Results 1 
6 of
6
Approximate symbolic model checking of continuoustime Markov chains (Extended Abstract)
, 1999
"... . This paper presents a symbolic model checking algorithm for continuoustime Markov chains for an extension of the continuous stochastic logic CSL of Aziz et al [1]. The considered logic contains a timebounded untiloperator and a novel operator to express steadystate probabilities. We show that t ..."
Abstract

Cited by 137 (24 self)
 Add to MetaCart
. This paper presents a symbolic model checking algorithm for continuoustime Markov chains for an extension of the continuous stochastic logic CSL of Aziz et al [1]. The considered logic contains a timebounded untiloperator and a novel operator to express steadystate probabilities. We show that the model checking problem for this logic reduces to a system of linear equations (for unbounded until and the steady stateoperator) and a Volterra integral equation system for timebounded until. We propose a symbolic approximate method for solving the integrals using MTDDs (multiterminal decision diagrams), a generalisation of MTBDDs. These new structures are suitable for numerical integration using quadrature formulas based on equallyspaced abscissas, like trapezoidal, Simpson and Romberg integration schemes. 1 Introduction The mechanised verification of a given (usually) finitestate model against a property expressed in some temporal logic is known as model checking. For probabilistic...
Faster and Symbolic CTMC Model Checking
, 2001
"... This paper reports on the implementation and the experiments with symbolic model checking of continuoustime Markov chains using multiterminal binary decision diagrams (MTBDDs). Properties are expressed in Continuous Stochastic Logic (CSL) [7] which includes the means to express both transient ..."
Abstract

Cited by 46 (21 self)
 Add to MetaCart
This paper reports on the implementation and the experiments with symbolic model checking of continuoustime Markov chains using multiterminal binary decision diagrams (MTBDDs). Properties are expressed in Continuous Stochastic Logic (CSL) [7] which includes the means to express both transient and steadystate performance measures.
Possibilistic and Probabilistic AbstractionBased Model Checking
 Process Algebra and Probabilistic Methods, Performance Modeling and Veri Second Joint International Workshop PAPMPROBMIV 2002, volume 2399 of Lecture Notes in Computer Science
, 2002
"... models whose verification results transfer to the abstracted models for a logic with unrestricted use of negation and quantification. This framework is novel in that its models have quantitative or probabilistic observables and state transitions. Properties of a quantitative temporal logic have meas ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
(Show Context)
models whose verification results transfer to the abstracted models for a logic with unrestricted use of negation and quantification. This framework is novel in that its models have quantitative or probabilistic observables and state transitions. Properties of a quantitative temporal logic have measurable denotations in these models. For probabilistic models such denotations approximate the probabilistic semantics of full LTL. We show how predicatebased abstractions specify abstract quantitative and probabilistic models with finite state space. 1
Faster and Symbolic CTMC Model Checking ⋆
"... Abstract. This paper reports on the implementation and the experiments with symbolic model checking of continuoustime Markov chains using multiterminal binary decision diagrams (MTBDDs). Properties are expressed in Continuous Stochastic Logic (CSL) [7] which includes the means to express both tran ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. This paper reports on the implementation and the experiments with symbolic model checking of continuoustime Markov chains using multiterminal binary decision diagrams (MTBDDs). Properties are expressed in Continuous Stochastic Logic (CSL) [7] which includes the means to express both transient and steadystate performance measures. We show that all CSL operators can be treated using standard operations on MTBDDs, thus allowing a rather straightforward implementation of symbolic CSL model checking on existing MTBDDbased platforms such as the verifier PRISM. The main result of the paper is an improvement of O(N) in the time complexity of checking timebounded untilformulas, where N is the number of states in the CTMC under consideration. This result yields a drastic speedup in the verification time of model checking CTMCs, both in the symbolic and nonsymbolic case. 1
Analysis of Probabilistic Contract Signing*
"... Abstract We present three case studies, investigating the use of probabilistic model checking to automatically analyse properties of probabilistic contract signing protocols. We use the probabilistic model checker PRISM to analyse three protocols: Rabin's probabilistic protocol for fair commitm ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract We present three case studies, investigating the use of probabilistic model checking to automatically analyse properties of probabilistic contract signing protocols. We use the probabilistic model checker PRISM to analyse three protocols: Rabin's probabilistic protocol for fair commitment exchange; the probabilistic contract signing protocol of BenOr, Goldreich, Micali, and Rivest; and a randomised protocol for signing contracts of Even, Goldreich, and Lempel. These case studies illustrate the general methodology for applying probabilistic model checking to formal verification of probabilistic security protocols. For the BenOr et al. protocol, we demonstrate the difficulty of combining fairness with timeliness. If, as required by timeliness, the judge responds to participants ' messages immediately upon receiving them, then there exists a strategy for a misbehaving participant that brings the protocol to an unfair state with arbitrarily high probability, unless unusually strong assumptions are made about the quality of the communication channels between the judge and honest participants. We quantify the tradeoffs involved in the attack strategy, and discuss possible modifications of the protocol that ensure both fairness and timeliness. For the Even et al. protocol, we demonstrate that the responder enjoys a distinct advantage. With probability 1, the protocol reaches a state in which the responder possesses the initiator's commitment, but the initiator does not possess the responder's commitment. We then analyse several variants of the protocol, exploring the tradeoff between fairness and the number of messages that must be exchanged between participants.
MultiTerminal Decision Diagrams: a Data Structure for Numerical Integration (Extended Abstract)
"... . This paper introduces multiterminal decision diagrams (MTDDs), a generalisation of MTBDDs [15], as a data structure for representing realvalued functions whose arguments are boolean or real variables. These new structures are suitable for numerical integration using quadrature formulas, like tra ..."
Abstract
 Add to MetaCart
. This paper introduces multiterminal decision diagrams (MTDDs), a generalisation of MTBDDs [15], as a data structure for representing realvalued functions whose arguments are boolean or real variables. These new structures are suitable for numerical integration using quadrature formulas, like trapezoidal, Simpson and Romberg integration schemes. As an application example, we show how MTDDs can be used for a symbolic model checker for continuoustime Markov chains that are at the basis of contemporary performance evaluation and reliability analysis methodologies. 1 Introduction The mechanised verification of a given (usually) finitestate model against a property expressed in some temporal logic is known as model checking. One of the major reasons for the success of model checking tools in practice is the e#cient way to cope with the statespace explosion problem. A prominent technique is to adopt a compact representation of state spaces using (ordered) binary decision diagrams, BD...