Results 1  10
of
12
Modeling and Verifying Systems using a Logic of Counter Arithmetic with Lambda Expressions and Uninterpreted Functions
, 2002
"... In this paper, we present the logic of Counter arithmetic with Lambda expressions and Uninterpreted functions (CLU). CLU generalizes the logic of equality with uninterpreted functions (EUF) with constrained lambda expressions, ordering, and successor and predecessor functions. In addition to mod ..."
Abstract

Cited by 142 (43 self)
 Add to MetaCart
In this paper, we present the logic of Counter arithmetic with Lambda expressions and Uninterpreted functions (CLU). CLU generalizes the logic of equality with uninterpreted functions (EUF) with constrained lambda expressions, ordering, and successor and predecessor functions. In addition to modeling pipelined processors that EUF has proved useful for, CLU can be used to model many infinitestate systems including those with infinite memories, finite and infinite queues including lossy channels, and networks of identical processes. Even with this richer expressive power, the validity of a CLU formula can be efficiently decided by translating it to a propositional formula, and then using Boolean methods to check validity. We give theoretical and empirical evidence for the efficiency of our decision procedure. We also describe verification techniques that we have used on a variety of systems, including an outoforder execution unit and the loadstore unit of an industrial microprocessor.
How to compose PresburgerAccelerations: Applications to Broadcast Protocols
 IN PROC. 22ND CONF. FOUND. OF SOFTWARE TECHNOLOGY AND THEOR. COMP. SCI. (FST&TCS'2002), KANPUR
, 2002
"... Finite linear systems are finite sets of linear functions whose guards are de fined by Presburger formulas, and whose the squares matrice associated generate a finite multiplicative monoid. We prove that for finite linear systems, the accelerations of sequences of transitions always produce an effec ..."
Abstract

Cited by 48 (17 self)
 Add to MetaCart
Finite linear systems are finite sets of linear functions whose guards are de fined by Presburger formulas, and whose the squares matrice associated generate a finite multiplicative monoid. We prove that for finite linear systems, the accelerations of sequences of transitions always produce an effective Presburgerdefinable relation. We then show how to choose the good sequences of length n whose number is polynomial in n although the total number of cycles of length n is exponential in n. We implement these theoretical results in the tool FAST [FAS] (Fast Acceleration of Symbolic Transition systems). FAST computes in few seconds the minimal deterministic finite automata that represent the reachability sets of 8 wellknown broadcast protocols.
Abstractionbased satisfiability solving of Presburger arithmetic
 In: Proc. CAV. Volume 3114 of LNCS. (2004) 308–320
, 2004
"... Abstract. We present a new abstractionbased framework for deciding satisfiability of quantifierfree Presburger arithmetic formulas. Given a Presburger formula φ, our algorithm invokes a SAT solver to produce proofs of unsatisfiability of approximations of φ. These proofs are in turn used to genera ..."
Abstract

Cited by 22 (8 self)
 Add to MetaCart
Abstract. We present a new abstractionbased framework for deciding satisfiability of quantifierfree Presburger arithmetic formulas. Given a Presburger formula φ, our algorithm invokes a SAT solver to produce proofs of unsatisfiability of approximations of φ. These proofs are in turn used to generate abstractions of φ as inputs to a theorem prover. The SATencodings of the approximations of φ are obtained by instantiating the variables of the formula over finite domains. The satisfying integer assignments provided by the theorem prover are then used to selectively increase domain sizes and generate fresh SATencodings of φ. The efficiency of this approach derives from the ability of SAT solvers to extract small unsatisfiable cores, leading to small abstracted formulas. We present experimental results which suggest that our algorithm is considerably more efficient than directly invoking the theorem prover on the original formula. 1
An Effective Fixpoint Semantics for Linear Logic Programs
 THEORY AND PRACTICE OF LOGIC PROGRAMMING
, 2002
"... In this paper we investigate the theoretical foundation of a new bottomup semantics for linear logic programs, and more precisely for the fragment of LinLog (Andreoli, 1992) that consists of the language LO (Andreoli & Pareschi, 1991) enriched with the constant 1. We use constraints to symbolically ..."
Abstract

Cited by 11 (3 self)
 Add to MetaCart
In this paper we investigate the theoretical foundation of a new bottomup semantics for linear logic programs, and more precisely for the fragment of LinLog (Andreoli, 1992) that consists of the language LO (Andreoli & Pareschi, 1991) enriched with the constant 1. We use constraints to symbolically and finitely represent possibly infinite collections of provable goals. We define a fixpoint semantics based on a new operator in the style of TP working over constraints. An application of the fixpoint operator can be computed algorithmically. As sufficient conditions for termination, we show that the fixpoint computation is guaranteed to converge for propositional LO. To our knowledge, this is the first attempt to define an effective fixpoint semantics for linear logic programs. As an application of our framework, we also present a formal investigation of the relations between LO and Disjunctive Logic Programming (Minker et al., 1991). Using an approach based on abstract interpretation, we show that DLP fixpoint semantics can be viewed as an abstraction of our semantics for LO. We prove that the resulting abstraction is correct and complete (Cousot & Cousot, 1977; Giacobazzi & Ranzato, 1997) for an interesting class of LO programs encoding Petri Nets.
Convergence Testing in TermLevel Bounded Model Checking
, 2003
"... We consider the problem of bounded model checking of systems expressed in a decidable fragment of firstorder logic. While model checking is not guaranteed to terminate for an arbitrary system, it converges for many practical examples, including pipelined processors. We give a new formal definition ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
We consider the problem of bounded model checking of systems expressed in a decidable fragment of firstorder logic. While model checking is not guaranteed to terminate for an arbitrary system, it converges for many practical examples, including pipelined processors. We give a new formal definition of convergence that generalizes previously stated criteria. We also give a sound semidecision procedure to check this criterion based on a translation to quantified separation logic. Preliminary results on simple pipeline processor models are presented.
Beyond parameterized verification
 Proceedings of the Eighth International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'02), Lecture Notes in Computer Science 2280
, 2002
"... We present a sound and fully automated method for the verification of safety properties of parameterized systems with unbounded local data variables, a new class of infinitestate systems parametric in several dimensions. The method builds upon a specification and an assertional language based on t ..."
Abstract

