Non-deterministic Planning for Hyperproperty Verification


  • Raven Beutner CISPA Helmholtz Center for Information Security
  • Bernd Finkbeiner CISPA Helmholtz Center for Information Security



Non-deterministic planning aims to find a policy that achieves a given objective in an environment where actions have uncertain effects, and the agent - potentially - only observes parts of the current state. Hyperproperties are properties that relate multiple paths of a system and can, e.g., capture security and information-flow policies. Popular logics for expressing temporal hyperproperties - such as HyperLTL - extend LTL by offering selective quantification over executions of a system. In this paper, we show that planning offers a powerful intermediate language for the automated verification of hyperproperties. Concretely, we present an algorithm that, given a HyperLTL verification problem, constructs a non-deterministic multi-agent planning instance (in the form of a QDec-POMDP) that, when admitting a plan, implies the satisfaction of the verification problem. We show that for large fragments of HyperLTL, the resulting planning instance corresponds to a classical, FOND, or POND planning problem. We implement our encoding in a prototype verification tool and report on encouraging experimental results.




How to Cite

Beutner, R., & Finkbeiner, B. (2024). Non-deterministic Planning for Hyperproperty Verification. Proceedings of the International Conference on Automated Planning and Scheduling, 34(1), 25-30.