Results 1  10
of
29
The concurrency workbench: A semantics based tool for the verification of concurrent systems
 In Proceedings of the Workshop on Automatic Verification Methods for Finite State Machines
, 1991
"... Abstract The Concurrency Workbench is an automated tool for analyzing networks of finitestate processes expressed in Milner's Calculus of Communicating Systems. Its key feature is its breadth: a variety of different verification methods, including equivalence checking, preorder checking, and model ..."
Abstract

Cited by 102 (3 self)
 Add to MetaCart
Abstract The Concurrency Workbench is an automated tool for analyzing networks of finitestate processes expressed in Milner's Calculus of Communicating Systems. Its key feature is its breadth: a variety of different verification methods, including equivalence checking, preorder checking, and model checking, are supported for several different process semantics. One experience from our work is that a large number of interesting verification methods can be formulated as combinations of a small number of primitive algorithms. The Workbench has been applied to the verification of communications protocols and mutual exclusion algorithms and has proven a valuable aid in teaching and research. 1 Introduction This paper describes the Concurrency Workbench [11, 12, 13], a tool that supports the automatic verification of finitestate processes. Such tools are practically motivated: the development of complex distributed computer systems requires sophisticated verification techniques to guarantee correctness, and the increase in detail rapidly becomes unmanageable without computer assistance. Finitestate systems, such as communications protocols and hardware, are particularly suitable for automated analysis because their finitary nature ensures the existence of decision procedures for a wide range of system properties.
Communicating Reactive Processes
 In Proceedings of Twentieth ACM Symposium on Principles of Programming Languages
, 1993
"... We present a new programming paradigm called Communicating Reactive Processes or CRP that unifies the capabilities of asynchronous and synchronous concurrent programming languages. Asynchronous languages such as CSP, Occam, or Ada are wellsuited for distributed algorithms; their processes are loose ..."
Abstract

Cited by 56 (8 self)
 Add to MetaCart
We present a new programming paradigm called Communicating Reactive Processes or CRP that unifies the capabilities of asynchronous and synchronous concurrent programming languages. Asynchronous languages such as CSP, Occam, or Ada are wellsuited for distributed algorithms; their processes are loosely coupled and communication takes time. The Esterel synchronous language is dedicated to reactive systems; its processes are tightly coupled and deterministic, communication being realized by instantaneous broadcasting. Complex applications such as process or robot control require to couple both forms of concurrency, which is the object of CRP. A CRP program consists of independent locally reactive Esterel nodes that communicate with each other by CSP rendezvous. CRP faithfully extends both Esterel and CSP and adds new possibilities such as precise local watchdogs on rendezvous. We present the design of CRP, its semantics, a translation into classical process calculi for program verificatio...
Generating Efficient Protocol Code from an Abstract Specification
, 1996
"... A protocol compiler takes as input an abstract specification of a protocol and generates an implementation of that protocol. Protocol compilers usually produce inefficient code both in terms of code speed and code size. In this paper, we show that by compiling a modular specification into an integra ..."
Abstract

Cited by 52 (0 self)
 Add to MetaCart
A protocol compiler takes as input an abstract specification of a protocol and generates an implementation of that protocol. Protocol compilers usually produce inefficient code both in terms of code speed and code size. In this paper, we show that by compiling a modular specification into an integrated automaton and by selectively optimizing its different transitions, it is possible to automatically generate efficient protocol code. Our protocol compiler takes as input a protocol specification in the synchronous language Esterel and compiles it into a C implementation. This process is divided into two stages. First, the specicfiation is compiled into an integrated automaton by the Esterel front end. This automaton is then optimized and converted into an efficient C implementation by a protocol code optimizer called HIPPCO. HIPPCO improves performance and reduces code size by simultaneously optimizing the performance of common path whi...
A FrontEnd Generator for Verification Tools
, 1995
"... This paper describes the Process Algebra Compiler (PAC), a frontend generator for processalgebrabased verification tools. Given descriptions of a process algebra's concrete and abstract syntax and semantics as structural operational rules, the PAC produces syntactic routines and functions for com ..."
Abstract

