Results 1  10
of
33
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 3218 (68 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Modal Logics and muCalculi: An Introduction
, 2001
"... We briefly survey the background and history of modal and temporal logics. We then concentrate on the modal mucalculus, a modal logic which subsumes most other commonly used logics. We provide an informal introduction, followed by a summary of the main theoretical issues. We then look at modelchec ..."
Abstract

Cited by 59 (3 self)
 Add to MetaCart
We briefly survey the background and history of modal and temporal logics. We then concentrate on the modal mucalculus, a modal logic which subsumes most other commonly used logics. We provide an informal introduction, followed by a summary of the main theoretical issues. We then look at modelchecking, and finally at the relationship of modal logics to other formalisms.
Partial Model Checking (Extended Abstract)
 In Proceedings, Tenth Annual IEEE Symposium on Logic in Computer Science
, 1995
"... ) Henrik Reif Andersen Department of Computer Science Technical University of Denmark Building 344, DK2800 Lyngby, Denmark. Abstract A major obstacle in applying finitestate model checking to the verification of large systems is the combinatorial explosion of the state space arising when many ..."
Abstract

Cited by 35 (6 self)
 Add to MetaCart
(Show Context)
) Henrik Reif Andersen Department of Computer Science Technical University of Denmark Building 344, DK2800 Lyngby, Denmark. Abstract A major obstacle in applying finitestate model checking to the verification of large systems is the combinatorial explosion of the state space arising when many loosely coupled parallel processes are considered. The problem also known as the stateexplosion problem has been attacked from various sides. This paper presents a new approach based on partial model checking: Parts of the concurrent system are gradually removed while transforming the specification accordingly. When the intermediate specifications constructed in this manner can be kept small, the stateexplosion problem is avoided. Experimental results with a prototype implemented in Standard ML, shows that for Milner's Scheduler  an often used benchmark  this approach improves on the published results on Binary Decision Diagrams and is comparable to results obtained using generalized...
Clock Difference Diagrams
 Nordic Journal of Computing
, 1999
"... We sketch a BDDlike structure for representing unions of simple convex polyhedra, describing the legal values of a set of clocks given bounds on the values of clocks and clock differences. 1 Introduction The basic problem we are trying to tackle is the combination BDD's and DBM's (differ ..."
Abstract

Cited by 27 (8 self)
 Add to MetaCart
We sketch a BDDlike structure for representing unions of simple convex polyhedra, describing the legal values of a set of clocks given bounds on the values of clocks and clock differences. 1 Introduction The basic problem we are trying to tackle is the combination BDD's and DBM's (difference bound matrices) in order to allow a completely BDDbased approach to the verification of continuous realtime systems. Early approaches in this direction include [WTD95] and [Bal96]. Another inspiration for this work comes from [ST98]. Some of the ideas come from the implementation of a decision algorithm for timed bisimulation ([WL97]). 2 Definition of CDD's We assume a finite set of realvalued clocks C = fX 1 ; : : : ; X k g. We are interested in a data structure to represent and manipulate sets of possible values of these clocks. In particular, we shall confine ourselves to sets being the finite unions of simple convex polyhedra. The simple convex polyhedra are described by bounds on the ind...
Symbolic Trajectory Evaluation
 Formal Hardware Verification
, 1996
"... ion The main problem with model checking is the state explosion problem  the state space grows exponentially with system size. Two methods have some popularity in attacking this problem: compositional methods and abstraction. While they cannot solve the problem in general, they do offer significa ..."
Abstract

Cited by 27 (6 self)
 Add to MetaCart
(Show Context)
ion The main problem with model checking is the state explosion problem  the state space grows exponentially with system size. Two methods have some popularity in attacking this problem: compositional methods and abstraction. While they cannot solve the problem in general, they do offer significant improvements in performance. The direct method of verifying that a circuit has a property f is to show the model M satisfies f . The idea behind abstraction is that instead of verifying property f of model M , we verify property f A of model MA and the answer we get helps us answer the original problem. The system MA is an abstraction of the system M . One possibility is to build an abstraction MA that is equivalent (e.g. bisimilar [48]) to M . This sometimes leads to performance advantages if the state space of MA is smaller than M . This type of abstraction would more likely be used in model comparison (e.g. as in [38]). Typically, the behaviour of an abstraction is not equivalent...
Symbolic protocol verification with Queue BDDs
 Formal Methods and System Design
, 1999
"... ..."
(Show Context)
Compositionality via cutelimination: HennessyMilner logic for an arbitrary GSOS
 in Proceedings 10th Symposium on Logic in Computer Science
, 1995
"... ..."
(Show Context)
Compositional Proof Systems for Model Checking Infinite State Processes
, 1995
"... . We present the first compositional proof system for checking processes against formulas in the modal ¯calculus which is capable of handling general infinitestate processes. The proof system is obtained in a systematic way from the operational semantics of the underlying process algebra. A nontr ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
. We present the first compositional proof system for checking processes against formulas in the modal ¯calculus which is capable of handling general infinitestate processes. The proof system is obtained in a systematic way from the operational semantics of the underlying process algebra. A nontrivial proof example is given, and the proof system is shown to be sound in general, and complete for finitestate processes. 1 Introduction In this paper we address the problem of verifying modal ¯calculus properties of general infinitestate processes, and we present what we believe to be the first genuinely compositional solution to this problem. The value of compositionality in program logics is well established. Compositionality allows better structuring and decomposition of the verification task, it allows proof reuse, and it allows reasoning about partially instantiated programs, thus supporting program synthesis. Even more fundamentally it allows, at least in principle, verification...
Proving Properties of Dynamic Process Networks
, 1998
"... We present the first compositional proof system for checking processes against formulas in the modal ¯calculus which is capable of handling dynamic process networks. The proof system is obtained in a systematic way from the operational semantics of the underlying process algebra. A nontrivial proo ..."
Abstract

Cited by 18 (9 self)
 Add to MetaCart
We present the first compositional proof system for checking processes against formulas in the modal ¯calculus which is capable of handling dynamic process networks. The proof system is obtained in a systematic way from the operational semantics of the underlying process algebra. A nontrivial proof example is given, and the proof system is shown to be sound in general, and complete for finitestate processes. 1 Introduction In this paper we address the problem of verifying modal ¯calculus properties of general infinitestate processes, and we present what we believe to be the first genuinely compositional solution to this problem. The value of compositionality in program logics is well established. Compositionality allows better structuring and decomposition of the verification task, it allows reuse of proofs, and it allows reasoning about partially instantiated programs, thus supporting program synthesis. Even more fundamentally it allows, at least in principle, verification exe...