Results 1 -
9 of
9
µCRL: A toolset for analysing algebraic specifications
- Proc. 13th Conference on Computer Aided Verification, LNCS 2102
, 2001
"... µCRL [13] is a language for specifying and verifying distributed systems in an algebraic fashion. It targets the specification of system behaviour in a process-algebraic style and of data elements in the form of abstract data types. The µCRL toolset [21] (see ..."
Abstract
-
Cited by 39 (18 self)
- Add to MetaCart
µCRL [13] is a language for specifying and verifying distributed systems in an algebraic fashion. It targets the specification of system behaviour in a process-algebraic style and of data elements in the form of abstract data types. The µCRL toolset [21] (see
Model checking a cache coherence protocol for a Java DSM implementation
- In Proceedings FMPPTA’03
, 2003
"... Jackal is a fine-grained distributed shared memory implementation of the Java programming language. It aims to implement Java’s memory model and allows multithreaded Java programs to run unmodified on a distributed memory system. It employs a multiple-writer cache coherence protocol. In this paper, ..."
Abstract
-
Cited by 17 (3 self)
- Add to MetaCart
(Show Context)
Jackal is a fine-grained distributed shared memory implementation of the Java programming language. It aims to implement Java’s memory model and allows multithreaded Java programs to run unmodified on a distributed memory system. It employs a multiple-writer cache coherence protocol. In this paper, we report on our analysis of this protocol. We present its formal specification in µCRL, and discuss the abstractions that were made to avoid state explosion. Requirements were formulated and model checked with respect to several configurations. Our analysis revealed two errors in the implementation. Key words: formal specification, model checking, cache coherence protocols, Java memory model, µCRL
Cones and Foci for Protocol Verification Revisited
- In Proc. 6th Conference on Foundations of Software Science and Computation Structures, LNCS 2620
, 2003
"... Abstract. We define a cones and foci proof method, which rephrases the question whether two system specifications are branching bisimilar in terms of proof obligations on relations between data objects. Compared to the original cones and foci method from Groote and Springintveld [22], our method is ..."
Abstract
-
Cited by 10 (4 self)
- Add to MetaCart
(Show Context)
Abstract. We define a cones and foci proof method, which rephrases the question whether two system specifications are branching bisimilar in terms of proof obligations on relations between data objects. Compared to the original cones and foci method from Groote and Springintveld [22], our method is more generally applicable, and does not require a preprocessing step to eliminate τ-loops. We prove soundness of our approach and give an application. 1
Refinement and Verification Applied to an In-Flight Data Acquisition Unit
, 2002
"... In order to optimise maintenance and increase safety, the Royal Netherlands Navy initiated the development of a multi-channel on-board data acquisition system for its Lynx helicopters. This AIDA (Automatic In-ight Data Acquisition) system records usage and loads data on main rotor, engines and airfr ..."
Abstract
-
Cited by 7 (5 self)
- Add to MetaCart
In order to optimise maintenance and increase safety, the Royal Netherlands Navy initiated the development of a multi-channel on-board data acquisition system for its Lynx helicopters. This AIDA (Automatic In-ight Data Acquisition) system records usage and loads data on main rotor, engines and airframe. We used refinement in combination with model checking to arrive at a formally verified prototype implementation of the AIDA system, starting from the functional requirements.
Global Scheduler Properties derived from Local Restrictions
, 2002
"... The VoDka server is a video-on-demand system for a Spanish cable company. We look at the distributed scheduler of this system. This scheduler enables that whenever a user agent is asking for a certain movie, this request is transferred through the system and a set of possible play-back qualities is ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
The VoDka server is a video-on-demand system for a Spanish cable company. We look at the distributed scheduler of this system. This scheduler enables that whenever a user agent is asking for a certain movie, this request is transferred through the system and a set of possible play-back qualities is returned to the agent. In case of a non-empty set, the agent selects one and the movie is streamed to the user.
Model Checking a Cache Coherence Protocol for a Java DSM Implementation
"... Jackal is a fine-grained distributed shared memory implementation of the Java programming language. It aims to implement Java's memory model and allows multithreaded Java programs to run unmodified on a distributed memory system. It employs a multiple-writer cache coherence protocol. In this pa ..."
Abstract
- Add to MetaCart
Jackal is a fine-grained distributed shared memory implementation of the Java programming language. It aims to implement Java's memory model and allows multithreaded Java programs to run unmodified on a distributed memory system. It employs a multiple-writer cache coherence protocol. In this paper, we report on our analysis of this protocol. We present its formal specification in CRL, and discuss the abstractions that were made to avoid state explosion. Requirements were formulated and model checked with respect to several configurations. Our analysis revealed two errors in the implementation.
Functional Programming and Logic Decrease the Use of the Most Important Part of Our System
, 2001
"... Several years of experience with the functional language Erlang have learned Ericsson that it is highly beneficial to use this language for programming control software for large systems. Systems that could not be built before, have been constructed in less time and with fewer lines of code than one ..."
Abstract
- Add to MetaCart
Several years of experience with the functional language Erlang have learned Ericsson that it is highly beneficial to use this language for programming control software for large systems. Systems that could not be built before, have been constructed in less time and with fewer lines of code than one would need with conventional languages. The success of Ericsson in the business area of telephone switches is partly because of their solid fault tolerant architecture, both in hardware and in software. A lot of time and money have been invested in the development of this fault tolerant architecture, all to catch these errors that are overlooked in numerous tests. By using Erlang and its extensive libraries, the number of these uncaught errors decreases; the fault recovery mechanism of the system is used less. One saves on maintenance costs and the overall performance of a system increases. The additional use of formal verifiation aims on reducing even more the number of uncaught errors.