Results 1  10
of
34
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 2407 (62 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Automatic verification of finitestate concurrent systems using temporal logic specifications
 ACM Transactions on Programming Languages and Systems
, 1986
"... We give an efficient procedure for verifying that a finitestate concurrent system meets a specification expressed in a (propositional, branchingtime) temporal logic. Our algorithm has complexity linear in both the size of the specification and the size of the global state graph for the concurrent ..."
Abstract

Cited by 1173 (58 self)
 Add to MetaCart
We give an efficient procedure for verifying that a finitestate concurrent system meets a specification expressed in a (propositional, branchingtime) temporal logic. Our algorithm has complexity linear in both the size of the specification and the size of the global state graph for the concurrent system. We also show how this approach can be adapted to handle fairness. We argue that our technique can provide a practical alternative to manual proof construction or use of a mechanical theorem prover for verifying many finitestate concurrent systems. Experimental results show that state machines with several hundred states can be checked in a matter of seconds.
Temporal and modal logic
 HANDBOOK OF THEORETICAL COMPUTER SCIENCE
, 1995
"... We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic. ..."
Abstract

Cited by 1107 (16 self)
 Add to MetaCart
We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic.
Failure Mode Assumptions and Assumption Coverage
, 1995
"... . A method is proposed for the formal analysis of failure mode assumptions and for the evaluation of the dependability of systems whose design correctness is conditioned on the validity of such assumptions. Formal definitions are given for the types of errors that can affect items of service deliver ..."
Abstract

Cited by 121 (4 self)
 Add to MetaCart
. A method is proposed for the formal analysis of failure mode assumptions and for the evaluation of the dependability of systems whose design correctness is conditioned on the validity of such assumptions. Formal definitions are given for the types of errors that can affect items of service delivered by a system or component. Failure mode assumptions are then formalized as assertions on the types of errors that a component may induce in its enclosing system. The concept of assumption coverage is introduced to relate the notion of partiallyordered assumption assertions to the quantification of system dependability. Assumption coverage is shown to be extremely important in systems requiring very high dependability. It is also shown that the need to increase system redundancy to accommodate more severe modes of component failure can sometimes result in a decrease in dependability. 1 Introduction and Overview The definition of assumptions about the types of faults, the rate at which comp...
The Anchored Version of the Temporal Framework
 Linear Time, Branching Time, and Partial Order in Logics and Models for Concurrency, Lecture Notes in Computer Science 354
, 1989
"... . In this survey paper we present some of the recent developments in the temporal formal system for the specification, verification and development of reactive programs. While the general methodology remains very much the one presented in some earlier works on the subject, such as [MP83c, MP83a, Pnu ..."
Abstract

Cited by 50 (5 self)
 Add to MetaCart
. In this survey paper we present some of the recent developments in the temporal formal system for the specification, verification and development of reactive programs. While the general methodology remains very much the one presented in some earlier works on the subject, such as [MP83c, MP83a, Pnu86], there have been several technical improvements and gained insights in understanding the computational model, the logic itself, the proof system and its presentation, and connections with alternative formalisms, such as finite automata. In this paper we explicate some of these improvements and extensions. The main difference between this and preceding versions is that here we consider a notion of validity for temporal formulae, which is anchored at the initial state of the computation. The paper discusses some of the consequences of this decision. Key words: Temporal Logic, Reactive Systems, Concurrent Programs, Specification, Verification, Proof System, Classification of Prtoperties, Sa...
Verification of Concurrent Programs: The AutomataTheoretic Framework
 Annals of Pure and Applied Logic
, 1987
"... We present an automatatheoretic framework to the verification of concurrent and nondeterministic programs. The basic idea is that to verify that a program P is correct one writes a program A that receives the computation of P as input and diverges only on incorrect computations of P . Now P is c ..."
Abstract

Cited by 47 (3 self)
 Add to MetaCart
We present an automatatheoretic framework to the verification of concurrent and nondeterministic programs. The basic idea is that to verify that a program P is correct one writes a program A that receives the computation of P as input and diverges only on incorrect computations of P . Now P is correct if and only if a program PA , obtained by combining P and A, terminates. We formalize this idea in a framework of !automata with a recursive set of states. This unifies previous works on verification of fair termination and verification of temporal properties. 1 Introduction In this paper we present an automatatheoretic framework that unifies several trends in the area of concurrent program verification. The trends are temporal logic, model checking, automata theory, and fair termination. Let us start with a survey of these trends. In 1977 Pnueli suggested the use of temporal logic in the verification of concurrent programs [Pn77]. The basic motivation is that in the verificat...
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
Abstract

Cited by 39 (2 self)
 Add to MetaCart
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
A Toolbox for the Verification of LOTOS Programs
, 1992
"... This paper presents the tools Ald' ebaran, Caesar, Caesar.adt and Cl' eop atre which constitute a toolbox for compiling and verifying Lotos programs. The principles of these tools are described, as well as their performances and limitations. Finally, the formal verification of the rel/REL atomic mu ..."
Abstract

Cited by 33 (4 self)
 Add to MetaCart
This paper presents the tools Ald' ebaran, Caesar, Caesar.adt and Cl' eop atre which constitute a toolbox for compiling and verifying Lotos programs. The principles of these tools are described, as well as their performances and limitations. Finally, the formal verification of the rel/REL atomic multicast protocol is given as an example to illustrate the practical use of the toolbox. Keywords: reliability, formal methods, Lotos, verification, validation, modelbased methods, modelchecking, transition systems, bisimulations, temporal logics, diagnostics Introduction There is an increasing need for reliable software, which is especially critical in some areas such as communication protocols, distributed systems, realtime control systems, and hardware synthesis systems. It is now agreed that reliability can only be achieved through the use of rigorous design techniques. This has motivated a lot of research on specification formalisms and associated verification methods and tools. Ver...
Verification of Temporal Properties of Processes in a Setting with Data
 In A.M. Haeberer, editor, AMASTâ€™98, volume 1548 of LNCS
, 1999
"... . We define a valuebased modal calculus, built from firstorder formulas, modalities, and fixed point operators parameterized by data variables, which allows to express temporal properties involving data. We interpret this logic over Crl terms defined by linear process equations. The satisfacti ..."
Abstract

Cited by 22 (8 self)
 Add to MetaCart
. We define a valuebased modal calculus, built from firstorder formulas, modalities, and fixed point operators parameterized by data variables, which allows to express temporal properties involving data. We interpret this logic over Crl terms defined by linear process equations. The satisfaction of a temporal formula by a Crl term is translated to the satisfaction of a firstorder formula containing parameterized fixed point operators. We provide proof rules for these fixed point operators and show their applicability on various examples. 1 Introduction In recent years we have applied process algebra in numerous settings [4, 8, 12]. The first lesson we learned is that process algebra pur sang is not very handy, and we need an extension with data. This led to the language Crl (micro Common Representation Language) [13]. The next observation was that it is very convenient to eliminate the parallel operator from a process description and reduce it to a very restricted form, whi...
Fairness and Hyperfairness
, 2000
"... The notion of fairness in tracebased formalisms is examined. It is argued that, in general, fairness means machine closure. The notion of hyperfairness introduced by Attie, Francez, and Grumberg is generalized to arbitrary action systems. Also examined are the fairness criteria proposed by Apt, Fra ..."
Abstract

Cited by 20 (0 self)
 Add to MetaCart
The notion of fairness in tracebased formalisms is examined. It is argued that, in general, fairness means machine closure. The notion of hyperfairness introduced by Attie, Francez, and Grumberg is generalized to arbitrary action systems. Also examined are the fairness criteria proposed by Apt, Francez, and Katz.