Results 1  10
of
148
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 3218 (68 self)
 Add to MetaCart
(Show Context)
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Temporal and modal logic
 HANDBOOK OF THEORETICAL COMPUTER SCIENCE
, 1995
"... We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic. ..."
Abstract

Cited by 1300 (17 self)
 Add to MetaCart
(Show Context)
We give a comprehensive and unifying survey of the theoretical aspects of Temporal and modal logic.
Reasoning about Infinite Computations
 Information and Computation
, 1994
"... We investigate extensions of temporal logic by connectives defined by finite automata on infinite words. We consider three different logics, corresponding to three different types of acceptance conditions (finite, looping and repeating) for the automata. It turns out, however, that these logics all ..."
Abstract

Cited by 316 (59 self)
 Add to MetaCart
(Show Context)
We investigate extensions of temporal logic by connectives defined by finite automata on infinite words. We consider three different logics, corresponding to three different types of acceptance conditions (finite, looping and repeating) for the automata. It turns out, however, that these logics all have the same expressive power and that their decision problems are all PSPACEcomplete. We also investigate connectives defined by alternating automata and show that they do not increase the expressive power of the logic or the complexity of the decision problem. 1 Introduction For many years, logics of programs have been tools for reasoning about the input/output behavior of programs. When dealing with concurrent or nonterminating processes (like operating systems) there is, however, a need to reason about infinite computations. Thus, instead of considering the first and last states of finite computations, we need to consider the infinite sequences of states that the program goes through...
Decision Procedures and Expressiveness in the Temporal Logic of Branching Time
, 1985
"... We consider the computation tree logic (CTL) proposed in (Set. Comput. Programming 2 ..."
Abstract

Cited by 190 (4 self)
 Add to MetaCart
We consider the computation tree logic (CTL) proposed in (Set. Comput. Programming 2
Reasoning about The Past with TwoWay Automata
 In 25th International Colloqium on Automata, Languages and Programming, ICALP ’98
, 1998
"... Abstract. The pcalculus can be viewed as essentially the "ultimate" program logic, as it expressively subsumes all propositional program logics, including dynamic logics, process logics, and temporal logics. It is known that the satisfiability problem for the pcalculus is EXPTIMEcomplete ..."
Abstract

Cited by 162 (14 self)
 Add to MetaCart
(Show Context)
Abstract. The pcalculus can be viewed as essentially the "ultimate" program logic, as it expressively subsumes all propositional program logics, including dynamic logics, process logics, and temporal logics. It is known that the satisfiability problem for the pcalculus is EXPTIMEcomplete. This upper bound, however, is known for a version of the logic that has only forward modalities, which express weakest preconditions, but not backward modalities, which express strongest postconditions. Our main result in this paper is an exponential time upper bound for the satisfiability problem of the pcalculus with both forward and backward modalities. To get this result we develop a theory of twoway alternating automata on infinite trees. 1
Logics for Hybrid Systems
 Proceedings of the IEEE
, 2000
"... This paper offers a synthetic overview of, and original contributions to, the use of logics and formal methods in the analysis of hybrid systems ..."
Abstract

Cited by 138 (13 self)
 Add to MetaCart
(Show Context)
This paper offers a synthetic overview of, and original contributions to, the use of logics and formal methods in the analysis of hybrid systems
Why is modal logic so robustly decidable?
 OF DIMACS SERIES IN DISCRETE MATHEMATICS AND THEORETICAL COMPUTER SCIENCE, AMERICAN MATHEMATICAL SOCIETY
, 1996
"... ..."
TableauBased Model Checking in the Propositional MuCalculus
 Acta Informatica
, 1990
"... This paper describes a procedure, based around the construction of tableau proofs, for determining whether finitestate systems enjoy properties formulated in the propositional mucalculus. It presents a tableaubased proof system for the logic and proves it sound and complete, and it discusses tech ..."
Abstract

Cited by 102 (7 self)
 Add to MetaCart
(Show Context)
This paper describes a procedure, based around the construction of tableau proofs, for determining whether finitestate systems enjoy properties formulated in the propositional mucalculus. It presents a tableaubased proof system for the logic and proves it sound and complete, and it discusses techniques for the efficient construction of proofs that states enjoy properties expressed in the logic. The approach is the basis of an ongoing implementation of a model checker in the Concurrency Workbench, an automated tool for the analysis of concurrent systems. 1 Introduction One area of program verification that has proven amenable to automation involves the analysis of finitestate processes. While computer systems in general are not finitestate, many interesting ones, including a variety of communication protocols and hardware systems, are, and their finitary nature enables the development and implementation of decision procedures that test for various properties. Model checking has p...
Modal and Temporal Logics for Processes
, 1996
"... this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency ..."
Abstract

Cited by 91 (2 self)
 Add to MetaCart
(Show Context)
this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency, Aarhus University, 1993. I would like to thank the organisers and the participants of these summer schools, and of the Banff higher order workshop. I would also like to thank Julian Bradfield for use of his Tex tree constructor for building derivation trees and Carron Kirkwood, Faron Moller, Perdita Stevens and David Walker for comments on earlier drafts.
Games for the µCalculus
"... Given a formula of the propositional µcalculus, we construct a tableau of the formula and define an infinite game of two players of which one wants to show that the formula is satisfiable, and the other seeks the opposite. The strategy for the first player can be further transformed into a model of ..."
Abstract

Cited by 73 (5 self)
 Add to MetaCart
Given a formula of the propositional µcalculus, we construct a tableau of the formula and define an infinite game of two players of which one wants to show that the formula is satisfiable, and the other seeks the opposite. The strategy for the first player can be further transformed into a model of the formula while the strategy for the second forms what we call a refutation of the formula. Using Martin's Determinacy Theorem, we prove that any formula has either a model or a refutation. This completeness result is a starting point for the completeness theorem for the µcalculus to be presented elsewhere. However, we argue that refutations have some advantages of their own. They are generated by a natural system of sound logical rules and can be presented as regular trees of the size exponential in the size of a refuted formula. This last aspect completes the small model theorem for the µcalculus established by Emerson and Jutla [3]. Thus, on a more practical side, refutations can be...