Results 1  10
of
36
Model Checking of Probabilistic and Nondeterministic Systems
, 1995
"... . The temporal logics pCTL and pCTL* have been proposed as tools for the formal specification and verification of probabilistic systems: as they can express quantitative bounds on the probability of system evolutions, they can be used to specify system properties such as reliability and performance. ..."
Abstract

Cited by 271 (13 self)
 Add to MetaCart
. The temporal logics pCTL and pCTL* have been proposed as tools for the formal specification and verification of probabilistic systems: as they can express quantitative bounds on the probability of system evolutions, they can be used to specify system properties such as reliability and performance. In this paper, we present modelchecking algorithms for extensions of pCTL and pCTL* to systems in which the probabilistic behavior coexists with nondeterminism, and show that these algorithms have polynomialtime complexity in the size of the system. This provides a practical tool for reasoning on the reliability and performance of parallel systems. 1 Introduction Temporal logic has been successfully used to specify the behavior of concurrent and reactive systems. These systems are usually modeled as nondeterministic processes: at any moment in time, more than one future evolution may be possible, but a probabilistic characterization of their likelihood is normally not attempted. While ma...
Model Checking for a Probabilistic Branching Time Logic with Fairness
 Distributed Computing
, 1998
"... We consider concurrent probabilistic systems, based on probabilistic automata of Segala & Lynch [55], which allow nondeterministic choice between probability distributions. These systems can be decomposed into a collection of "computation trees" which arise by resolving the nondeterm ..."
Abstract

Cited by 134 (41 self)
 Add to MetaCart
We consider concurrent probabilistic systems, based on probabilistic automata of Segala & Lynch [55], which allow nondeterministic choice between probability distributions. These systems can be decomposed into a collection of "computation trees" which arise by resolving the nondeterministic, but not probabilistic, choices. The presence of nondeterminism means that certain liveness properties cannot be established unless fairness is assumed. We introduce a probabilistic branching time logic PBTL, based on the logic TPCTL of Hansson [30] and the logic PCTL of [55], resp. pCTL of [14]. The formulas of the logic express properties such as "every request is eventually granted with probability at least p". We give three interpretations for PBTL on concurrent probabilistic processes: the first is standard, while in the remaining two interpretations the branching time quantifiers are taken to range over a certain kind of fair computation trees. We then present a model checking algorithm for...
Algebraic Reasoning for Probabilistic Concurrent Systems
 Proc. IFIP TC2 Working Conference on Programming Concepts and Methods
, 1990
"... We extend Milner's SCCS to obtain a calculus, PCCS, for reasoning about communicating probabilistic processes. In particular, the nondeterministic process summation operator of SCCS is replaced with a probabilistic one, in which the probability of behaving like a particular summand is given exp ..."
Abstract

Cited by 114 (5 self)
 Add to MetaCart
We extend Milner's SCCS to obtain a calculus, PCCS, for reasoning about communicating probabilistic processes. In particular, the nondeterministic process summation operator of SCCS is replaced with a probabilistic one, in which the probability of behaving like a particular summand is given explicitly. The operational semantics for PCCS is based on the notion of probabilistic derivation, and is given structurally as a set of inference rules. We then present an equational theory for PCCS based on probabilistic bisimulation, an extension of Milner's bisimulation proposed by Larsen and Skou. We provide the first axiomatization of probabilistic bisimulation, a subset of which is relatively complete for finitestate probabilistic processes. In the probabilistic case, a notion of processes with almost identical behavior (i.e., with probability 1 \Gamma ffl, for ffl sufficiently small) appears to be more useful in practice than a notion of equivalence, since the latter is often too restricti...
Implementation of Symbolic Model Checking for Probabilistic Systems
, 2002
"... In this thesis, we present ecient implementation techniques for probabilistic model checking, a method which can be used to analyse probabilistic systems such as randomised distributed algorithms, faulttolerant processes and communication networks. A probabilistic model checker inputs a probabilist ..."
Abstract

Cited by 66 (22 self)
 Add to MetaCart
In this thesis, we present ecient implementation techniques for probabilistic model checking, a method which can be used to analyse probabilistic systems such as randomised distributed algorithms, faulttolerant processes and communication networks. A probabilistic model checker inputs a probabilistic model and a speci cation, such as \the message will be delivered with probability 1", \the probability of shutdown occurring is at most 0.02" or \the probability of a leader being elected within 5 rounds is at least 0.98", and can automatically verify if the speci cation is true in the model.
Knowledge, belief and time
 Theoretical Computer Science
, 1988
"... Abstract. In the conclusion of [7] Halpern and Moses expressed their interest in a logical system in which one could talk about knowledge and belief (and belief about knowledge, knowledge about belief and so on), We investigate such systems. In the first part of the paper knowledge and belief, witho ..."
Abstract

