Results 1 - 10
of
10
Flat acceleration in symbolic model checking
- IN ATVA’05, VOLUME 3707 OF LNCS
, 2005
"... Symbolic model checking provides partially effective verification procedures that can handle systems with an infinite state space. So-called “acceleration techniques” enhance the convergence of fixpoint computations by computing the transitive closure of some transitions. In this paper we develop a ..."
Abstract
-
Cited by 27 (14 self)
- Add to MetaCart
(Show Context)
Symbolic model checking provides partially effective verification procedures that can handle systems with an infinite state space. So-called “acceleration techniques” enhance the convergence of fixpoint computations by computing the transitive closure of some transitions. In this paper we develop a new framework for symbolic model checking with accelerations. We also propose and analyze new symbolic algorithms using accelerations to compute reachability sets. Key words: verification of infinite-state systems, symbolic model checking, acceleration.
Dynamic cutoff detection in parameterized concurrent programs
- In CAV
, 2010
"... Abstract. The verification problem for parameterized concurrent pro-grams is a grand challenge in computing. We consider the class of finite-state programs executed by an unbounded number of replicated threads, which is essential in concurrent software verification using predicate ab-straction. Whil ..."
Abstract
-
Cited by 20 (5 self)
- Add to MetaCart
(Show Context)
Abstract. The verification problem for parameterized concurrent pro-grams is a grand challenge in computing. We consider the class of finite-state programs executed by an unbounded number of replicated threads, which is essential in concurrent software verification using predicate ab-straction. While the reachability problem for this class is decidable, exist-ing algorithms are of limited use in practice, due to an exponential-space lower bound. In this paper, we present an alternative method based on a reachability cutoff: a number n of threads that suffice to generate all reachable program locations. We give a sufficient condition, verifiable dynamically during the reachability analysis, that allows us to conclude that n is a cutoff. We then make the method complete, using a lean backward coverability analysis. We demonstrate the efficiency of the ap-proach on Petri net encodings of communication protocols, as well as on non-recursive Boolean programs run by arbitrarily many parallel threads. 1
A complete abstract interpretation framework for coverability properties of WSTS
, 2006
"... We present an abstract interpretation based approach to solve the coverability problem of well-structured transition systems. Our approach distinguishes from other attempts in that (1) we solve this problem for the whole class of well-structured transition systems using a forward algorithm. So, our ..."
Abstract
-
Cited by 18 (3 self)
- Add to MetaCart
(Show Context)
We present an abstract interpretation based approach to solve the coverability problem of well-structured transition systems. Our approach distinguishes from other attempts in that (1) we solve this problem for the whole class of well-structured transition systems using a forward algorithm. So, our algorithm has to deal with possibly infinite downward closed sets. (2) Whereas other approaches have a non generic representation for downward closed sets of states, which turns out to be hard to devise in practice, we introduce a generic representation requiring no additional effort of implementation.
Monitoring Distributed Controllers: When an Efficient LTL Algorithm on Sequences Is Needed to Model-Check Traces
- of LNCS
, 2006
"... Abstract. It is well known that through code instrumentation, a dis-tributed system’s finite execution can generate a finite trace as a partially ordered set of events. We motivate the need to use LTL model-checking on sequences and not on traces as defined by Diekert and Gastin, to val-idate distri ..."
Abstract
-
Cited by 8 (3 self)
- Add to MetaCart
(Show Context)
Abstract. It is well known that through code instrumentation, a dis-tributed system’s finite execution can generate a finite trace as a partially ordered set of events. We motivate the need to use LTL model-checking on sequences and not on traces as defined by Diekert and Gastin, to val-idate distributed control systems executions, abstracted by such traces, and present an efficient symbolic algorithm to do the job. It uses the standard method proposed by Vardi and Wolper, which from the LTL formula, builds a monitor that accepts all the bad sequences. We show that, given a monitor and a trace, the problem to check that both the monitor and the trace have a common sequence is NP-complete in the number of concurrent processes. Our method explores the possible con-figurations symbolically, since it handles sets of configurations. Moreover, it uses techniques similar to the partial order reduction, to avoid explor-ing as many execution interleavings as possible. It works very well in practice, compared to the standard exploration method, with or without partial order reduction (which, in practice, does not work well here).
On-line monitoring of large petri net models under partial obervation,” Submitted to Journal of Discrete Event Dynamic Systems
, 2006
"... This paper deals with the on-line monitoring of large systems modeled as Petri Nets under partial observation. The plant observation is given by a subset of transitions whose occurrence is (always) acknowledged by emitting a label received by the monitoring agent at the time of the occurrence. Other ..."
