Results 1  10
of
41
Optimizing Büchi automata
, 2000
"... We describe a family of optimizations implemented in a translation from a linear temporal logic to Büchi automata. Such optimized automata can enhance the efficiency of explicit state model checking, as practiced in tools such as SPIN. Some of our optimizations are applicable to... ..."
Abstract

Cited by 56 (3 self)
 Add to MetaCart
We describe a family of optimizations implemented in a translation from a linear temporal logic to Büchi automata. Such optimized automata can enhance the efficiency of explicit state model checking, as practiced in tools such as SPIN. Some of our optimizations are applicable to...
Quantitative languages
"... Quantitative generalizations of classical languages, which assign to each word a real number instead of a boolean value, have applications in modeling resourceconstrained computation. We use weighted automata (finite automata with transition weights) to define several natural classes of quantitativ ..."
Abstract

Cited by 36 (14 self)
 Add to MetaCart
Quantitative generalizations of classical languages, which assign to each word a real number instead of a boolean value, have applications in modeling resourceconstrained computation. We use weighted automata (finite automata with transition weights) to define several natural classes of quantitative languages over finite and infinite words; in particular, the real value of an infinite run is computed as the maximum, limsup, liminf, limit average, or discounted sum of the transition weights. We define the classical decision problems of automata theory (emptiness, universality, language inclusion, and language equivalence) in the quantitative setting and study their computational complexity. As the decidability of the languageinclusion problem remains open for some classes of weighted automata, we introduce a notion of quantitative simulation that is decidable and implies language inclusion. We also give a complete characterization of the expressive power of the various classes of weighted automata. In particular, we show that most classes of weighted
On the Complexity of Verifying Concurrent Transition Systems
, 2000
"... In implementation verification, we check that an implementation is correct with respect to a specification by checking whether the behaviors of a transition system that models the program's implementation correlate with the behaviors of a transition system that models its specification. In this p ..."
Abstract

Cited by 30 (6 self)
 Add to MetaCart
In implementation verification, we check that an implementation is correct with respect to a specification by checking whether the behaviors of a transition system that models the program's implementation correlate with the behaviors of a transition system that models its specification. In this paper, we investigate the effect of concurrency on the complexity of implementation verification. We consider tracebased and treebased approaches to the verification of concurrent transition systems, with and without fairness. Our results show that in almost all cases the complexity of the problem is exponentially harder than that of the sequential case. Thus, as in the modelchecking verification methodology, the stateexplosion problem cannot be avoided. A preliminary version of this work appeared in the proceedings of the 8th Conference on Concurrency Theory. y Department of Applied Mathematics & Computer Science, Weizmann institute, Rehovot 76100, Israel. Email: harel@wisdom.weizm...
Fair Simulation Relations, Parity Games, and State Space Reduction for Büchi Automata
"... We give efficient algorithms, beating or matching optimal known bounds, for computing a variety of simulation relations on the state space of a Buchi automaton. Our algorithms are derived via a unified and simple paritygame framework. This framework incorporates previously studied notions like fair ..."
Abstract

Cited by 26 (2 self)
 Add to MetaCart
We give efficient algorithms, beating or matching optimal known bounds, for computing a variety of simulation relations on the state space of a Buchi automaton. Our algorithms are derived via a unified and simple paritygame framework. This framework incorporates previously studied notions like fair and direct simulation, but our main motivation is state space reduction, and for this purpose we introduce a new natural notion of simulation, called delayed simulation. We show that, unlike fair simulation, delayed simulation preserves the automaton language upon quotienting, and that it allows substantially better state reduction than direct simulation. We use the paritygame approach, based on a recent algorithm by Jurdzinski, to efficiently compute all the above simulation relations. In particular, we obtain an O(mn 3 )time and O(mn)space algorithm for computing both the delayed and fair simulation relations. The best prior algorithm for fair simulation requires time O(n 6 ) ([HKR97]). Our framework also allows one to compute bisimulations efficiently: we compute the fair bisimulation relation in O(mn 3 ) time and O(mn) space, whereas the best prior algorithm for fair bisimulation requires time O(n 10 ) ([HR00]). 1
Constructing Büchi Automata from Linear Temporal Logic Using Simulation Relations for Alternating Büchi Automata
 Implementation and Application of Automata. Eighth International Conference (CIAA), volume 2759 of Lecture
, 2003
"... We present a new procedure for the translation of propositional lineartime temporal logic (LTL) formulas to equivalent nondeterministic Büchi automata. Our procedure is based on simulation relations for alternating Büchi automata. Whereas most of the procedures that have been described in the past ..."
Abstract

