Results 1  10
of
162
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 3218 (68 self)
 Add to MetaCart
(Show Context)
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Automatic verification of finitestate concurrent systems using temporal logic specifications
 ACM Transactions on Programming Languages and Systems
, 1986
"... We give an efficient procedure for verifying that a finitestate concurrent system meets a specification expressed in a (propositional, branchingtime) temporal logic. Our algorithm has complexity linear in both the size of the specification and the size of the global state graph for the concurrent ..."
Abstract

Cited by 1384 (62 self)
 Add to MetaCart
We give an efficient procedure for verifying that a finitestate concurrent system meets a specification expressed in a (propositional, branchingtime) temporal logic. Our algorithm has complexity linear in both the size of the specification and the size of the global state graph for the concurrent system. We also show how this approach can be adapted to handle fairness. We argue that our technique can provide a practical alternative to manual proof construction or use of a mechanical theorem prover for verifying many finitestate concurrent systems. Experimental results show that state machines with several hundred states can be checked in a matter of seconds.
Temporal and modal logic
 HANDBOOK OF THEORETICAL COMPUTER SCIENCE
, 1995
"... We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic. ..."
Abstract

Cited by 1300 (17 self)
 Add to MetaCart
(Show Context)
We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic.
Linearizability: a correctness condition for concurrent objects
, 1990
"... A concurrent object is a data object shared by concurrent processes. Linearizability is a correctness condition for concurrent objects that exploits the semantics of abstract data types. It permits a high degree of concurrency, yet it permits programmers to specify and reason about concurrent object ..."
Abstract

Cited by 1182 (28 self)
 Add to MetaCart
(Show Context)
A concurrent object is a data object shared by concurrent processes. Linearizability is a correctness condition for concurrent objects that exploits the semantics of abstract data types. It permits a high degree of concurrency, yet it permits programmers to specify and reason about concurrent objects using known techniques from the sequential domain. Linearizability provides the illusion that each operation applied by concurrent processes takes effect instantaneously at some point between its invocation and its response, implying that the meaning of a concurrent object’s operations can be given by pre and postconditions. This paper defines linearizability, compares it to other correctness conditions, presents and demonstrates a method for proving the correctness of implementations, and shows how to reason about concurrent objects, given they are linearizable.
Composing Specifications
 ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS
, 1993
"... ..."
(Show Context)
FailStop Processors: An Approach to Designing FaultTolerant Computing Systems
, 1983
"... This paper was originally submitted to ACM Transactions on Programming Languages and Systems. The responsible editor was Susan L. Graham. The authors and editor kindly agreed to transfer the paper to the ACM Transactions on Computer Systems ..."
Abstract

Cited by 352 (18 self)
 Add to MetaCart
This paper was originally submitted to ACM Transactions on Programming Languages and Systems. The responsible editor was Susan L. Graham. The authors and editor kindly agreed to transfer the paper to the ACM Transactions on Computer Systems
An automatatheoretic approach to linear temporal logic
 Logics for Concurrency: Structure versus Automata, volume 1043 of Lecture Notes in Computer Science
, 1996
"... Abstract. The automatatheoretic approach to linear temporal logic uses the theory of automata as a unifying paradigm for program specification, verification, and synthesis. Both programs and specifications are in essence descriptions of computations. These computations can be viewed as words over s ..."
Abstract

Cited by 294 (27 self)
 Add to MetaCart
(Show Context)
Abstract. The automatatheoretic approach to linear temporal logic uses the theory of automata as a unifying paradigm for program specification, verification, and synthesis. Both programs and specifications are in essence descriptions of computations. These computations can be viewed as words over some alphabet. Thus,programs and specificationscan be viewed as descriptions of languagesover some alphabet. The automatatheoretic perspective considers the relationships between programs and their specifications as relationships between languages.By translating programs and specifications to automata, questions about programs and their specifications can be reduced to questions about automata. More specifically, questions such as satisfiability of specifications and correctness of programs with respect to their specifications can be reduced to questions such as nonemptiness and containment of automata. Unlike classical automata theory, which focused on automata on finite words, the applications to program specification, verification, and synthesis, use automata on infinite words, since the computations in which we are interested are typically infinite. This paper provides an introduction to the theory of automata on infinite words and demonstrates its applications to program specification, verification, and synthesis. 1
Realtime logics: complexity and expressiveness
 INFORMATION AND COMPUTATION
, 1993
"... The theory of the natural numbers with linear order and monadic predicates underlies propositional linear temporal logic. To study temporal logics that are suitable for reasoning about realtime systems, we combine this classical theory of in nite state sequences with a theory of discrete time, via ..."
Abstract

Cited by 250 (16 self)
 Add to MetaCart
The theory of the natural numbers with linear order and monadic predicates underlies propositional linear temporal logic. To study temporal logics that are suitable for reasoning about realtime systems, we combine this classical theory of in nite state sequences with a theory of discrete time, via a monotonic function that maps every state to its time. The resulting theory of timed state sequences is shown to be decidable, albeit nonelementary, and its expressive power is characterized by! regular sets. Several more expressive variants are proved to be highly undecidable. This framework allows us to classify a wide variety of realtime logics according to their complexity and expressiveness. Indeed, it follows that most formalisms proposed in the literature cannot be decided. We are, however, able to identify two elementary realtime temporal logics as expressively complete fragments of the theory of timed state sequences, and we present tableaubased decision procedures for checking validity. Consequently, these two formalisms are wellsuited for the speci cation and veri cation of realtime systems.