Results 1  10
of
31
Symbolic model checking for probabilistic processes
 IN PROCEEDINGS OF ICALP '97
, 1997
"... We introduce a symbolic model checking procedure for Probabilistic Computation Tree Logic PCTL over labelled Markov chains as models. Model checking for probabilistic logics typically involves solving linear equation systems in order to ascertain the probability of a given formula holding in a stat ..."
Abstract

Cited by 94 (30 self)
 Add to MetaCart
(Show Context)
We introduce a symbolic model checking procedure for Probabilistic Computation Tree Logic PCTL over labelled Markov chains as models. Model checking for probabilistic logics typically involves solving linear equation systems in order to ascertain the probability of a given formula holding in a state. Our algorithm is based on the idea of representing the matrices used in the linear equation systems by MultiTerminal Binary Decision Diagrams (MTBDDs) introduced in Clarke et al [14]. Our procedure, based on the algorithm used by Hansson and Jonsson [24], uses BDDs to represent formulas and MTBDDs to represent Markov chains, and is efficient because it avoids explicit state space construction. A PCTL model checker is being implemented in Verus [9].
Refining Model Checking by Abstract Interpretation
 Automated Software Engineering
, 1999
"... In abstract modelchecking, the semantics of an infinite transition system is abstracted to get a finite approximation on which temporallogic/mucalculus modelchecking can be directly applied. The paper proposes two improvements of abstract modelchecking which can be applied to infinite abstract ..."
Abstract

Cited by 37 (4 self)
 Add to MetaCart
(Show Context)
In abstract modelchecking, the semantics of an infinite transition system is abstracted to get a finite approximation on which temporallogic/mucalculus modelchecking can be directly applied. The paper proposes two improvements of abstract modelchecking which can be applied to infinite abstract transition systems:  A new combination of forwards and backwards abstract fixedpoint modelchecking computations for universal safety. It computes a more precise result than that computed by conjunction of the forward and backward analyses alone, without needing to refine the abstraction;  When abstraction is unsound (as can happen in minimum/maximum pathlength problems), it is proposed to use the partial results of a classical combination of forward and backward abstract interpretation analyses for universal safety in order to reduce, onthefly, the concrete state space to be searched by modelchecking.
Exact high level WCET analysis of synchronous programs by symbolic state space exploration
 in DATE 2003. IEEE Computer Society
"... In this paper, a novel approach to highlevel (i.e. architecture independent) worst case execution time (WCET) analysis is presented that automatically computes exact bounds for all inputs. To this end, we make use of the distinction between micro and macro steps as usually done by synchronous la ..."
Abstract

Cited by 22 (9 self)
 Add to MetaCart
(Show Context)
In this paper, a novel approach to highlevel (i.e. architecture independent) worst case execution time (WCET) analysis is presented that automatically computes exact bounds for all inputs. To this end, we make use of the distinction between micro and macro steps as usually done by synchronous languages. As macro steps must not contain loops, a later lowlevel WCET analysis (architecture dependent) is simplified to a large extent. Checking exact execution times for all inputs is a complex task that can nevertheless be efficiently done when implicit state space representations are used. With our tools, it is not only possible to compute path information by exploring all computations, but also to verify given path information. 1.
RAVEN: RealTime Analyzing and Verification Environment
 Journal on Universal Computer Science (J.UCS), Springer
, 2001
"... Abstract: In this paper we present the realtime verification and analysis tool RAVEN. RAVEN is developed for verifying timed systems on various levels of abstraction. It integrates a realtime model checker for realtime specifications, it offers algorithms for analyzing critical delay times, for i ..."
Abstract

Cited by 19 (3 self)
 Add to MetaCart
(Show Context)
Abstract: In this paper we present the realtime verification and analysis tool RAVEN. RAVEN is developed for verifying timed systems on various levels of abstraction. It integrates a realtime model checker for realtime specifications, it offers algorithms for analyzing critical delay times, for inspecting data values and event occurrences and for detecting deadlocks and livelocks. The counter example generator provides helpful information for error recovering by printing system execution paths (failing a given specification) to the integrated waveform browser. All included algorithms are based on a common data structure enabling a compact representation and possibilities for acceleration. By some examples we show that our approach outperforms some stateoftheart verification tools.
Selective Quantitative Analysis and Interval Model Checking: Verifying Different Facets of a System
 Proceedings of the Eighth International Conference on Computer Aided Verification CAV, volume 1102 of Lecture Notes in Computer Science
, 2000
"... In this work we propose a verification methodology consisting of selective quantitative analysis and interval model checking. Our methods can aid not only in determining if a system works correctly, but also in understanding how well the system works. ..."
Abstract

