Results 1  10
of
68
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 2407 (62 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
PRISM: Probabilistic symbolic model checker
, 2002
"... Abstract. In this paper we describe PRISM, a tool being developed at the University of Birmingham for the analysis of probabilistic systems. PRISM supports two probabilistic models: continuoustime Markov chains and Markov decision processes. Analysis is performed through model checking such systems ..."
Abstract

Cited by 184 (15 self)
 Add to MetaCart
Abstract. In this paper we describe PRISM, a tool being developed at the University of Birmingham for the analysis of probabilistic systems. PRISM supports two probabilistic models: continuoustime Markov chains and Markov decision processes. Analysis is performed through model checking such systems against specifications written in the probabilistic temporal logics PCTL and CSL. The tool features three model checking engines: one symbolic, using BDDs (binary decision diagrams) and MTBDDs (multiterminal BDDs); one based on sparse matrices; and one which combines both symbolic and sparse matrix methods. PRISM has been successfully used to analyse probabilistic termination, performance, dependability and quality of service properties for a range of systems, including randomized distributed algorithms, polling systems, workstation cluster and wireless cell communication. 1
Bisimulation for Labelled Markov Processes
 Information and Computation
, 1997
"... In this paper we introduce a new class of labelled transition systems  Labelled Markov Processes  and define bisimulation for them. ..."
Abstract

Cited by 139 (23 self)
 Add to MetaCart
In this paper we introduce a new class of labelled transition systems  Labelled Markov Processes  and define bisimulation for them.
Probabilistic Symbolic Model Checking with PRISM: A Hybrid Approach
 International Journal on Software Tools for Technology Transfer (STTT
, 2002
"... In this paper we introduce PRISM, a probabilistic model checker, and describe the ecient symbolic techniques we have developed during its implementation. PRISM is a tool for analysing probabilistic systems. It supports three models: discretetime Markov chains, continuoustime Markov chains and ..."
Abstract

Cited by 137 (26 self)
 Add to MetaCart
In this paper we introduce PRISM, a probabilistic model checker, and describe the ecient symbolic techniques we have developed during its implementation. PRISM is a tool for analysing probabilistic systems. It supports three models: discretetime Markov chains, continuoustime Markov chains and Markov decision processes. Analysis is performed through model checking speci cations in the probabilistic temporal logics PCTL and CSL. Motivated by the success of model checkers such as SMV, which use BDDs (binary decision diagrams), we have developed an implementation of PCTL and CSL model checking based on MTBDDs (multiterminal BDDs) and BDDs. Existing work in this direction has been hindered by the generally poor performance of MTBDDbased numerical computation, which is often substantially slower than explicit methods using sparse matrices. We present a novel hybrid technique which combines aspects of symbolic and explicit approaches to overcome these performance problems. For typical examples, we achieve orders of magnitude speedup compared to MTBDDs and are able to almost match the speed of sparse matrices whilst maintaining considerable space savings.
Approximate symbolic model checking of continuoustime Markov chains (Extended Abstract)
, 1999
"... . This paper presents a symbolic model checking algorithm for continuoustime Markov chains for an extension of the continuous stochastic logic CSL of Aziz et al [1]. The considered logic contains a timebounded untiloperator and a novel operator to express steadystate probabilities. We show that t ..."
Abstract

Cited by 124 (21 self)
 Add to MetaCart
. This paper presents a symbolic model checking algorithm for continuoustime Markov chains for an extension of the continuous stochastic logic CSL of Aziz et al [1]. The considered logic contains a timebounded untiloperator and a novel operator to express steadystate probabilities. We show that the model checking problem for this logic reduces to a system of linear equations (for unbounded until and the steady stateoperator) and a Volterra integral equation system for timebounded until. We propose a symbolic approximate method for solving the integrals using MTDDs (multiterminal decision diagrams), a generalisation of MTBDDs. These new structures are suitable for numerical integration using quadrature formulas based on equallyspaced abscissas, like trapezoidal, Simpson and Romberg integration schemes. 1 Introduction The mechanised verification of a given (usually) finitestate model against a property expressed in some temporal logic is known as model checking. For probabilistic...
Probabilistic Extensions of Process Algebras
 Handbook of Process Algebra
, 2001
"... INTRODUCTION Classic process, algebras such as CCS, CSP and ACP, are wellestablished techniques for modelling and reasoning about functional aspects of concurrent processes. The motivation for studying probabilistic extensions of process algebras is to develop techniques dealing with nonfunctiona ..."
Abstract

