Results 1  10
of
17
Abstract interpretation based formal methods and future challenges, invited paper
 Informatics — 10 Years Back, 10 Years Ahead, volume 2000 of Lecture Notes in Computer Science
, 2001
"... Abstract. In order to contribute to the solution of the software reliability problem, tools have been designed to analyze statically the runtime behavior of programs. Because the correctness problem is undecidable, some form of approximation is needed. The purpose of abstract interpretation is to f ..."
Abstract

Cited by 28 (6 self)
 Add to MetaCart
Abstract. In order to contribute to the solution of the software reliability problem, tools have been designed to analyze statically the runtime behavior of programs. Because the correctness problem is undecidable, some form of approximation is needed. The purpose of abstract interpretation is to formalize this idea of approximation. We illustrate informally the application of abstraction to the semantics of programming languages as well as to static program analysis. The main point is that in order to reason or compute about a complex system, some information must be lost, that is the observation of executions must be either partial or at a high level of abstraction. In the second part of the paper, we compare static program analysis with deductive methods, modelchecking and type inference. Their foundational ideas are briefly reviewed, and the shortcomings of these four methods are discussed, including when they should be combined. Alternatively, since program debugging is still the main program verification
Linear Inequality LTL (iLTL): A Model Checker for Discrete Time Markov Chains
 In Int. Conf. on Formal Engineering Methods. LNCS 3308
, 2004
"... We develop a way of analyzing the behavior of systems modeled using Discrete Time Markov Chains (DTMC). Specifically, we define iLTL, an LTL with linear inequalities on the pmf vectors as atomic propositions. iLTL allows us to express not only properties such as the expected number of jobs or the ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
We develop a way of analyzing the behavior of systems modeled using Discrete Time Markov Chains (DTMC). Specifically, we define iLTL, an LTL with linear inequalities on the pmf vectors as atomic propositions. iLTL allows us to express not only properties such as the expected number of jobs or the expected energy consumption of a protocol during a time interval, but also inequalities over such values. We present an algorithm for model checking properties of DTMCs expressed in iLTL. Our model checker di#ers from existing probabilistic ones in that the latter do not check properties of the transitions on the probability mass function (pmf) itself. Thus, iLTLChecker can check, given an interval estimate of current pmf, whether future pmfs will always satisfy a specification. We believe such properties often arise in distributed systems and networks and may, in particular, be useful in specifying requirements for routing or load balancing protocols. Our algorithm has been implemented in a tool called iLTLChecker and we illustrate the use of the tool by means of some examples.
Randomization Helps in LTL Model Checking
, 2001
"... We present and analyze a new probabilistic method for automata based LTL model checking of nonprobabilistic systems with intention to reduce memory requirements. The main idea of our approach is to use randomness to decide which of the needed information (visited states) should be stored during a c ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
We present and analyze a new probabilistic method for automata based LTL model checking of nonprobabilistic systems with intention to reduce memory requirements. The main idea of our approach is to use randomness to decide which of the needed information (visited states) should be stored during a computation and which could be omitted. We propose two strategies of probabilistic storing of states. The algorithm never errs, i.e. it always delivers correct results. On the other hand the computation time can increase. The method has been embedded into the SPIN model checker and a series of experiments has been performed. The results con rm that randomization can help to increase the applicability of model checkers in practice. 1
From LTL to Symbolically Represented Deterministic Automata
"... Abstract. Temporal logics like LTL are frequently used for the specification and verification of reactive systems. For verification, LTL formulas are typically translated to generalized nondeterministic Büchi automata so that the verification problem is reduced to checking the emptiness of automata. ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Abstract. Temporal logics like LTL are frequently used for the specification and verification of reactive systems. For verification, LTL formulas are typically translated to generalized nondeterministic Büchi automata so that the verification problem is reduced to checking the emptiness of automata. While this can be done symbolically for nondeterministic automata, other applications require deterministic automata, so that a subsequent determinization step is required. Unfortunately, currently known determinization procedures for Büchi automata like Safra’s procedure are not amenable to a symbolic implementation. It is wellknown that ωautomata that stem from LTL formulas have special properties. In this paper, we exploit such a property in a new determinization procedure for these automata. Our procedure avoids the use of complicated tree structures as used in Safra’s procedure and it generates symbolic descriptions of equivalent deterministic parity automata which was so far not possible for full LTL. 1
Possibilistic and Probabilistic AbstractionBased Model Checking
 Process Algebra and Probabilistic Methods, Performance Modeling and Veri Second Joint International Workshop PAPMPROBMIV 2002, volume 2399 of Lecture Notes in Computer Science
, 2002
