Results 11  20
of
41
Automatic abstraction refinement for timed automata
 In Proc. FORMATS’07, volume 4763 of LNCS
, 2007
"... Abstract. We present a fully automatic approach for counterexample guided abstraction refinement of realtime systems modelled in a subset of timed automata. Our approach is implemented in the MOBY/RT tool environment, which is a CASE tool for embedded system specifications. Verification in MOBY/RT ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Abstract. We present a fully automatic approach for counterexample guided abstraction refinement of realtime systems modelled in a subset of timed automata. Our approach is implemented in the MOBY/RT tool environment, which is a CASE tool for embedded system specifications. Verification in MOBY/RT is done by constructing abstractions of the semantics in terms of timed automata which are fed into the model checker UPPAAL. Since the abstractions are overapproximations, absence of abstract counterexamples implies a valid result for counterexample is found by UPPAAL. The generated abstract counterexample is used to construct either a concrete counterexample for the full model or to identify a slightly refined abstraction in which the found spurious counterexample cannot occur anymore. Hence, the approach allows for a fully automatic abstraction refinement loop starting from the coarsest abstraction towards an abstraction for which a valid verification result is found. Nontrivial case studies demonstrate that this approach computes small abstractions fast without any user interaction. 1
SATbased verification for timed component connectors
"... Componentbased software construction relies on suitable models underlying components, and in particular the coordinators which orchestrate component behaviour. Verifying correctness and safety of such systems amounts to model checking the underlying system model, where model checking techniques not ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
Componentbased software construction relies on suitable models underlying components, and in particular the coordinators which orchestrate component behaviour. Verifying correctness and safety of such systems amounts to model checking the underlying system model, where model checking techniques not only need to be correct but—since system sizes increase—also scalable and efficient. In this paper, we present a SATbased approach for bounded model checking of Timed Constraint Automata. We present an embedding of bounded model checking into propositional logic with linear arithmetic, which overcomes the state explosion problem to deal with large systems by defining a product that is linear in the size of the system. To further improve model checking performance, we show how to embed our approach into an extension of counterexample guided abstraction refinement with Craig interpolants.
Model Checking: Software and Beyond
"... Temporal logic model checking, first developed by Clarke and Emerson [1] and independently discovered by Queille and Sifakis [2], is an automated technique for the verification of finitestate systems. The specification is expressed as a ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Temporal logic model checking, first developed by Clarke and Emerson [1] and independently discovered by Queille and Sifakis [2], is an automated technique for the verification of finitestate systems. The specification is expressed as a
Program Compatibility Approaches
 IN PROCEEDINGS OF THE FORMAL METHODS FOR COMPONENTS AND OBJECTS SYMPOSIUM, FMCO 2006
, 2006
"... This paper is a survey of several techniques that have proven useful in establishing compatibility among behaviorally similar programs (e.g., system upgrades, object sub and supertypes, system components produced by different vendors, etc.). We give a comparative analysis of the techniques by eval ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
This paper is a survey of several techniques that have proven useful in establishing compatibility among behaviorally similar programs (e.g., system upgrades, object sub and supertypes, system components produced by different vendors, etc.). We give a comparative analysis of the techniques by evaluating their applicability to various aspects of the compatibility problem.
