80, 6 (2011), 266–296. https://doi.org/10.1016/J.JLAP.2011.04.005
[24]
Bart Jacobs. 2008. Coalgebraic Trace Semantics for Combined Possibilitistic and Probabilistic Systems. Electronic Notes in Theoretical Computer Science, 203, 5 (2008), 131–152. issn:1571-0661 https://doi.org/10.1016/j.entcs.2008.05.023 Proceedings of the Ninth Workshop on Coalgebraic Methods in Computer Science (CMCS 2008).
[25]
Bart Jacobs. 2021. From Multisets over Distributions to Distributions over Multisets. In Proceedings of the 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS ’21). Association for Computing Machinery, New York, NY, USA. Article 39, 13 pages. isbn:9781665448956 https://doi.org/10.1109/LICS52264.2021.9470678
[26]
Claire Jones. 1990. Probabilistic Non-determinism. Ph.D. Dissertation. University of Edinburgh. http://hdl.handle.net/1842/413
[27]
Claire Jones and Gordon Plotkin. 1989. A Probabilistic Powerdomain of Evaluations. In Fourth Annual Symposium on Logic in Computer Science. 186–195. https://doi.org/10.1109/lics.1989.39173
[28]
Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’15). Association for Computing Machinery, New York, NY, USA. 637–650. isbn:9781450333009 https://doi.org/10.1145/2676726.2676980
[29]
Benjamin Lucien Kaminski. 2019. Advanced weakest precondition calculi for probabilistic programs. RWTH Aachen University. Aachen. https://doi.org/10.18154/RWTH-2019-01829
[30]
Klaus Keimel and Gordon Plotkin. 2017. Mixed powerdomains for probability and nondeterminism. Logical Methods in Computer Science, Volume 13, Issue 1 (2017), Jan., https://doi.org/10.23638/LMCS-13(1:2)2017
[31]
Dexter Kozen. 1983. A Probabilistic PDL. In Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing (STOC ’83). Association for Computing Machinery, New York, NY, USA. 291–297. isbn:0897910990 https://doi.org/10.1145/800061.808758
[32]
Dexter Kozen. 1997. Kleene Algebra with Tests. ACM Trans. Program. Lang. Syst., 19, 3 (1997), May, 427–443. issn:0164-0925 https://doi.org/10.1145/256167.256195
[33]
Dexter Kozen and Alexandra Silva. 2024. Multisets and Distributions. Springer Nature Switzerland, Cham. 168–187. isbn:978-3-031-61716-4 https://doi.org/10.1007/978-3-031-61716-4_11
[34]
Zohar Manna and Amir Pnueli. 1974. Axiomatic Approach to Total Correctness of Programs. Acta Inf., 3, 3 (1974), sep, 243–263. issn:0001-5903 https://doi.org/10.1007/BF00288637
[35]
Annabelle McIver and Carroll Morgan. 2001. Partial correctness for probabilistic demonic programs. Theoretical Computer Science, 266, 1 (2001), 513–541. issn:0304-3975 https://doi.org/10.1016/S0304-3975(00)00208-5
[36]
Annabelle McIver and Carroll Morgan. 2005. Abstraction, Refinement and Proof for Probabilistic Systems. Springer. isbn:9780387401157 lccn:2004057839 https://doi.org/10.1007/b138392
[37]
Annabelle McIver, Carroll Morgan, Benjamin Lucien Kaminski, and Joost-Pieter Katoen. 2018. A New Proof Rule for Almost-Sure Termination. Proc. ACM Program. Lang., 2, POPL (2018), Article 33, Jan, 28 pages. https://doi.org/10.1145/3158121
[38]
Matteo Mio and Valeria Vignudelli. 2020. Monads and Quantitative Equational Theories for Nondeterminism and Probability. In 31st International Conference on Concurrency Theory (CONCUR 2020), Igor Konnov and Laura Kovács (Eds.) (Leibniz International Proceedings in Informatics (LIPIcs), Vol. 171). Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Dagstuhl, Germany. 28:1–28:18. isbn:978-3-95977-160-3 issn:1868-8969 https://doi.org/10.4230/LIPIcs.CONCUR.2020.28
[39]
Michael Mislove. 2000. Nondeterminism and Probabilistic Choice: Obeying the Laws. In CONCUR 2000 — Concurrency Theory, Catuscia Palamidessi (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 350–365. isbn:978-3-540-44618-7 https://doi.org/10.1007/3-540-44618-4_26
[40]
Michael Mislove, Joël Ouaknine, and James Worrell. 2004. Axioms for Probability and Nondeterminism. Electronic Notes in Theoretical Computer Science, 96 (2004), 7–28. issn:1571-0661 https://doi.org/10.1016/j.entcs.2004.04.019 Proceedings of the 10th International Workshop on Expressiveness in Concurrency.
