Results 1  10
of
33
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 2407 (62 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Regular Collections of Message Sequence Charts (Extended Abstract)
 IN PROCEEDINGS OF THE 25TH INTERNATIONAL SYMPOSIUM ON MATHEMATICAL FOUNDATIONS OF COMPUTER SCIENCE(MFCS’2000), VOLUME 1893 OF LECT. NOTES IN COMP. SCI
, 2000
"... Message Sequence Charts (MSCs) are an attractive visual formalism used during the early stages of design in domains such as telecommunication software. A popular mechanism for generating a collection of MSCs is a Hierarchical Message Sequence Chart (HMSC). However, not all HMSCs describe collection ..."
Abstract

Cited by 22 (2 self)
 Add to MetaCart
Message Sequence Charts (MSCs) are an attractive visual formalism used during the early stages of design in domains such as telecommunication software. A popular mechanism for generating a collection of MSCs is a Hierarchical Message Sequence Chart (HMSC). However, not all HMSCs describe collections of MSCs that can be "realized" as a finitestate device. Our main goal is to pin down this notion of realizability. We propose an independent notion of regularity for collections of MSCs and explore its basic properties. In particular, we characterize regular collections of MSCs in terms of finitestate distributed automata called bounded messagepassing automata, in which a set of sequential processes communicate with e...
Difficult configurations  on the complexity of LTrL
, 1998
"... The complexity of LTrL, a global linear time temporal logic over traces is investigated. The logic is global because the truth of a formula is evaluated in a global state, also called conguration. The logic is shown to be nonelementary with the main reason for this complexity being the nesting of u ..."
Abstract

Cited by 21 (3 self)
 Add to MetaCart
The complexity of LTrL, a global linear time temporal logic over traces is investigated. The logic is global because the truth of a formula is evaluated in a global state, also called conguration. The logic is shown to be nonelementary with the main reason for this complexity being the nesting of until operators in formulas. The fragment of the logic without the until operator is shown to be EXPSPACEcomplete. 1 Introduction Innite words, which linear orders on events, are often used to model executions of systems. Innite traces, which are partial orders on events, are often used to model concurrent systems when we do not want to put some arbitrary ordering on actions occurring concurrently. A state of a system in the linear model is just a prex of an innite word; it represents the actions that have already happened. A state of a system in the trace model is a conguration, i.e., a nite downwards closed set of events that already happened. Temporal logics over traces come in t...
Reasoning about Sequential and Branching Behaviours of Message Sequence Graphs
 In ICALP ’00, LNCS 2076
"... We study the modelchecking problem of messagesequence graphs (MSGs). In the sequential setting, we consider the set of messagesequence charts (MSCs) represented by an MSG and tackle specifications given in monadic secondorder logic. We show that this problem, without any restrictions on the MSGs ..."
Abstract

Cited by 20 (2 self)
 Add to MetaCart
We study the modelchecking problem of messagesequence graphs (MSGs). In the sequential setting, we consider the set of messagesequence charts (MSCs) represented by an MSG and tackle specifications given in monadic secondorder logic. We show that this problem, without any restrictions on the MSGs, is decidable. We then turn to branching behaviours of MSGs, define a notion of an unfolding of an MSG, and show that the modelchecking problem on unfoldings is also decidable. Our results are stronger and imply that, over an appropriate universe, satisfiability and synthesis of MSCs and MSGs, respectively, are decidable.
Efficient Decentralized Monitoring of Safety in Distributed Systems
 SLD Collaboration), Phys. Rev. D53
, 2004
"... We describe an efficient decentralized monitoring algorithm that monitors a distributed program's execution to check for violations of safety properties. The monitoring is based on formulae written in PTDTL, a variant of past time linear temporal logic that we define. PTDTL is suitable for express ..."
Abstract