"... models whose verification results transfer to the abstracted models for a logic with unrestricted use of negation and quantification. This framework is novel in that its models have quantitative or probabilistic observables and state transitions. Properties of a quantitative temporal logic have meas ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
models whose verification results transfer to the abstracted models for a logic with unrestricted use of negation and quantification. This framework is novel in that its models have quantitative or probabilistic observables and state transitions. Properties of a quantitative temporal logic have measurable denotations in these models. For probabilistic models such denotations approximate the probabilistic semantics of full LTL. We show how predicatebased abstractions specify abstract quantitative and probabilistic models with finite state space. 1
A Note on the AttractorProperty of InfiniteState Markov Chains
, 2005
"... In the past 5 years, a series of verification algorithms has been proposed for infinite Markov chains that have a finite attractor, i.e., a set that will be visited infinitely often almost surely starting from any state. In this paper, we establish a sufficient criterion for the existence of an attr ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
In the past 5 years, a series of verification algorithms has been proposed for infinite Markov chains that have a finite attractor, i.e., a set that will be visited infinitely often almost surely starting from any state. In this paper, we establish a sufficient criterion for the existence of an attractor. We show that if the states of a Markov chain can be given levels (positive integers) such that the expected next level for states at some level n > 0 if less than n for some positive D, then the states at level 0 constitute an attractor for the chain. As an application, we obtain a direct proof that some probabilistic channel systems combining message losses with duplication and insertion errors have a finite attractor.
Experiments with Deterministic ωAutomata for Formulas of Linear Temporal Logic
 Theoretical Computer Science
, 2005
"... This paper addresses the problem of generating deterministic wauto mata for formulas of linear temporal logic, which can be solved by applying wellknown algorithms to construct a nondeterministic Bchi automaton for the given formula on which we then apply a determinization algorithm. We study h ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
This paper addresses the problem of generating deterministic wauto mata for formulas of linear temporal logic, which can be solved by applying wellknown algorithms to construct a nondeterministic Bchi automaton for the given formula on which we then apply a determinization algorithm. We study here in detail Safra's determinization algorithm, present several heuristics that attempt to decrease the size of the resulting automata and report on experimental results.
Mutation Testing from Probabilistic and Stochastic Finite State Machines
 Journal of Systems and Software
, 2009
"... Specification mutation involves mutating a specification, and for each mutation a test is derived that distinguishes the behaviours of the mutated and original specifications. This approach has been applied with finite state machines based models. This paper extends mutation testing to finite state ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Specification mutation involves mutating a specification, and for each mutation a test is derived that distinguishes the behaviours of the mutated and original specifications. This approach has been applied with finite state machines based models. This paper extends mutation testing to finite state machine models that contain nonfunctional properties. The paper describes several ways of mutating a finite state machine with probabilities (PFSM) or stochastic time (PSFSM) attached to their transitions and shows how test sequences that distinguish between them and their mutants can be generated. Testing then involves applying each test sequence multiple times, observing the resultant output sequences and using results from statistical sampling theory in order to compare the observed frequency of each output sequence with that expected. Key words: mutation testing; probabilities; stochastic time; specification mutation 1
Model checking Quantitative Linear Time Logic
"... This paper considers QLtl, a quantitative analagon of Ltl and presents algorithms for model checking QLtl over quantitative versions of Kripke structures and Markov chains. Keywords: Linear temporal logic, Quantitative verification, Automata. ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
This paper considers QLtl, a quantitative analagon of Ltl and presents algorithms for model checking QLtl over quantitative versions of Kripke structures and Markov chains. Keywords: Linear temporal logic, Quantitative verification, Automata.
Onthefly Stuttering in the Construction of Deterministic ωAutomata
"... Abstract. We propose to use the knowledge that an ωregular property is stutter insensitive to construct potentially smaller deterministic ωautomata for such a property, e.g. using Safra’s determinization construction. This knowledge allows us to skip states that are redundant under stuttering, whi ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. We propose to use the knowledge that an ωregular property is stutter insensitive to construct potentially smaller deterministic ωautomata for such a property, e.g. using Safra’s determinization construction. This knowledge allows us to skip states that are redundant under stuttering, which can reduce the size of the generated automaton. In order to use this technique even for automata that are not completely insensitive to stuttering, we introduce the notion of partial stutter insensitiveness and apply our construction only on the subset of symbols for which stuttering is allowed. We evaluate the benefits of this heuristic in practice using multiple sets of benchmark formulas. 1