Scheduling large jobs by abstraction refinement
 in Proceedings of the sixth conference on Computer systems. ACM
"... The static scheduling problem often arises as a fundamental problem in realtime systems and grid computing. We consider the problem of statically scheduling a large job expressed as a task graph on a large number of computing nodes, such as a data center. This paper solves the largescale static sc ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
The static scheduling problem often arises as a fundamental problem in realtime systems and grid computing. We consider the problem of statically scheduling a large job expressed as a task graph on a large number of computing nodes, such as a data center. This paper solves the largescale static scheduling problem using abstraction refinement, a technique commonly used in formal verification to efficiently solve computationally hard problems. A scheduler based on abstraction refinement first attempts to solve the scheduling problem with abstract representations of the job and the computing resources. As abstract representations are generally small, the scheduling can be done reasonably fast. If the obtained schedule does not meet specified quality conditions (like
Event Order Abstraction for Parametric RealTime System Verification
, 2008
"... We present a new abstraction technique, event order abstraction (EOA), for parametric safety verification of realtime systems in which “correct orderings of events ” needed for system correctness are maintained by timing constraints on the systems ’ behavior. By using EOA, one can separate the task ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
We present a new abstraction technique, event order abstraction (EOA), for parametric safety verification of realtime systems in which “correct orderings of events ” needed for system correctness are maintained by timing constraints on the systems ’ behavior. By using EOA, one can separate the task of verifying a realtime system into two parts: 1. Safety property verification of the system given that only correct event orderings occur; and 2. Derivation of timing parameter constraints for correct orderings of events in the system. The user first identifies a candidate set of bad event orders. Then, by using ordinary untimed modelchecking, the user examines whether a discretized system model in which all timing constraints are abstracted away satisfies a desirable safety property under the assumption that the identified bad event orders occur in no system execution. The user uses counterexamples obtained from the modelchecker to identify additional bad event orders, and repeats the process until the modelchecking succeeds. In this step, the user obtains a sufficient set of bad event orders that must be excluded by timing synthesis for system correctness. Next, the algorithm presented in the paper automatically derives a set of timing parameter constraints under which the system does not exhibit the identified bad event orderings. From this step combined with the untimed modelchecking step, the user obtains a sufficient set of timing parameter constraints under which the system executes correctly with respect to a given safety property. We illustrate the use of EOA with a traingate example inspired by the general railroad crossing problem [13]. We also summarize three other case studies, a biphase mark protocol, the IEEE 1394 root contention protocol, and the Fischer mutual exclusion algorithm.
Structure and Hierarchy in RealTime Systems
, 2002
"... The development of digital systems is particularly challenging, if their correctness depends on the right timing of operations. One approach to enhance the reliability of such systems is modelbased development. This allows for a formal analysis throughout all stages of design. Modelbased ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
The development of digital systems is particularly challenging, if their correctness depends on the right timing of operations. One approach to enhance the reliability of such systems is modelbased development. This allows for a formal analysis throughout all stages of design. Modelbased
Sciduction: Combining induction, deduction, and structure for verification and synthesis
, 2011
"... Even with impressive advances in automated formal methods, certain problems in system verification and synthesis remain challenging. Examples include the verification of quantitative properties of software involving constraints on timing and energy consumption, and the automatic synthesis of systems ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Even with impressive advances in automated formal methods, certain problems in system verification and synthesis remain challenging. Examples include the verification of quantitative properties of software involving constraints on timing and energy consumption, and the automatic synthesis of systems from specifications. The major challenges include environment modeling, incompleteness in specifications, and the complexity of underlying decision problems. This position paper proposes sciduction, an approach to tackle these challenges by integrating inductive inference, deductive reasoning, and structure hypotheses. Deductive reasoning, which leads from general rules or concepts to conclusions about specific problem instances, includes techniques such as logical inference and constraint solving. Inductive inference, which generalizes from specific instances to yield a concept, includes algorithmic learning from examples. Structure hypotheses are used to define the class of artifacts, such as invariants or program fragments, generated during verification or synthesis. Sciduction constrains inductive and deductive reasoning using structure hypotheses, and actively combines inductive and deductive reasoning: for instance, deductive techniques generate examples for learning, and inductive reasoning is used to guide the deductive engines. We illustrate this approach with three applications: (i) timing analysis of software; (ii) synthesis of loopfree programs, and (iii) controller synthesis for hybrid systems. Some future applications are also discussed. 1
Implementing abstraction refinement for model checking in HOL
 Supplementary Proceedings of the 16th International Conference on Theorem Proving in Higher Order Logics, number 187 in Technical Reports
, 2003
"... Abstract. Abstracting infinite or large state spaces to ones feasible for model checking has met with much success. We have implemented an abstraction framework in HOL, on top of a deepembedded model checker. We present the implementation, highlighting the role of HOL. 1 ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Abstract. Abstracting infinite or large state spaces to ones feasible for model checking has met with much success. We have implemented an abstraction framework in HOL, on top of a deepembedded model checker. We present the implementation, highlighting the role of HOL. 1
The Importance of Nontheorems and Counterexamples in Program Verification
"... We argue that the detection and refutation of nontheorems, and the discovery of appropriate counterexamples, is of vital importance to the Grand Challenge of a Program Verifier. ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We argue that the detection and refutation of nontheorems, and the discovery of appropriate counterexamples, is of vital importance to the Grand Challenge of a Program Verifier.