Results 1  10
of
10
Quantitative Verification: Models, Techniques and Tools
, 2007
"... Automated verification is a technique for establishing if certain properties, usually expressed in temporal logic, hold for a system model. The model can be defined using a highlevel formalism or extracted directly from software using methods such as abstract interpretation. The verification procee ..."
Abstract

Cited by 17 (7 self)
 Add to MetaCart
Automated verification is a technique for establishing if certain properties, usually expressed in temporal logic, hold for a system model. The model can be defined using a highlevel formalism or extracted directly from software using methods such as abstract interpretation. The verification proceeds through exhaustive exploration of the statetransition graph of the model and is therefore more powerful than testing. Quantitative verification is an analogous technique for establishing quantitative properties of a system model, such as the probability of battery power dropping below minimum, the expected time for message delivery and the expected number of messages lost before protocol termination. Models analysed through this method are typically variants of Markov chains, annotated with costs and rewards that describe resources and their usage during execution. Properties are expressed in temporal logic extended with probabilistic and reward operators. Quantitative verification involves a combination of a traversal of the statetransition graph of the model and numerical computation. This paper gives a brief overview of current research in quantitative verification, concentrating on the potential of the method and outlining future challenges. The modelling approach is described and the usefulness of the methodology illustrated with an example of a realworld protocol standard – Bluetooth device discovery – that has been analysed using the PRISM model checker (www.prismmodelchecker.org).
Probability and Nondeterminism in Operational Models of Concurrency
 In Proc. CONCUR, LNCS
, 2006
"... Abstract. We give a brief overview of operational models for concurrent systems that exhibit probabilistic behavior, focussing on the interplay between probability and nondeterminism. Our survey is carried out from the perspective of probabilistic automata, a model originally developed for the analy ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
Abstract. We give a brief overview of operational models for concurrent systems that exhibit probabilistic behavior, focussing on the interplay between probability and nondeterminism. Our survey is carried out from the perspective of probabilistic automata, a model originally developed for the analysis of randomized distributed algorithms. 1
MODEST: A compositional modeling formalism for hard and softly timed systems
 IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
"... This paper presents MODEST (MOdeling and DEscription language for Stochastic Timed systems), a formalism that is aimed to support (i) the modular description of reactive system’s behaviour while covering both (ii) functional and (iii) nonfunctional system aspects such as timing and qualityofservi ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
This paper presents MODEST (MOdeling and DEscription language for Stochastic Timed systems), a formalism that is aimed to support (i) the modular description of reactive system’s behaviour while covering both (ii) functional and (iii) nonfunctional system aspects such as timing and qualityofservice constraints in a single specification. The language contains features such as simple and structured data types, structuring mechanisms like parallel composition and abstraction, means to control the granularity of assignments, exception handling, and nondeterministic and random branching and timing. MODEST can be viewed as an overarching notation for a wide spectrum of models, ranging from labeled transition systems, to timed automata (and probabilistic variants thereof) as well as prominent stochastic processes such as (generalized semi)Markov chains and decision processes. The paper describes the design rationales and details of the syntax and semantics.
Logical Characterizations of Bisimulations for Discrete Probabilistic Systems
, 2007
"... We give logical characterizations of bisimulation relations for the probabilistic automata of Segala in terms of three HennessyMilner style logics. The three logics characterize strong, strong probabilistic and weak probabilistic bisimulation, and differ only for the kind of diamond operator used. ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
We give logical characterizations of bisimulation relations for the probabilistic automata of Segala in terms of three HennessyMilner style logics. The three logics characterize strong, strong probabilistic and weak probabilistic bisimulation, and differ only for the kind of diamond operator used. Compared to the Larsen and Skou logic for reactive systems, these logics introduce a new operator that measures the probability of the set of states that satisfy a formula. Moreover, the satisfaction relation is defined on measures rather than single states. We rederive previous results of Desharnais et. al. by defining sublogics for Reactive and Alternating Models viewed as restrictions of probabilistic automata. Finally, we identify restrictions on probabilistic automata, weaker than those imposed by the Alternating Models, that preserve the logical characterization of Desharnais et. al. These restrictions require that each state either enables several ordinary transitions or enables a single probabilistic transition.