Abstract
-
Cited by 8 (5 self)
- Add to MetaCart
(Show Context)
This paper deals with the on-line monitoring of large systems modeled as Petri Nets under partial observation. The plant observation is given by a subset of transitions whose occurrence is (always) acknowledged by emitting a label received by the monitoring agent at the time of the occurrence. Other transitions not in this subset are silent (unobservable). Usually on-line applications require the computation of how the system has evolved from the last known (or estimated) marking(s) by enumerating the set of all the explanations of the observation received by the monitoring agent, i.e. the set of all allowable traces, such that the execution of these traces from the initial marking would generate the sequence of observed labels in the correct order. This can be accomplished by a forward search algorithm starting from the initial marking. However, the application of forward search techniques to large systems has several disadvantages. Firstly, the set of current allowable markings of the system can be large. Hence, its enumeration can be computationally demanding. Secondly, forward search techniques require knowing the exact initial marking, which can be a problem in case of systems with uncertain initial marking e.g. when only a lower bound on the initial marking is known. To alleviate these drawbacks, we propose a backward search method, which, starting from observation(s), enumerates a subset of explanations called the set of minimal explanations. The set of markings that are reached from the initial marking firing minimal explanations has the property that its
Lattice-valued binary decision diagrams
- In ATVA, LNCS
, 2010
"... Abstract. This work introduces a new data structure, called Lattice-Valued Bi-nary Decision Diagrams (or LVBDD for short), for the compact representation and manipulation of functions of the form θ: 2P 7 → L, where P is a finite set of Boolean propositions and L is a finite distributive lattice. Suc ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract. This work introduces a new data structure, called Lattice-Valued Bi-nary Decision Diagrams (or LVBDD for short), for the compact representation and manipulation of functions of the form θ: 2P 7 → L, where P is a finite set of Boolean propositions and L is a finite distributive lattice. Such functions arise naturally in several verification problems. LVBDD are a natural generalisation of multi-terminal ROBDD which exploit the structure of the underlying lattice to achieve more compact representations. We introduce two canonical forms for LVBDD and present algorithms to symbolically compute their conjunction, dis-junction and projection. We provide experimental evidence that this new data structure can outperform ROBDD for solving the finite-word LTL satisfiability problem. 1
Symbolic Representation of tccp Programs?
"... 1 Introduction In the last decades, formal verification of industrial applications has become a hot topic of research. As the complexity of software systems increases, lightweight automatic verification tools which are able to guarantee the correct behavior of such systems are dramatically lacking. ..."
Abstract
- Add to MetaCart
1 Introduction In the last decades, formal verification of industrial applications has become a hot topic of research. As the complexity of software systems increases, lightweight automatic verification tools which are able to guarantee the correct behavior of such systems are dramatically lacking. Model checking is a fully automatic formal verification technique which is able to demonstrate certain properties formalized as logical formulas which are automatically checked on a model of the system; otherwise, it provides a counterexample which helps the programmer to debug the wrong code. However, its potential for push-button verification is not easily realizable due to the well-known state-space explosion problem. Recent advances in model checking deal with huge state-spaces by using symbolic manipulation algorithms inside model checkers [4,6,12]. Other techniques such as abstract interpretation, partial evaluation, and on-the-fly methods have also been proposed in the literature as significant state-space reduction techniques.
Approaching the Coverability Problem Continuously
"... Abstract. The coverability problem for Petri nets plays a central role in the verification of concurrent shared-memory programs. However, its high EXPSPACE-complete complexity poses a challenge when encoun-tered in real-world instances. In this paper, we develop a new approach to this problem which ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. The coverability problem for Petri nets plays a central role in the verification of concurrent shared-memory programs. However, its high EXPSPACE-complete complexity poses a challenge when encoun-tered in real-world instances. In this paper, we develop a new approach to this problem which is primarily based on applying forward coverabil-ity in continuous Petri nets as a pruning criterion inside a backward-coverability framework. A cornerstone of our approach is the efficient encoding of a recently developed polynomial-time algorithm for reacha-bility in continuous Petri nets into SMT. We demonstrate the effective-ness of our approach on standard benchmarks from the literature, which shows that our approach decides significantly more instances than any existing tool and is in addition often much faster, in particular on large instances. 1
A faster exact multiprocessor schedulability test for sporadic tasks
"... Baker and Cirinei introduced an exact but naive algo-rithm [3], based on solving a state reachability problem in a finite automaton, to check whether sets of sporadic hard real-time tasks are schedulable on identical multiproces-sor platforms. However, the algorithm suffered from poor performance du ..."
Abstract
- Add to MetaCart
(Show Context)
Baker and Cirinei introduced an exact but naive algo-rithm [3], based on solving a state reachability problem in a finite automaton, to check whether sets of sporadic hard real-time tasks are schedulable on identical multiproces-sor platforms. However, the algorithm suffered from poor performance due to the exponential size of the automaton relative to the size of the task set. In this paper, we suc-cessfully apply techniques developed by the formal verifi-cation community, specifically antichain algorithms [11], by defining and proving the correctness of a simulation relation on Baker and Cirinei’s automaton. We show our improved algorithm yields dramatically improved perfor-mance for the schedulability test and opens for many fur-ther improvements. 1.
Symbolic Data Structure for sets of k-uples of integers
"... Abstract. In this document we present a new symbolic data structure dedicated to the manipulation of (possibly infinite) sets of k-uples over integers, initially introduced in [Gan02]. This new data structure called Interval Sharing Tree (IST), is based on sharing trees [ZL95] where each node is lab ..."
Abstract
- Add to MetaCart
Abstract. In this document we present a new symbolic data structure dedicated to the manipulation of (possibly infinite) sets of k-uples over integers, initially introduced in [Gan02]. This new data structure called Interval Sharing Tree (IST), is based on sharing trees [ZL95] where each node is labelled with an interval of integers. We present symbolic algo-rithm on IST for standard set operations and also introduce some specific operation that can be useful in the context of model-checking. 1