Strategies for Temporal Resolution
, 1995
"... Verifying that a temporal logic specification satisfies a temporal property requires some form of theorem proving. However, although proof procedures exist for such logics, many are either unsuitable for automatic implementation or only deal with small fragments of the logic. In this thesis the algo ..."
Verifying that a temporal logic specification satisfies a temporal property requires some form of theorem proving. However, although proof procedures exist for such logics, many are either unsuitable for automatic implementation or only deal with small fragments of the logic. In this thesis the algorithms for, and strategies to guide, a fully automated temporal resolution theorem prover are given, proved correct and evaluated. An approach to applying resolution, a proof method for classical logics suited to mechanisation, to temporal logics has been developed by Fisher. The method involves translation to a normal form, classical style resolution within states and temporal resolution over states. It has only one temporal resolution rule and is therefore particularly suitable as the basis of an automated temporal resolution theorem prover. As the application of the temporal resolution rule is the most costly part of the method, involving search amongst graphs, different algorithms on w...
Automatic verification of sequential circuits using temporal logic
 IEEE Transactions on Computer C35
, 1986
"... AbstractVerifying the correctness of sequential circuits has been an important problem for a long time. But lack of any formal and efficient method of verification has prevented the creation of practical design aids for this purpose. Since all the known techniques of simulation apd prototype testi ..."
AbstractVerifying the correctness of sequential circuits has been an important problem for a long time. But lack of any formal and efficient method of verification has prevented the creation of practical design aids for this purpose. Since all the known techniques of simulation apd prototype testing are time consuming and not very reliable, there is an acute need for such tools. In this paper we describe an automatic verification system for sequential circuits in which specifications are expressed in a propositional temporal logic. In contrast to most other mechanical verification systems, our system does not require any user assistance and is quite;fastexperimental results show that state machines with several hundred states can be checked for correctness in a matter of seconds! The verification system uses a simple and efficient algorithm, called a model checker. The algorithm works in two steps: in the first step, it builds a labeled statetransition graph; and in the second step, it determines the truth of a temporal formula with. respect to the statetransition graph. We discuss two different techniques that we thave implemented for automatically generating the statetransition graphs: The first involves extracting the state graph directly feom the circuit by exhaustive simulation. The second obtains the state graph by compilation from an HDL specification of the original circuit. Index TermsAsynchronous circuits, hardware verification, sequential circuit verification, temporal logic, temporal logic model checking. I.
Verification on Infinite Structures
, 2000
"... In this chapter, we present a hierarchy of infinitestate systems based on the primitive operations of sequential and parallel composition; the hierarchy includes a variety of commonlystudied classes of systems such as contextfree and pushdown automata, and Petri net processes. We then examine the ..."
In this chapter, we present a hierarchy of infinitestate systems based on the primitive operations of sequential and parallel composition; the hierarchy includes a variety of commonlystudied classes of systems such as contextfree and pushdown automata, and Petri net processes. We then examine the equivalence and regularity checking problems for these classes, with special emphasis on bisimulation equivalence, stressing the structural techniques which have been devised for solving these problems. Finally, we explore the model checking problem over these classes with respect to various linear and branchingtime temporal logics.
Decidability of Model Checking for InfiniteState Concurrent Systems
 Acta Informatica
"... We study the decidability of the model checking problem for linear and branching time logics, and two models of concurrent computation, namely Petri nets and Basic Parallel Processes. 1 Introduction Most techniques for the verification of concurrent systems proceed by an exhaustive traversal of the ..."
We study the decidability of the model checking problem for linear and branching time logics, and two models of concurrent computation, namely Petri nets and Basic Parallel Processes. 1 Introduction Most techniques for the verification of concurrent systems proceed by an exhaustive traversal of the state space. Therefore, they are inherently incapable of considering systems with infinitely many states. Recently, some new methods have been developed in order to at least palliate this problem. Using them, several verification problems for some restricted infinitestate models have been shown to be decidable. These results can be classified into those showing the decidability of equivalence relations [8, 9, 24, 26], and those showing the decidability of model checking for different modal and temporal logics. In this paper, we contribute to this second group. The model checking problem has been studied so far for three infinitestate models: contextfree processes, pushdown processes, and...
The Logical Modelling of Computational MultiAgent Systems
, 1992
"... THE aim of this thesis is to investigate logical formalisms for describing, reasoning about, specifying, and perhaps ultimately verifying the properties of systems composed of multiple intelligent computational agents. There are two obvious resources available for this task. The first is the (largel ..."