Continuous capacities on continuous state spaces
 In ICALP’2007. SpringerVerlag LNCS
, 2007
"... Abstract. We propose axiomatizing some stochastic games, in a continuous state space setting, using continuous belief functions, resp. plausibilities, instead of measures. Then, stochastic games are just variations on continuous Markov chains. We argue that drawing at random along a belief function ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
Abstract. We propose axiomatizing some stochastic games, in a continuous state space setting, using continuous belief functions, resp. plausibilities, instead of measures. Then, stochastic games are just variations on continuous Markov chains. We argue that drawing at random along a belief function is the same as letting the probabilistic player P play first, then letting the nondeterministic player C play demonically. The same holds for an angelic C, using plausibilities instead. We then define a simple modal logic, and characterize simulation in terms of formulae of this logic. Finally, we show that (discounted) payoffs are defined and unique, where in the demonic case, P maximizes payoff, while C minimizes it. 1
Approximating Markov Processes by Averaging
"... Abstract. We take a dual view of Markov processes – advocated by Kozen – as transformers of bounded measurable functions. We redevelop the theory of labelled Markov processes from this view point, in particular we explore approximation theory. We obtain three main results: (i) It is possible to defi ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. We take a dual view of Markov processes – advocated by Kozen – as transformers of bounded measurable functions. We redevelop the theory of labelled Markov processes from this view point, in particular we explore approximation theory. We obtain three main results: (i) It is possible to define bisimulation on general measure spaces and show that it is an equivalence relation. The logical characterization of bisimulation can be done straightforwardly and generally. (ii) A new and flexible approach to approximation based on averaging can be given. This vastly generalizes and streamlines the idea of using conditional expectations to compute approximation. (iii) It is possible to show that there is a minimal bisimulation equivalent to a process obtained as the limit of the finite approximants. 1
Tracebased Semantics for Probabilistic Timed I/O Automata Submitted for review. Full version http://theory.lcs.mit.edu/ ∼mitras/ research/PTIOA06full.pdf
"... Abstract. We propose the Probabilistic Timed I/O Automaton (PTIOA) framework for modelling and analyzing discretely communicating probabilistic hybrid systems. State transition of a PTIOA can be nondeterministic or probabilistic. Probabilistic choices can be based on continuous distributions. Contin ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract. We propose the Probabilistic Timed I/O Automaton (PTIOA) framework for modelling and analyzing discretely communicating probabilistic hybrid systems. State transition of a PTIOA can be nondeterministic or probabilistic. Probabilistic choices can be based on continuous distributions. Continuous evolution of a PTIOA is purely nondeterministic. PTIOAs can communicate through shared actions. By supporting external nondeterminism, the framework allows us to model arbitrary interleaving of concurrently executing automata. The framework generalizes several previously studied automata models of its class. We develop the tracebased semantics for PTIOAs which involves measure theoretic constructions on the space of executions of the automata. We introduce a new notion of external behavior for PTIOAs and show that PTIOAs have simple compositionality properties with respect this external behavior. 1
Approximating Markov Processes By Averaging
"... Normally, one thinks of probabilistic transition systems as taking an initial probability distribution over the state space into a new probability distribution representing the system after a transition. We, however, take a dual view of Markov processes as transformers of bounded measurable function ..."
Abstract
 Add to MetaCart
Normally, one thinks of probabilistic transition systems as taking an initial probability distribution over the state space into a new probability distribution representing the system after a transition. We, however, take a dual view of Markov processes as transformers of bounded measurable functions. This is very much in the same spirit as a “predicatetransformer ” view, which is dual to the statetransformer view of transition systems. We redevelop the theory of labelled Markov processes from this view point, in particular we explore approximation theory. We obtain three main results: (i) It is possible to define bisimulation on general measure spaces and show that it is an equivalence relation. The logical characterization of bisimulation can be done straightforwardly and generally. (ii) A new and flexible approach to approximation based on averaging can be given. This vastly generalizes and streamlines the idea of using conditional expectations to compute approximations. (iii) We show that there is a minimal process bisimulationequivalent to a given process, and this minimal process is obtained as the limit of the finite approximants.
Under consideration for publication in Formal Aspects of Computing Reconciling Real and Stochastic Time: the Need for Probabilistic Refinement
"... Abstract. We conservatively extend an ACPstyle discretetime process theory with discrete stochastic delays. The semantics of the timed delays relies on time additivity and time determinism, which are properties that enable us to merge subsequent timed delays and to impose their synchronous expirat ..."
Abstract
 Add to MetaCart
Abstract. We conservatively extend an ACPstyle discretetime process theory with discrete stochastic delays. The semantics of the timed delays relies on time additivity and time determinism, which are properties that enable us to merge subsequent timed delays and to impose their synchronous expiration. Stochastic delays, however, interact with respect to a socalled race condition that determines the set of delays that expire first, which is guided by an (implicit) probabilistic choice. The race condition precludes the property of time additivity as the merger of stochastic delays alters this probabilistic behavior. To this end, we resolve the race condition using conditionallydistributed unit delays. We give a sound and groundcomplete axiomatization of the process theory comprising the standard set of ACPstyle operators. In this generalized setting, the alternative composition is no longer associative, so we have to resort to special normal forms that explicitly resolve the underlying race condition. Our treatment succeeds in the initial challenge to conservatively extend standard time with stochastic time. However, the ‘dissection ’ of the stochastic delays to conditionallydistributed unit delays comes at a price, as we can no longer relate the resolved race condition to the original stochastic delays. We seek a solution in the field of probabilistic refinements that enable the interchange of probabilistic and nondeterministic choices. 1.
Semantics, bisimulation and congruence results for a general stochastic process operator
"... f We introduce a general stochastic process operator p(d) which behaves as the process p(d) where d:D the value d is chosen from a data domain D with a probability density determined by f. We require that f is a measurable function from D to R ≥0 such that R f(d)dµD = 1. For finite or countable D th ..."
Abstract
 Add to MetaCart
f We introduce a general stochastic process operator p(d) which behaves as the process p(d) where d:D the value d is chosen from a data domain D with a probability density determined by f. We require that f is a measurable function from D to R ≥0 such that R f(d)dµD = 1. For finite or countable D the d∈D function f represents the probability distribution directly. For bigger domains f represents the density function. We provide a natural operational semantics for a basic process algebra with this operator and define strong stochastic timed bisimulation and general stochastic bisimulation, which due to the potential uncountable nature of D had to be generalised compared to existing notions. We introduce the notion bisimulation resilience, which restricts the use of the language, such that the bisimulation closure of measurable sets is again measurable, and argue that without such a notion stochastic process expressions make little sense. We prove that the bisimulation equivalences are congruences provided the language is bisimulation resilient. 1