Results 1  10
of
70
Pushdown Processes: Games and Model Checking
, 1996
"... Games given by transition graphs of pushdown processes are considered. It is shown that ..."
Abstract

Cited by 182 (7 self)
 Add to MetaCart
Games given by transition graphs of pushdown processes are considered. It is shown that
Alternating Tree Automata, Parity Games, and Modal µCalculus
, 2000
"... This paper resulted from an invited talk given at the Journes Montoises, MarnelaValle, March 2000. ..."
Abstract

Cited by 52 (1 self)
 Add to MetaCart
This paper resulted from an invited talk given at the Journes Montoises, MarnelaValle, March 2000.
Model checking and the Mucalculus
 DIMACS Series in Discrete Mathematics
, 1997
"... There is a growing recognition of the need to apply formal mathematical methods in the design of "high confidence" computing systems. Such systems operate in safety critical contexts (e.g., air traffic control systems) or where errors could have major adverse economic consequences (e.g., ..."
Abstract

Cited by 46 (0 self)
 Add to MetaCart
There is a growing recognition of the need to apply formal mathematical methods in the design of "high confidence" computing systems. Such systems operate in safety critical contexts (e.g., air traffic control systems) or where errors could have major adverse economic consequences (e.g., banking networks). The problem is especially acute in the design of many reactive systems which must exhibit correct ongoing behavior, yet are not amenable to thorough testing due to their inherently nondeterministic nature. One useful approach for specifying and reasoning about correctness of such systems is temporal logic model checking, which can provide an efficient and expressive tool for automatic verification that a finite state system meets a correctness specification formulated in temporal logic. We describe model checking algorithms and discuss their application. To do this, we focus attention on a particularly important type of temporal logic known as the Mucalculus.
Practical ModelChecking Using Games
 Lecture
, 1998
"... . We describe how modelchecking games can be the foundation for efficient local modelchecking of the modal mucalculus on transition systems. Gamebased algorithms generate winning strategies for a certain game, which can then be used interactively to help the user understand why the property ..."
Abstract

Cited by 42 (0 self)
 Add to MetaCart
. We describe how modelchecking games can be the foundation for efficient local modelchecking of the modal mucalculus on transition systems. Gamebased algorithms generate winning strategies for a certain game, which can then be used interactively to help the user understand why the property is or is not true of the model. This kind of feedback has advantages over traditional techniques such as error traces. We give a proof technique for verifying such algorithms, and apply it to one which we have implemented in the Edinburgh Concurrency Workbench. We discuss its usability and performance. 1 Introduction The modal mucalculus (see e.g. [9]) is an expressive logic which can be used to describe properties of systems modelled as labelled transition systems (LTSs). The problem of modelchecking the mucalculus on transition systems is that of deciding whether an LTS satisfies a formula. Many modelchecking algorithms have been developed and implemented in tools. One such tool ...
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
Abstract

Cited by 40 (2 self)
 Add to MetaCart
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
Abstract interpretation based formal methods and future challenges
 INFORMATICS — 10 YEARS BACK, 10 YEARS AHEAD, VOLUME 2000 OF LECTURE NOTES IN COMPUTER SCIENCE
, 2001
"... In order to contribute to the solution of the software reliability problem, tools have been designed to analyze statically the runtime behavior of programs. Because the correctness problem is undecidable, some form of approximation is needed. The purpose of abstract interpretation is to formalize ..."
Abstract

Cited by 40 (6 self)
 Add to MetaCart
In order to contribute to the solution of the software reliability problem, tools have been designed to analyze statically the runtime behavior of programs. Because the correctness problem is undecidable, some form of approximation is needed. The purpose of abstract interpretation is to formalize this idea of approximation. We illustrate informally the application of abstraction to the semantics of programming languages as well as to static program analysis. The main point is that in order to reason or compute about a complex system, some information must be lost, that is the observation of executions must be either partial or at a high level of abstraction. In the second part of the paper, we compare static program analysis with deductive methods, modelchecking and type inference. Their foundational ideas are briefly reviewed, and the shortcomings of these four methods are discussed, including when they should be combined. Alternatively, since program debugging is still the main program verification