Results 1  10
of
109
Modeling and Verifying Systems using a Logic of Counter Arithmetic with Lambda Expressions and Uninterpreted Functions
, 2002
"... In this paper, we present the logic of Counter arithmetic with Lambda expressions and Uninterpreted functions (CLU). CLU generalizes the logic of equality with uninterpreted functions (EUF) with constrained lambda expressions, ordering, and successor and predecessor functions. In addition to mod ..."
Abstract

Cited by 151 (45 self)
 Add to MetaCart
In this paper, we present the logic of Counter arithmetic with Lambda expressions and Uninterpreted functions (CLU). CLU generalizes the logic of equality with uninterpreted functions (EUF) with constrained lambda expressions, ordering, and successor and predecessor functions. In addition to modeling pipelined processors that EUF has proved useful for, CLU can be used to model many infinitestate systems including those with infinite memories, finite and infinite queues including lossy channels, and networks of identical processes. Even with this richer expressive power, the validity of a CLU formula can be efficiently decided by translating it to a propositional formula, and then using Boolean methods to check validity. We give theoretical and empirical evidence for the efficiency of our decision procedure. We also describe verification techniques that we have used on a variety of systems, including an outoforder execution unit and the loadstore unit of an industrial microprocessor.
Regular Model Checking
, 2000
"... . We present regular model checking, a framework for algorithmic verification of infinitestate systems with, e.g., queues, stacks, integers, or a parameterized linear topology. States are represented by strings over a finite alphabet and the transition relation by a regular lengthpreserving re ..."
Abstract

Cited by 142 (24 self)
 Add to MetaCart
(Show Context)
. We present regular model checking, a framework for algorithmic verification of infinitestate systems with, e.g., queues, stacks, integers, or a parameterized linear topology. States are represented by strings over a finite alphabet and the transition relation by a regular lengthpreserving relation on strings. Major problems in the verification of parameterized and infinitestate systems are to compute the set of states that are reachable from some set of initial states, and to compute the transitive closure of the transition relation. We present two complementary techniques for these problems. One is a direct automatatheoretic construction, and the other is based on widening. Both techniques are incomplete in general, but we give sufficient conditions under which they work. We also present a method for verifying !regular properties of parameterized systems, by computation of the transitive closure of a transition relation. 1 Introduction This paper presents regular ...
Automatic Verification of Parameterized Cache Coherence Protocols
, 2000
"... We propose a new method for the verification of parameterized cache coherence protocols. Cache coherence protocols are used to maintain data consistency in commercial multiprocessor systems equipped with local fast caches. In our approach we use arithmetic constraints to model possibly infinite sets ..."
Abstract

Cited by 75 (5 self)
 Add to MetaCart
We propose a new method for the verification of parameterized cache coherence protocols. Cache coherence protocols are used to maintain data consistency in commercial multiprocessor systems equipped with local fast caches. In our approach we use arithmetic constraints to model possibly infinite sets of global states of a multiprocessor system with many identical caches. In preliminary experiments using symbolic model checkers for infinitestate systems based on real arithmetics (HyTech [HHW97] and DMC [DP99]) we have automatically verified safety properties for parameterized versions of widely implemented writeinvalidate and writeupdate cache coherence policies like the Mesi, Berkeley, Illinois, Firey and Dragon protocols [Han93]. With this application, we show that symbolic model checking tools originally designed for hybrid and concurrent systems can be applied successfully to a new class of infinitestate systems of practical interest.
Mona Fido: The LogicAutomaton Connection in Practice
, 1998
"... We discuss in this paper how connections, discovered almost forty years ago, between logics and automata can be used in practice. For such logics expressing regular sets, we have developed tools that allow efficient symbolic reasoning not attainable by theorem proving or symbolic model checking. ..."
Abstract

Cited by 55 (10 self)
 Add to MetaCart
(Show Context)
We discuss in this paper how connections, discovered almost forty years ago, between logics and automata can be used in practice. For such logics expressing regular sets, we have developed tools that allow efficient symbolic reasoning not attainable by theorem proving or symbolic model checking. We explain how the logicautomaton connection is already exploited in a limited way for the case of Quantified Boolean Logic, where Binary Decision Diagrams act as automata. Next, we indicate how BDD data structures and algorithms can be extended to yield a practical decision procedure for a more general logic, namely WS1S, the Weak Secondorder theory of One Successor. Finally, we mention applications of the automatonlogic connection to software engineering and program verification. 1
Indexed Predicate Discovery for Unbounded System Verification
 IN CAV’04
, 2004
"... Predicate abstraction has been proved effective for verifying several infinitestate systems. In predicate abstraction, an abstract system is automatically constructed given a set of predicates. Predicate abstraction coupled with automatic predicate discovery provides for a completely automatic v ..."
Abstract

