Results 1  10
of
10
Flat acceleration in symbolic model checking
 IN ATVA’05, VOLUME 3707 OF LNCS
, 2005
"... Symbolic model checking provides partially effective verification procedures that can handle systems with an infinite state space. Socalled “acceleration techniques” enhance the convergence of fixpoint computations by computing the transitive closure of some transitions. In this paper we develop a ..."
Abstract

Cited by 27 (14 self)
 Add to MetaCart
(Show Context)
Symbolic model checking provides partially effective verification procedures that can handle systems with an infinite state space. Socalled “acceleration techniques” enhance the convergence of fixpoint computations by computing the transitive closure of some transitions. In this paper we develop a new framework for symbolic model checking with accelerations. We also propose and analyze new symbolic algorithms using accelerations to compute reachability sets. Key words: verification of infinitestate systems, symbolic model checking, acceleration.
Dynamic cutoff detection in parameterized concurrent programs
 In CAV
, 2010
"... Abstract. The verification problem for parameterized concurrent programs is a grand challenge in computing. We consider the class of finitestate programs executed by an unbounded number of replicated threads, which is essential in concurrent software verification using predicate abstraction. Whil ..."
Abstract

Cited by 20 (5 self)
 Add to MetaCart
(Show Context)
Abstract. The verification problem for parameterized concurrent programs is a grand challenge in computing. We consider the class of finitestate programs executed by an unbounded number of replicated threads, which is essential in concurrent software verification using predicate abstraction. While the reachability problem for this class is decidable, existing algorithms are of limited use in practice, due to an exponentialspace lower bound. In this paper, we present an alternative method based on a reachability cutoff: a number n of threads that suffice to generate all reachable program locations. We give a sufficient condition, verifiable dynamically during the reachability analysis, that allows us to conclude that n is a cutoff. We then make the method complete, using a lean backward coverability analysis. We demonstrate the efficiency of the approach on Petri net encodings of communication protocols, as well as on nonrecursive Boolean programs run by arbitrarily many parallel threads. 1
A complete abstract interpretation framework for coverability properties of WSTS
, 2006
"... We present an abstract interpretation based approach to solve the coverability problem of wellstructured transition systems. Our approach distinguishes from other attempts in that (1) we solve this problem for the whole class of wellstructured transition systems using a forward algorithm. So, our ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
(Show Context)
We present an abstract interpretation based approach to solve the coverability problem of wellstructured transition systems. Our approach distinguishes from other attempts in that (1) we solve this problem for the whole class of wellstructured transition systems using a forward algorithm. So, our algorithm has to deal with possibly infinite downward closed sets. (2) Whereas other approaches have a non generic representation for downward closed sets of states, which turns out to be hard to devise in practice, we introduce a generic representation requiring no additional effort of implementation.
Monitoring Distributed Controllers: When an Efficient LTL Algorithm on Sequences Is Needed to ModelCheck Traces
 of LNCS
, 2006
"... Abstract. It is well known that through code instrumentation, a distributed system’s finite execution can generate a finite trace as a partially ordered set of events. We motivate the need to use LTL modelchecking on sequences and not on traces as defined by Diekert and Gastin, to validate distri ..."
Abstract

