Results 1  10
of
51
An Improvement of McMillan's Unfolding Algorithm
 Formal Methods in System Design
, 1996
"... McMillan has recently proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finitestate Petri nets. The technique requires to construct a finite initial part of the unfolding of the net. McMillan's algorithm for this task may yield initial parts ..."
Abstract

Cited by 178 (9 self)
 Add to MetaCart
McMillan has recently proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finitestate Petri nets. The technique requires to construct a finite initial part of the unfolding of the net. McMillan's algorithm for this task may yield initial parts that are larger than necessary (exponentially larger in the worst case). We present a refinement of the algorithm which overcomes this problem. 1 Introduction In a seminal paper [10], McMillan has proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finitestate Petri nets. The technique is based on the concept of net unfolding, a well known partial order semantics of Petri nets introduced in [12], and later described in more detail in [4] under the name of branching processes. The unfolding of a net is another net, usually infinite but with a simpler structure. McMillan proposes an algorithm for the construction of a finite initial part...
Using Logic Programs with Stable Model Semantics to Solve Deadlock and Reachability Problems for 1Safe Petri Nets
, 1999
"... McMillan has presented a deadlock detection method for Petri nets based on finite complete prefixes (i.e. net unfoldings). The approach transforms the PSPACEcomplete deadlock detection problem for a 1safe Petri net into a potentially exponentially larger NPcomplete problem of deadlock detection f ..."
Abstract

Cited by 51 (7 self)
 Add to MetaCart
McMillan has presented a deadlock detection method for Petri nets based on finite complete prefixes (i.e. net unfoldings). The approach transforms the PSPACEcomplete deadlock detection problem for a 1safe Petri net into a potentially exponentially larger NPcomplete problem of deadlock detection for a finite complete prefix. McMillan devised a branchandbound algorithm for deadlock detection in prefixes. Recently, Melzer and Römer have presented another approach, which is based on solving mixed integer programming problems. In this work it is shown that instead of using mixed integer programming, a constraintbased logic programming framework can be employed, and a linearsize translation from deadlock detection in prexes into the problem of finding a stable model of a logic program is presented. As a side result also such a translation for solving the reachability problem is devised. Correctness proofs of both the translations are presented. Experimental results are given from an implementation combining a prefix generator from a PEP tool, the translation, and an implementation of a constraint logic programming framework, the smodels system. The experiments show the approach to be quite competetive, when compared to the approaches of McMillan and Melzer/Römer.
Presheaf Models for Concurrency
, 1999
"... In this dissertation we investigate presheaf models for concurrent computation. Our aim is to provide a systematic treatment of bisimulation for a wide range of concurrent process calculi. Bisimilarity is defined abstractly in terms of open maps as in the work of Joyal, Nielsen and Winskel. Their wo ..."
Abstract

Cited by 45 (19 self)
 Add to MetaCart
In this dissertation we investigate presheaf models for concurrent computation. Our aim is to provide a systematic treatment of bisimulation for a wide range of concurrent process calculi. Bisimilarity is defined abstractly in terms of open maps as in the work of Joyal, Nielsen and Winskel. Their work inspired this thesis by suggesting that presheaf categories could provide abstract models for concurrency with a builtin notion of bisimulation. We show how
A SweepLine Method for State Space Exploration
, 2001
"... We present a state space exploration methodf or onthefly verification. The method is aimed at systems for which it is possible to define a measure of progress based on the states of the system. The measure of progress makes it possible to delete certain states onthefly during state space generat ..."
Abstract

Cited by 44 (21 self)
 Add to MetaCart
We present a state space exploration methodf or onthefly verification. The method is aimed at systems for which it is possible to define a measure of progress based on the states of the system. The measure of progress makes it possible to delete certain states onthefly during state space generation, since these states can never be reached again. This in turn reduces the memory used for state space storage during the task of verification. Examples of progress measures are sequence numbers in communication protocols and time in certain models with time. We illustrate the application of the method on a number of Coloured Petri Net models, and give a first evaluation of its practicality by means of an implementation based on the Design/CPN state space tool. Our experiments show significant reductions in both space and time used during state space exploration. The method is not specific to Coloured Petri Nets but applicable to a wide rangeof modelling languages.
Focusing the inverse method for linear logic
 Proceedings of CSL 2005
, 2005
"... 1.1 Quantification and the subformula property.................. 3 1.2 Ground forward sequent calculus......................... 5 1.3 Lifting to free variables............................... 10 ..."
Abstract

Cited by 37 (11 self)
 Add to MetaCart
1.1 Quantification and the subformula property.................. 3 1.2 Ground forward sequent calculus......................... 5 1.3 Lifting to free variables............................... 10
Causal atomicity
 In CAV, LNCS 4144
, 2006
"... Abstract. Atomicity is an important generic specification that assures that a programmer can pretend blocks occur sequentially in any execution. We define a notion of atomicity based on causality. We model the control flow of a program with threads using a Petri net that naturally abstracts data, an ..."
Abstract

