Results 1  10
of
156
Reflections on Standard ML
 FUNCTIONAL PROGRAMMING, CONCURRENCY, SIMULATION AND AUTOMATED REASONING, VOLUME 693 OF LNCS
, 1992
"... Standard ML is one of a number of new programming languages developed in the 1980s that are seen as suitable vehicles for serious systems and applications programming. It offers an excellent ratio of expressiveness to language complexity, and provides competitive efficiency. Because of its type an ..."
Abstract

Cited by 198 (4 self)
 Add to MetaCart
Standard ML is one of a number of new programming languages developed in the 1980s that are seen as suitable vehicles for serious systems and applications programming. It offers an excellent ratio of expressiveness to language complexity, and provides competitive efficiency. Because of its type and module system, Standard ML manages to combine safety, security, and robustness with much of the flexibility of dynamically typed languages like Lisp. It is also has the most welldeveloped scientific foundation of any major language. Here I review the strengths and weaknesses of Standard ML and describe some of what we have learned through the design, implementation, and use of the language.
MOCHA: Modularity in Model Checking
, 1998
"... this paper, we describe the toolkit MOCHA in which the proposed approach is being implemented. The input language of MOCHA is a machine readable variant of reactive modules. The following functionalities are currently being supported: ..."
Abstract

Cited by 158 (20 self)
 Add to MetaCart
this paper, we describe the toolkit MOCHA in which the proposed approach is being implemented. The input language of MOCHA is a machine readable variant of reactive modules. The following functionalities are currently being supported:
The PEPA Workbench: A Tool to Support a Process Algebrabased Approach to Performance Modelling
 In Proceedings of the Seventh International Conference on Modelling Techniques and Tools for Computer Performance Evaluation, number 794 in Lecture Notes in Computer Science
, 1994
"... . In this paper we present a new technique for performance modelling and a tool supporting this approach. Performance Evaluation Process Algebra (PEPA) [1] is an algebraic language which can beused to build models of computer systems which capture information about the performance of the system. The ..."
Abstract

Cited by 155 (59 self)
 Add to MetaCart
. In this paper we present a new technique for performance modelling and a tool supporting this approach. Performance Evaluation Process Algebra (PEPA) [1] is an algebraic language which can beused to build models of computer systems which capture information about the performance of the system. The PEPA language serves two purposes as a formal description language for computer system models. The performancerelated information in the model may be used to predict the performance of the system whereas the behavioural information in the model may be exploited when reasoning about the functional behaviour of the system (e.g. when finding deadlocks or when exhibiting equivalences between subcomponents). In this paper we concentrate on the performance aspects of the language. A method of reasoningaboutPEPA modelsproceedsby considering the derivation graph obtained from the model using the underlying operational semantics of the PEPA language. The derivation graph is systematically reduced ...
Computing Simulations on Finite and Infinite Graphs
, 1996
"... . We present algorithms for computing similarity relations of labeled graphs. Similarity relations have applications for the refinement and verification of reactive systems. For finite graphs, we present an O(mn) algorithm for computing the similarity relation of a graph with n vertices and m edges ..."
Abstract

Cited by 147 (6 self)
 Add to MetaCart
. We present algorithms for computing similarity relations of labeled graphs. Similarity relations have applications for the refinement and verification of reactive systems. For finite graphs, we present an O(mn) algorithm for computing the similarity relation of a graph with n vertices and m edges (assuming m n). For effectively presented infinite graphs, we present a symbolic similaritychecking procedure that terminates if a finite similarity relation exists. We show that 2D rectangular automata, which model discrete reactive systems with continuous environments, define effectively presented infinite graphs with finite similarity relations. It follows that the refinement problem and the 8CTL modelchecking problem are decidable for 2D rectangular automata. 1 Introduction A labeled graph G = (V; E;A; hh\Deltaii) consist of a (possibly infinite) set V of vertices, a set E ` V 2 of edges, a set A of labels, and a function hh\Deltaii : V ! A that maps each vertex v to a label hh...
The NCSU Concurrency Workbench
, 1996
"... . The NCSU Concurrency Workbench is a tool for verifying finitestate systems. A key feature is its flexibility; its modular design eases the task of adding new analyses and changing the language users employ for describing systems. This note gives an overview of the system 's features, including it ..."
Abstract

Cited by 147 (23 self)
 Add to MetaCart
. The NCSU Concurrency Workbench is a tool for verifying finitestate systems. A key feature is its flexibility; its modular design eases the task of adding new analyses and changing the language users employ for describing systems. This note gives an overview of the system 's features, including its capacity for generating diagnostic information for incorrect systems, and discusses some of its applications. 1 Introduction The NCSU Concurrency Workbench (NCSUCWB) [1] supports the automatic verification of finitestate concurrent systems. The main goal of the system is to provide users with a tool that is flexible and easy to use and yet whose performance is competitive with that of existing specialpurpose tools. In support of the former, and like its predecessor, the (Edinburgh) Concurrency Workbench [9, 15], the NCSUCWB includes implementations of decision procedures for calculating a number of different behavioral equivalences and preorders between systems and for determining whe...
Priorities in process algebra
, 1999
"... This chapter surveys the semantic rami cations of extending traditional process algebras with notions of priority that allow for some transitions to be given precedence over others. The need for these enriched formalisms arises when one wishes to model system features such asinterrupts, prioritized ..."
Abstract