Cited by 50 (8 self)
 Add to MetaCart
(Show Context)
Abstract. In the conclusion of [7] Halpern and Moses expressed their interest in a logical system in which one could talk about knowledge and belief (and belief about knowledge, knowledge about belief and so on), We investigate such systems. In the first part of the paper knowledge and belief, without time, are considered. Common knowledge and common belief are defined and compared. A logical system and a family of models are proposed, a completeness result is proved and a decision procedure described. In the second part of the paper, time is considered. Different notions of beliefs are distinguished, obeying different properties of persistence. One interpretation of belief which obeys a very strong persistence axiom is put forward and used in the analysis of the “wise men ” puzzle. 1.
Verifying Automata Specifications of Probabilistic Realtime Systems
 RealTime: Theory in Practice, Springer LNCS 600
, 1991
"... . We present a modelchecking algorithm for a system presented as a generalized semiMarkov process and a specification given as a deterministic timed automaton. This leads to a method for automatic verification of timing properties of finitestate probabilistic realtime systems. Keywords: Realti ..."
Abstract

Cited by 41 (4 self)
 Add to MetaCart
. We present a modelchecking algorithm for a system presented as a generalized semiMarkov process and a specification given as a deterministic timed automaton. This leads to a method for automatic verification of timing properties of finitestate probabilistic realtime systems. Keywords: Realtime, Probabilistic systems, Automatic verification. 1 Introduction There is increasing awareness that unexpected behavior from interacting processes can cause serious problems. This observation applies not only to programs and digital systems, but also to physical processes, such as robots, automobiles, manufacturing processes, and so on. Indeed, as digital systems become smaller and cheaper, their use to control and interact with physical processes will inevitably increase. Formal verification of these systems seeks mathematical methods for reasoning about their behavior. Automatic formal verification is particularly promising, because it requires far less labor than the manual techniques. ...
Probabilistic Model Checking of an Anonymity System
 Journal of Computer Security
, 2004
"... We use the probabilistic model checker PRISM to analyze the Crowds system for anonymous Web browsing. This case study demonstrates how probabilistic model checking techniques can be used to formally analyze security properties of a peertopeer group communication system based on random message ..."
Abstract

Cited by 38 (1 self)
 Add to MetaCart
We use the probabilistic model checker PRISM to analyze the Crowds system for anonymous Web browsing. This case study demonstrates how probabilistic model checking techniques can be used to formally analyze security properties of a peertopeer group communication system based on random message routing among members. The behavior of group members and the adversary is modeled as a discretetime Markov chain, and the desired security properties are expressed as PCTL formulas. The PRISM model checker is used to perform automated analysis of the system and verify anonymity guarantees it provides. Our main result is a demonstration of how certain forms of probabilistic anonymity degrade when group size increases or random routing paths are rebuilt, assuming that the corrupt group members are able to identify and/or correlate multiple routing paths originating from the same sender.
On the decidability of temporal properties of probabilistic pushdown automata
 IN PROC. OF STACS’05
, 2005
"... We consider qualitative and quantitative modelchecking problems for probabilistic pushdown automata (pPDA) and various temporal logics. We prove that the qualitative and quantitative modelchecking problem for ωregular properties and pPDA is in 2EXPSPACE and 3EXPTIME, respectively. We also pro ..."
Abstract

Cited by 38 (11 self)
 Add to MetaCart
We consider qualitative and quantitative modelchecking problems for probabilistic pushdown automata (pPDA) and various temporal logics. We prove that the qualitative and quantitative modelchecking problem for ωregular properties and pPDA is in 2EXPSPACE and 3EXPTIME, respectively. We also prove that modelchecking the qualitative fragment of the logic PECTL ∗ for pPDA is in 2EXPSPACE, and modelchecking the qualitative fragment of PCTL for pPDA is in EXPSPACE. Furthermore, modelchecking the qualitative fragment of PCTL is shown to be EXPTIMEhard even for stateless pPDA. Finally, we show that PCTL modelchecking is undecidable for pPDA, and PCTL + modelchecking is undecidable even for stateless pPDA.
Probabilistic Analysis of Anonymity
 IN PROC. 15TH COMPUTER SECURITY FOUNDATIONS WORKSHOP
, 2002
"... We present a formal analysis technique for probabilistic security properties of peertopeer communication systems based on random message routing among members. The behavior of group members and the adversary is modeled as a discretetime Markov chain, and security properties are expressed as PCTL ..."
Abstract

Cited by 35 (1 self)
 Add to MetaCart
(Show Context)
We present a formal analysis technique for probabilistic security properties of peertopeer communication systems based on random message routing among members. The behavior of group members and the adversary is modeled as a discretetime Markov chain, and security properties are expressed as PCTL formulas. To illustrate feasibility of the approach, we model the Crowds system for anonymous Web browsing, and use a probabilistic model checker, PRISM, to perform automated analysis of the system and verify anonymity guarantees it provides. The main result of the Crowds analysis is a demonstration of how certain forms of anonymity degrade with the increase in group size and the number of random routing paths.
Algebraic Approaches to Nondeterminism  an Overview
 ACM Computing Surveys
, 1997
"... this paper was published as Walicki, M.A. and Meldal, S., 1995, Nondeterministic Operators in Algebraic Frameworks, Tehnical Report No. CSLTR95664, Stanford University ..."
Abstract

Cited by 24 (3 self)
 Add to MetaCart
this paper was published as Walicki, M.A. and Meldal, S., 1995, Nondeterministic Operators in Algebraic Frameworks, Tehnical Report No. CSLTR95664, Stanford University