FRAPPANT – Formal Reasoning About Probabilistic Programs: Breaking New Ground for Automation

FRAPPANT’s objective is to enable predictable probabilistic programming by developing unique, advanced formal verification techniques.

ERC Advanced Grant 2017 (787914). Project duration: 1.11.2018 to 31.10.2024. See also the CORDIS fact sheet on FRAPPANT and the RWTH press release.

Researchers. Joost-Pieter Katoen, Kevin Batz, Lutz Klinkenberg, Bahare Salmani, Philipp Schroer. Former members: Jushua Moermann, Mingshuai Chen, Benjamin Kaminski, Marcin Szymczak.

Abstract

Probabilistic programs describe recipes on how to infer statistical conclusions about data from a complex mixture of uncertain data and real-world observations. They can represent probabilistic graphical models far beyond the capabilities of Bayesian networks and are expected to have a major impact on machine intelligence.

Probabilistic programs are ubiquitous. They steer autonomous robots and self-driving cars, are key to describe security mechanisms, naturally code up randomised algorithms for solving NP-hard problems, and are rapidly encroaching AI. Probabilistic programming aims to make probabilistic modeling and machine learning accessible to the programmer.

Probabilistic programs, though typically relatively small in size, are hard to grasp, let alone automatically checkable. Are they doing the right thing? What’s their precision? These questions are notoriously hard — even the most elementary question “does a program halt with probability one?” is “more undecidable” than the halting problem — and can (if at all) be answered with statistical evidence only. Bugs thus easily occur. Hard guarantees are called for. The objective of this project is to enable predictable probabilistic programming. We do so by developing formal verification techniques.

Whereas program correctness is pivotal in computer science, the formal verification of probabilistic programs is in its infancy. The project aims to fill this barren landscape by developing program analysis techniques, leveraging model checking, deductive verification, and static analysis. Challenging problems such as checking program equivalence, loop-invariant and parameter synthesis, program repair, program robustness and exact inference using weakest precondition reasoning will be tackled. The techniques will be evaluated in the context of probabilistic graphical models, randomised algorithms, and autonomous robots.

FRAPPANT will spearhead formally verifiable probabilistic programming.

Recent Research Highlights

To give an overview of our work, each of our current researchers presents highlights one of their recent publications.

Kevin Batz: Probabilistic program verification via inductive synthesis of inductive invariants

Essential tasks for the verification of probabilistic programs include bounding expected outcomes and proving termination in finite expected runtime. We have developed a simple yet effective inductive synthesis approach for proving such quantitative reachability properties by generating inductive invariants on source-code level. Our implementation finds invariants for (in)finite-state programs, can beat state-of-the-art probabilistic model checkers, and is competitive with modern tools dedicated to invariant synthesis and expected runtime reasoning.

Bahare Salmani: Finding an ϵ-Close Minimal Variation of Parameters in Bayesian Networks

As a FRAPPANT member, I work on Bayesian Networks (BNs) and how they relate to probabilistic model checking. I’ve focused my research on probabilistic (and symbolic) inference, sensitivity analysis, and parameter tuning on BNs. Our latest paper entitled “Finding an ϵ-Close Minimal Variation of Parameters in Bayesian Networks” has been recently accepted for presentation at IJCAI 2023 (the 32nd Int. Joint Conf. on Artificial Intelligence) in Macao. Out of 4566 full-paper submissions, about 15% have been accepted. The paper gives an algorithm for estimating the sensitivity of a given fully-specified Bayesian network to small perturbations in the values of local conditional probabilities.

Philipp Schroer: Building an Infrastructure for Probabilistic Program Verification

We are developing Caesar, a deductive verifier for probabilistic programs. It is based on our verification infrastructure for probabilistic programs, similar to a probabilistic version of Boogie. Our work includes an intermediate verification language called HeyVL and a real-valued logic called HeyLo. This allows us to generate verification conditions that prove a program’s correctness. Our focus is on measuring properties like expected outcomes and termination probabilities, so we use a real-valued approach instead of the usual Boolean logic. Our IVL adapts standard verification elements to handle quantitative aspects and uses weakest preexpectation-style semantics to generate verification conditions. Our SMT-based implementation Caesar enables us to automatically verify a wide range of benchmarks.

Caesar has a website where you can download the tool and find its documentation, including a tutorial-style guide. It is developed as an open-source project on Github. A paper on HeyVL and Caesar was published at OOPSLA 2023 and there’s an extended version available on arxiv.

Thesis Projects, Lectures, and Seminars

If you are interested in working on this project as a thesis or Hiwi student, contact one of our researchers on the project. We always have interesting topics available related to this project.