Cited by 9 (4 self)
 Add to MetaCart
We present a sound and fully automated method for the verification of safety properties of parameterized systems with unbounded local data variables, a new class of infinitestate systems parametric in several dimensions. The method builds upon a specification and an assertional language based on the combination of multiset rewriting and constraints. We introduce new classes of parameterized systems for which verification of safety properties is decidable, and we introduce abstractions, defined at the level of constraints, to handle examples outside these classes. As casestudy, we apply the method to verify fully automatically mutual exclusion properties for formulations of the ticket mutual exclusion algorithm parametric in the number of clients, servers, and in which both clients and servers have unbounded local data.
A Transformational Approach for Generating NonLinear Invariants
 IN STATIC ANALYSIS SYMPOSIUM (JUNE 2000
, 2000
"... Computing invariants is the key issue in the analysis of infinitestate systems whether analysis means testing, verification or parameter synthesis. In particular, methods that allow to treat combinations of loops are of interest. We present a set of algorithms and methods that can be applied to cha ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Computing invariants is the key issue in the analysis of infinitestate systems whether analysis means testing, verification or parameter synthesis. In particular, methods that allow to treat combinations of loops are of interest. We present a set of algorithms and methods that can be applied to characterize overapproximations of the set of reachable states of combinations of selfloops. We present two families of complementary techniques. The first one identifies a number of basic cases of pair of selfloops for which we provide an exact characterization of the reachable states. The second family of techniques is a set of rules based on static analysis that allow to reduce n selfloops (n 2) to n  1 independent pairs of selfloops. The results of the analysis of the pairs of selfloops can then be combined to provide an overapproximation of the reachable states of the n selfloops. We illustrate our methods by synthesizing conditions under which the Biphase Mark protocol works proper...
Automated Verification Using Deduction, Exploration, and Abstraction
, 2001
"... Computer programs are formal texts that are composed by programmers and executed by machines. Formal methods are used to predict the executiontime behavior of a program text through formal, symbolic calculation. Automation in the form of computer programs can be used to execute formal calculations ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Computer programs are formal texts that are composed by programmers and executed by machines. Formal methods are used to predict the executiontime behavior of a program text through formal, symbolic calculation. Automation in the form of computer programs can be used to execute formal calculations so that they are reproducible and checkable. Deduction and exploration are two basic frameworks for the formal calculation of program properties. Both deduction and exploration have their limitations. We argue that these limitations can be overcome through a methodology for automated veri cation that uses propertypreserving abstractions to bridge the gap between deduction and exporation. We introduce models, logics, and verification methods for transition systems, and outline a methodology based on the combined use of deduction, exploration, and abstraction.
Approximation Techniques for Using the ASTRAL Symbolic Model Checker as a Specification Debugger
"... ASTRAL is a highlevel formal speci cation language for realtime systems. This paper presents a symbolic model checker that translates an ASTRAL process instance to a labeled transition system with each transition representable by a Presburger formula. The labeled transition system is unfolded into ..."
Abstract
 Add to MetaCart
ASTRAL is a highlevel formal speci cation language for realtime systems. This paper presents a symbolic model checker that translates an ASTRAL process instance to a labeled transition system with each transition representable by a Presburger formula. The labeled transition system is unfolded into the execution tree of an ASTRAL process and the Omega library is used to carry out the image computations. Different levels of approximation of the environment behaviors of the instance are considered, as well as symbolic search strategies including depthfirst search, breadthfirst search, and depthbreadth search. Three approximation techniques to speed up the model checking process for use in debugging a speci cation are also presented. They are random walk, partial image and dynamic environment generation. Ten mutation tests on a railroad crossing benchmark are used to compare the performance of the techniques applied separately and in combination. The test results are presented and analyzed.
Temporal Logic Extended by Universal Quantifiers
"... For specication of properties of innitestate systems, we propose a linear temporal logic that is extended by universal quantication. This logic can be modelchecked by wellknown algorithms for model checking of propositional linear temporal logic, as long as for the chosen language of state pr ..."
Abstract
 Add to MetaCart
For specication of properties of innitestate systems, we propose a linear temporal logic that is extended by universal quantication. This logic can be modelchecked by wellknown algorithms for model checking of propositional linear temporal logic, as long as for the chosen language of state predicates, quantication is decidable 1