[41]
Carroll Morgan, Annabelle McIver, and Karen Seidel. 1996. Probabilistic Predicate Transformers. ACM Trans. Program. Lang. Syst., 18, 3 (1996), may, 325–353. issn:0164-0925 https://doi.org/10.1145/229542.229547
[42]
Carroll Morgan, Annabelle McIver, Karen Seidel, and J. W. Sanders. 1996. Refinement-oriented probability for CSP. Form. Asp. Comput., 8, 6 (1996), nov, 617–647. issn:0934-5043 https://doi.org/10.1007/bf01213492
[43]
Peter W. O’Hearn. 2004. Resources, Concurrency and Local Reasoning. In CONCUR 2004 - Concurrency Theory. Springer Berlin Heidelberg, Berlin, Heidelberg. 49–67. isbn:978-3-540-28644-8 https://doi.org/10.1016/j.tcs.2006.12.035
[44]
Louis Parlant. 2020. Monad Composition via Preservation of Algebras. Ph.D. Dissertation. University College London. https://discovery.ucl.ac.uk/id/eprint/10112228/
[45]
Gordon Plotkin. 1976. A Powerdomain Construction. SIAM J. Comput., 5, 3 (1976), 452–487. https://doi.org/10.1137/0205035 arxiv:https://doi.org/10.1137/0205035.
[46]
Robert Rand and Steve Zdancewic. 2015. VPHL: A Verified Partial-Correctness Logic for Probabilistic Programs. In Electronic Notes in Theoretical Computer Science. 319, 351–367. issn:1571-0661 https://doi.org/10.1016/j.entcs.2015.12.021 The 31st Conference on the Mathematical Foundations of Programming Semantics (MFPS XXXI).
[47]
Dana Scott. 1972. Continuous lattices. In Toposes, Algebraic Geometry and Logic, F. W. Lawvere (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 97–136. isbn:978-3-540-37609-5 https://doi.org/10.1007/BFb0073967
[48]
Roberto Segala. 1995. Modeling and verification of randomized distributed real-time systems. Ph.D. Dissertation. USA. https://groups.csail.mit.edu/tds/papers/Segala/phd1.pdf
[49]
Roberto Segala and Nancy Lynch. 1994. Probabilistic simulations for probabilistic processes. In CONCUR ’94: Concurrency Theory, Bengt Jonsson and Joachim Parrow (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 481–496. isbn:978-3-540-48654-1 https://doi.org/10.1007/BFb0015027
[50]
Michael Smyth. 1978. Power domains. J. Comput. System Sci., 16, 1 (1978), 23–36. issn:0022-0000 https://doi.org/10.1016/0022-0000(78)90048-X
[51]
Harald Søndergaard and Peter Sestoft. 1992. Non-determinism in Functional Languages. Comput. J., 35, 5 (1992), 10, 514–523. issn:0010-4620 https://doi.org/10.1093/comjnl/35.5.514 arxiv:https://academic.oup.com/comjnl/article-pdf/35/5/514/1125580/35-5-514.pdf.
[52]
Joseph Tassarotti. 2018. Verifying Concurrent Randomized Algorithms. Ph.D. Dissertation. Carnegie Mellon University. https://csd.cmu.edu/academics/doctoral/degrees-conferred/joseph-tassarotti
[53]
Joseph Tassarotti and Robert Harper. 2019. A Separation Logic for Concurrent Randomized Programs. Proc. ACM Program. Lang., 3, POPL (2019), Article 64, Jan, 30 pages. https://doi.org/10.1145/3290377
[54]
Regina Tix. 1999. Continuous D-cones: convexity and powerdomain constructions. Ph.D. Dissertation. Darmstadt University of Technology, Germany. isbn:978-3-8265-6396-6 https://d-nb.info/957239157
[55]
Regina Tix. 2000. Convex Power Constructions for Continuous D-Cones. Electronic Notes in Theoretical Computer Science, 35 (2000), 206–229. issn:1571-0661 https://doi.org/10.1016/S1571-0661(05)80746-7 Workshop on Domains IV.
