Results 1  10
of
16
Directed model checking with distancepreserving abstractions
 In 13th International SPIN Workshop on Model Checking of Software (SPIN’2006
, 2006
"... Abstract. In directed model checking, the traversal of the state space is guided by an estimate of the distance from the current state to the nearest error state. This paper presents a distancepreserving abstraction for concurrent systems that allows one to compute an interesting estimate of the er ..."
Abstract

Cited by 28 (3 self)
 Add to MetaCart
Abstract. In directed model checking, the traversal of the state space is guided by an estimate of the distance from the current state to the nearest error state. This paper presents a distancepreserving abstraction for concurrent systems that allows one to compute an interesting estimate of the error distance without hitting the state explosion problem. Our experiments show a dramatic reduction both in the number of states explored by the model checker and in the total runtime. 1
CASL: From Semantics to Tools
 TACAS 2000, LNCS 1785
, 2000
"... CASL, the common algebraic specification language, has been developed as a language that subsumes many previous algebraic specification frameworks and also provides tool interoperability. CASL is a complex language with a complete formal semantics. It is therefore a challenge to build good tools for ..."
Abstract

Cited by 16 (10 self)
 Add to MetaCart
CASL, the common algebraic specification language, has been developed as a language that subsumes many previous algebraic specification frameworks and also provides tool interoperability. CASL is a complex language with a complete formal semantics. It is therefore a challenge to build good tools for CASL. In this work, we present and discuss the Bremen HOLCASL system, which provides parsing, static checking, conversion to LaTeX and theorem proving for CASL specifications. To make tool construction manageable, we have followed some guidelines: reuse of existing tools, interoperability of tools developed at different sites, and construction of generic tools that can be used for several languages. We describe the structure of and the experiences with our tool and discuss how the guidelines work in practice.
UPPAAL/DMC – AbstractionBased Heuristics for Directed Model Checking
"... Abstract. UPPAAL/DMC is an extension of UPPAAL which provides generic heuristics for directed model checking. In this approach, the traversal of the state space is guided by a heuristic function which estimates the distance of a search state to the nearest error state. Our tool combines two recent a ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
Abstract. UPPAAL/DMC is an extension of UPPAAL which provides generic heuristics for directed model checking. In this approach, the traversal of the state space is guided by a heuristic function which estimates the distance of a search state to the nearest error state. Our tool combines two recent approaches to design such estimation functions. Both are based on computing an abstraction of the system and using the error distance in this abstraction as the heuristic value. The abstractions, and thus the heuristic functions, are generated fully automatically and do not need any additional user input. UPPAAL/DMC needs less time and memory to find shorter error paths than UPPAAL’s standard search methods. 1
Using predicate abstraction to generate heuristic functions in uppaal
 In Model Checking and Artificial Intelligence, MoChArt’06
, 2006
"... Abstract. We focus on checking safety properties in networks of extended timed automata, with the wellknown UPPAAL system. We show how to use predicate abstraction, in the sense used in model checking, to generate search guidance, in the sense used in Artificial Intelligence (AI). This contributes ..."
Abstract

