Abstract. Prominent examples of dynamic communication systems include traffic control systems and ad hoc networks. Dynamic communication systems are hard to verify due to inherent unboundedness. Unbounded creation and destruction of objects and a dynamically evolving communication topology are characteristic features. Partner graph grammars are presented as an adequate specification formalism for dynamic communication systems. They are based on the single pushout approach to algebraic graph transformation and specifically tailored to dynamic communication systems. We propose a new verification technique based on abstract interpretation of partner graph grammars. It uses a novel two-layered abstraction, partner abstraction, that keeps precise information about objects and their communication partners. We identify statically checkable cases for which the abstract interpretation is even complete. In particular, applicability of transformation rules is preserved precisely. The analysis has been implemented in the hiralysis tool. It is evaluated on a complex case study, car platooning, for which many interesting properties can be proven automatically. 1

Abstract. We present a technique for modeling and automatic verification of network protocols, based on graph transformation. It is suitable for protocols with a potentially unbounded number of nodes, in which the structure and topology of the network is a central aspect, such as routing protocols for ad hoc networks. Safety properties are specified as a set of undesirable global configurations. We verify that there is no undesirable configuration which is reachable from an initial configuration, by means of symbolic backward reachability analysis. In general, the reachability problem is undecidable. We implement the technique in a graph grammar analysis tool, and automatically verify several interesting nontrivial examples. Notably, we prove loop freedom for the DYMO ad hoc routing protocol. DYMO is currently on the IETF standards track, to potentially become an Internet standard. 1

We describe the design and the present state of the verification tool Augur 2 which is currently being developed. It is based on Augur 1, a tool which can analyze graph transformation systems by approximating them by Petri nets. The main reason for the new development was to create an open, flexible and extensible verification environment. Also, compared to the previous version, Augur 2 will include more functionality and new analysis techniques.

We introduce an analysis method for graph transformation systems which checks that certain forbidden graphs are not reachable from the start graph. These forbidden graphs are specified by a contextfree graph grammar. The technique is based on the approximation of graph transformation systems by Petri nets and on semilinear sets of markings. Especially we exploit Parikh’s theorem which says that the Parikh image of a context-free grammar is semilinear. An important application is deadlock analysis for interaction nets and we specifically show how to apply the technique to an infinite-state dining philosopher’s system.

is the fourth workshop of a series that serves as a forum for all researchers and practitioners interested in an exchange of ideas, notions, techniques between the fields of Petri nets and graph transformations, two prominent specification formalisms of concurrent and distributed systems. It belongs to the folklore that Petri nets can be seen as rewriting systems over (multi)sets, the rewriting rules being the transitions, and, as such they can be seen as special graph transformation systems. This close correspondence between the two models has naturally led to a mutual influence. For instance, several approaches to the concurrent semantics of graph transformation systems as well as techniques for their analysis and verification are strongly influenced by the corresponding theories and constructions for Petri nets. Classical Petri net models have been integrated with graph transformation systems, e.g., in order to define rule-based changes in the net structure. This serves both for a stepwise refinement of Petri net models or for the specification of dynamically reconfiguring nets. Interesting connections exist with extensions