Results 1  10
of
37
Forward and Backward Simulations Part I: Untimed Systems
 Information and Computation
, 1995
"... A unified, comprehensive presentation of simulation techniques for verification of concurrent systems is given, in terms of a simple untimed automaton model. In particular, (1) refinements, (2) forward and backward simulations, (3) hybrid forwardbackward and backwardforward simulations, and (4) hi ..."
Abstract

Cited by 134 (18 self)
 Add to MetaCart
A unified, comprehensive presentation of simulation techniques for verification of concurrent systems is given, in terms of a simple untimed automaton model. In particular, (1) refinements, (2) forward and backward simulations, (3) hybrid forwardbackward and backwardforward simulations, and (4) history and prophecy relations are defined. History and prophecy relations are abstract versions of the history and prophecy variables of Abadi and Lamport, as well as the auxiliary variables of Owicki and Gries. Relationships between the different types of simulations, as well as soundness and completeness results, are stated and proved. Finally, it is shown how invariants can be incorporated into all the simulations. Even though many results are presented here for the first time, this paper can also be read as a survey (in a simple setting) of the research literature on simulation techniques. The development for untimed automata is designed to support a similar development for timed automata...
Forward and backward simulations for timingbased systems
 In de Bakker et al
, 1991
"... A general automaton model for timingbased systems is presented and is used as the context for developing a variety of simulation proof techniques for such systems. As a first step, a comprehensive overview of simulation techniques for simple untimed automata is given. In particular, soundness and ..."
Abstract

Cited by 63 (16 self)
 Add to MetaCart
A general automaton model for timingbased systems is presented and is used as the context for developing a variety of simulation proof techniques for such systems. As a first step, a comprehensive overview of simulation techniques for simple untimed automata is given. In particular, soundness and completeness results for (1) refinements, (2) forward and backward simulations, (3) forwardbackward and backwardforward simulations, and (4) history and prophecy relations are given. History and prophecy relations are new and are abstractions of the history variables of Owicki and Gries and the prophecy variables of Abadi and Lamport, respectively. As a subsequent step, it is shown how most of the results for untimed automata can be carried over to the setting of timed automata. In fact, many of the results for the timed case are obtained as consequences of the analogous results for the untimed case.
Behavioural Differential Equations: A Coinductive Calculus of Streams, Automata, and Power Series
, 2000
"... Streams, (automata and) languages, and formal power series are viewed coalgebraically. In summary, this amounts to supplying these sets with a deterministic automaton structure, which has the universal property of being final. Finality then forms the basis for both definitions and proofs by coinduct ..."
Abstract

Cited by 52 (17 self)
 Add to MetaCart
Streams, (automata and) languages, and formal power series are viewed coalgebraically. In summary, this amounts to supplying these sets with a deterministic automaton structure, which has the universal property of being final. Finality then forms the basis for both definitions and proofs by coinduction, the coalgebraic counterpart of induction. Coinductive definitions take the shape of what we have called behavioural differential equations, after Brzozowski's notion of input derivative. A calculus is developed for coinductive reasoning about all of the afore mentioned structures, closely resembling (and at times generalising) calculus from classical analysis. 2000 Mathematics Subject Classification: 68Q10, 68Q55, 68Q85 1998 ACM Computing Classification System: F.1, F.3 Keywords & Phrases: Coalgebra, automaton, finality, coinduction, stream, formal language, formal power series, differential equation, input derivative, behaviour, semiring, maxplus algebra 1 Contents 1 Introductio...
Prelogical Relations
, 1999
"... this paper but which have some intriguing connections to some of our results and techniques, are [32] and [20]. We believe that the concept of prelogical relation would have a beneficial impact on the presentation and understanding of their results ..."
Abstract

