Results 1  10
of
10
The concurrency workbench: A semantics based tool for the verification of concurrent systems
 In Proceedings of the Workshop on Automatic Verification Methods for Finite State Machines
, 1991
"... Abstract The Concurrency Workbench is an automated tool for analyzing networks of finitestate processes expressed in Milner's Calculus of Communicating Systems. Its key feature is its breadth: a variety of different verification methods, including equivalence checking, preorder checking, and model ..."
Abstract

Cited by 102 (3 self)
 Add to MetaCart
Abstract The Concurrency Workbench is an automated tool for analyzing networks of finitestate processes expressed in Milner's Calculus of Communicating Systems. Its key feature is its breadth: a variety of different verification methods, including equivalence checking, preorder checking, and model checking, are supported for several different process semantics. One experience from our work is that a large number of interesting verification methods can be formulated as combinations of a small number of primitive algorithms. The Workbench has been applied to the verification of communications protocols and mutual exclusion algorithms and has proven a valuable aid in teaching and research. 1 Introduction This paper describes the Concurrency Workbench [11, 12, 13], a tool that supports the automatic verification of finitestate processes. Such tools are practically motivated: the development of complex distributed computer systems requires sophisticated verification techniques to guarantee correctness, and the increase in detail rapidly becomes unmanageable without computer assistance. Finitestate systems, such as communications protocols and hardware, are particularly suitable for automated analysis because their finitary nature ensures the existence of decision procedures for a wide range of system properties.
TableauBased Model Checking in the Propositional MuCalculus
 Acta Informatica
, 1990
"... This paper describes a procedure, based around the construction of tableau proofs, for determining whether finitestate systems enjoy properties formulated in the propositional mucalculus. It presents a tableaubased proof system for the logic and proves it sound and complete, and it discusses tech ..."
Abstract

Cited by 91 (8 self)
 Add to MetaCart
This paper describes a procedure, based around the construction of tableau proofs, for determining whether finitestate systems enjoy properties formulated in the propositional mucalculus. It presents a tableaubased proof system for the logic and proves it sound and complete, and it discusses techniques for the efficient construction of proofs that states enjoy properties expressed in the logic. The approach is the basis of an ongoing implementation of a model checker in the Concurrency Workbench, an automated tool for the analysis of concurrent systems. 1 Introduction One area of program verification that has proven amenable to automation involves the analysis of finitestate processes. While computer systems in general are not finitestate, many interesting ones, including a variety of communication protocols and hardware systems, are, and their finitary nature enables the development and implementation of decision procedures that test for various properties. Model checking has p...
Compositional Minimization of Finite State Systems
 IN PROC. 2ND INTERNATIONAL CONFERENCE OF COMPUTERAIDED VERIFICATION
, 1991
"... In this paper we develop a compositional method for the construction of the minimal transition system that represents the semantics of a given reactive system. The point of this method is that it exploits structural properties of the reactive system in order to avoid the consideration of large inter ..."
Abstract

Cited by 36 (0 self)
 Add to MetaCart
In this paper we develop a compositional method for the construction of the minimal transition system that represents the semantics of a given reactive system. The point of this method is that it exploits structural properties of the reactive system in order to avoid the consideration of large intermediate representations. Central is the use of interface specifications here, which express constraints on the components' communication behaviour, and therefore to control the state explosion caused by the interleavings of actions of communicating parallel components. The effect of the method, which is developed for bisimulation semantics here, depends on the structure of the reactive system under consideration, in particular on the accuracy of the interface specifications. However, its correctness does not: every "successful" construction is guaranteed to yield the desired minimal transition system, independently of the correctness of the interface specifications provided by the designer.
Computing Behavioural Relations, Logically
 In Proceedings of 18th International Colloquium on Automata, Languages and Programming
, 1991
"... This paper develops a modelchecking algorithm for a fragment of the modal mucalculus and shows how it may be applied to the efficient computation of behavioral relations between processes. The algorithm's complexity is proportional to the product of the size of the process and the size of the f ..."
Abstract

