Results 1  10
of
48
Modal and Temporal Logics for Processes
, 1996
"... this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency ..."
Abstract

Cited by 74 (2 self)
 Add to MetaCart
this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency, Aarhus University, 1993. I would like to thank the organisers and the participants of these summer schools, and of the Banff higher order workshop. I would also like to thank Julian Bradfield for use of his Tex tree constructor for building derivation trees and Carron Kirkwood, Faron Moller, Perdita Stevens and David Walker for comments on earlier drafts.
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
Abstract

Cited by 40 (2 self)
 Add to MetaCart
(Show Context)
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
Certifying model checkers
 Proc of CAV ’01
, 2001
"... Abstract. Model Checking is an algorithmic technique to determine whether a temporal property holds of a program. For linear time properties, a model checker produces a counterexample computation if the check fails. This computation acts as a \certicate " of failure, as it can be checked easil ..."
Abstract

Cited by 39 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Model Checking is an algorithmic technique to determine whether a temporal property holds of a program. For linear time properties, a model checker produces a counterexample computation if the check fails. This computation acts as a \certicate " of failure, as it can be checked easily and independently of the model checker by simulating it on the program. On the other hand, no such certicate is produced if the check succeeds. In this paper, we show how this asymmetry can be eliminated with a certifying model checker. The key idea is that, with some extra bookkeeping, a model checker can produce a deductive proof on either success or failure. This proof acts as a certicate of the result, as it can be checked mechanically by simple, nonxpoint methods that are independent of the model checker. We develop a deductive proof system for verifying branching time properties expressed in the mucalculus, and show how to generate a proof in this system from a model checking run. Proofs for linear time properties form a special case. A model checker that generates proofs can be used for many interesting applications, such as better ways of exploring errors in a program, and a tight integration of model checking with automated theorem proving. 1
Model checking and the Mucalculus
 DIMACS Series in Discrete Mathematics
, 1997
"... There is a growing recognition of the need to apply formal mathematical methods in the design of "high confidence" computing systems. Such systems operate in safety critical contexts (e.g., air traffic control systems) or where errors could have major adverse economic consequences (e.g., ..."
Abstract

Cited by 37 (0 self)
 Add to MetaCart
There is a growing recognition of the need to apply formal mathematical methods in the design of "high confidence" computing systems. Such systems operate in safety critical contexts (e.g., air traffic control systems) or where errors could have major adverse economic consequences (e.g., banking networks). The problem is especially acute in the design of many reactive systems which must exhibit correct ongoing behavior, yet are not amenable to thorough testing due to their inherently nondeterministic nature. One useful approach for specifying and reasoning about correctness of such systems is temporal logic model checking, which can provide an efficient and expressive tool for automatic verification that a finite state system meets a correctness specification formulated in temporal logic. We describe model checking algorithms and discuss their application. To do this, we focus attention on a particularly important type of temporal logic known as the Mucalculus.
Pushdown Processes: Parallel Composition and Model Checking
, 1993
"... In this paper we consider a strict generalization of contextfree processes, the pushdown processes, and show that this class of processes is 1) closed under parallel composition with finite state systems, and can 2) be model checked by means of an elegant adaptation of the higher order model che ..."
Abstract

Cited by 29 (3 self)
 Add to MetaCart
In this paper we consider a strict generalization of contextfree processes, the pushdown processes, and show that this class of processes is 1) closed under parallel composition with finite state systems, and can 2) be model checked by means of an elegant adaptation of the higher order model checker introduced in [BS92]. This shows the advantages of pushdown processes over contextfree processes, which are not sufficiently general in order to support parallel composition.
Verifying temporal properties of reactive systems: A STeP tutorial
 FORMAL METHODS IN SYSTEM DESIGN
, 2000
"... We review a number of formal verification techniques supported by STeP, the Stanford Temporal Prover, describing how the tool can be used to verify properties of several versions of the Bakery algorithm for mutual exclusion. We verify the classic twoprocess algorithm and simple variants, as well a ..."
Abstract

