Results 1  10
of
41
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 2675 (65 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Temporal and modal logic
 HANDBOOK OF THEORETICAL COMPUTER SCIENCE
, 1995
"... We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic. ..."
Abstract

Cited by 1177 (17 self)
 Add to MetaCart
(Show Context)
We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic.
An automatatheoretic approach to linear temporal logic
 Logics for Concurrency: Structure versus Automata, volume 1043 of Lecture Notes in Computer Science
, 1996
"... Abstract. The automatatheoretic approach to linear temporal logic uses the theory of automata as a unifying paradigm for program specification, verification, and synthesis. Both programs and specifications are in essence descriptions of computations. These computations can be viewed as words over s ..."
Abstract

Cited by 232 (22 self)
 Add to MetaCart
(Show Context)
Abstract. The automatatheoretic approach to linear temporal logic uses the theory of automata as a unifying paradigm for program specification, verification, and synthesis. Both programs and specifications are in essence descriptions of computations. These computations can be viewed as words over some alphabet. Thus,programs and specificationscan be viewed as descriptions of languagesover some alphabet. The automatatheoretic perspective considers the relationships between programs and their specifications as relationships between languages.By translating programs and specifications to automata, questions about programs and their specifications can be reduced to questions about automata. More specifically, questions such as satisfiability of specifications and correctness of programs with respect to their specifications can be reduced to questions such as nonemptiness and containment of automata. Unlike classical automata theory, which focused on automata on finite words, the applications to program specification, verification, and synthesis, use automata on infinite words, since the computations in which we are interested are typically infinite. This paper provides an introduction to the theory of automata on infinite words and demonstrates its applications to program specification, verification, and synthesis. 1
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
Abstract

Cited by 40 (2 self)
 Add to MetaCart
(Show Context)
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
Constructing Automata from Temporal Logic Formulas: A Tutorial
 Summer School on Trends in Computer Science, LNCS 2090
"... This paper presents a tutorial introduction to the construction of finiteautomata on infinite words from lineartime temporal logic formulas. After defining the source and target formalisms, it describes a first construction whose correctness is quite direct to establish, but whose behavior is alwa ..."
Abstract

Cited by 33 (0 self)
 Add to MetaCart
This paper presents a tutorial introduction to the construction of finiteautomata on infinite words from lineartime temporal logic formulas. After defining the source and target formalisms, it describes a first construction whose correctness is quite direct to establish, but whose behavior is always equal to the worstcase upper bound. It then turns to the techniques that can be used to improve this algorithm in order to obtain the quite effective algorithms that are now in use.
Alternating Automata and Program Verification
 In Computer Science Today. LNCS 1000
, 1995
"... . We describe an automatatheoretic approach to the automatic verification of finitestate programs. The basic idea underlying this approach is that for any temporal formula we can construct an alternating automaton that accepts precisely the computations that satisfy the formula. For linear tempora ..."
Abstract

Cited by 26 (1 self)
 Add to MetaCart
. We describe an automatatheoretic approach to the automatic verification of finitestate programs. The basic idea underlying this approach is that for any temporal formula we can construct an alternating automaton that accepts precisely the computations that satisfy the formula. For linear temporal logics the automaton runs on infinite words while for branching temporal logics the automaton runs on infinite trees. The simple combinatorial structures that emerge from the automatatheoretic approach decouple the logical and algorithmic components of finitestateprogram verification and yield clear and general verification algorithms. 1 Introduction Temporal logics, which are modal logics geared towards the description of the temporal ordering of events, have been adopted as a powerful tool for specifying and verifying concurrent programs [Pnu77, MP92]. One of the most significant developments in this area is the discovery of algorithmic methods for verifying temporal logic properties...
Largescale directed model checking LTL
 In Model Checking Software (SPIN
, 2006
"... Abstract. To analyze larger models for explicitstate model checking, directed model checking applies errorguided search, external model checking uses secondary storage media, and distributed model checking exploits parallel exploration on multiple processors. In this paper we propose an external, ..."
Abstract

Cited by 24 (8 self)
 Add to MetaCart
Abstract. To analyze larger models for explicitstate model checking, directed model checking applies errorguided search, external model checking uses secondary storage media, and distributed model checking exploits parallel exploration on multiple processors. In this paper we propose an external, distributed and directed onthefly model checking algorithm to check general LTL properties in the model checker SPIN. Previous attempts restricted to checking safety properties. The worstcase I/O complexity is bounded by O(sort(FR)/p + l · scan(FS)), where S and R are the sets of visited states and transitions in the synchronized product of the Büchi automata for the model and the property specification, F is the number of accepting states, l is the length of the shortest counterexample, and p is the number of processors. The algorithm we propose returns minimal lassoshaped counterexamples and includes refinements for propertydriven exploration. 1
An effective decision procedure for linear arithmetic with integer and real variables
 ACM Transactions on Computational Logic (TOCL
, 2005
"... This article considers finiteautomatabased algorithms for handling linear arithmetic with both real and integer variables. Previous work has shown that this theory can be dealt with by using finite automata on infinite words, but this involves some difficult and delicate to implement algorithms. T ..."
Abstract

Cited by 24 (5 self)
 Add to MetaCart
(Show Context)
This article considers finiteautomatabased algorithms for handling linear arithmetic with both real and integer variables. Previous work has shown that this theory can be dealt with by using finite automata on infinite words, but this involves some difficult and delicate to implement algorithms. The contribution of this article is to show, using topological arguments, that only a restricted class of automata on infinite words are necessary for handling real and integer linear arithmetic. This allows the use of substantially simpler algorithms, which have been successfully implemented.
Rational behaviour and strategy construction in infinite multiplayer games
, 2005
"... We study infinite games played by arbitrarily many players on a directed graph. Equilibrium states capture rational behaviour in these games. Instead of the wellknown notion of a Nash equilibrium, we focus on the notion of a subgame perfect equilibrium. We argue that the latter one is more appropri ..."
Abstract

Cited by 12 (5 self)
 Add to MetaCart
We study infinite games played by arbitrarily many players on a directed graph. Equilibrium states capture rational behaviour in these games. Instead of the wellknown notion of a Nash equilibrium, we focus on the notion of a subgame perfect equilibrium. We argue that the latter one is more appropriate for the kind of games we study, and we show the existence of a subgame perfect equilibrium in any infinite game with ωregular winning conditions. As, in general, equilibria are not unique, it is appealing to compute one with a maximal payoff. This problem corresponds naturally to the problem of deciding given a game and two payoff vectors whether the game has an equilibrium with a payoff in between the given thresholds. We show that this problem is decidable for games with ωregular winning conditions played on a finite graph and analyse its complexity. Moreover, we establish that any subgame perfect equilibrium of a game with ωregular winning conditions played on a finite graph can be implemented by finitestate strategies. Finally, we consider logical definability. We state that if we fix the number of players together with an ωregular winning condition for each of them and two payoff vectors the property that a game has a subgame perfect equilibrium with a payoff in between the given thresholds is definable in the modal µcalculus.
T (2001) Model checking LTL properties of highlevel Petri nets with fairness constraints
 In: Proc. 22nd Conference on Application and Theory of Petri Nets, LNCS 2075
"... ..."
(Show Context)