Cited by 7 (5 self)
 Add to MetaCart
Abstract. We focus on checking safety properties in networks of extended timed automata, with the wellknown UPPAAL system. We show how to use predicate abstraction, in the sense used in model checking, to generate search guidance, in the sense used in Artificial Intelligence (AI). This contributes another family of heuristic functions to the growing body of work on directed model checking. The state space is exhaustively built in a preprocess, and used as a lookup table during search. While typically pattern databases use rather primitive abstractions ignoring some of the relevant symbols, we use predicate abstraction, dividing the state space into equivalence classes with respect to a list of logical expressions (predicates). We empirically explore the behavior of the resulting family of heuristics, in a meaningful set of benchmarks. In particular, while several challenges remain open, we show that one can easily obtain heuristic functions that are competitive with the stateoftheart in directed model checking. 1
Fast Directed Model Checking via Russian Doll Abstraction
"... Abstract. Directed model checking aims at speeding up the search for bugs in a system through the use of heuristic functions. Such a function maps states to integers, estimating the state’s distance to the nearest error state. The search gives a preference to states with lower estimates. The key iss ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
Abstract. Directed model checking aims at speeding up the search for bugs in a system through the use of heuristic functions. Such a function maps states to integers, estimating the state’s distance to the nearest error state. The search gives a preference to states with lower estimates. The key issue is how to generate good heuristic functions, i. e., functions that guide the search quickly to an error state. An arsenal of heuristic functions has been developed in recent years. Significant progress was made, but many problems still prove to be notoriously hard. In particular, a body of work describes heuristic functions for model checking timed automata in UPPAAL, and tested them on a certain set of benchmarks. Into this arsenal we add another heuristic function. With previous heuristics, for the largest of the benchmarks it was only just possible to find some (unnecessarily long) error path. With the new heuristic, we can find provably shortest error paths for these benchmarks in a matter of seconds. The heuristic function is based on a kind of Russian Doll principle, where the heuristic for a given problem arises through using UPPAAL itself for the complete exploration of a simplified instance of the same problem. The simplification consists in removing those parts from the problem that are distant from the error property. As our empirical results confirm, this simplification often preserves the characteristic structure leading to the error. 1
Towards a Generic Management of Change
 In: Workshop on ComputerSupported Mathematical Theory Development, IJCAR
, 2004
"... In this paper we sketch the outline and the underlying theoretical framework for a general repository to maintain mathematical or logicbased documents while keeping track of the various semantical dependencies between different parts of various types of documents (documentations, specifications, pr ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
In this paper we sketch the outline and the underlying theoretical framework for a general repository to maintain mathematical or logicbased documents while keeping track of the various semantical dependencies between different parts of various types of documents (documentations, specifications, proofs, etc). The sketched approach is a generalization of the notion of development graphs (as implemented in the MAYAsystem) used to maintain formal software developments. We isolate maintenance mechanisms that solely depend on the structuring of objects and their relations. These mechanisms define the core of the general repository while mechanisms that are specific to individual semantics are sourced out to individual plugins attached to the general system. 1
More About TAS and IsaWin  Tools for Formal Program Development
, 2000
"... We present a family of tools for program development and verification, comprising the transformation system TAS and the theorem proving interface IsaWin. Both are based on the theorem prover Isabelle [6], which is used as a generic logical framework here. A graphical user interface, based on the pri ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
We present a family of tools for program development and verification, comprising the transformation system TAS and the theorem proving interface IsaWin. Both are based on the theorem prover Isabelle [6], which is used as a generic logical framework here. A graphical user interface, based on the principle of direct manipulation, allows the user to interact with the tool without having to concern himself with the details of the representation within the theorem prover, leaving him to concentrate on the main design decisions of program development or theorem proving. The tools form an integrated system for formal program development, in which TAS is used for transformational program development, and IsaWin for discharging the incurred proof obligations. However, both tools can be used separately as well. Further, the tools are generic over the formal method employed. In this extended abstract, we will first give a brief overview over TAS and IsaWin. Since TAS and I...
The Causal Graph Revisited for Directed Model Checking: Extended Abstract
"... Directed model checking is a wellestablished technique to tackle the state explosion problem when the aim is to find error states in large systems. In this approach, the state space traversal is guided through a function that estimates the distance to nearest error states. States with lower estimat ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
Directed model checking is a wellestablished technique to tackle the state explosion problem when the aim is to find error states in large systems. In this approach, the state space traversal is guided through a function that estimates the distance to nearest error states. States with lower estimates are preferably expanded during the search. Overall, directed model checking has proved to be a successful approach. However, its success crucially depends on the applied distance function to guide the search. The challenge is to develop distance functions that are efficiently computable on the one hand and as informative as possible on the other hand. In this work, we introduce the causal graph structure to the context of directed model checking [4]. We model systems in terms of parallel processes with global synchronization. The processes are given as directed labeled graphs, consisting of local states and local transitions. In this model, the causal graph is a dependency structure that represents how the processes depend on each other. A process p depends on a process p ′ if there might be a need to change a local state in p ′ in order to change a local state in p such that p and p ′ can synchronize on a common synchronization label.
Moby/RT: A Tool for Specification and Verification of RealTime Systems
 JUCS
, 2003
"... Abstract: The tool Moby/RT supports the design of realtime systems at the levels of requirements, design specifications and programs. Requirements are expressed by constraint diagrams [Kleuker, 2000], design specifications by PLCAutomata [Dierks, 2000], and programs by Structured Text, a programmi ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
Abstract: The tool Moby/RT supports the design of realtime systems at the levels of requirements, design specifications and programs. Requirements are expressed by constraint diagrams [Kleuker, 2000], design specifications by PLCAutomata [Dierks, 2000], and programs by Structured Text, a programming language dedicated for programmable logic controllers (PLCs), or by programs for LEGO Mindstorm robots. In this paper we outline the theoretical background of Moby/RT by discussing its semantic basis and its use for automatic verification by utilising the modelchecker UPPAAL [Larsen et al., 1997].