Cited by 28 (5 self)
 Add to MetaCart
We review a number of formal verification techniques supported by STeP, the Stanford Temporal Prover, describing how the tool can be used to verify properties of several versions of the Bakery algorithm for mutual exclusion. We verify the classic twoprocess algorithm and simple variants, as well as an atomic parameterized version. The methods used include deductive verification rules, verification diagrams, automatic invariant generation, and finitestate model checking and abstraction.
Generating Data Flow Analysis Algorithms from Modal Specifications
 SCIENCE OF COMPUTER PROGRAMMING
, 1993
"... The paper develops a framework that is based on the idea that modal logic provides an appropriate framework for the specification of data flow analysis (DFA) algorithms as soon as programs are represented as models of the logic. This can be exploited to construct a DFAgenerator that generates effic ..."
Abstract

Cited by 27 (7 self)
 Add to MetaCart
The paper develops a framework that is based on the idea that modal logic provides an appropriate framework for the specification of data flow analysis (DFA) algorithms as soon as programs are represented as models of the logic. This can be exploited to construct a DFAgenerator that generates efficient implementations of DFAalgorithms from modal specifications by partially evaluating a specific model checker with respect to the specifying modal formula. Moreover, the use of a modal logic as specification language for DFAalgorithms supports the compositional development of specifications and structured proofs of properties of DFAalgorithms.  The framework is illustrated by means of a real life example: the problem of determining optimal computation points within flow graphs.
Ensuring Completeness of Symbolic Verification Methods for InfiniteState Systems
 Theoretical Computer Science
, 1998
"... Over the last few years there has been an increasing research effort directed towards the automatic verification of infinite state systems. For different classes of such systems, e.g., hybrid automata, dataindependent systems, relational automata, Petri nets, and lossy channel systems, this research ..."
Abstract

Cited by 19 (2 self)
 Add to MetaCart
(Show Context)
Over the last few years there has been an increasing research effort directed towards the automatic verification of infinite state systems. For different classes of such systems, e.g., hybrid automata, dataindependent systems, relational automata, Petri nets, and lossy channel systems, this research has resulted in numerous highly nontrivial algorithms. As the interest in this area increases, it will be important to extract common principles that underly these and related results. In this paper, we will present a general model of infinitestate systems, and describe a standard algorithm for reachability analysis of such systems. Our contribution consists in finding conditions under which the algorithm can be fully automated. We perform backward reachability analysis. Using an iterative procedure, we generate successively larger approximations of the set of all states from which a given final state is reachable. We consider classes of systems where these approximations are well quasior...
Cyclic proofs for firstorder logic with inductive definitions
 In TABLEAUX’05, volume 3702 of LNCS
, 2005
"... Abstract. We consider a cyclic approach to inductive reasoning in the setting of firstorder logic with inductive definitions. We present a proof system for this language in which proofs are represented as finite, locally sound derivation trees with a “repeat function ” identifying cyclic proof sect ..."
Abstract

Cited by 18 (7 self)
 Add to MetaCart
(Show Context)
Abstract. We consider a cyclic approach to inductive reasoning in the setting of firstorder logic with inductive definitions. We present a proof system for this language in which proofs are represented as finite, locally sound derivation trees with a “repeat function ” identifying cyclic proof sections. Soundness is guaranteed by a wellfoundedness condition formulated globally in terms of traces over the proof tree, following an idea due to Sprenger and Dam. However, in contrast to their work, our proof system does not require an extension of logical syntax by ordinal variables. A fundamental question in our setting is the strength of the cyclic proof system compared to the more familiar use of a noncyclic proof system using explicit induction rules. We show that the cyclic proof system subsumes the use of explicit induction rules. In addition, we provide machinery for manipulating and analysing the structure of cyclic proofs, based primarily on viewing them as generating regular infinite trees, and also formulate a finitary trace condition sufficient (but not necessary) for soundness, that is computationally and combinatorially simpler than the general trace condition. 1