Cited by 8 (3 self)
 Add to MetaCart
(Show Context)
Abstract. It is well known that through code instrumentation, a distributed system’s finite execution can generate a finite trace as a partially ordered set of events. We motivate the need to use LTL modelchecking on sequences and not on traces as defined by Diekert and Gastin, to validate distributed control systems executions, abstracted by such traces, and present an efficient symbolic algorithm to do the job. It uses the standard method proposed by Vardi and Wolper, which from the LTL formula, builds a monitor that accepts all the bad sequences. We show that, given a monitor and a trace, the problem to check that both the monitor and the trace have a common sequence is NPcomplete in the number of concurrent processes. Our method explores the possible configurations symbolically, since it handles sets of configurations. Moreover, it uses techniques similar to the partial order reduction, to avoid exploring as many execution interleavings as possible. It works very well in practice, compared to the standard exploration method, with or without partial order reduction (which, in practice, does not work well here).
Online monitoring of large petri net models under partial obervation,” Submitted to Journal of Discrete Event Dynamic Systems
, 2006
"... This paper deals with the online monitoring of large systems modeled as Petri Nets under partial observation. The plant observation is given by a subset of transitions whose occurrence is (always) acknowledged by emitting a label received by the monitoring agent at the time of the occurrence. Other ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
(Show Context)
This paper deals with the online monitoring of large systems modeled as Petri Nets under partial observation. The plant observation is given by a subset of transitions whose occurrence is (always) acknowledged by emitting a label received by the monitoring agent at the time of the occurrence. Other transitions not in this subset are silent (unobservable). Usually online applications require the computation of how the system has evolved from the last known (or estimated) marking(s) by enumerating the set of all the explanations of the observation received by the monitoring agent, i.e. the set of all allowable traces, such that the execution of these traces from the initial marking would generate the sequence of observed labels in the correct order. This can be accomplished by a forward search algorithm starting from the initial marking. However, the application of forward search techniques to large systems has several disadvantages. Firstly, the set of current allowable markings of the system can be large. Hence, its enumeration can be computationally demanding. Secondly, forward search techniques require knowing the exact initial marking, which can be a problem in case of systems with uncertain initial marking e.g. when only a lower bound on the initial marking is known. To alleviate these drawbacks, we propose a backward search method, which, starting from observation(s), enumerates a subset of explanations called the set of minimal explanations. The set of markings that are reached from the initial marking firing minimal explanations has the property that its
Latticevalued binary decision diagrams
 In ATVA, LNCS
, 2010
"... Abstract. This work introduces a new data structure, called LatticeValued Binary Decision Diagrams (or LVBDD for short), for the compact representation and manipulation of functions of the form θ: 2P 7 → L, where P is a finite set of Boolean propositions and L is a finite distributive lattice. Suc ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract. This work introduces a new data structure, called LatticeValued Binary Decision Diagrams (or LVBDD for short), for the compact representation and manipulation of functions of the form θ: 2P 7 → L, where P is a finite set of Boolean propositions and L is a finite distributive lattice. Such functions arise naturally in several verification problems. LVBDD are a natural generalisation of multiterminal ROBDD which exploit the structure of the underlying lattice to achieve more compact representations. We introduce two canonical forms for LVBDD and present algorithms to symbolically compute their conjunction, disjunction and projection. We provide experimental evidence that this new data structure can outperform ROBDD for solving the finiteword LTL satisfiability problem. 1
Symbolic Representation of tccp Programs?
"... 1 Introduction In the last decades, formal verification of industrial applications has become a hot topic of research. As the complexity of software systems increases, lightweight automatic verification tools which are able to guarantee the correct behavior of such systems are dramatically lacking. ..."
Abstract
 Add to MetaCart
1 Introduction In the last decades, formal verification of industrial applications has become a hot topic of research. As the complexity of software systems increases, lightweight automatic verification tools which are able to guarantee the correct behavior of such systems are dramatically lacking. Model checking is a fully automatic formal verification technique which is able to demonstrate certain properties formalized as logical formulas which are automatically checked on a model of the system; otherwise, it provides a counterexample which helps the programmer to debug the wrong code. However, its potential for pushbutton verification is not easily realizable due to the wellknown statespace explosion problem. Recent advances in model checking deal with huge statespaces by using symbolic manipulation algorithms inside model checkers [4,6,12]. Other techniques such as abstract interpretation, partial evaluation, and onthefly methods have also been proposed in the literature as significant statespace reduction techniques.
Approaching the Coverability Problem Continuously
"... Abstract. The coverability problem for Petri nets plays a central role in the verification of concurrent sharedmemory programs. However, its high EXPSPACEcomplete complexity poses a challenge when encountered in realworld instances. In this paper, we develop a new approach to this problem which ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. The coverability problem for Petri nets plays a central role in the verification of concurrent sharedmemory programs. However, its high EXPSPACEcomplete complexity poses a challenge when encountered in realworld instances. In this paper, we develop a new approach to this problem which is primarily based on applying forward coverability in continuous Petri nets as a pruning criterion inside a backwardcoverability framework. A cornerstone of our approach is the efficient encoding of a recently developed polynomialtime algorithm for reachability in continuous Petri nets into SMT. We demonstrate the effectiveness of our approach on standard benchmarks from the literature, which shows that our approach decides significantly more instances than any existing tool and is in addition often much faster, in particular on large instances. 1
A faster exact multiprocessor schedulability test for sporadic tasks
"... Baker and Cirinei introduced an exact but naive algorithm [3], based on solving a state reachability problem in a finite automaton, to check whether sets of sporadic hard realtime tasks are schedulable on identical multiprocessor platforms. However, the algorithm suffered from poor performance du ..."
Abstract
 Add to MetaCart
(Show Context)
Baker and Cirinei introduced an exact but naive algorithm [3], based on solving a state reachability problem in a finite automaton, to check whether sets of sporadic hard realtime tasks are schedulable on identical multiprocessor platforms. However, the algorithm suffered from poor performance due to the exponential size of the automaton relative to the size of the task set. In this paper, we successfully apply techniques developed by the formal verification community, specifically antichain algorithms [11], by defining and proving the correctness of a simulation relation on Baker and Cirinei’s automaton. We show our improved algorithm yields dramatically improved performance for the schedulability test and opens for many further improvements. 1.
Symbolic Data Structure for sets of kuples of integers
"... Abstract. In this document we present a new symbolic data structure dedicated to the manipulation of (possibly infinite) sets of kuples over integers, initially introduced in [Gan02]. This new data structure called Interval Sharing Tree (IST), is based on sharing trees [ZL95] where each node is lab ..."
Abstract
 Add to MetaCart
Abstract. In this document we present a new symbolic data structure dedicated to the manipulation of (possibly infinite) sets of kuples over integers, initially introduced in [Gan02]. This new data structure called Interval Sharing Tree (IST), is based on sharing trees [ZL95] where each node is labelled with an interval of integers. We present symbolic algorithm on IST for standard set operations and also introduce some specific operation that can be useful in the context of modelchecking. 1