Cited by 29 (8 self)
 Add to MetaCart
This paper develops a modelchecking algorithm for a fragment of the modal mucalculus and shows how it may be applied to the efficient computation of behavioral relations between processes. The algorithm's complexity is proportional to the product of the size of the process and the size of the formula, and thus improves on the best existing algorithm for such a fixed point logic. The method for computing preorders that the model checker induces is also more efficient than known algorithms.
A Semantic Theory for Heterogeneous System Design
 In FSTTCS 2000, vol. 1974 of LNCS
, 2000
"... This paper extends DeNicola and Hennessy's testing theory from labeled transition system to Büchi processes and establishes a tight connection between the resulting Büchi mustpreorder and satisfaction of lineartime temporal logic (LTL) formulas. An example dealing with the design of a communicatio ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
This paper extends DeNicola and Hennessy's testing theory from labeled transition system to Büchi processes and establishes a tight connection between the resulting Büchi mustpreorder and satisfaction of lineartime temporal logic (LTL) formulas. An example dealing with the design of a communications protocol testi es to the utility of the theory for heterogeneous system design, in which some components are specified as labeled transition systems and others are given as LTL formulas.
A Logical Process Calculus
, 2002
"... This paper presents the Logical Process Calculus (LPC), a formalism that supports heterogeneous system specifications containing both operational and declarative subspecifiations. Syntactically, LPC extends Milner's Calculus of Communicating Systems with operators from the alternationfree linearti ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
This paper presents the Logical Process Calculus (LPC), a formalism that supports heterogeneous system specifications containing both operational and declarative subspecifiations. Syntactically, LPC extends Milner's Calculus of Communicating Systems with operators from the alternationfree lineartime µcalculus (LT). Semantically, LPC is equipped with a behavioral preorder that generalizes Hennessy's and De Nicola's musttesting preorder as well as LTµ's satisfaction relation, while being compositional for all LPC operators. From a technical point of view, the new calculus is distinguished by the inclusion of (i) both minimal and maximal fixedpoint operators and (ii) an unimplementability predicate on process terms which tags inconsistent specifications. The utility of LPC is demonstrated by means of an example highlighting the benefits of heterogeneous system specification.
HORNSAT, Model Checking, Verification and Games
, 1995
"... We develop a methodology based upon HORNSAT for model checking and for checking behavioral relations between finite state processes. This methodology has a number of advantages, previously only obtained in different solutions of some of these problems. For example, our methodology can be used to g ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
We develop a methodology based upon HORNSAT for model checking and for checking behavioral relations between finite state processes. This methodology has a number of advantages, previously only obtained in different solutions of some of these problems. For example, our methodology can be used to generate diagnostic information [CC92] efficiently. It can be used to do model checking efficiently, for various fragments of modal mucalculus. It is naturally local [SW91, Lar92]; and it can be made to run both on the fly [VW86, CVWY92, FM91, BCG95] and incrementally [SS94]. Our results show that previous methodologies involving systems of Boolean equations [Lar92, And94] can be simulated by finding maximal and minimal solutions of weakly positive and weakly negative Hor...
A Polyadic Modal µCalculus
, 1994
"... The propositional µcalculus of Kozen extends modal logic with fixed points to achieve a powerful logic for expressing temporal properties of systems modelled by labelled transition systems. We further extend Kozen's logic with polyadic modalities to allow for expressing also quite naturally behavio ..."
Abstract
 Add to MetaCart
The propositional µcalculus of Kozen extends modal logic with fixed points to achieve a powerful logic for expressing temporal properties of systems modelled by labelled transition systems. We further extend Kozen's logic with polyadic modalities to allow for expressing also quite naturally behavioural relations like bisimulation equivalence and simulation preorders. We show that the problem of model checking is still efficiently decidable, giving rise to efficient worstcase algorithms for verifying the infinity of behavioural relations expressible in this polyadic modal µcalculus. Some of these algorithms compete in efficiency with carefully handcrafted algorithms found in the literature. In spite of this result, the validity problem turns out to be highly undecidable. This is in contrast to the propositional µcalculus where it is decidable in deterministic exponential time. It follows as a corollary, that  also in contrast to the propositional µcalculus  the polyadic modal...