Results 1  10
of
48
Automatic verification of realtime systems with discrete probability distributions
 Theoretical Computer Science
, 1999
"... Abstract. We consider the timed automata model of [3], which allows the analysis of realtime systems expressed in terms of quantitative timing constraints. Traditional approaches to realtime system description express the model purely in terms of nondeterminism; however, we may wish to express the ..."
Abstract

Cited by 118 (33 self)
 Add to MetaCart
Abstract. We consider the timed automata model of [3], which allows the analysis of realtime systems expressed in terms of quantitative timing constraints. Traditional approaches to realtime system description express the model purely in terms of nondeterminism; however, we may wish to express the likelihood of the system making certain transitions. In this paper, we present a model for realtime systems augmented with discrete probability distributions. Furthermore, using the algorithm of [5] with fairness, we develop a model checking method for such models against temporal logic properties which can refer both to timing properties and probabilities, such as, “with probability 0.6 or greater, the clock x remains below 5 until clock y exceeds 2”. 1
Linear Parametric Model Checking of Timed Automata
, 2002
"... We present an extension of the model checker Uppaal, capable of synthesizing linear parameter constraints for the correctness of parametric timed automata. A symbolic representation of the (parametric) state space in terms of parametric difference bound matrices is shown to be correct. A second cont ..."
Abstract

Cited by 92 (3 self)
 Add to MetaCart
(Show Context)
We present an extension of the model checker Uppaal, capable of synthesizing linear parameter constraints for the correctness of parametric timed automata. A symbolic representation of the (parametric) state space in terms of parametric difference bound matrices is shown to be correct. A second contribution of this paper is the identification of a subclass of parametric timed automata (L/U automata), for which the emptiness problem is decidable, contrary to the full class where it is known to be undecidable. Also, we present a number of results that reduce the verification effort for L/U automata in certain cases. We illustrate our approach by deriving linear parameter constraints for a number of wellknown case studies from the literature (exhibiting a flaw in a published paper).
Symbolic Model Checking of Probabilistic Timed Automata Using Backwards Reachability
, 2000
"... We consider probabilistic timed automata of [13], an extension of the timed automata model of [2] with discrete probability distributions. In contrast to timed automata, which model realtime systems purely in terms of nondeterminism, our model allows to express the likelihood of the system makin ..."
Abstract

Cited by 82 (26 self)
 Add to MetaCart
We consider probabilistic timed automata of [13], an extension of the timed automata model of [2] with discrete probability distributions. In contrast to timed automata, which model realtime systems purely in terms of nondeterminism, our model allows to express the likelihood of the system making certain transitions, and is thus appropriate for modelling faulttolerance and probabilistic failures. We present a symbolic model checking algorithm for the existential fragment of the logic PTCTL of [13] based on backward reachability as in [12]. The logic allows us to specify properties such as \with probability 0.99 or greater, it is possible to correctly deliver a data packet within 5 time units", or \with probability 0.87 or greater, the system never enters an error state".
Reachability analysis of probabilistic systems by successive refinements
 Proc. 1st Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Veri (PAPM/PROBMIV'01), volume 2165 of LNCS
, 2001
"... Abstract. We report on a novel development to model check quantitative reachability properties on Markov decision processes together with its prototype implementation. The innovation of the technique is that the analysis is performed on an abstraction of the model under analysis. Such an abstraction ..."
Abstract

Cited by 73 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We report on a novel development to model check quantitative reachability properties on Markov decision processes together with its prototype implementation. The innovation of the technique is that the analysis is performed on an abstraction of the model under analysis. Such an abstraction is significantly smaller than the original model and may safely refute or accept the required property. Otherwise, the abstraction is refined and the process repeated. As the numerical analysis necessary to determine the validity of the property is more costly than the refinement process, the technique profits from applying such numerical analysis on smaller state spaces.
Generating finitestate abstractions of reactive systems using decision procedures
 In: CAV 98: Conference on ComputerAided Verification. Volume 1427 of Lecture Notes in Computer Science., SpringerVerlag
, 1998
"... Abstract. We present an algorithm that uses decision procedures to generate finitestate abstractions of possibly infinitestate systems. The algorithm compositionally abstracts the transitions of the system, relative to a given, fixed set of assertions. Thus, the number of validity checks is propor ..."
Abstract

Cited by 70 (5 self)
 Add to MetaCart
Abstract. We present an algorithm that uses decision procedures to generate finitestate abstractions of possibly infinitestate systems. The algorithm compositionally abstracts the transitions of the system, relative to a given, fixed set of assertions. Thus, the number of validity checks is proportional to the size of the system description, rather than the size of the abstract statespace. The generated abstractions are weakly preserving for ∀CTL * temporal properties. We describe several applications of the algorithm, implemented using the decision procedures of the Stanford Temporal Prover (STeP). 1
TReX: A Tool for Reachability Analysis of Complex Systems
, 2001
"... Introduction Finitestate modelcheckers such as Smv [13] and Spin [11] do not allow to deal with important aspects that appear in modelling and analysing complex systems, e.g., communication protocols. Among these aspects: realtime constraints, manipulation of unbounded data structures like count ..."
Abstract