Cited by 67 (5 self)
 Add to MetaCart
INTRODUCTION Classic process, algebras such as CCS, CSP and ACP, are wellestablished techniques for modelling and reasoning about functional aspects of concurrent processes. The motivation for studying probabilistic extensions of process algebras is to develop techniques dealing with nonfunctional aspects of process behavior, such as performance and reliability. We may want to investigate, e.g., the average response time of a system, or the ? This chapter is dedicated to the fond memory of Linda Christoff. probability that a certain failure occurs. An analysis of these and similar properties requires that some form of information about the stochastic distribution over the occurrence of relevant events is put into the model. For instance, performance evaluation is often based on modeling a system as a continuoustime Markov process, in which distributions over delays between actions and over the choice between different actions are specified. Similar
On probabilistic model checking
, 1996
"... Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative ..."
Abstract

Cited by 55 (6 self)
 Add to MetaCart
Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative properties with rewards. Example properties include the probability that a fault occurs and the expected number of faults in a given time period. We also describe the practical application of stochastic model checking with the probabilistic model checker PRISM by outlining the main features supported by PRISM and three realworld case studies: a probabilistic security protocol, dynamic power management and a biological pathway. 1
MultiValued Symbolic ModelChecking
 ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY
, 2003
"... This paper introduces the concept and the general theory of multivalued model checking, and describes a multivalued symbolic modelchecker \Chi Chek. Multivalued ..."
Abstract

Cited by 50 (16 self)
 Add to MetaCart
This paper introduces the concept and the general theory of multivalued model checking, and describes a multivalued symbolic modelchecker \Chi Chek. Multivalued
Model Checking for Probability and Time: From Theory to Practice
 In Proc. Logic in Computer Science
, 2003
"... Probability features increasingly often in software and hardware systems: it is used in distributed coordination and routing problems, to model faulttolerance and performance, and to provide adaptive resource management strategies. Probabilistic model checking is an automatic procedure for establi ..."
Abstract

Cited by 47 (1 self)
 Add to MetaCart
Probability features increasingly often in software and hardware systems: it is used in distributed coordination and routing problems, to model faulttolerance and performance, and to provide adaptive resource management strategies. Probabilistic model checking is an automatic procedure for establishing if a desired property holds in a probabilistic model, aimed at verifying probabilistic specifications such as "leader election is eventually resolved with probability 1", "the chance of shutdown occurring is at most 0.01%", and "the probability that a message will be delivered within 30ms is at least 0.75". A probabilistic model checker calculates the probability of a given temporal logic property being satisfied, as opposed to validity. In contrast to conventional model checkers, which rely on reachability analysis of the underlying transition system graph, probabilistic model checking additionally involves numerical solutions of linear equations and linear programming problems. This paper reports our experience with implementing PRISM (www.cs.bham.ac.uk/dxp/ prism/), a Probabilistic Symbolic Model Checker, demonstrates its usefulness in analysing realworld probabilistic protocols, and outlines future challenges for this research direction.
A Markov Chain Model Checker
, 2000
"... . Markov chains are widely used in the context of performance and reliability evaluation of systems of various nature. Model checking of such chains with respect to a given (branching) temporal logic formula has been proposed for both the discrete [17, 6] and the continuous time setting [4, 8]. ..."
Abstract

Cited by 45 (19 self)
 Add to MetaCart
. Markov chains are widely used in the context of performance and reliability evaluation of systems of various nature. Model checking of such chains with respect to a given (branching) temporal logic formula has been proposed for both the discrete [17, 6] and the continuous time setting [4, 8]. In this paper, we describe a prototype model checker for discrete and continuoustime Markov chains, the ErlangenTwente Markov Chain Checker (E MC 2 ), where properties are expressed in appropriate extensions of CTL. We illustrate the general benefits of this approach and discuss the structure of the tool. Furthermore we report on first successful applications of the tool to nontrivial examples, highlighting lessons learned during development and application of E T MC 2 . 1 Introduction Markov chains are widely used as simple yet adequate models in diverse areas, ranging from mathematics and computer science to other disciplines such as operations research, industrial engine...