Cited by 52 (8 self)
 Add to MetaCart
(Show Context)
Predicate abstraction has been proved effective for verifying several infinitestate systems. In predicate abstraction, an abstract system is automatically constructed given a set of predicates. Predicate abstraction coupled with automatic predicate discovery provides for a completely automatic verification scheme. For systems with unbounded integer state variables (e.g. software), counterexample guided predicate discovery has been successful in identifying the necessary predicates. For
Timed petri nets and BQOs
 In Proc. ICATPN’01
, 2001
"... Abstract. We consider (unbounded) Timed Petri Nets (TPNs) where each token is equipped with a realvalued clock representing the “age” of the token. Each arc in the net is provided with a subinterval of the natural numbers, restricting the ages of the tokens travelling the arc. We apply a methodolog ..."
Abstract

Cited by 50 (9 self)
 Add to MetaCart
Abstract. We consider (unbounded) Timed Petri Nets (TPNs) where each token is equipped with a realvalued clock representing the “age” of the token. Each arc in the net is provided with a subinterval of the natural numbers, restricting the ages of the tokens travelling the arc. We apply a methodology developed in [AN00], based on the theory of better quasi orderings (BQOs), to derive an efficient constraint system for automatic verification of safety properties for TPNs. We have implemented a prototype based on our method and applied it for verification of a parametrized version of Fischer’s protocol. 1
Verifying Programs with Dynamic 1SelectorLinked Structures in Regular Model Checking
 In Proc. of TACAS ’05, volume 3440 of LNCS
, 2005
"... Abstract. We address the problem of automatic verification of programs with dynamic data structures. We consider the case of sequential, nonrecursive programs manipulating 1selectorlinked structures such as traditional linked lists (possibly sharing their tails) and circular lists. We propose an ..."
Abstract

Cited by 38 (10 self)
 Add to MetaCart
(Show Context)
Abstract. We address the problem of automatic verification of programs with dynamic data structures. We consider the case of sequential, nonrecursive programs manipulating 1selectorlinked structures such as traditional linked lists (possibly sharing their tails) and circular lists. We propose an automatabased approach for a symbolic verification of such programs using the regular model checking framework. Given a program, the configurations of the memory are systematically encoded as words over a suitable finite alphabet, potentially infinite sets of configurations are represented by finitestate automata, and statements of the program are automatically translated into finitestate transducers defining regular relations between configurations. Then, abstract regular model checking techniques are applied in order to automatically check safety properties concerning the shape of the computed configurations or relating the input and output configurations. For that, we introduce new techniques for the computation of abstractions of the set of reachable configurations, and to refine these abstractions if spurious counterexamples are detected. Finally, we present experimental results showing the applicability of the approach and its efficiency. 1
Regular model checking without transducers
, 2006
"... Abstract. We give a simple and efficient method to prove safety properties for parameterized systems with linear topologies. A process in the system is a finitestate automaton, where the transitions are guarded by both local and global conditions. Processes may communicate via broadcast, rendezvou ..."
Abstract

Cited by 35 (16 self)
 Add to MetaCart
(Show Context)
Abstract. We give a simple and efficient method to prove safety properties for parameterized systems with linear topologies. A process in the system is a finitestate automaton, where the transitions are guarded by both local and global conditions. Processes may communicate via broadcast, rendezvous and shared variables. The method derives an overapproximation of the induced transition system, which allows the use of a simple class of regular expressions as a symbolic representation. Compared to traditional regular model checking methods, the analysis does not require the manipulation of transducers, and hence its simplicity and efficiency. We have implemented a prototype which works well on several mutual exclusion algorithms and cache coherence protocols. 1
Parameterized verification of infinitestate processes with global conditions
 In Proc. 19Ø�Int. Conf. on Computer Aided Verification
"... Abstract. We present a simple and effective approximated backward reachability algorithm for parameterized systems with existentially and universally quantified global conditions. The individual processes operate on unbounded local variables ranging over the natural numbers. In addition, processes m ..."
Abstract

Cited by 31 (9 self)
 Add to MetaCart
(Show Context)
Abstract. We present a simple and effective approximated backward reachability algorithm for parameterized systems with existentially and universally quantified global conditions. The individual processes operate on unbounded local variables ranging over the natural numbers. In addition, processes may communicate via broadcast, rendezvous and shared variables. We apply the algorithm to verify mutual exclusion for complex protocols such as Lamport’s bakery algorithm both with and without atomicity conditions, a distributed version of the bakery algorithm, and RicartAgrawala’s distributed mutual exclusion algorithm. 1