State explosion is the primary obstacle to practical application of reachability analysis techniques for concurrent systems. State explosion can be substantially controlled by using process algebra to achieve compositional (divide-and-conquer) analysis. A prototype tool incorporating process algebra is described. The promise and problems of the approach are illustrated by applying the tool to an example that incorporates the alternating bit protocol as a module.

In this paper we present a solution to the long-standing problem of characterising the coarsest liveness-preserving pre-congruence with respect to a full (TCSP-inspired) process algebra. In fact, we present two distinct characterisations, which give rise to the same relation: an operational one based on a De Nicola-Hennessy-like testing modality which we call should-testing, and a denotational one based on a refined notion of failures. One of the distinguishing characteristics of the should-testing pre-congruence is that it abstracts from divergences in the same way as Milner’s observation congruence, and as a consequence is strictly coarser than observation congruence. In other words, should-testing has a built-in fairness assumption. This is in itself a property long sought-after; it is in notable contrast to the well-known must-testing of De Nicola and Hennessy (denotationally characterised by a combination of failures and divergences), which treats divergence as catrastrophic and hence is incompatible with observation congruence. Due to these characteristics, should-testing supports modular reasoning and allows to use the proof techniques of observation congruence, but also supports additional laws and techniques.

Traditionally, many automatic program verification techniques are applicable only to finite-state programs. In this paper we extend some of these techniques to a class of infinite-state programs that, in addition to having a finite-state control component, may read, store, and write but not perform any other computations on data. Such programs are data-independent in the sense that their behavior does not depend on the actual data values supplied. We consider the problems of deciding strong equivalence and observation equivalence, defined by bisimulations (as in CCS), between such programs. These equivalences have major applications in verification of communication protocols. We present reductions of these problems to the problem of deciding strong equivalence and observation equivalence between finite-state programs, for which polynomial time algorithms exist. The equivalence problems on data-independent programs are shown to be NP-hard in the size of the programs. 4 1 I...

In this paper we develop a compositional method for the construction of the minimal transition system that represents the semantics of a given reactive system. The point of this method is that it exploits structural properties of the reactive system in order to avoid the consideration of large intermediate representations. Central is the use of interface specifications here, which express constraints on the components' communication behaviour, and therefore to control the state explosion caused by the interleavings of actions of communicating parallel components. The effect of the method, which is developed for bisimulation semantics here, depends on the structure of the reactive system under consideration, in particular on the accuracy of the interface specifications. However, its correctness does not: every "successful" construction is guaranteed to yield the desired minimal transition system, independently of the correctness of the interface specifications provided by the designer.

this paper we want to demonstrate that --- from a practical

Behaviour analysis is a valuable aid for the design and maintenance of well-behaved distributed systems. Dataflow and reachability analyses are two orthogonal but complementary behaviour analysis techniques. Individually, each of these techniques may be inadequate for the analysis of large-scale distributed systems. On the one hand, dataflow analysis algorithms, while tractable, may not be sufficiently accurate to provide meaningful detection of errors. On the other hand, reachability analysis, while providing exhaustive analysis, may be computationally too expensive for complex systems. In this paper, we present a method which integrates a dataflow and a reachability analysis technique to provide a flexible and effective means for analysing distributed systems at preliminary and final design stages respectively. We also describe some effective measures taken to improve the adequacy of the individual analysis techniques using concepts of action dependency and context constraints. A pro...

: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : x 1. INTRODUCTION : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 1 2. BACKGROUND : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 4 2.1 Dynamic Analysis of Concurrent Systems : : : : : : : : : : : : : : : : 5 2.2 Static Analysis. : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 5 2.2.1 Theorem Proving : : : : : : : : : : : : : : : : : : : : : : : : : 6 2.2.2 Reachability Analysis : : : : : : : : : : : : : : : : : : : : : : : 7 2.2.3 Model Checking : : : : : : : : : : : : : : : : : : : : : : : : : : 9 2.3 Process Algebra : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 11 3. COMPOSITIONAL ANALYSIS USING PROCESS ALGEBRA : : : : : : 18 3.1 Background : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 18 3.1.1 Reachability Analysis : : : : : : : : : : : : : : : : : : : : : : : 18 3.1.2 Process Algebra : : : : : : : : : : : : : : : : : : : : : : : : : : 19...

Abstract not found

In this paper we present the application of the fair testing pre-order , introduced in a previous paper, to the specification and analysis of distributed systems. This pre-order combines some features of the standard testing pre-orders, viz. the possibility to refine a specification by the resolution of nondeterminism, with a powerful feature of standard observation congruence, viz. the fair abstraction from divergences. Moreover, it is a precongruence with respect to all standard process-algebraic combinators, thus allowing for the standard algebraic proof techniques by substitution and rewriting. In this paper we will demonstrate advantages of the fair testing pre-order by the application to a number of examples, including a scheduling problem, a version of the Alternating Bit-protocol, and fair communication channels. Keywords FDT-application; verification, validation and testing; process algebras; fairness. 1 INTRODUCTION In the past decade, the specification and analysis of dis...

Compositional Reachability Analysis is a popular technique for studying behaviour of finitestate distributed systems. The technique is applied by a repetition of local analyses, the basic steps to construct and examine the behaviour of subsystems. In most cases, behaviour of the subsystem is constrained by its environment (called context) formed by neighbouring components. These behaviour constraints are normally not considered when using local analysis in conventional techniques of compositional reachability analysis. As a result, many execution paths derived in the local analysis may not be actually traversed by the subsystem. These paths are made impossible to traverse by the constraints. The paths are unnecessary for understanding the subsystem behaviour and their removal greatly simplify the local analysis. In this paper, we describe an elegant technique, called contextual local analysis, to include these behaviour constraints in conventional local analysis. The technique can alle...