TEMPEST -- Synthesis Tool for Reactive Systems and Shields in Probabilistic Environments

TL;DR

Tempest is a novel synthesis tool that automatically generates correct reactive systems and shields in probabilistic environments, supporting complex stochastic game objectives without state space restrictions.

Contribution

It introduces a new synthesis approach using Storm for probabilistic environments, capable of handling mean-payoff objectives in large state spaces.

Findings

Tempest can synthesize safe and optimal strategies for reactive systems.

It is the only tool to solve 2-1/2-player games with mean-payoff objectives without restrictions.

Tempest effectively integrates model checking algorithms for stochastic games.

Abstract

We present Tempest, a synthesis tool to automatically create correct-by-construction reactive systems and shields from qualitative or quantitative specifications in probabilistic environments. A shield is a special type of reactive system used for run-time enforcement; i.e., a shield enforces a given qualitative or quantitative specification of a running system while interfering with its operation as little as possible. Shields that enforce a qualitative or quantitative specification are called safety-shields or optimal-shields, respectively. Safety-shields can be implemented as pre-shields or as post-shields, optimal-shields are implemented as post-shields. Pre-shields are placed before the system and restrict the choices of the system. Post-shields are implemented after the system and are able to overwrite the system's output. Tempest is based on the probabilistic model checker Storm, adding model checking algorithms for stochastic games with safety and mean-payoff objectives. To the best of our knowledge, Tempest is the only synthesis tool able to solve 2-1/2-player games with mean-payoff objectives without restrictions on the state space. Furthermore, Tempest adds the functionality to synthesize safe and optimal strategies that implement reactive systems and shields