Results 1  10
of
10
Symbolic Transition Graph with Assignment
, 1996
"... A new model for messagepassing processes is proposed which generalizes the notion of symbolic transition graph as introduced in [HL95], by allowing assignments to be carried in transitions. The main advantage of this generalization is that a wider class of processes can be represented as finite sta ..."
Abstract

Cited by 28 (2 self)
 Add to MetaCart
A new model for messagepassing processes is proposed which generalizes the notion of symbolic transition graph as introduced in [HL95], by allowing assignments to be carried in transitions. The main advantage of this generalization is that a wider class of processes can be represented as finite state graphs. Two kinds of operational semantics, ground and symbolic, are given to such graphs. On top of them both ground and symbolic bisimulations are defined and are shown to agree with each other.
Verifying Determinism of Concurrent Systems Which Use Unbounded Arrays (Extended Abstract)
, 1998
"... ) Ranko Lazi'c y Bill Roscoe z To be presented at INFINITY '98 (Revised version. July 7, 1998.) Abstract Our main result says that determinism of a concurrent system which uses unbounded arrays (i.e. memories) can be verified by considering an appropriate finite array size. That ..."
Abstract

Cited by 13 (7 self)
 Add to MetaCart
) Ranko Lazi'c y Bill Roscoe z To be presented at INFINITY '98 (Revised version. July 7, 1998.) Abstract Our main result says that determinism of a concurrent system which uses unbounded arrays (i.e. memories) can be verified by considering an appropriate finite array size. That is made possible by restricting the ways in which array indices and values can be used within the system. The restrictions are those of data independence: the system must not perform any operations on the indices and values, but it is only allowed to input them, store them, and output them. Equality tests between indices are also allowed. The restrictions are satisfied by many concurrent systems which use arrays to model memories or databases. As a case study, we have verified that a database system which allows users to lock, read and write records at multiple security levels is secure. 1 The Parameterised Verification Problem Concurrent systems are frequently infinitestate because they have...
Automatic verification of hybrid systems with large discrete state space
 In 4th Symposium on Automated Technology for Verification and Analysis, 2006, LNCS 4218
"... Abstract. We address the problem of model checking hybrid systems which exhibit nontrivial discrete behavior and thus cannot be treated by considering the discrete states one by one, as most currently available verification tools do. Our procedure relies on a deep integration of several techniques ..."
Abstract