Cited by 26 (5 self)
 Add to MetaCart
this paper but which have some intriguing connections to some of our results and techniques, are [32] and [20]. We believe that the concept of prelogical relation would have a beneficial impact on the presentation and understanding of their results
Lax Logical Relations
 In 27th Intl. Colloq. on Automata, Languages and Programming, volume 1853 of LNCS
, 2000
"... Lax logical relations are a categorical generalisation of logical relations; though they preserve product types, they need not preserve exponential types. But, like logical relations, they are preserved by the meanings of all lambdacalculus terms. We show that lax logical relations coincide with th ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
Lax logical relations are a categorical generalisation of logical relations; though they preserve product types, they need not preserve exponential types. But, like logical relations, they are preserved by the meanings of all lambdacalculus terms. We show that lax logical relations coincide with the correspondences of Schoett, the algebraic relations of Mitchell and the prelogical relations of Honsell and Sannella on Henkin models, but also generalise naturally to models in cartesian closed categories and to richer languages.
Unwinding Forward Correctability
 In Proceedings of the Computer Security Foundations Workshop
, 1994
"... A statemachine formulation is given for forward correctability in event systems, to provide a type of unwinding result for this information ow security property. We show also how regular expression notation provides an easy mechanical tool for verifying forward correctability for small systems, whi ..."
Abstract

Cited by 13 (0 self)
 Add to MetaCart
A statemachine formulation is given for forward correctability in event systems, to provide a type of unwinding result for this information ow security property. We show also how regular expression notation provides an easy mechanical tool for verifying forward correctability for small systems, which is necessary for the eective presentation of examples and exercises.
Polynomial endomorphisms of the Cuntz algebras arising from permutations. II —Branching laws of endomorphisms—, preprint RIMS1433
, 2003
"... —Branching laws and automata— ..."
On The Composition Of Security Properties
, 1996
"... This thesis presents a general theory of system composition for possibilistic security properties. It is shown that possibilistic security properties can be viewed as a predicate over the traces that are consistent with a low level observation t low . We provide a uniform framework for analyzing and ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
This thesis presents a general theory of system composition for possibilistic security properties. It is shown that possibilistic security properties can be viewed as a predicate over the traces that are consistent with a low level observation t low . We provide a uniform framework for analyzing and comparing these properties. We demonstrate how to determine what security property a system satisfies given the security properties satisfied by its constituent components. Also, we show how to construct a system that satisfies a desired security property. This analysis yields a condition that can be used to determine how a property may emerge under composition. We examine the reasons for the failure of feedback composition and provide necessary and sufficient conditions for determining when feedback composition will fail for all properties based on Generalized Noninterference. Unwinding theorems are given for a large class of security properties.
Structured Redundancy for Fault Tolerance in LTI StateSpace Models and Petri Nets
 Kybernetika
, 1999
"... The design and implementation of dynamic systems has traditionally focused on minimal representations which require the least number of state variables. However, \structured redundancy"  redundancy that has been intentionally introduced in some systematic way  can be extremely important when fault ..."
Abstract

Cited by 9 (9 self)
 Add to MetaCart
The design and implementation of dynamic systems has traditionally focused on minimal representations which require the least number of state variables. However, \structured redundancy"  redundancy that has been intentionally introduced in some systematic way  can be extremely important when fault tolerance is desired. The redundancy can be used to detect and correct errors or to guarantee desirable performance despite hardware or computational failures. Modular redundancy, the traditional approach to fault tolerance, is prohibitively expensive because of the overhead in replicating the hardware. This paper discusses alternative methods for systematically introducing redundancy in dynamic systems. Our approach consists of mapping the state space of the original system into a redundant space of higher dimension while preserving the properties of the original system in some encoded form within this larger space. We illustrate our approach by focusing on linear timeinvariant (LTI) dyna...
Global Development via Local Observational Construction Steps
, 2002
"... The way that refinement of individual "local" components of a specification relates to development of a "global" system from a specification of requirements is explored. Observational interpretation of specifications and refinements add expressive power and flexibility while bringing in some subtle ..."
Abstract

Cited by 8 (5 self)
 Add to MetaCart
The way that refinement of individual "local" components of a specification relates to development of a "global" system from a specification of requirements is explored. Observational interpretation of specifications and refinements add expressive power and flexibility while bringing in some subtle problems. The results are instantiated in the context of Casl architectural specifications.