Results 1  10
of
33
Design and evaluation of a symbolic and abstractionbased model checker
 Taiwan University
, 2004
"... Abstract. Symbolic modelchecking usually includes two steps: the building of a compact representation of a state graph and the evaluation of the properties of the system upon this data structure. In case of properties expressed with a linear time logic, it appears that the second step is often more ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
(Show Context)
Abstract. Symbolic modelchecking usually includes two steps: the building of a compact representation of a state graph and the evaluation of the properties of the system upon this data structure. In case of properties expressed with a linear time logic, it appears that the second step is often more time consuming than the first one. In this work, we present a mixed solution which builds an observation graph represented in a non symbolic way but where the nodes are essentially symbolic set of states. Due to the small number of events to be observed in a typical formula, this graph has a very moderate size and thus the complexity time of verification is neglectible w.r.t. the time to build the observation graph. Thus we propose different symbolic implementations for the construction of the nodes of this graph. The evaluations we have done on standard examples show that our method outperforms the pure symbolic methods which makes it attractive.
A Logical Process Calculus
, 2002
"... This paper presents the Logical Process Calculus (LPC), a formalism that supports heterogeneous system specifications containing both operational and declarative subspecifiations. Syntactically, LPC extends Milner's Calculus of Communicating Systems with operators from the alternationfree line ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
This paper presents the Logical Process Calculus (LPC), a formalism that supports heterogeneous system specifications containing both operational and declarative subspecifiations. Syntactically, LPC extends Milner's Calculus of Communicating Systems with operators from the alternationfree lineartime µcalculus (LT). Semantically, LPC is equipped with a behavioral preorder that generalizes Hennessy's and De Nicola's musttesting preorder as well as LTµ's satisfaction relation, while being compositional for all LPC operators. From a technical point of view, the new calculus is distinguished by the inclusion of (i) both minimal and maximal fixedpoint operators and (ii) an unimplementability predicate on process terms which tags inconsistent specifications. The utility of LPC is demonstrated by means of an example highlighting the benefits of heterogeneous system specification.
Using compositional preorders in the verification of sliding window protocol
 In Proc. CAV’97, LNCS 1254
, 1997
"... ..."
(Show Context)
A Semantic Theory for Heterogeneous System Design
 In FSTTCS 2000, vol. 1974 of LNCS
, 2000
"... This paper extends DeNicola and Hennessy's testing theory from labeled transition system to Büchi processes and establishes a tight connection between the resulting Büchi mustpreorder and satisfaction of lineartime temporal logic (LTL) formulas. An example dealing with the design of a communi ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
(Show Context)
This paper extends DeNicola and Hennessy's testing theory from labeled transition system to Büchi processes and establishes a tight connection between the resulting Büchi mustpreorder and satisfaction of lineartime temporal logic (LTL) formulas. An example dealing with the design of a communications protocol testi es to the utility of the theory for heterogeneous system design, in which some components are specified as labeled transition systems and others are given as LTL formulas.
MCSOG: An LTL Model Checker Based on Symbolic Observation Graphs
, 2008
"... Model checking is a powerful and widespread technique for the verification of finite distributed systems. However, the main hindrance for wider application of this technique is the wellknown state explosion problem. During the last two decades, numerous techniques have been proposed to cope with th ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
(Show Context)
Model checking is a powerful and widespread technique for the verification of finite distributed systems. However, the main hindrance for wider application of this technique is the wellknown state explosion problem. During the last two decades, numerous techniques have been proposed to cope with the state explosion problem in order to get a manageable state space. Among them, onthefly modelchecking allows for generating only the ”interesting ” part of the model while symbolic modelchecking aims at checking the property on a compact representation of the system by using Binary Decision Diagram (BDD) techniques. In this paper, we propose a technique which combines these two approaches to check LTL\X statebased properties over finite systems. During the model checking process, only an abstraction of the state space of the system, namely the symbolic observation graph, is (possibly partially) explored. The building of such an abstraction is guided by the property to be checked and is equivalent to the original state space graph of the system w.r.t. LTL\X logic (i.e. the abstraction satisfies a given formula ϕ iff the system satisfies ϕ). Our technique was implemented for systems modeled by Petri nets and compared to an explicit modelchecker as well as to a symbolic one (NuSMV) and the obtained results are very competitive.