Cited by 25 (1 self)
 Add to MetaCart
We present a new procedure for the translation of propositional lineartime temporal logic (LTL) formulas to equivalent nondeterministic Büchi automata. Our procedure is based on simulation relations for alternating Büchi automata. Whereas most of the procedures that have been described in the past compute simulation relations in the last step of the translation (after a nondeterministic Büchi automaton has already been constructed), our procedure computes simulation relations for alternating Büchi automata in an early stage and uses them in an onthefly fashion. This decreases the time and space consumption without sacrificing the potential of simulation relations. We present experimental results...
"Have I written enough properties?"  A method of comparison between specification and implementation
"... This work presents a novel approach for evaluating the quality of the model checking process. Given a model of a design #or implementation # and a temporal logic formula that describes a speci#cation, model checking determines whether the model satis#es the speci#cation. ..."
Abstract

Cited by 18 (0 self)
 Add to MetaCart
This work presents a novel approach for evaluating the quality of the model checking process. Given a model of a design #or implementation # and a temporal logic formula that describes a speci#cation, model checking determines whether the model satis#es the speci#cation.
Securitybycontract: Toward a semantics for digital signatures on mobile code, in: European PKI Workshop: Theory and Practice (to appear
 In European PKI Workshop: Theory and Practice
, 2007
"... Abstract. In this paper we propose the notion of securitybycontract, a mobile contract that an application carries with itself. The key idea of the framework is that a digital signature should not just certify the origin of the code but rather bind together the code with a contract. We provide a d ..."
Abstract

Cited by 17 (8 self)
 Add to MetaCart
Abstract. In this paper we propose the notion of securitybycontract, a mobile contract that an application carries with itself. The key idea of the framework is that a digital signature should not just certify the origin of the code but rather bind together the code with a contract. We provide a description of the overall lifecycle of mobile code in the setting of securitybycontract, describe a tentative structure for a contractual language and propose a number of algorithms for one of the key steps in the process, the contractpolicy matching issue. We argue that securitybycontract would provide a semantics for digital signatures on mobile code thus being a step in the transition from trusted code to trustworthy code. 1
An AssumeGuarantee Rule for Checking Simulation
, 2002
"... The simulation preorder on state transition systems is widely accepted as a useful notion of refinement, both in its own right and as an efficiently checkable sufficient condition for trace containment. For composite systems, due to the exponential explosion of the state space, there is a need for d ..."
Abstract

Cited by 16 (2 self)
 Add to MetaCart
The simulation preorder on state transition systems is widely accepted as a useful notion of refinement, both in its own right and as an efficiently checkable sufficient condition for trace containment. For composite systems, due to the exponential explosion of the state space, there is a need for decomposing a simulation check of the form P �s Q, denoting “P is simulated by Q, ” into simpler simulation checks on the components of P and Q. We present an assumeguarantee rule that enables such a decomposition. To the best of our knowledge, this is the first assumeguarantee rule that applies to a refinement relation different from trace containment. Our rule is circular, and its soundness proof requires induction on trace trees. The proof is constructive: given simulation relations that witness the simulation preorder between corresponding components of P and Q, we provide a procedure for constructing a witness relation for P �s Q. We also extend our assumeguarantee rule to account for fairness constraints on transition systems.