Results 1  10
of
35
Modal and Temporal Logics for Processes
, 1996
"... this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency ..."
Abstract

Cited by 71 (2 self)
 Add to MetaCart
this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency, Aarhus University, 1993. I would like to thank the organisers and the participants of these summer schools, and of the Banff higher order workshop. I would also like to thank Julian Bradfield for use of his Tex tree constructor for building derivation trees and Carron Kirkwood, Faron Moller, Perdita Stevens and David Walker for comments on earlier drafts.
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
Abstract

Cited by 39 (2 self)
 Add to MetaCart
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
Model checking and the Mucalculus
 DIMACS Series in Discrete Mathematics
, 1997
"... There is a growing recognition of the need to apply formal mathematical methods in the design of "high confidence" computing systems. Such systems operate in safety critical contexts (e.g., air traffic control systems) or where errors could have major adverse economic consequences (e.g., banking n ..."
Abstract

Cited by 37 (0 self)
 Add to MetaCart
There is a growing recognition of the need to apply formal mathematical methods in the design of "high confidence" computing systems. Such systems operate in safety critical contexts (e.g., air traffic control systems) or where errors could have major adverse economic consequences (e.g., banking networks). The problem is especially acute in the design of many reactive systems which must exhibit correct ongoing behavior, yet are not amenable to thorough testing due to their inherently nondeterministic nature. One useful approach for specifying and reasoning about correctness of such systems is temporal logic model checking, which can provide an efficient and expressive tool for automatic verification that a finite state system meets a correctness specification formulated in temporal logic. We describe model checking algorithms and discuss their application. To do this, we focus attention on a particularly important type of temporal logic known as the Mucalculus.
Certifying Model Checkers
 In 13th International Conference Computer Aided Verification
, 2001
"... Model Checking is an algorithmic technique to determine whether a temporal property holds of a program. For linear time properties, a model checker produces a counterexample computation if the check fails. This computation acts as a "certificate" of failure, as it can be checked easily and indep ..."
Abstract

Cited by 34 (1 self)
 Add to MetaCart
Model Checking is an algorithmic technique to determine whether a temporal property holds of a program. For linear time properties, a model checker produces a counterexample computation if the check fails. This computation acts as a "certificate" of failure, as it can be checked easily and independently of the model checker by simulating it on the program. On the other hand, no such certificate is produced if the check succeeds. In this paper, we show how this asymmetry can be eliminated with a certifying model checker. The key idea is that, with some extra bookkeeping, a model checker can produce a deductive proof on either success or failure. This proof acts as a certificate of the result, as it can be checked mechanically by simple, nonfixpoint methods that are independent of the model checker. We develop a deductive proof system for verifying branching time properties expressed in the mucalculus, and show how to generate a proof in this system from a model checking run. Proofs for linear time properties form a special case. A model checker that generates proofs can be used for many interesting applications, such as better ways of exploring errors in a program, and a tight integration of model checking with automated theorem proving. 1
Pushdown Processes: Parallel Composition and Model Checking
, 1993
"... In this paper we consider a strict generalization of contextfree processes, the pushdown processes, and show that this class of processes is 1) closed under parallel composition with finite state systems, and can 2) be model checked by means of an elegant adaptation of the higher order model che ..."
Abstract

Cited by 27 (3 self)
 Add to MetaCart
In this paper we consider a strict generalization of contextfree processes, the pushdown processes, and show that this class of processes is 1) closed under parallel composition with finite state systems, and can 2) be model checked by means of an elegant adaptation of the higher order model checker introduced in [BS92]. This shows the advantages of pushdown processes over contextfree processes, which are not sufficiently general in order to support parallel composition.
Generating Data Flow Analysis Algorithms from Modal Specifications
 SCIENCE OF COMPUTER PROGRAMMING
, 1993
"... The paper develops a framework that is based on the idea that modal logic provides an appropriate framework for the specification of data flow analysis (DFA) algorithms as soon as programs are represented as models of the logic. This can be exploited to construct a DFAgenerator that generates effic ..."
Abstract

Cited by 26 (7 self)
 Add to MetaCart
The paper develops a framework that is based on the idea that modal logic provides an appropriate framework for the specification of data flow analysis (DFA) algorithms as soon as programs are represented as models of the logic. This can be exploited to construct a DFAgenerator that generates efficient implementations of DFAalgorithms from modal specifications by partially evaluating a specific model checker with respect to the specifying modal formula. Moreover, the use of a modal logic as specification language for DFAalgorithms supports the compositional development of specifications and structured proofs of properties of DFAalgorithms.  The framework is illustrated by means of a real life example: the problem of determining optimal computation points within flow graphs.
Verifying temporal properties of reactive systems: A STeP tutorial
 FORMAL METHODS IN SYSTEM DESIGN
, 2000
"... We review a number of formal verification techniques supported by STeP, the Stanford Temporal Prover, describing how the tool can be used to verify properties of several versions of the Bakery algorithm for mutual exclusion. We verify the classic twoprocess algorithm and simple variants, as well a ..."
Abstract

Cited by 24 (5 self)
 Add to MetaCart
We review a number of formal verification techniques supported by STeP, the Stanford Temporal Prover, describing how the tool can be used to verify properties of several versions of the Bakery algorithm for mutual exclusion. We verify the classic twoprocess algorithm and simple variants, as well as an atomic parameterized version. The methods used include deductive verification rules, verification diagrams, automatic invariant generation, and finitestate model checking and abstraction.
Proving Properties of Dynamic Process Networks
, 1998
"... We present the first compositional proof system for checking processes against formulas in the modal ¯calculus which is capable of handling dynamic process networks. The proof system is obtained in a systematic way from the operational semantics of the underlying process algebra. A nontrivial proo ..."
Abstract

Cited by 16 (8 self)
 Add to MetaCart
We present the first compositional proof system for checking processes against formulas in the modal ¯calculus which is capable of handling dynamic process networks. The proof system is obtained in a systematic way from the operational semantics of the underlying process algebra. A nontrivial proof example is given, and the proof system is shown to be sound in general, and complete for finitestate processes. 1 Introduction In this paper we address the problem of verifying modal ¯calculus properties of general infinitestate processes, and we present what we believe to be the first genuinely compositional solution to this problem. The value of compositionality in program logics is well established. Compositionality allows better structuring and decomposition of the verification task, it allows reuse of proofs, and it allows reasoning about partially instantiated programs, thus supporting program synthesis. Even more fundamentally it allows, at least in principle, verification exe...
Ensuring Completeness of Symbolic Verification Methods for InfiniteState Systems
 Theoretical Computer Science
, 1998
"... Over the last few years there has been an increasing research effort directed towards the automatic verification of infinite state systems. For different classes of such systems, e.g., hybrid automata, dataindependent systems, relational automata, Petri nets, and lossy channel systems, this research ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
Over the last few years there has been an increasing research effort directed towards the automatic verification of infinite state systems. For different classes of such systems, e.g., hybrid automata, dataindependent systems, relational automata, Petri nets, and lossy channel systems, this research has resulted in numerous highly nontrivial algorithms. As the interest in this area increases, it will be important to extract common principles that underly these and related results. In this paper, we will present a general model of infinitestate systems, and describe a standard algorithm for reachability analysis of such systems. Our contribution consists in finding conditions under which the algorithm can be fully automated. We perform backward reachability analysis. Using an iterative procedure, we generate successively larger approximations of the set of all states from which a given final state is reachable. We consider classes of systems where these approximations are well quasior...