Results 1  10
of
96
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 3018 (67 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Model Checking of Probabilistic and Nondeterministic Systems
, 1995
"... . The temporal logics pCTL and pCTL* have been proposed as tools for the formal specification and verification of probabilistic systems: as they can express quantitative bounds on the probability of system evolutions, they can be used to specify system properties such as reliability and performance. ..."
Abstract

Cited by 265 (13 self)
 Add to MetaCart
. The temporal logics pCTL and pCTL* have been proposed as tools for the formal specification and verification of probabilistic systems: as they can express quantitative bounds on the probability of system evolutions, they can be used to specify system properties such as reliability and performance. In this paper, we present modelchecking algorithms for extensions of pCTL and pCTL* to systems in which the probabilistic behavior coexists with nondeterminism, and show that these algorithms have polynomialtime complexity in the size of the system. This provides a practical tool for reasoning on the reliability and performance of parallel systems. 1 Introduction Temporal logic has been successfully used to specify the behavior of concurrent and reactive systems. These systems are usually modeled as nondeterministic processes: at any moment in time, more than one future evolution may be possible, but a probabilistic characterization of their likelihood is normally not attempted. While ma...
Modelchecking algorithms for continuoustime Markov chains
 IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 2003
"... Continuoustime Markov chains (CTMCs) have been widely used to determine system performance and dependability characteristics. Their analysis most often concerns the computation of steadystate and transientstate probabilities. This paper introduces a branching temporal logic for expressing realt ..."
Abstract

Cited by 210 (43 self)
 Add to MetaCart
(Show Context)
Continuoustime Markov chains (CTMCs) have been widely used to determine system performance and dependability characteristics. Their analysis most often concerns the computation of steadystate and transientstate probabilities. This paper introduces a branching temporal logic for expressing realtime probabilistic properties on CTMCs and presents approximate model checking algorithms for this logic. The logic, an extension of the continuous stochastic logic CSL of Aziz et al., contains a timebounded until operator to express probabilistic timing properties over paths as well as an operator to express steadystate probabilities. We show that the model checking problem for this logic reduces to a system of linear equations (for unbounded until and the steadystate operator) and a Volterra integral equation system (for timebounded until). We then show that the problem of modelchecking timebounded until properties can be reduced to the problem of computing transient state probabilities for CTMCs. This allows the verification of probabilistic timing properties by efficient techniques for transient analysis for CTMCs such as uniformization. Finally, we show that a variant of lumping equivalence (bisimulation), a wellknown notion for aggregating CTMCs, preserves the validity of all formulas in the logic.
Approximate symbolic model checking of continuoustime Markov chains (Extended Abstract)
, 1999
"... . This paper presents a symbolic model checking algorithm for continuoustime Markov chains for an extension of the continuous stochastic logic CSL of Aziz et al [1]. The considered logic contains a timebounded untiloperator and a novel operator to express steadystate probabilities. We show that t ..."
Abstract

Cited by 148 (24 self)
 Add to MetaCart
. This paper presents a symbolic model checking algorithm for continuoustime Markov chains for an extension of the continuous stochastic logic CSL of Aziz et al [1]. The considered logic contains a timebounded untiloperator and a novel operator to express steadystate probabilities. We show that the model checking problem for this logic reduces to a system of linear equations (for unbounded until and the steady stateoperator) and a Volterra integral equation system for timebounded until. We propose a symbolic approximate method for solving the integrals using MTDDs (multiterminal decision diagrams), a generalisation of MTBDDs. These new structures are suitable for numerical integration using quadrature formulas based on equallyspaced abscissas, like trapezoidal, Simpson and Romberg integration schemes. 1 Introduction The mechanised verification of a given (usually) finitestate model against a property expressed in some temporal logic is known as model checking. For probabilistic...
Model Checking for a Probabilistic Branching Time Logic with Fairness
 Distributed Computing
, 1998
"... We consider concurrent probabilistic systems, based on probabilistic automata of Segala & Lynch [55], which allow nondeterministic choice between probability distributions. These systems can be decomposed into a collection of "computation trees" which arise by resolving the nondeterm ..."
Abstract

Cited by 133 (40 self)
 Add to MetaCart
We consider concurrent probabilistic systems, based on probabilistic automata of Segala & Lynch [55], which allow nondeterministic choice between probability distributions. These systems can be decomposed into a collection of "computation trees" which arise by resolving the nondeterministic, but not probabilistic, choices. The presence of nondeterminism means that certain liveness properties cannot be established unless fairness is assumed. We introduce a probabilistic branching time logic PBTL, based on the logic TPCTL of Hansson [30] and the logic PCTL of [55], resp. pCTL of [14]. The formulas of the logic express properties such as "every request is eventually granted with probability at least p". We give three interpretations for PBTL on concurrent probabilistic processes: the first is standard, while in the remaining two interpretations the branching time quantifiers are taken to range over a certain kind of fair computation trees. We then present a model checking algorithm for...
On probabilistic model checking
, 1996
"... Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative ..."
Abstract