Cited by 22 (4 self)
 Add to MetaCart
Abstract. Atomicity is an important generic specification that assures that a programmer can pretend blocks occur sequentially in any execution. We define a notion of atomicity based on causality. We model the control flow of a program with threads using a Petri net that naturally abstracts data, and faithfully captures the independence and interaction between threads. The causality between events in the partially ordered executions of the Petri net is used to define the notion of causal atomicity. We show that causal atomicity is a robust notion that many correct programs adopt, and show how we can effectively check causal atomicity using Petri net tools based on unfoldings, which exploit the concurrency in the net to yield automatic partialorder reduction in the statespace. 1
Symbolic Techniques for Performance Analysis of Timed Systems based on Average Time Separation of Events
 In Proc. International Symposium on Advanced Research in Asynchronous Circuits and Systems
, 1997
"... Symbolic techniques using BDDs [1] and ADDs [2] are applied to the performance analysis of (asynchronous) timed systems. We model the system as a set of probabilistic finite state machines which is analyzed as a discrete time Markov chain. The stationary probability of all reachable states is obtain ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
Symbolic techniques using BDDs [1] and ADDs [2] are applied to the performance analysis of (asynchronous) timed systems. We model the system as a set of probabilistic finite state machines which is analyzed as a discrete time Markov chain. The stationary probability of all reachable states is obtained iteratively using ADDs. Average time separation of events is symbolically calculated to determine various performance metrics. Application to a FIFO and a differential equation solver chip demonstrates the feasibility of the technique. 1. Introduction A typical objective of (asynchronous) timed systems is to achieve higher averagecase performance than the worstcase performance of any comparable synchronous system. Examples of such systems include the Intel AILD (asynchronous instruction length decoder) design, an asynchronous differential equation solver ASIC [17], and various pausible clocking interfaces [18]. To better design these systems, we need performance analysis tools that can...
Bounding Average Time Separations of Events in Stochastic Marked Graphs
 In Proc. International Symposium on Advanced Research in Asynchronous Circuits and Systems
, 1999
"... Stochastic timed marked graphs are graphical models of concurrent systems such as asynchronous circuits, embedded systems, queuing networks, manufacturing systems, and many automatic control systems. Unlike earlier works in which delays must be fixed or exponential, we allow the models to include ar ..."
Abstract

Cited by 20 (6 self)
 Add to MetaCart
Stochastic timed marked graphs are graphical models of concurrent systems such as asynchronous circuits, embedded systems, queuing networks, manufacturing systems, and many automatic control systems. Unlike earlier works in which delays must be fixed or exponential, we allow the models to include arbitrary delay distributions as long as they have finite means. For such models, one important problem is to determine the average Time Separations of Events (TSE's). For example, an efficient means of finding TSE's in such models of asynchronous circuits facilitates both performance analysis as well as performancedriven synthesis. Towards this end, we present a novel technique to obtain upper and lower bounds on the average TSE for arbitrary pairs of system events. The bounds are formulated using a finite segment of the infinite unfolding of the marked graph and can be efficiently evaluated either using statistical sampling or, in some special cases, analytical methods. The resulting bounds...
Efficient State Space Search for Time Petri Nets
 Electronic Notes in Theoretical Computer Science
, 1998
"... Partialorder reduction methods provide a number of well studied methods that have been succesfully applied to the statespace explosion problem that arises when analysing state based models of concurrent and reactive systems. The techniques have mainly been studied within the context of untimed sys ..."
Abstract

Cited by 17 (2 self)
 Add to MetaCart
Partialorder reduction methods provide a number of well studied methods that have been succesfully applied to the statespace explosion problem that arises when analysing state based models of concurrent and reactive systems. The techniques have mainly been studied within the context of untimed systems, in the context of realtime systems little progress has been made. The main problem seems to be the global nature of time, that makes all clocks in the system dependent on each other. Typically this is manifested in the semantics of realtime models in which the ordering of events is implicitely stored in the state of the system.
ModelChecking for a Subclass of Event Structures
 Proc. of TACAS'97, LNCS 1217
, 1997
"... . A finite representation of the prime event structure corresponding to the behaviour of a program is suggested. The algorithm of linear complexity using this representation for model checking of the formulas of Discrete Event Structure Logic without past modalities is given. A method of building fi ..."
Abstract

Cited by 15 (8 self)
 Add to MetaCart
. A finite representation of the prime event structure corresponding to the behaviour of a program is suggested. The algorithm of linear complexity using this representation for model checking of the formulas of Discrete Event Structure Logic without past modalities is given. A method of building finite representations of event structures in an efficient way by applying partial order reductions is provided. 1 Introduction Model checking is one of the most successful methods of automatic verification of program properties. A modelchecking algorithm decides whether a finitestate concurrent system satisfies its specification, given as a formula of a temporal logic [3, 10]. Behaviour of a concurrent system can be modeled in two ways. In the interleaving semantics, the meaning of a program is an execution tree, temporallogic assertions are interpreted over paths of this tree. In partialorder semantics (or event structure semantics), behaviour is an event structure, where the ordering r...