Cited by 103 (12 self)
 Add to MetaCart
This chapter surveys the semantic rami cations of extending traditional process algebras with notions of priority that allow for some transitions to be given precedence over others. The need for these enriched formalisms arises when one wishes to model system features such asinterrupts, prioritized choice, orrealtime behavior. Approaches to priority in process algebras can be classi ed according to whether the induced notion of preemption on transitions is global or local and whether priorities are static or dynamic. Early work in the area concentrated on global preemption and static priorities and led to formalisms for modeling interrupts and aspects of realtime, such as maximal progress, in centralized computing environments. More recent research has investigated localized notions of preemption in which the distribution of systems is taken into account, as well as dynamic priority approaches, i.e., those where priority values may change as systems evolve. The latter allows one to model behavioral phenomena such as scheduling algorithms and also enables the e cient encoding of realtime semantics. Technically, this chapter studies the di erent models of priorities by presenting extensions of Milner's Calculus of Communicating Systems (CCS) with static and dynamic priority as well as with notions of global and local preemption. In each case the operational semantics of CCS is modi ed appropriately, behavioral theories based on strong and weak bisimulation are given, and related approaches for di erent processalgebraic settings are discussed.
HYTECH: The next generation
 In Proceedings of the 16th IEEE RealTime Systems Symposium
, 1995
"... Abstract. We describe a new implementation of HyTech 1,asymbolic model checker for hybrid systems. Given a parametric description of an embedded system as a collection of communicating automata, HyTech automatically computes the conditions on the parameters under which the system satis es its safety ..."
Abstract

Cited by 102 (7 self)
 Add to MetaCart
Abstract. We describe a new implementation of HyTech 1,asymbolic model checker for hybrid systems. Given a parametric description of an embedded system as a collection of communicating automata, HyTech automatically computes the conditions on the parameters under which the system satis es its safety and timing requirements. While the original HyTech prototype was based on the symbolic algebra tool Mathematica, the new implementation is written in C ++ and builds on geometric algorithms instead of formula manipulation. The new HyTech o ers a cleaner and more expressive input language, greater portability, superior performance (typically two to three orders of magnitude), and new features such as diagnostic errortrace generation. We illustrate the e ectiveness of the new implementation by applying HyTech to the automatic parametric analysis of the generic railroad crossing benchmark problem [HJL93] and to an active structure control algorithm [ECB94]. 1
The Generalized Railroad Crossing: A Case Study in Formal Verification of RealTime Systems
 IN PROC., REALTIME SYSTEMS SYMP
, 1994
"... A new solution to the Generalized Railroad Crossing problem, based on timed automata, invariants and simulation mappings, is presented and evaluated. The solution shows formally the correspondence between four system descriptions: an axiomatic specification, an operational specification, a discrete ..."
Abstract

Cited by 94 (19 self)
 Add to MetaCart
A new solution to the Generalized Railroad Crossing problem, based on timed automata, invariants and simulation mappings, is presented and evaluated. The solution shows formally the correspondence between four system descriptions: an axiomatic specification, an operational specification, a discrete system implementation, and a system implementation that works with a continuous gate model.
Distributed Processes and Location Failures
 Theoretical Computer Science
, 1997
"... . Site failure is an essential aspect of distributed systems; nonetheless its effect on programming language semantics remains poorly understood. To model such systems, we define a process calculus in which processes are run at distributed locations. The language provides operators to kill locations ..."
Abstract

Cited by 56 (7 self)
 Add to MetaCart
. Site failure is an essential aspect of distributed systems; nonetheless its effect on programming language semantics remains poorly understood. To model such systems, we define a process calculus in which processes are run at distributed locations. The language provides operators to kill locations, to test the status (dead or alive) of locations, and to spawn processes at remote locations. Using a variation of bisimulation, we provide alternative characterizations of strong and weak barbed congruence for this language, based on an operational semantics that uses configurations to record the status of locations. We then derive a second, symbolic characterization in which configurations are replaced by logical formulae. In the strong case the formulae come from a standard propositional logic, while in the weak case a temporal logic with past time modalities is required. The symbolic characterization establishes that, in principle, barbed congruence for such languages can be checked ef...
Saturation: an efficient iteration strategy for symbolic state space generation
 PROC. TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS (TACAS), LNCS 2031
, 2001
"... We present a novel algorithm for generating state spaces of asynchronous systems using Multi–valued Decision Diagrams. In contrast to related work, we encode the next–state function of a system not as a single Boolean function, but as cross–products of integer functions. This permits the applicati ..."
Abstract

Cited by 56 (30 self)
 Add to MetaCart
We present a novel algorithm for generating state spaces of asynchronous systems using Multi–valued Decision Diagrams. In contrast to related work, we encode the next–state function of a system not as a single Boolean function, but as cross–products of integer functions. This permits the application of various iteration strategies to build a system’s state space. In particular, we introduce a new elegant strategy, called saturation, and implement it in the tool SMART. On top of usually performing several orders of magnitude faster than existing BDD–based state–space generators, our algorithm’s required peak memory is often close to the final memory needed for storing the overall state space.