In this paper we introduce PRISM, a probabilistic model checker, and describe the ecient symbolic techniques we have developed during its implementation. PRISM is a tool for analysing probabilistic systems. It supports three models: discrete-time Markov chains, continuous-time Markov chains and Markov decision processes. Analysis is performed through model checking speci cations in the probabilistic temporal logics PCTL and CSL. Motivated by the success of model checkers such as SMV, which use BDDs (binary decision diagrams), we have developed an implementation of PCTL and CSL model checking based on MTBDDs (multi-terminal BDDs) and BDDs. Existing work in this direction has been hindered by the generally poor performance of MTBDD-based numerical computation, which is often substantially slower than explicit methods using sparse matrices. We present a novel hybrid technique which combines aspects of symbolic and explicit approaches to overcome these performance problems. For typical examples, we achieve orders of magnitude speed-up compared to MTBDDs and are able to almost match the speed of sparse matrices whilst maintaining considerable space savings.

This paper examines numerical issues in computing solutions to networks of stochastic automata. It is well-known that when the matrices that represent the automata contain only constant values, the cost of performing the operation basic to all iterative solution methods, that of matrix-vector multiply, is given by ae N = N Y i=1 n i \Theta N X i=1 n i ; where n i is the number of states in the i th automaton and N is the number of automata in the network. We introduce the concept of a generalized tensor product and prove a number of lemmas concerning this product. The result of these lemmas allows us to show that this relatively small number of operations is sufficient in many practical cases of interest in which the automata contain functional and not simply constant transitions. Furthermore, we show how the automata should be ordered to achieve this.

We introduce a stochastic process algebra, PEPA, as a high-level modelling paradigm for con-tinuous time Markov chains (CTMC). Process algebras are mathematical theories which model concurrent systems by their algebra and provide apparatus for reasoning about the structure and behaviour of the model. Recent extensions of these algebras, associating random variables with actions, make the models also amenable to Markovian analysis. A compositional structure is inherent in the PEPA language. As well as the clear advantages that this offers for model construction, we demonstrate how this compositionality may be exploited to reduce the state space of the CTMC. This leads to an exact aggregation based on lumpability. Moreover this technique, taking advantage of symmetries within the system, may be formally defined in terms of the PEPA description of the model. An equivalence relation, strong equivalence, developed as a process algebra bisimulation relation, is used to partition the derivation graph. 1

SMART is a new tool designed to allow various high-level stochastic modeling formalisms (such as stochastic Petri nets and queueing networks) to be described in a uniform environment and solved using a variety of solution techniques, including numerical methods and simulation. Since SMART is intended as a research tool, it is written in a modular way that permits the easy integration of new solution algorithms. I. SMART Language Models are described to SMART using a strongly-typed, declarative language. The three basic predefined types for the objects defined in SMART are: ffl bool: true or false. ffl int: integer values. ffl real: real values (machine-dependent precision). Composite types can be defined using the concepts of: ffl sets: collection of homogeneous objects. ffl arrays: multidimensional data structures of homogeneous objects indexed by the elements of a set. ffl aggregates: analogous to the Pascal "record". A type can be further modified by the following natures, w...

The stochastic process algebra MTIPP has emerged from research in the field of process descriptions for random behaviour through time. This calculus has recently been shown to allow the calculation of performance measures (e.g. response times), purely functional statements (e.g. occurrences of deadlocks), as well as combined statements (e.g. optimal timeout values) [9, 11]. In contrast to classical process calculi each atomic action is supposed to happen after a delay that is characterised by a certain exponentially distributed random variable. In this report we present the language together with its operational semantics, that defines Markovian labelled transition systems as a combination of classical action-oriented transition systems and Markovian processes, especially continuous time Markov chains. In order to reflect different behavioural aspects we define a hierarchy of bisimulation equivalences and show that two of them are congruences. Finally we present equational laws for our...

Communication protocol design requires to consider protocol performance in early phases of the software lifecycle. Therefore, extensions of formal description techniques have been introduced that allow to specify formally the functional behavior of a system on the one hand and additionally to capture quantitative aspects on the other hand by introducing timing aspects into formal descriptions. In this paper we employ stochastic process algebras for the performance analysis of an alternating bit protocol. Analysis is carried out based on the underlying Continuous Time Markov Chain. 1 Introduction Stochastic process algebras represent an approach to integrate qualitative analysis and performance evaluation into one comprehensive methodology [6, 12]. Classical process algebras are fairly well accepted means for the specification and qualitative analysis of distributed systems [14]. Performance evaluation on the other hand is usually carried out by monitoring, simulation and analytical mo...

The tutorial introduces structured analysis approaches for continuous time Markov chains (CTMCs) which are a means to extend the size of analyzable state spaces significantly compared with conventional techniques. It is shown how generator matrices of large CTMCs can be represented in a very compact form, how this representation can be exploited in numerical solution techniques and how numerical analysis profits from this exploitation. Additionally, recent results covering implementation issues, tool support, and advanced analysis techniques are surveyed. 1 Introduction Analysis of continuous time Markov chains (CTMCs) is a well established approach to analyze the performance, dependability and performability of computer and communication systems. Systems are modeled using specification techniques like queueing networks (QNs), stochastic Petri nets (SPNs), formal specification techniques to mention only a few. Unfortunately, the size of CTMCs underlying most realistic examples can be ...

Abstract. This paper reports on experimental results with symbolic model checking of probabilistic processes based on Multi-Terminal Binary Decision Diagrams (MTBDDs). We consider concurrent probabilistic systems as models; these allow nondeterministic choice between probability distributions and are particularly well suited to modelling distributed systems with probabilistic behaviour, e.g. randomized consensus algorithms and probabilistic failures. As a specification formalism we use the probabilistic branching-time temporal logic PBTL which allows one to express properties such as “under any scheduling of nondeterministic choices, the probability of φ holding until ψ is true is at least 0.78/at most 0.04 ”. We adapt the Kronecker representation of (Plateau 1985), which yields a very compact MTBDD encoding of the system. We implement an experimental model checker using the CUDD package and demonstrate that model construction and reachability-based model checking is possible in a matter of seconds for certain classes of systems consisting of up to 10 30 states. 1

Abstract not found

This article describes a new version of the QPN-Tool now supporting specification and analysis of hierarchically combined Queueing Petri nets (HQPNs). HQPNs are an extension of QPNs allowing the refinement of places by QPN subnets and/or queues. HQPNs can be analysed with respect to qualitative and quantitative aspects. Quantitative analysis is based on numerical Markov chain analysis. In contrast to conventional techniques the Markov chain underlying a HQPN is analysed by an approach exploiting the hierarchical structure of the model which results in a tensor representation of the generator matrix. This technique extends the size of solvable state spaces by one order of magnitude. Qualitative analysis of HQPNs relies on efficient analysis techniques based on Petri net theory. The new version of QPN-Tool implements the above analysis approaches supported by a graphical interface for a convenient specification of complex models.