Cited by 18 (5 self)
 Add to MetaCart
(Show Context)
In this work we propose a verification methodology consisting of selective quantitative analysis and interval model checking. Our methods can aid not only in determining if a system works correctly, but also in understanding how well the system works.
The Verus tool: A quantitative approach to the formal verification of realtime systems
 Proc.9 th Int.Conf.CAV ’97, Haifa, IL,LNCS 1254
, 1997
"... The task of checking if a computer system satisfies its timing specifications is extremely important. These systems are often used in critical applications where failure to meet a deadline can have serious or even fatal consequences. This work describes Verus, an efficient tool for performing this v ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
(Show Context)
The task of checking if a computer system satisfies its timing specifications is extremely important. These systems are often used in critical applications where failure to meet a deadline can have serious or even fatal consequences. This work describes Verus, an efficient tool for performing this verification task. Using our tool,
The Verus Language: Representing Time Efficiently with BDDs
 ELSEVIER SCIENCE
, 2001
"... There have been significant advances on formal methods to verify complex systems recently. Nevertheless, these methods have not yet been accepted as a realistic alternative to the verification of industrial systems. One reason for this is that formal methods are still difficult to apply efficien ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
(Show Context)
There have been significant advances on formal methods to verify complex systems recently. Nevertheless, these methods have not yet been accepted as a realistic alternative to the verification of industrial systems. One reason for this is that formal methods are still difficult to apply efficiently. Another reason is that current verification algorithms are still not efficient enough to handle many complex systems. This work addresses the problem by presenting a language designed especially to simplify writing timecritical programs. It is an imperative language with a syntax similar to C. Special constructs are provided to allow the straightforward expression of timing properties. The familiar syntax makes it easier for nonexperts to use the tool. The special constructs make it possible to model the timing characteristics of the system naturally and accurately. A symbolic representation using BDDs, model checking and quantitative algorithms are used to check system timing properties.
Verification of a SafetyCritical Railway Interlocking System with Realtime Constraints
 IN PROCEEDINGS OF THE 28TH INTERNATIONAL SYMPOSIUM ON FAULTTOLERANT COMPUTING (FTCS28
, 1998
"... Ensuring the correctness of computer systems used in lifecritical applications is very difficult. The most commonly used verification methods, simulation and testing, are not exhaustive and can miss errors. This work describes an alternative verification technique based on symbolic model checking th ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
(Show Context)
Ensuring the correctness of computer systems used in lifecritical applications is very difficult. The most commonly used verification methods, simulation and testing, are not exhaustive and can miss errors. This work describes an alternative verification technique based on symbolic model checking that can automatically and exhaustively search the state space of the system and verify if properties are satisfied or not. The method also provides useful quantitative timing information about the behavior of the system. We have applied this technique using the Verus tool to a complex safetycritical system designed to control medium and largesize railway stations. We have identified some anomalous behaviors in the model with serious potential consequences in the actual implementation. The fact that errors can be identified before a safetycritical system is deployed in the field not only eliminates sources of very serious problems, but also makes it significantly less expensive to debug the system.
Analysis and Verification of RealTime Systems using Quantitative Symbolic Algorithms
 JOURNAL OF SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER
, 1999
"... The task of checking if a computer system satisfies its timing specifications is extremely important. These systems are often used in critical applications where failure to meet a deadline can have serious or even fatal consequences. This paper presents an efficient method for performing this verifi ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
The task of checking if a computer system satisfies its timing specifications is extremely important. These systems are often used in critical applications where failure to meet a deadline can have serious or even fatal consequences. This paper presents an efficient method for performing this verification task. In the proposed method a realtime system is modeled by a statetransition graph represented by binary decision diagrams. Efficient symbolic algorithms exhaustively explore the state space to determine whether the system satisfies a given specification. In addition, our approach computes quantitative timing information such as minimum and maximum time delays between given events. These results provide insight into the behavior of the system and assist in the determination of its temporal correctness. The technique evaluates how well the system works or how seriously it fails, as opposed to only whether it works or not. Based on these techniques a verification tool called Verus...