Cited by 7 (6 self)
 Add to MetaCart
Abstract. We address the problem of model checking hybrid systems which exhibit nontrivial discrete behavior and thus cannot be treated by considering the discrete states one by one, as most currently available verification tools do. Our procedure relies on a deep integration of several techniques and tools. An extension of ANDInverterGraphs (AIGs) with firstorder constraints serves as a compact representation format for sets of configurations which are composed of continuous regions and discrete states. Boolean reasoning on the AIGs is complemented by firstorder reasoning in various forms and on various levels. These include implication checks for simple constraints, test vector generation for fast inequality checks of boolean combinations of constraints, and an exact subsumption check for representations of two configurations. These techniques are integrated within a model checker for universal CTL. Technically, it deals with discretetime hybrid systems with linear differentials. The paper presents the approach, its prototype implementation, and first experimental data. 1
Formal Verification of an Avionics Application using Abstraction and Symbolic Model Checking
"... ion and Symbolic Model Checking ? Tom Bienmuller 1 , Udo Brockmeyer 2 , Werner Damm 2 , Gert Dohmen 2 , Claus Eßmann 2 , HansJurgen Holberg 2 , Hardi Hungar 2 , Bernhard Josko 2 , Rainer Schlor 2 , Gunnar Wittich 2 , Hartmut Wittke 2 , Geoffrey Clements 3 , John Rowlands 3 ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
ion and Symbolic Model Checking ? Tom Bienmuller 1 , Udo Brockmeyer 2 , Werner Damm 2 , Gert Dohmen 2 , Claus Eßmann 2 , HansJurgen Holberg 2 , Hardi Hungar 2 , Bernhard Josko 2 , Rainer Schlor 2 , Gunnar Wittich 2 , Hartmut Wittke 2 , Geoffrey Clements 3 , John Rowlands 3 , and Eric Sefton 3 1 Carl von Ossietzky Universitat Oldenburg, Germany 2 OFFIS, Escherweg 2, 26121 Oldenburg, Germany 3 British Aerospace, Warton Aerodrome, Preston, PR4 1AX Lancashire, UK Abstract. This paper demonstrates the use of modelchecking based verification technology to establish safety critical properties for an industrial avionics application. The verification technology is tightly integrated with the Statemate r fl system of iLogix Inc., USA. Key features of this technology are its scalalability to complete system verification, the powerful debugging capabilities, graphical entry for safety critical properties, and the capability to reuse verification results for d...
Verification of Automotive Control Units
, 1999
"... This paper describes the application of modelchecking based verification tools to specification models of automotive control units. It firstly discusses the current state of a tool set which copes with discrete controllers described in Statemate, and then reports on proposed extensions currently un ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
This paper describes the application of modelchecking based verification tools to specification models of automotive control units. It firstly discusses the current state of a tool set which copes with discrete controllers described in Statemate, and then reports on proposed extensions currently under development to deal with hybrid ones which involve continuous values, too. First results based on an extension of abstraction techniques to verify such units are reported.
A unified approach for combining different formalisms for hardware verification
 PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON FORMAL METHODS IN COMPUTERAIDED DESIGN, VOLUME 1166 OF LECTURE NOTES IN COMPUTER SCIENCE
, 1996
"... Model Checking as the predominant technique for automatically verifying circuits suffers from the wellknown state explosion problem. This hinders the verification of circuits which contain nontrivial data paths. Recently, it has been shown that for those circuits it may be useful to separate the c ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
Model Checking as the predominant technique for automatically verifying circuits suffers from the wellknown state explosion problem. This hinders the verification of circuits which contain nontrivial data paths. Recently, it has been shown that for those circuits it may be useful to separate the control and data part prior to verification. This paper is also based on this idea and presents an approach for combining various proof approaches like model checking and theorem proving in a unifying framework. In contrast to other approaches, special proof procedures are available to verify circuits with data sensitive controllers, where a bidirectional signal flow between controller and data path can be found. Generic circuits can be verified by induction or by model checking finite instantiations. By giving the system `proof hints', also the verification effort for model checking based proofs can be considerably reduced in many cases. The paper presents an introduction to the different proof strategies as well as an algorithm for their combination. The underlying C@S system also allows the efficiency evaluation of different approaches to verify the same circuits. This is shown in different case studies, demonstrating the tradeoff between interaction and verifiable circuit size.
Construction of state graphs with PVS
, 1997
"... In this paper, we propose a method for the automatic construction of an abstract state graph of an arbitrary system using the Pvs theorem prover. Given a parallel composition of sequential processes and a partition of the state space induced by predicates ' 1 ; :::; ' ` on the program vari ..."
Abstract
 Add to MetaCart
In this paper, we propose a method for the automatic construction of an abstract state graph of an arbitrary system using the Pvs theorem prover. Given a parallel composition of sequential processes and a partition of the state space induced by predicates ' 1 ; :::; ' ` on the program variables which defines an abstract state space, we construct an abstract state graph, starting in the abstract initial state. The possible successors of a state are computed using the Pvs theorem prover by verifying for each index i if ' i or :' i is a postcondition of it. This allows an abstract state space exploration for arbitrary programs.
Construction of state graphs of infinite systems with PVS
, 1997
"... In this paper, we propose a method for the automatic construction of an abstract state graph of an infinite state system using the Pvs theorem prover. Given a system and a partition of the state space induced by predicates ' 1 ; :::; ' ` on the program variables which defines an abstract ..."
Abstract
 Add to MetaCart
In this paper, we propose a method for the automatic construction of an abstract state graph of an infinite state system using the Pvs theorem prover. Given a system and a partition of the state space induced by predicates ' 1 ; :::; ' ` on the program variables which defines an abstract state space, we construct an abstract state graph, starting in the abstract initial state. The possible successors of a state are computed using the Pvs theorem prover by verifying for each index i if ' i or :' i is a postcondition of it. This allows an abstract state space exploration for arbitrary systems.
A Unif ied Approach for Combin ing Different Formal isms for Hardware Verification*
"... Abstract. Model Checking as the predominant technique for automatically verifying circuits suffers from the wellknown state explosion problem. This hinders the verification of circuits which contain nontrivial data paths. Recently, it has been shown that for those circuits it may be useful to se ..."
Abstract
 Add to MetaCart
Abstract. Model Checking as the predominant technique for automatically verifying circuits suffers from the wellknown state explosion problem. This hinders the verification of circuits which contain nontrivial data paths. Recently, it has been shown that for those circuits it may be useful to separate the control and data part prior to verification. This paper is also based on this idea and presents an approach for combining various proof approaches like model checking and theorem proving in a unifying framework. In contrast o other approaches, special proof procedures are available to verify circuits with data sensitive controllers, where a bidirectional signal flow between controller and data path can be found. Generic circuits can be verified by induction or by model checking finite instantiations. By giving the system 'proof hints', also the verification effort for model checking based proofs can be considerably reduced in many cases. The paper presents an introduction to the different proof strategies as well as an algorithm for their combination. The underlying Cr system also allows the efficiency evaluation of different approaches to verify the same circuits. This is shown in different case studies, demonstrating the trade* off between interaction and verifiable circuit size. 1