We also provide a recurring lecture series on probabilistic programs. For example, check out the WS 2022/23 lecture page. Furthermore, our seminars regularly deal with topics related to FRAPPANT. Head over to our teaching page for more information.

List of Publications Related to FRAPPANT

2025
[bibtex] @inbook{JPMFP2025, title = {J-P: MDP. FP. PP}, author = {Kevin Batz and Benjamin Lucien Kaminski and Christoph Matheja and Tobias Winkler}, publisher = {Springer}, booktitle = {LNCS}, volume = {15260}, pages = {255-302}, type = {Book Chapter}, year = {2025}, doi = {10.1007/978-3-031-75783-9_11}, url = { https://publications.rwth-aachen.de/record/999819}, }× [issue]	Kevin Batz, Benjamin Lucien Kaminski, Christoph Matheja, Tobias Winkler. J-P: MDP. FP. PP, Volume 15260 of LNCS, 255-302, Springer, 2025.
[bibtex] @inbook{SQIFPP2025, title = {Symbolic Quantitative Information Flow for Probabilistic Programs}, author = {Philipp Schröer and Francesca Randone and Raúl Pardo and Andrzej Wa̧sowski}, publisher = {Springer}, booktitle = {LNCS}, volume = {15260}, pages = {128-154}, type = {Book Chapter}, year = {2025}, doi = {10.1007/978-3-031-75783-9_6}, url = { https://publications.rwth-aachen.de/record/998367}, }× [issue]	Philipp Schröer, Francesca Randone, Raúl Pardo, Andrzej Wa̧sowski. Symbolic Quantitative Information Flow for Probabilistic Programs, Volume 15260 of LNCS, 128-154, Springer, 2025.
2024
[bibtex] @phdthesis{A2024, title = {Automated deductive verification of probabilistic programs}, author = {Kevin Batz}, publisher = {RWTH Aachen University}, institution = {RWTH Aachen University}, pages = {1 Online-Ressource : Illustrationen}, type = {PhD Thesis}, year = {2024}, doi = {10.18154/RWTH-2025-00473}, url = { https://publications.rwth-aachen.de/record/1002329}, }× [issue]	Kevin Batz. Automated deductive verification of probabilistic programs, PhD Thesis, RWTH Aachen University, 1 Online-Ressource : Illustrationen, RWTH Aachen University, 2024.
[bibtex] @phdthesis{PB2024, title = {Probabilistic model checking and parameter tuning for Bayesian networks}, author = {Bahare Salmani Barzoki}, publisher = {RWTH Aachen University}, institution = {RWTH Aachen University}, pages = {1 Online-Ressource : Illustrationen}, type = {PhD Thesis}, year = {2024}, doi = {10.18154/RWTH-2025-00411}, url = { https://publications.rwth-aachen.de/record/1002228}, }× [issue]	Bahare Salmani Barzoki. Probabilistic model checking and parameter tuning for Bayesian networks, PhD Thesis, RWTH Aachen University, 1 Online-Ressource : Illustrationen, RWTH Aachen University, 2024.
[bibtex] @article{EBILPPGF2024, title = {Exact Bayesian Inference for Loopy Probabilistic Programs using Generating Functions}, author = {Lutz Klinkenberg and Christian Blumenthal and Mingshuai Chen and Darion Haase and Joost-Pieter Katoen}, publisher = {ACM}, journal = {Proceedings of the ACM on programming languages}, volume = {8(OOPSLA1)}, pages = {pages 127}, type = {Journal Article}, year = {2024}, doi = {10.1145/3649844}, url = { https://publications.rwth-aachen.de/record/986464}, }× [issue]	Lutz Klinkenberg, Christian Blumenthal, Mingshuai Chen, Darion Haase, Joost-Pieter Katoen. Exact Bayesian Inference for Loopy Probabilistic Programs using Generating Functions, Proceedings of the ACM on programming languages 8 (OOPSLA1), pages 127, ACM, 2024.
[bibtex] @article{PSSRNPP2024, title = {Programmatic Strategy Synthesis: Resolving Nondeterminism in Probabilistic Programs}, author = {Kevin Batz and Tom Jannik Biskup and Joost-Pieter Katoen and Tobias Winkler}, publisher = {ACM}, journal = {Proceedings of the ACM on programming languages}, volume = {8}, pages = {pages 93}, type = {Journal Article}, year = {2024}, doi = {10.1145/3632935}, url = { https://publications.rwth-aachen.de/record/979194}, }× [issue]	Kevin Batz, Tom Jannik Biskup, Joost-Pieter Katoen, Tobias Winkler. Programmatic Strategy Synthesis: Resolving Nondeterminism in Probabilistic Programs, Proceedings of the ACM on programming languages 8, pages 93, ACM, 2024.
Show all