Cited by 88 (24 self)
 Add to MetaCart
(Show Context)
Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative properties with rewards. Example properties include the probability that a fault occurs and the expected number of faults in a given time period. We also describe the practical application of stochastic model checking with the probabilistic model checker PRISM by outlining the main features supported by PRISM and three realworld case studies: a probabilistic security protocol, dynamic power management and a biological pathway. 1
Model checking continuoustime Markov chains by transient analysis
, 2000
"... . The verification of continuoustime Markov chains (CTMCs) against continuous stochastic logic (CSL) [3, 6], a stochastic branchingtime temporal logic, is considered. CSL facilitates among others the specification of steadystate properties and the specification of probabilistic timing properties o ..."
Abstract

Cited by 81 (19 self)
 Add to MetaCart
. The verification of continuoustime Markov chains (CTMCs) against continuous stochastic logic (CSL) [3, 6], a stochastic branchingtime temporal logic, is considered. CSL facilitates among others the specification of steadystate properties and the specification of probabilistic timing properties of the form P# #p(#1 U I #2 ), for state formulas #1 and #2 , comparison operator ##, probability p, and real interval I. The main result of this paper is that model checking probabilistic timing properties can be reduced to the problem of computing transient state probabilities for CTMCs. This allows us to verify such properties by using e#cient techniques for transient analysis of CTMCs such as uniformisation. A second result is that a variant of ordinary lumping equivalence (i.e., bisimulation), a wellknown notion for aggregating CTMCs, preserves the validity of all CSLformulas. In 12th Annual Symposium on Computer Aided Verification, CAV 2000, c # SpringerVerlag 2000 Chicago,...
Probabilistic Extensions of Process Algebras
 Handbook of Process Algebra
, 2001
"... INTRODUCTION Classic process, algebras such as CCS, CSP and ACP, are wellestablished techniques for modelling and reasoning about functional aspects of concurrent processes. The motivation for studying probabilistic extensions of process algebras is to develop techniques dealing with nonfunctiona ..."
Abstract

Cited by 77 (7 self)
 Add to MetaCart
(Show Context)
INTRODUCTION Classic process, algebras such as CCS, CSP and ACP, are wellestablished techniques for modelling and reasoning about functional aspects of concurrent processes. The motivation for studying probabilistic extensions of process algebras is to develop techniques dealing with nonfunctional aspects of process behavior, such as performance and reliability. We may want to investigate, e.g., the average response time of a system, or the ? This chapter is dedicated to the fond memory of Linda Christoff. probability that a certain failure occurs. An analysis of these and similar properties requires that some form of information about the stochastic distribution over the occurrence of relevant events is put into the model. For instance, performance evaluation is often based on modeling a system as a continuoustime Markov process, in which distributions over delays between actions and over the choice between different actions are specified. Similar
Model Checking Probabilistic Pushdown Automata
, 2004
"... We consider the model checking problem for probabilistic pushdown automata (pPDA) and properties expressible in various probabilistic logics. We start with properties that can be formulated as instances of a generalized random walk problem. We prove that both qualitative and quantitative model check ..."
Abstract

Cited by 69 (26 self)
 Add to MetaCart
We consider the model checking problem for probabilistic pushdown automata (pPDA) and properties expressible in various probabilistic logics. We start with properties that can be formulated as instances of a generalized random walk problem. We prove that both qualitative and quantitative model checking for this class of properties and pPDA is decidable. Then we show that model checking for the qualitative fragment of the logic PCTL and pPDA is also decidable. Moreover, we develop an errortolerant model checking algorithm for general PCTL and the subclass of stateless pPDA. Finally, we consider the class of properties definable by deterministic B uchi automata, and show that both qualitative and quantitative model checking for pPDA is decidable. 1.
Weak Bisimulation for Fully Probabilistic Processes
, 1999
"... Bisimulations that abstract from internal computation have proven to be useful for verification of compositionally defined transition systems. In the literature of probabilistic extensions of such transition systems, similar bisimulations are rare. In this paper, we introduce weak and branching bisi ..."
Abstract

Cited by 67 (9 self)
 Add to MetaCart
Bisimulations that abstract from internal computation have proven to be useful for verification of compositionally defined transition systems. In the literature of probabilistic extensions of such transition systems, similar bisimulations are rare. In this paper, we introduce weak and branching bisimulation for fully probabilistic systems, transition systems where nondeterministic branching is replaced by probabilistic branching. In contrast to the nondeterministic case, both relations coincide. We give an algorithm to decide weak (and branching) bisimulation with a time complexity cubic in the number of states of the fully probabilistic system. This meets the worst case complexity for deciding branching bisimulation in the nondeterministic case. In addition, the relation is shown to be a congruence with respect to the operators of PLSCCS, alazy synchronous probabilistic variant of CCS. We illustrate that due to these properties, weak bisimulation provides all the crucial ingredients