Model Reduction of Modules for StateEvent Temporal Logics
 In IFIP Joint International Conference on Formal Description Techniques (FORTEPSTV'96), Chapman
, 1996
"... In many DiscreteEvent Systems (DES) both state and event information are of importance to the systems designer. Logics such as Ostroff’s RTTL allow for the specification and verification of a system’s stateevent behavior. To make realistic problems amenable to analysis, a designer must typically d ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
(Show Context)
In many DiscreteEvent Systems (DES) both state and event information are of importance to the systems designer. Logics such as Ostroff’s RTTL allow for the specification and verification of a system’s stateevent behavior. To make realistic problems amenable to analysis, a designer must typically decompose the system into subsystems (modules) and use algebraic abstraction (quotient systems) to obtain hierarchical system models that preserve the properties to be verified. In this paper we use stateevent observational equivalence to perform model reduction for a subclass of formulas of stateevent linear temporal logics, with particular attention being paid to a discrete time temporal logic that is a simplification of RTTL. The reduction technique allows limited use of immediate operators.
A Logical Viewpoint on ProcessAlgebraic Quotients
, 1999
"... We study the following problem: Given a transition system T and its quotient T= under an equivalence , which are the sets L, L of HennessyMilner formulae such that: if ' 2 L and T satisfies ', then T= satisfies '; if ' 2 L and T= satisfies ', then T satisfies &ap ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
(Show Context)
We study the following problem: Given a transition system T and its quotient T= under an equivalence , which are the sets L, L of HennessyMilner formulae such that: if ' 2 L and T satisfies ', then T= satisfies '; if ' 2 L and T= satisfies ', then T satisfies '.
Liveness and fairness in processalgebraic verification
, 2003
"... Although liveness and fairness have been used for a long time in classical model checking, with processalgebraic methods they have seen far less use. One problem is combining fairness with the compositionality of process algebra. In this article we analyse this problem, and then present an approac ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
(Show Context)
Although liveness and fairness have been used for a long time in classical model checking, with processalgebraic methods they have seen far less use. One problem is combining fairness with the compositionality of process algebra. In this article we analyse this problem, and then present an approach for using a class of fairness constraints. The approach fulfills all the requirements of compositionality and is compatible with an existing semantics. It is based on the standard LTS model and does not require new fairnessrelated constructs or rules for the process algebra. Therefore, it avoids potential conflicts between the fairness requirements and the underlying transition system. Although adding fairness can create an infinite subsystem, a larger system in which the subsystem is placed can still be finite. We present an algorithm for constructing a finite LTS which is equivalent to the larger system in every case that an exact finite representation exists, and which otherwise is a conservative estimate of it. However, checking whether an exact finite representation exists is costlier than building the representation, namely, it is PSPACEcomplete in the size of an intermediate parameter system.
A.: “Merging StateBased and ActionBased Verification
 Proc. ACSD 2003, Third International Conference on Application of Concurrency to System Design, IEEE Computer Society 2003
, 2003
"... A formalism is presented that is intended to combine basic properties of both statebased and actionbased verification. In statebased verification the behaviour of the system is described in terms of the properties of its states, whereas actionbased methods concentrate on transitions between st ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
A formalism is presented that is intended to combine basic properties of both statebased and actionbased verification. In statebased verification the behaviour of the system is described in terms of the properties of its states, whereas actionbased methods concentrate on transitions between states. A typical statebased approach consists of representing requirements as temporal logic formulae, and modelchecking the state space of the system against them. Actionbased verification often consists of comparing systems according to some equivalence or preorder relation. We add state propositions to a typical processalgebraic action framework. Values of state propositions are propagated through processalgebraic compositions and reductions by augmenting actions with changes of proposition values. A modified parallel composition operator is used for synchronisation of processes and handling of state propositions. Efficient onthefly verification is obtained with four kinds of rejection conditions. The formalism is implemented in a new verification tool TVT. 1.