### Table 5 Memory requirements for the protocol of the dining cryptographers.

in Automatic verification of multi-agent systems by model checking via ordered binary decision diagrams

### Table 2. Comparison of SAT based reparameterization symbolic simulation against plain SAT based simulation as in [CCS+02]. y: Model checking of abstract model timed out, z: Simulation of counterexample failed, and ?: Simulation of counterexample timed out.

2004

"... In PAGE 13: ...5GB. Table2 describes the comparative experiment of the new technique with the results as described in [CCS+02]. The reflnement technique used and all other parameters were the same in both sets of experiments.... ..."

### Table 1. SAT- vs. BDD-based Exploration of Functional Dependency.

2006

"... In PAGE 5: ... We then explore the corresponding functional dependency and compute dependency functions if exist. Table1 compares our approach with the prior work [1]. Columns 1 and 2 respectively list the name and the number of nodes of each circuit.... In PAGE 5: ... The y-axis is log-scaled. Five sample circuits of different sizes from Table1 are plotted for the first 100 iterations. As can be seen in all of the plots, the runtimes of the first iterations are the maximum of among their first 100 iterations.... In PAGE 5: ... As can be seen in all of the plots, the runtimes of the first iterations are the maximum of among their first 100 iterations. In fact, all the circuits of Table1 exhibit the same behavior. After the first iteration, the runtimes for SAT solving decrease rapidly and become relatively short and stable within about 10 iterations.... In PAGE 5: ... Both axes are log-scaled. Every circuit in Table1 is plotted as a spot in Fig. 4.... In PAGE 5: ... The second tendency can be seen from the fact that the line for the retimed circuits is well below that for the original circuits. As evident in Columns 4 and 7 of Table1 , more functional dependency exists for the retimed circuits. Effectively, more unsatisfiable SAT instances are there.... ..."

Cited by 1

### Table 1. Comparative performance of classical and BDD storage methods. Dashed entries indicate that the process ran out out memory on a SPARC Station 5 with 256MB total memory.

2002

"... In PAGE 9: ...n MTBDD, in 6 hours on a single workstation using 4.5MB ofmemory. This is compared with a tool (DNAmaca [13]) using a probabilistic hashing-based tech- nique which fails after 20 hours having explored only 5 million states in nearly 800MB ofmemory. Table1 shows results from the scalable Petri net model of the Dining Philoso- phers problem. It demonstrates how the use ofBDDs in state space explorations, in combination with our computational invariant encoding technique, improves on the memory usage ofboth classical storage techniques as well as a naive binary encoding technique.... ..."

Cited by 8

### Table 1 Properties of the cryptographic primitives

2001

"... In PAGE 3: ... Assumption (Black-box assumption). The axioms in Table1 are the only way in which a passive intruder can infer new knowledge from known data. Obviously, this is a rather strong assumption to make in practice, since in real-world cryptography, it is often possible to infer partial or statistical information about the content of a message, without necessarily understanding the entire message.... In PAGE 3: ... However, the black-box assumption is essential to our model, and in fact to most other logic-based models of cryptographic protocols. In addition to the general-purpose axioms shown in Table1 , there will also be protocol-speci c axioms. The intuition is that the general-purpose axioms capture all the ways in which a passive intruder can infer knowledge, namely by looking at data and analyzing it.... In PAGE 6: ... While this is a liveness property and not a security property, it is certainly important that a protocol should not be \over-speci ed quot; by relying on the principals to use information that they do not have access to. The reader may verify that in the presence of the axioms from Table1 , i(A; B) is logically derivable from K K A and K sA;B, while r(A; B) is logically derivable from K K B and K sA;B. Thus, any principal with knowledge of a private key can participate in this protocol.... In PAGE 6: ... Recall that the informal requirement was that the intruder should not be able to learn the secret sA;B for any honest principals A and B. Let be the set of axioms from Table1 . Let be the following... In PAGE 11: ...models, it follows that is intuitionistically provable. 2 Note that all axioms in Table1 are of Type 1, as are the protocol-speci c axioms. The formula is of Type 0.... ..."

Cited by 7

### Table 2: Veri cation results for small examples (CPU times in seconds). To compare the e ciency of the event-based and state-based veri cation, let us consider the scalable examples of the railway system with n sections and of the n dining philosophers. The CPU times and the sizes of internal representations (BDD in case of state-based veri cation and unfolding for event-based methods) are presented in Table 3.

1998

"... In PAGE 31: ...Table2 presents the results of checking the STG implementability for the examples from Section 4. Example SI-impl.... In PAGE 36: ...a) 0*00 100* 110* 1*1*1 1*01 00*1 011* 0*1*0 00 rq s 0 1 01 11 10 0 0 1 1 1 1 0 1 b) Figure 28: Derivation of logic equations for set-dominant latch The circuits for the semaphore control of the railway system with 6 and 7 sections, automat- ically derived using the above method (see Figures 7,b, 24,b and Table2 ), are shown in Figure 29,a,b. The overall circuits for the railway control are shown in Figure 29,c and d respectively.... ..."

Cited by 3

### Table 2. Dining

2004

"... In PAGE 13: ... The sequence shows a situation in which each philosopher has ac- quired one fork and is waiting for the other fork. Currently, we can detect the deadlock for up to 9 philosophers ( Table2 ). We also model checked a slightly modified version of the same program which avoids deadlock.... ..."

Cited by 4

### Table 2. Dining

"... In PAGE 13: ... The sequence shows a situation in which each philosopher has ac- quired one fork and is waiting for the other fork. Currently, we can detect the deadlock for up to 9 philosophers ( Table2 ). We also model checked a slightly modified version of the same program which avoids deadlock.... ..."

### Table 1. Notation for cryptographic expres- sions

"... In PAGE 7: ... This threat can only be avoided by using an additional encryption mecha- nism for transmitting these certificates. We address this problem by enhancing the UML model by cryptographic functions given in Table1 for producing a protocol for secure communication between the objects fol- lowing [7]. The security check for this protocol is done au- tomatically using the first-order predicate logic automated theorem prover e-Setheo.... In PAGE 7: ... In Figure 4, the corresponding sequence diagram is shown. The notation for cryptographic expressions used in this diagram is given in Table1 . For better readability, the messages contain names of functions (such as subscribe or conf), indicating their purpose.... ..."