Cited by 69 (3 self)
 Add to MetaCart
Introduction Finitestate modelcheckers such as Smv [13] and Spin [11] do not allow to deal with important aspects that appear in modelling and analysing complex systems, e.g., communication protocols. Among these aspects: realtime constraints, manipulation of unbounded data structures like counters, communication through unbounded channels, parametric reasoning, etc. The tool we propose, called TReX, allows to analyse automatically automatabased models equipped with variables of different kinds of infinite domain data structures and with parameters (i.e., uninstantiated constants). These models are, at the present time, parametric (continuoustime) timed automata, extended with integer counters and communicating through unbounded lossy FIFO queues. The techniques used in TReX are based on symbolic reachability analysis. Symbolic representation structures are u
New Generation of UPPAAL
, 1998
"... . Uppaal is a toolset for the design and analysis of realtime systems. In [6] a relatively complete description of Uppaal before 1997 has been given. This paper is focused on the most recent developments and also to complement the paper of [6]. 1 UPPAAL's Past: the History The first prototyp ..."
Abstract

Cited by 55 (6 self)
 Add to MetaCart
. Uppaal is a toolset for the design and analysis of realtime systems. In [6] a relatively complete description of Uppaal before 1997 has been given. This paper is focused on the most recent developments and also to complement the paper of [6]. 1 UPPAAL's Past: the History The first prototype of Uppaal, named Tab at the time, was developed at Uppsala University in 1993 by Wang Yi et al. Its theoretical foundation was presented in FORTE94 [11] and the initial design was to check safety properties that can be formalized as simple reachability properties for networks of timed automata. The restriction to this simple class of properties was in sharp contrast to other realtime verification tools at that time, which where developed to check timed bisimularities or formulae of timed modal ¯calculi. However, the ambition of catering for more complicated formulae lead to extremely severe restrictions in the size of systems that could be verified by those tools. The essential ideas behind T...
Equational abstractions
 of LNCS
, 2003
"... Abstract. Abstraction reduces the problem of whether an infinite state system satisfies version. The most common abstractions are quotients of the original system. We present a simple method of defining quotient abstractions by means of equations collapsing the set of states. Our method yields the m ..."
Abstract

Cited by 42 (14 self)
 Add to MetaCart
Abstract. Abstraction reduces the problem of whether an infinite state system satisfies version. The most common abstractions are quotients of the original system. We present a simple method of defining quotient abstractions by means of equations collapsing the set of states. Our method yields the minimal quotient system together with a set of proof obligations that guarantee its executability and can be discharged with tools such as those in the Maude formal environment.
Symbolic Verification of Lossy Channel Systems: Application to the Bounded Retransmission Protocol
 In TACAS'99. LNCS 1579
, 1999
"... We consider the problem of verifying automatically infinitestate systems that are systems of finite machines that communicate by exchanging messages through unbounded lossy fifo channels. In a previous work [1], we proposed an algorithmic approach based on constructing a symbolic representation ..."
Abstract

Cited by 37 (6 self)
 Add to MetaCart
(Show Context)
We consider the problem of verifying automatically infinitestate systems that are systems of finite machines that communicate by exchanging messages through unbounded lossy fifo channels. In a previous work [1], we proposed an algorithmic approach based on constructing a symbolic representation of the set of reachable configurations of a system by means of a class of regular expressions (SREs). The construction of such a representation consists of an iterative computation with an acceleration technique which enhance the chance of convergence. This technique is based on the analysis of the effect of iterating control loops. In the work we present here, we experiment our approach and show how it can be effectively applied. For that, we developed a tool prototype based on the results in [1]. Using this tool, we provide a fully automatic verification of (the parameterized version of) the Bounded Retransmission Protocol, for arbitrary values of the size of the transmitted files, and the allowed number of retransmissions. ? Contact author. 1 1
Probabilistic CEGAR
 University of Saarland
, 2007
"... Abstract. Counterexampleguided abstraction refinement (CEGAR) has been en vogue for the automatic verification of very large systems in the past years. When trying to apply CEGAR to the verification of probabilistic systems, various foundational questions arise. This paper explores them in the cont ..."
Abstract

Cited by 36 (3 self)
 Add to MetaCart
Abstract. Counterexampleguided abstraction refinement (CEGAR) has been en vogue for the automatic verification of very large systems in the past years. When trying to apply CEGAR to the verification of probabilistic systems, various foundational questions arise. This paper explores them in the context of predicate abstraction. 1