Cited by 20 (3 self)
 Add to MetaCart
We describe an efficient decentralized monitoring algorithm that monitors a distributed program's execution to check for violations of safety properties. The monitoring is based on formulae written in PTDTL, a variant of past time linear temporal logic that we define. PTDTL is suitable for expressing temporal properties of distributed systems. Specifically, the formulae of PTDTL are relative to a particular process and are interpreted over a projection of the trace of global states that represents what that process is aware of. A formula relative to one process may refer to other processes' local states through remote expressions and remote formulae. In order to correctly evaluate remote expressions, we introduce the notion of KNOWLEDGEVECTOR and provide an algorithm which keeps a process aware of other processes' local states that can affect the validity of a monitored PTDTL formula. Both the logic and the monitoring algorithm are illustrated through a number of examples. Finally, we describe our implementation of the algorithm in a tool called DIANA.
LTL is expressively complete for Mazurkiewicz Traces
, 2000
"... A long standing open problem in the theory of (Mazurkiewicz) traces has been the question whether LTL (Linear Time Logic) is expressively complete with respect to the rst order theory. We solve this problem positively for nite and in nite traces and for the simplest temporal logic, which is b ..."
Abstract

Cited by 19 (8 self)
 Add to MetaCart
A long standing open problem in the theory of (Mazurkiewicz) traces has been the question whether LTL (Linear Time Logic) is expressively complete with respect to the rst order theory. We solve this problem positively for nite and in nite traces and for the simplest temporal logic, which is based only on next and until modalities. Similar results were established previously, but they were all weaker, since they used additional past or future modalities. Another feature of our work is that our proof is direct and does not use any reduction to the word case.
Beyond Message Sequence Graphs
 In Proceedings of the 21st Conference on Foundations of Software Technology and Theoretical Computer Science, Lecture Notes in Computer Science
, 2001
"... We study the modelchecking problem for classes of message sequence charts (MSCs) defined by two extensions of message sequence graphs (MSGs). These classes subsume the class of regular MSC languages. ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
We study the modelchecking problem for classes of message sequence charts (MSCs) defined by two extensions of message sequence graphs (MSGs). These classes subsume the class of regular MSC languages.
Pure future local temporal logics are expressively complete for Mazurkiewicz traces
 Conference version in LATIN 2004, LNCS 2976
"... Mazurkiewicz traces ⋆ ..."
An expressively complete temporal logic without past tense operators for Mazurkiewicz traces
, 1999
"... Mazurkiewicz traces are a widely accepted model of concurrent systems. We introduce a linear time temporal logic LTL f which has the same expressive power as the first order theory FO(<) of finite (infinite resp.) traces. The main contribution of the paper is that we only use future tense modalities ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
Mazurkiewicz traces are a widely accepted model of concurrent systems. We introduce a linear time temporal logic LTL f which has the same expressive power as the first order theory FO(<) of finite (infinite resp.) traces. The main contribution of the paper is that we only use future tense modalities in order to obtain expressive completeness. Our proof is direct using no reduction to words and Kamp's theorem for both finite and infinite words becomes a corollary. This direct approach became possible due to a proof technique of Wilke developed for the case of finite words.
Logics and Automata for Verification: Expressiveness and Decidability Issues
, 2000
"... This dissertation investigates and extends the mathematical foundations of logics and automata for the interleaving and synchronous noninterleaving view of system computations with an emphasis on decision procedures and relative expressive powers, and introduces extensions of these foundations to th ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
This dissertation investigates and extends the mathematical foundations of logics and automata for the interleaving and synchronous noninterleaving view of system computations with an emphasis on decision procedures and relative expressive powers, and introduces extensions of these foundations to the emerging domain of noninterleaving asynchronous computations. System computations are described as occurrences of system actions, and tractable collections of such computations can be naturally represented by finite automata upon which one can do formal analysis. Specifications of system properties are usually described in formal logics, and the question whether the system at hand satisfies its specification is then solved by means of automatatheoretic constructions.