Results 1 
8 of
8
A gamebased framework for CTL counterexamples and 3valued abstractionrefinement
 In Computer Aided Verification (CAV), LNCS 2725
, 2003
"... Abstract. This work exploits and extends the gamebased framework of CTL model checking for counterexample and incremental abstractionrefinement. We define a gamebased CTL model checking for abstract models over the 3valued semantics, which can be used for verification as well as refutation. The ..."
Abstract

Cited by 24 (6 self)
 Add to MetaCart
(Show Context)
Abstract. This work exploits and extends the gamebased framework of CTL model checking for counterexample and incremental abstractionrefinement. We define a gamebased CTL model checking for abstract models over the 3valued semantics, which can be used for verification as well as refutation. The model checking may end with an indefinite result, in which case we suggest a new notion of refinement, which eliminates indefinite results of the model checking. This provides an iterative abstractionrefinement framework. It is enhanced by an incremental algorithm, where refinement is applied only where indefinite results exist and definite results from prior iterations are used within the model checking algorithm. We also define the notion of annotated counterexamples, which are sufficient and minimal counterexamples for full CTL. We present an algorithm that uses the game board of the model checking game to derive an annotated counterexample in case the examined system model refutes the checked formula. 1
A domain equation for refinement of partial systems
 UNDER CONSIDERATION FOR PUBLICATION IN MATH. STRUCT. IN COMP. SCIENC
"... ..."
Possibilistic and Probabilistic AbstractionBased Model Checking
 Process Algebra and Probabilistic Methods, Performance Modeling and Veri Second Joint International Workshop PAPMPROBMIV 2002, volume 2399 of Lecture Notes in Computer Science
, 2002
"... models whose verification results transfer to the abstracted models for a logic with unrestricted use of negation and quantification. This framework is novel in that its models have quantitative or probabilistic observables and state transitions. Properties of a quantitative temporal logic have meas ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
(Show Context)
models whose verification results transfer to the abstracted models for a logic with unrestricted use of negation and quantification. This framework is novel in that its models have quantitative or probabilistic observables and state transitions. Properties of a quantitative temporal logic have measurable denotations in these models. For probabilistic models such denotations approximate the probabilistic semantics of full LTL. We show how predicatebased abstractions specify abstract quantitative and probabilistic models with finite state space. 1
The OneSelecting Variant of Disjunctive Modal Transition Systems
"... hsc @ informatik. unikiel. de Disjunctive modal transition systems (DMTS) describe classes of transition systems (TS) via a simulation relation. Consequently, they are an appropriate formalism for expressing underspecification of systems. An alternative definition of simulation on DMTSs is presente ..."
Abstract
 Add to MetaCart
(Show Context)
hsc @ informatik. unikiel. de Disjunctive modal transition systems (DMTS) describe classes of transition systems (TS) via a simulation relation. Consequently, they are an appropriate formalism for expressing underspecification of systems. An alternative definition of simulation on DMTSs is presented. It is shown that the class of TSs described by a given DMTS with respect to the original simulation can also be expressed by a DMTS with respect to the alternative simulation (where the latter DMTS has at most twice as many states). 1
ABSTRACT A Foundation for Behavioural Conformance in Software Product Line Architectures
"... Software product lines or families represent an emerging paradigm that is enabling companies to engineer applications with similar functionality and user requirements more effectively. Behaviour modelling at the architecture level has the potential for supporting behaviour analysis of entire product ..."
Abstract
 Add to MetaCart
(Show Context)
Software product lines or families represent an emerging paradigm that is enabling companies to engineer applications with similar functionality and user requirements more effectively. Behaviour modelling at the architecture level has the potential for supporting behaviour analysis of entire product lines, as well as defining optional and variable behaviour for different products of a family. However, to do so rigorously, a well defined notion of behavioural conformance of a product to its product line must exist. In this paper we provide a discussion on the shortcomings of traditional behaviour modelling formalisms such as Labelled Transition Systems for characterising conformance and propose Modal Transition Systems as an alternative. We discuss existing semantics for such models, exposing their limitations and finally propose a novel semantics for Modal Transition Systems, branching semantics, that can provide the formal underpinning for a notion of behaviour conformance for software product line architectures. 1.
DOI: 10.1017/S0960129504004268 Printed in the United Kingdom A domain equation for refinement of partial systems
, 2002
"... A reactive system can be specified by a labelled transition system, which indicates static structure, along with temporallogic formulas, which assert dynamic behaviour. But refining the former while preserving the latter can be difficult, because: (i) Labelled transition systems are ‘total ’ – cha ..."
Abstract
 Add to MetaCart
A reactive system can be specified by a labelled transition system, which indicates static structure, along with temporallogic formulas, which assert dynamic behaviour. But refining the former while preserving the latter can be difficult, because: (i) Labelled transition systems are ‘total ’ – characterised up to bisimulation – meaning that no new transition structure can appear in a refinement. (ii) Alternatively, a refinement criterion not based on bisimulation might generate a refined transition system that violates the temporal properties. In response, Larsen and Thomson proposed modal transition systems, which are ‘partial’, and defined a refinement criterion that preserved formulas in Hennessy–Milner logic. We show that modal transition systems are, up to a saturation condition, exactly the mixed transition systems of Dams that meet a mix condition, and we extend such systems to nonflat state sets. We then solve a domain equation over the mixed powerdomain whose solution is a bifinite domain that is universal for all saturated modal transition systems and is itself fully abstract when considered as a modal transition system. We demonstrate that many frameworks of partial systems can be translated into the domain: partial Kripke structures, partial bisimulation structures, Kripke modal transition systems, and pointershapeanalysis graphs. 1.
Integrating SAT with MDG for Efficient Invariant Checking
, 2010
"... This is to certify that the thesis prepared ..."
(Show Context)
Director
"... Modal Transition Systems (MTS) are a formalism that allow for partial descriptions of a system’s behaviour. These models characterise the set of implementations that satisfy the partial knowledge available and facilitate the analysis of properties over this set. Given a model, the set of implement ..."
Abstract
 Add to MetaCart
(Show Context)
Modal Transition Systems (MTS) are a formalism that allow for partial descriptions of a system’s behaviour. These models characterise the set of implementations that satisfy the partial knowledge available and facilitate the analysis of properties over this set. Given a model, the set of implementations it defines depends on the semantics used to interpret it. In this thesis we analyse the existing MTS semantics concluding they are not adequate for incrementally evolving a model from a software engineering perspective. We discuss the required characteristics for a semantics to be suitable and subsequently give a formal definition for a new semantics that has these characteristics. Finally, we present a software tool that we have developed to verify whether an implementation conforms to a partial model according to each of the studied semantics, i.e. if it is included in the set of implementations given by each semantics for that partial model.