A temporal logic for causality (Tlc) is introduced. The logic is interpreted over causal structures corresponding to partial order executions of programs. For causal structures describing the behavior of a finite fixed set of processes, a Tlc-formula can, equivalently, be interpreted over their linearizations. The main result of the paper is a tableau construction that gives a singly-exponential translation from a Tlc formula ' to a Streett automaton that accepts the set of linearizations satisfying '. This allows both checking the validity of Tlc formulas and model-checking of program properties. As the logic Tlc does not distinguish among different linearizations of the same partial order execution, partial order reduction techniques can be applied to alleviate the state-space explosion problem of model-checking. 1 Introduction One of the most successful techniques for automatic verification of finite-state systems has been model-checking . A model-checking algorithm decides wheth...

Team automata have been proposed in (Ellis, 1997) as a formal framework for modeling both the conceptual and the architectural level of groupware systems. Here we define team automata in a mathematically precise way in terms of component automata which synchronize on certain executions of actions. At the conceptual level, our model serves as a formal framework in which basic groupware notions can be rigorously defined and studied. At the architectural level, team automata can be used as building blocks in the design of groupware systems.

Message Sequence Charts (MSCs) are an attractive visual formalism used during the early stages of design in domains such as telecommunication software. A popular mechanism for generating a collection of MSCs is a Hierarchical Message Sequence Chart (HMSC). However, not all HMSCs describe collections of MSCs that can be "realized" as a finite-state device. Our main goal is to pin down this notion of realizability. We propose an independent notion of regularity for collections of MSCs and explore its basic properties. In particular, we characterize regular collections of MSCs in terms of finite-state distributed automata called bounded message-passing automata, in which a set of sequential processes communicate with e...

We present here a linear time temporal logic which simultaneously extends LTL, the propositional temporal logic of linear time, along two dimensions. Firstly, the until operator is strengthened by indexing it with the regular programs of propositional dynamic logic (PDL). Secondly, the core formulas of the logic are decorated with names of sequential agents drawn from fixed finite set. The resulting logic has a natural semantics in terms of the runs of a distributed program consisting of a finite set of sequential programs that communicate by performing common actions together. We show that our logic, denoted , admits an exponential time decision procedure. We also show that expressively equivalent to the so called regular product languages.

This dissertation investigates and extends the mathematical foundations of logics and automata for the interleaving and synchronous noninterleaving view of system computations with an emphasis on decision procedures and relative expressive powers, and introduces extensions of these foundations to the emerging domain of noninterleaving asynchronous computations. System computations are described as occurrences of system actions, and tractable collections of such computations can be naturally represented by finite automata upon which one can do formal analysis. Specifications of system properties are usually described in formal logics, and the question whether the system at hand satisfies its specification is then solved by means of automata-theoretic constructions.

An Asynchronous Buchi Automaton is a collection of concurrently executing automata, able to perform operations that are shared between one or more of their concurrent components. These automata can be used to specify properties of distributed protocols. In this paper, an efficient method for verifying that a protocol satisfies its Asynchronous Buchi Automaton specification is presented. In order to alleviate a potential state space explosion while verifying a protocol, a state reduction technique is used. The construction results in a reduced state space that contains at least one representative sequence for each equivalence class of infinite sequences. This guarantees that the full state space contains an accepting execution if and only if the reduced state space contains one. This method can also be used to check for the emptyness of an Asynchronous Buchi Automaton. Thus, it can be used to check the validity of specification languages that can be translated into such automata, such a...

Three types of finite-state graph automata are compared over directed acyclic graphs (where vertices and edges are labelled). The automata are distinguished by the way how states are attached to an input graph (“vertexmarking”, “edge-marking”, and “1-sphere-marking”). We note the equivalence of these models, relate them to logical definability notions, and show that deterministic versions are strictly weaker (thus correcting an error of [9]). 1

We tackle a natural problem from distributed computing, involving time-stamps. Let P = fp 1 ; p 2 ; : : : ; p N g be a set of computing agents or processes which synchronize with each other from time to time and exchange information about themselves and others. The gossip problem is the following: Whenever a set P ` P meets, the processes in P must decide amongst themselves which of them has the latest information, direct or indirect, about each agent p in the system. We propose an algorithm to solve this problem which is finite-state and local. Formally, this means that our algorithm can be implemented as an asynchronous automaton.

Abstract. Hereditary history preserving bisimulation is a natural extension of bisimulation to the setting of so-called “true ” concurrency. Somewhat surprisingly, this extension turns out to be undecidable, in general, for finite-state concurrent systems. In this paper, we show that for a substantial and useful class of finite-state concurrent systems— those whose semantics can be described in terms of Mazurkiewicz traces— hereditary history preserving is decidable. 1

Model checking of asynchronous systems is traditionally based on the interleaving model, where an execution is modeled by a total order between atomic events. Recently, the use of partial order semantics, representing the causal order between events, is becoming popular. This paper considers the model checking problem for partial-order temporal logics. Solutions to this problem exist for partial order logics over local states. For the more general global logics that are interpreted over global states, only undecidability results have been proved. In this paper, we present a decision procedure for a partial order temporal logic over global states. We also sharpen the undecidability results by showing that a single until operator is sufficient for undecidability.