Results 1  10
of
45
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 2675 (65 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Difficult configurations – on the complexity of LTrL
 In Proc. of ICALP’98, number 1443 in LNCS
, 1998
"... ..."
Regular Collections of Message Sequence Charts (Extended Abstract)
 IN PROCEEDINGS OF THE 25TH INTERNATIONAL SYMPOSIUM ON MATHEMATICAL FOUNDATIONS OF COMPUTER SCIENCE(MFCS’2000), VOLUME 1893 OF LECT. NOTES IN COMP. SCI
, 2000
"... Message Sequence Charts (MSCs) are an attractive visual formalism used during the early stages of design in domains such as telecommunication software. A popular mechanism for generating a collection of MSCs is a Hierarchical Message Sequence Chart (HMSC). However, not all HMSCs describe collection ..."
Abstract

Cited by 23 (2 self)
 Add to MetaCart
(Show Context)
Message Sequence Charts (MSCs) are an attractive visual formalism used during the early stages of design in domains such as telecommunication software. A popular mechanism for generating a collection of MSCs is a Hierarchical Message Sequence Chart (HMSC). However, not all HMSCs describe collections of MSCs that can be "realized" as a finitestate device. Our main goal is to pin down this notion of realizability. We propose an independent notion of regularity for collections of MSCs and explore its basic properties. In particular, we characterize regular collections of MSCs in terms of finitestate distributed automata called bounded messagepassing automata, in which a set of sequential processes communicate with e...
Reasoning about Sequential and Branching Behaviours of Message Sequence Graphs
 In ICALP ’00, LNCS 2076
"... We study the modelchecking problem of messagesequence graphs (MSGs). In the sequential setting, we consider the set of messagesequence charts (MSCs) represented by an MSG and tackle specifications given in monadic secondorder logic. We show that this problem, without any restrictions on the MSGs ..."
Abstract

Cited by 23 (3 self)
 Add to MetaCart
(Show Context)
We study the modelchecking problem of messagesequence graphs (MSGs). In the sequential setting, we consider the set of messagesequence charts (MSCs) represented by an MSG and tackle specifications given in monadic secondorder logic. We show that this problem, without any restrictions on the MSGs, is decidable. We then turn to branching behaviours of MSGs, define a notion of an unfolding of an MSG, and show that the modelchecking problem on unfoldings is also decidable. Our results are stronger and imply that, over an appropriate universe, satisfiability and synthesis of MSCs and MSGs, respectively, are decidable.
Efficient Decentralized Monitoring of Safety in Distributed Systems
 SLD Collaboration), Phys. Rev. D53
, 2004
"... We describe an efficient decentralized monitoring algorithm that monitors a distributed program's execution to check for violations of safety properties. The monitoring is based on formulae written in PTDTL, a variant of past time linear temporal logic that we define. PTDTL is suitable for ex ..."
Abstract

Cited by 20 (3 self)
 Add to MetaCart
We describe an efficient decentralized monitoring algorithm that monitors a distributed program's execution to check for violations of safety properties. The monitoring is based on formulae written in PTDTL, a variant of past time linear temporal logic that we define. PTDTL is suitable for expressing temporal properties of distributed systems. Specifically, the formulae of PTDTL are relative to a particular process and are interpreted over a projection of the trace of global states that represents what that process is aware of. A formula relative to one process may refer to other processes' local states through remote expressions and remote formulae. In order to correctly evaluate remote expressions, we introduce the notion of KNOWLEDGEVECTOR and provide an algorithm which keeps a process aware of other processes' local states that can affect the validity of a monitored PTDTL formula. Both the logic and the monitoring algorithm are illustrated through a number of examples. Finally, we describe our implementation of the algorithm in a tool called DIANA.
LTL is expressively complete for Mazurkiewicz Traces
, 2000
"... A long standing open problem in the theory of (Mazurkiewicz) traces has been the question whether LTL (Linear Time Logic) is expressively complete with respect to the rst order theory. We solve this problem positively for nite and in nite traces and for the simplest temporal logic, which is b ..."
Abstract

Cited by 19 (8 self)
 Add to MetaCart
A long standing open problem in the theory of (Mazurkiewicz) traces has been the question whether LTL (Linear Time Logic) is expressively complete with respect to the rst order theory. We solve this problem positively for nite and in nite traces and for the simplest temporal logic, which is based only on next and until modalities. Similar results were established previously, but they were all weaker, since they used additional past or future modalities. Another feature of our work is that our proof is direct and does not use any reduction to the word case.
Beyond Message Sequence Graphs
 In Proceedings of the 21st Conference on Foundations of Software Technology and Theoretical Computer Science, Lecture Notes in Computer Science
, 2001
"... We study the modelchecking problem for classes of message sequence charts (MSCs) defined by two extensions of message sequence graphs (MSGs). These classes subsume the class of regular MSC languages. ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
(Show Context)
We study the modelchecking problem for classes of message sequence charts (MSCs) defined by two extensions of message sequence graphs (MSGs). These classes subsume the class of regular MSC languages.
Pure future local temporal logics are expressively complete for Mazurkiewicz traces
 Conference version in LATIN 2004, LNCS 2976
"... Mazurkiewicz traces ⋆ ..."
(Show Context)
An expressively complete temporal logic without past tense operators for Mazurkiewicz traces
, 1999
"... Mazurkiewicz traces are a widely accepted model of concurrent systems. We introduce a linear time temporal logic LTL f which has the same expressive power as the first order theory FO(<) of finite (infinite resp.) traces. The main contribution of the paper is that we only use future tense modalit ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
Mazurkiewicz traces are a widely accepted model of concurrent systems. We introduce a linear time temporal logic LTL f which has the same expressive power as the first order theory FO(<) of finite (infinite resp.) traces. The main contribution of the paper is that we only use future tense modalities in order to obtain expressive completeness. Our proof is direct using no reduction to words and Kamp's theorem for both finite and infinite words becomes a corollary. This direct approach became possible due to a proof technique of Wilke developed for the case of finite words.
Local Logics for Traces
 Journal of Automata, Languages and Combinatorics
, 2000
"... A mucalculus over dependence graph representation of traces is considered. It is shown that the mucalculus cannot express all monadic second order (MSO) properties of dependence graphs. ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
(Show Context)
A mucalculus over dependence graph representation of traces is considered. It is shown that the mucalculus cannot express all monadic second order (MSO) properties of dependence graphs.