Cited by 21 (5 self)
 Add to MetaCart
This paper describes the Process Algebra Compiler (PAC), a frontend generator for processalgebrabased verification tools. Given descriptions of a process algebra's concrete and abstract syntax and semantics as structural operational rules, the PAC produces syntactic routines and functions for computing the semantics of programs in the algebra. Using this tool greatly simplies the task of adapting verification tools to the analysis of systems described in different languages; it may therefore be used to achieve sourcelevel compatibility between different verication tools. Although the initial verication tools targeted by the PAC are MAUTO and the Concurrency Workbench, the structure of the PAC caters for the support of other tools as well.
Strategic Directions in Concurrency Research
 ACM COMPUTING SURVEYS
, 1996
"... Concurrency is concerned with the fundamental aspects of systems of multiple, simultaneously active computing agents that interact with one another. This notion is ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
Concurrency is concerned with the fundamental aspects of systems of multiple, simultaneously active computing agents that interact with one another. This notion is
Modeling and Analyzing Concurrent Systems with MPA
 Proc. of 2nd Process Algebra and Performance Modelling Workshop
, 1994
"... Process algebras are one of the main tools for modeling and analyzing concurrent systems. However, they can be used to describe only the functional aspect of system behavior. Recently, the relevance of integrating performance evaluation within the process of specification, design and implementation ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
Process algebras are one of the main tools for modeling and analyzing concurrent systems. However, they can be used to describe only the functional aspect of system behavior. Recently, the relevance of integrating performance evaluation within the process of specification, design and implementation of concurrent systems has been widely recognized. Hence, an effort has been made in order to handle also the temporal aspect of system behavior. In this paper the stochastic process algebra MPA (Markovian Process Algebra) is briefly introduced, together with its operational interleaving semantics, its markovian semantics and its operational net semantics. A concurrent system is described as a term of MPA. The operational interleaving semantics (defined by following Plotkin's structured operational semantics approach, augmented with two transformations) associates a labeled transition system with each MPA term. The markovian semantics is defined through an algorithm which transforms labeled t...
Modular Communication Subsystem Implementation using a Synchronous Approach
 In Proceedings of USENIX Conference on HighSpeed Networking
, 1994
"... The lack of flexibility and performance of current communication subsystems has led researchers to look for new protocol architectures. A new design philosophy, flexible and efficient, referred to in the literature as "functionbased communication model" is emerging and seems to be very promising. I ..."
Abstract

Cited by 11 (4 self)
 Add to MetaCart
The lack of flexibility and performance of current communication subsystems has led researchers to look for new protocol architectures. A new design philosophy, flexible and efficient, referred to in the literature as "functionbased communication model" is emerging and seems to be very promising. It consists of designing applicationtailored communication subsystems adapted to the specific requirements of a given application. The flexibility of such a solution leads to very efficient implementations integrating only required functionalities. In this paper, we propose a flexible model which uses a synchronous language to synthesize communication subsystems from functional building blocks. We prove the feasibility of our approach by implementing a data transfer protocol using Esterel, a synchronous language. Communication subsystem specifications in our model are very modular; they are composed of parallel modules, implementing the different functionalities of the communication su...
A Formal Verification Environment for Railway Signaling System Design
 Formal Methods in System Design
, 1998
"... . A fundamental problem in the design and development of embedded control systems is the verification of safety requirements. Formal methods, offering a mathematical way to specify and analyze the behavior of a system, together with the related support tools can successfully be applied in the formal ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
. A fundamental problem in the design and development of embedded control systems is the verification of safety requirements. Formal methods, offering a mathematical way to specify and analyze the behavior of a system, together with the related support tools can successfully be applied in the formal proof that a system is safe. However, the complexity of real systems is such that automated tools often fail to formally validate such systems. This paper outlines an experience on formal specification and verification carried out in a pilot project aiming at the validation of a railway computer based interlocking system. Both the specification and the verification phases were carried out in the JACK (Just Another Concurrency Kit) integrated environment. The formal specification of the system was done by means of process algebra terms. The formal verification of the safety requirements was done first by giving a logical specification of such safety requirements, and then by means of model c...
On the Parallel Complexity of Model Checking in the Modal MuCalculus
 In Proceedings, Ninth Annual IEEE Symposium on Logic in Computer Science
, 1994
"... The modal mucalculus is an expressive logic that can be used to specify safety and liveness properties of concurrent systems represented as labeled transition systems (LTSs). We show that Model Checking in the Modal MuCalculus (MCMMC)  the problem of checking whether an LTS is a model of a form ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
The modal mucalculus is an expressive logic that can be used to specify safety and liveness properties of concurrent systems represented as labeled transition systems (LTSs). We show that Model Checking in the Modal MuCalculus (MCMMC)  the problem of checking whether an LTS is a model of a formula of the propositional modal mucalculus  is Phard even for a very restrictive version of the problem involving the alternationfree fragment. In particular, MCMMC is Phard even if the formula is fixed and alternationfree, and the LTS is deterministic, acyclic, and has fanin and fanout bounded by 2. The reduction used is from a restricted version of the circuit value problem known as Synchronous Alternating Monotone Fanout 2 Circuit Value Problem. Our Phardness result is tight in the sense that placing any further nontrivial restrictions on either the formula or the LTS results in membership in NC for MCMMC. Specifically, we exhibit NCalgorithms for two potentially useful versio...
A Symbolic Model Checker for ACTL*
 In Proceedings of FMTrendsâ€™98, volume 1641 of LNCS
, 1998
"... We present SAM, a symbohc model checker for ACTL, the actionbased version of CTL. SAM rehes on imphcit representations of Labeled Transition Systems (LTSs), the semantic domain for ACTL for mulae, and makes use of symbohc manipulation algorithms. SAM has been realized by translating (networks ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
We present SAM, a symbohc model checker for ACTL, the actionbased version of CTL. SAM rehes on imphcit representations of Labeled Transition Systems (LTSs), the semantic domain for ACTL for mulae, and makes use of symbohc manipulation algorithms. SAM has been realized by translating (networks of) LTSs and, possibly recursive, ACTL formulae into BSP (Boolean Symbohc Programming), a program ming language aiming at defining computations on boolean functions, and by using the BSP interpreter to carry out computations (i.e. verifications) .