THE aim of this thesis is to investigate logical formalisms for describing, reasoning about, specifying, and perhaps ultimately verifying the properties of systems composed of multiple intelligent computational agents. There are two obvious resources available for this task. The first is the (largely AI) tradition of reasoning about the intentional notions (belief, desire, etc.). The second is the (mainstream computer science) tradition of temporal logics for reasoning about reactive systems. Unfortunately, neither resource is ideally suited to the task: most intentional logics have little to say on the subject of agent architecture, and tend to assume that agents are perfect reasoners, whereas models of concurrent systems from mainstream computer science typically deal with the execution of individual program instructions. This thesis proposes a solution which draws upon both resources. It defines a model of agents and multiagent systems, and then defines two execution models, which ...
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
More Infinite Results
, 1997
"... Recently there has been a spurt of activity in concurrency theory centred on the analysis of infinitestate systems. The following two problems have been intensely investigated: (1) given two infinitestate systems, are they equal with respect to a certain equivalence notion?, and (2) given an infin ..."
Recently there has been a spurt of activity in concurrency theory centred on the analysis of infinitestate systems. The following two problems have been intensely investigated: (1) given two infinitestate systems, are they equal with respect to a certain equivalence notion?, and (2) given an infinitestate system and a property expressed in a certain temporal logic, does the system satisfy the property? In his paper "Infinite Results" [Mol96] , Moller surveys some of the key results on the decidability and complexity of problem (1). This paper is a survey on the results about problem (2). 1 Introduction Most techniques for the verification of concurrent systems proceed by an exhaustive traversal of the state space. Therefore, they are inherently incapable of considering systems with infinitely many states. Recently, some methods have been developed to overcome this limitation, at least for restricted classes of infinitestate systems. Using them, several verification problems have b...
Verifying Clocked Transition Systems
 In Proceedings of the Fifth International Workshop on Languages and Compilers for Parallel Machines
, 1996
"... . This paper presents a new computational model for realtime systems, called the clocked transition system (cts) model. The cts model is a development of our previous timed transition model, where some of the changes are inspired by the model of timed automata. The new model leads to a simpler s ..."
. This paper presents a new computational model for realtime systems, called the clocked transition system (cts) model. The cts model is a development of our previous timed transition model, where some of the changes are inspired by the model of timed automata. The new model leads to a simpler style of temporal specification and verification, requiring no extension of the temporal language. We present verification rules for proving safety properties (including timebounded response properties) of clocked transition systems, and separate rules for proving (timeunbounded) response properties. All rules are associated with verification diagrams. The verification of response properties requires adjustments of the proof rules developed for untimed systems, reflecting the fact that progress in the real time systems is ensured by the progress of time and not by fairness. The style of the verification rules is very close to the verification style of untimed systems which allows t...
The Integration Project for the JACK Environement
 BULLETIN OF THE EATCS
, 1994
"... JACK, standing for Just Another Concurrency Kit, is a new environment integrating a set of verification tools, supported by a graphical interface offering facilities to use these tools separately or in combination. The environment proposes several functionalities for the design, analysis and verif ..."
JACK, standing for Just Another Concurrency Kit, is a new environment integrating a set of verification tools, supported by a graphical interface offering facilities to use these tools separately or in combination. The environment proposes several functionalities for the design, analysis and verification of concurrent systems specified using process algebra. Tools exchange information through a text format called Fc2. Users are able to graphically layout their specifications, that will be automatically converted into the Fc2 format and then minimised with respect to various kinds of equivalences. A branching time and action based logic, ACTL, is used to describe the properties that the specification must satisfy, and model checking of ACTL formulae on the specification is performed in linear time. A translator from Natural Language to ACTL formulae is provided, in order to simplify the job to describe the specification properties by ACTL formulae. A description of the graphical interface is given together with its functionalities and the exchange format used by the tools. As an example of use of JACK, we present a small case study within JACK, that covers both verification of a software system and verification of its properties.
Proof Rules for Probabilistic Loops
 Proceedings of the BCSFACS 7th Refinement Workshop, Workshops in Computing
, 1996
"... Probabilistic predicate transformers provide a semantics for imperative programs containing both demonic and probabilistic nondeterminism. Like the (standard) predicate transformers popularised by Dijkstra, they model programs as functions from final results to the initial conditions sufficient to a ..."
Probabilistic predicate transformers provide a semantics for imperative programs containing both demonic and probabilistic nondeterminism. Like the (standard) predicate transformers popularised by Dijkstra, they model programs as functions from final results to the initial conditions sufficient to achieve them. This paper presents practical proof rules, using the probabilistic transformers, for reasoning about iterations when probability is present. They are thoroughly illustrated by example: probabilistic binary chop, faulty factorial, the martingale gambling strategy and Herman's probabilistic selfstabilisation. Just as for traditional programs, weakestprecondition based proof rules for program derivation are an important step on the way to designing more general refinement techniques, or even a refinement calculus, for imperative probabilistic programming. 1 Introduction The standard predicate transformers described by Dijkstra [3] provide a model in which a program is a funct...