[56]
Regina Tix, Klaus Keimel, and Gordon Plotkin. 2009. Semantic Domains for Combining Probability and Non-Determinism. Electronic Notes in Theoretical Computer Science, 222 (2009), 3–99. issn:1571-0661 https://doi.org/10.1016/j.entcs.2009.01.002
[57]
Daniele Varacca. 2002. The powerdomain of indexed valuations. In Proceedings 17th Annual IEEE Symposium on Logic in Computer Science. 299–308. https://doi.org/10.1109/LICS.2002.1029838
[58]
Daniele Varacca. 2003. Probability, Nondeterminism and Concurrency: Two Denotational Models for Probabilistic Computation. Ph.D. Dissertation. University of Aarhus. https://www.brics.dk/DS/03/14/
[59]
Daniele Varacca and Glynn Winskel. 2006. Distributing probability over non-determinism. Mathematical Structures in Computer Science, 16, 1 (2006), 87–113. https://doi.org/10.1017/S0960129505005074
[60]
John von Neumann. 1951. Various techniques used in connection with random digits. In Monte Carlo Method, A.S. Householder, G.E. Forsythe, and H.H. Germond (Eds.). National Bureau of Standards Applied Mathematics Series, 12, Washington, D.C.: U.S. Government Printing Office. 36–38.
[61]
Linpeng Zhang, Noam Zilberstein, Benjamin Lucien Kaminski, and Alexandra Silva. 2024. Quantitative Weakest Hyper Pre: Unifying Correctness and Incorrectness Hyperproperties via Predicate Transformers. Proc. ACM Program. Lang., 8, OOPSLA2 (2024), Article 300, oct, 30 pages. https://doi.org/10.1145/3689740
[62]
Noam Zilberstein. 2024. Outcome Logic: A Unified Approach to the Metatheory of Program Logics with Branching Effects. arxiv:2401.04594.
[63]
Noam Zilberstein, Derek Dreyer, and Alexandra Silva. 2023. Outcome Logic: A Unifying Foundation for Correctness and Incorrectness Reasoning. Proc. ACM Program. Lang., 7, OOPSLA1 (2023), Article 93, Apr, 29 pages. https://doi.org/10.1145/3586045
[64]
Noam Zilberstein, Dexter Kozen, Alexandra Silva, and Joseph Tassarotti. 2024. A Demonic Outcome Logic for Randomized Nondeterminism (Extended Version). arxiv:2410.22540. arxiv:2410.22540
[65]
Noam Zilberstein, Angelina Saliling, and Alexandra Silva. 2024. Outcome Separation Logic: Local Reasoning for Correctness and Incorrectness with Computational Effects. Proc. ACM Program. Lang., 8, OOPSLA1 (2024), Apr, https://doi.org/10.1145/3649821
[66]
Maaike Zwart. 2020. On the Non-Compositionality of Monads via Distributive Laws. Ph.D. Dissertation. University of Oxford. https://ora.ox.ac.uk/objects/uuid:b2222b14-3895-4c87-91f4-13a8d046febb
[67]
Maaike Zwart and Dan Marsden. 2019. No-Go Theorems for Distributive Laws. In 2019 34th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS). 1–13. https://doi.org/10.1109/lics.2019.8785707
Index Terms
- A Demonic Outcome Logic for Randomized Nondeterminism
Recommendations
Modelling angelic and demonic nondeterminism with multirelations
This paper presents an introduction to a calculus of binary multirelations, which can model both angelic and demonic kinds of non-determinism. The isomorphism between up-closed multirelations and monotonic predicate transformers allows a different view ...
A Logic for Algebraic Effects
LICS '08: Proceedings of the 2008 23rd Annual IEEE Symposium on Logic in Computer ScienceWe present a logic for algebraic effects, based on the algebraic representation of computational effects by operations and equations. We begin with the a-calculus, a minimal calculus which separates values, effects, and computations and thereby ...
Higher-order probabilistic adversarial computations: categorical semantics and program logics
Adversarial computations are a widely studied class of computations where resource-bounded probabilistic adversaries have access to oracles, i.e., probabilistic procedures with private state. These computations arise routinely in several domains, ...
Comments
Information & Contributors
Information
Published In
January 2025
2363 pages
Copyright © 2025 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 January 2025
Published in PACMPL Volume 9, Issue POPL
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- ERC
- NSF
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 57Total Downloads
- Downloads (Last 12 months)57
- Downloads (Last 6 weeks)57
Reflects downloads up to 29 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in