Results 1  10
of
24
Directed explicitstate model checking in the validation of communication protocols
 International Journal on Software Tools for Technology (STTT
, 2004
"... The success of model checking is largely based on its ability toeciently locate errors in software designs. If an error is found, a model checker produces a trail that shows how the error state can be reached, which greatly facilitates debugging. However, while current modelcheckers nd error states ..."
Abstract

Cited by 86 (28 self)
 Add to MetaCart
The success of model checking is largely based on its ability toeciently locate errors in software designs. If an error is found, a model checker produces a trail that shows how the error state can be reached, which greatly facilitates debugging. However, while current modelcheckers nd error states e ciently, the counterexamples are often unnecessarily lengthy, which hampers error explanation. This is due to the use of \naive &quot; search algorithms in the state space exploration. In this paper we present approaches to the use of heuristic search algorithms in explicitstate model checking. We present the class of A* directed search algorithms and propose heuristics together with bitstate compression techniques for the search ofsafetyproperty violations. We achieve great reductions in the length of the error trails, and in some instances render problems analyzable by exploring a much smaller number of states than standard depth rst search. We then suggest an improvement of the nested depth rst search algorithm and show how it can be used together with A * to improve the search for liveness property violations. Our approach to directed explicitstate model checking has been implemented in a tool set called HSFSPIN. We provide experimental results from the protocol validation domain using HSFSPIN.
Directed Explicit Model Checking with HSFSPIN
 IN PROCEEDINGS OF THE 8TH INTERNATIONAL SPIN WORKSHOP ON MODEL CHECKING OF SOFTWARE
, 2001
"... We present the explicit state model checker HSFSPIN which ..."
Abstract

Cited by 64 (1 self)
 Add to MetaCart
We present the explicit state model checker HSFSPIN which
TrailDirected Model Checking
 Electronic Notes in Theoretical Computer Science
, 2001
"... HSFSPIN is a Promela model checker based on heuristic search strategies. It utilizes heuristic estimates in order to direct the search for finding software bugs in concurrent systems. As a consequence, HSFSPIN is able to find shorter trails than blind depthfirst search. ..."
Abstract

Cited by 22 (7 self)
 Add to MetaCart
(Show Context)
HSFSPIN is a Promela model checker based on heuristic search strategies. It utilizes heuristic estimates in order to direct the search for finding software bugs in concurrent systems. As a consequence, HSFSPIN is able to find shorter trails than blind depthfirst search.
Finding Safety Errors with ACO
, 2007
"... Model Checking is a wellknown and fully automatic technique for checking software properties, usually given as temporal logic formulae on the program variables. Most model checkers found in the literature use exact deterministic algorithms to check the properties. These algorithms usually require h ..."
Abstract

Cited by 22 (3 self)
 Add to MetaCart
Model Checking is a wellknown and fully automatic technique for checking software properties, usually given as temporal logic formulae on the program variables. Most model checkers found in the literature use exact deterministic algorithms to check the properties. These algorithms usually require huge amounts of computational resources if the checked model is large. We propose here the use of a new kind of Ant Colony Optimization (ACO) model, ACOhg, to refute safety properties in concurrent systems. ACO algorithms are stochastic techniques belonging to the class of metaheuristic algorithms and inspired by the foraging behaviour of real ants. The traditional ACO algorithms cannot deal with the model checking problem and thus we use ACOhg to tackle it. The results state that ACOhg algorithms find optimal or near optimal error trails in faulty concurrent systems with a reduced amount of resources, outperforming algorithms that are the stateoftheart in model checking. This fact makes them suitable for checking safety properties in large concurrent systems, in which traditional techniques fail to find errors because of the model size.
Actively learning to verify safety for FIFO automata
 In LNCS 3328, Proc. of FSTTCS’04
, 2004
"... We apply machine learning techniques to verify safety properties of finite state machines which communicate over unbounded FIFO channels. Instead of attempting to iteratively compute the reachable states, we use Angluin's L* algorithm to learn these states. The learnt set of reachable states ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
We apply machine learning techniques to verify safety properties of finite state machines which communicate over unbounded FIFO channels. Instead of attempting to iteratively compute the reachable states, we use Angluin's L* algorithm to learn these states. The learnt set of reachable states is then used either to prove that the system is safe, or to produce a valid execution of the system that leads to an unsafe state (i.e. to produce a counterexample). Specifically, we assume that we are given a model of the system and we provide a novel procedure which answers both membership and equivalence queries for a representation of the reachable states. We define a new encoding scheme for representing reachable states and their witness execution; this enables the learning algorithm to analyze a larger class of FIFO systems automatically than a naive encoding would allow.
Learning to Verify Safety Properties
 In LNCS 3308, Proc. of ICFEM’04
, 2004
"... We present a novel approach for verifying safety properties of finite state machines communicating over unbounded FIFO channels that is based on applying machine learning techniques. We assume that we are given a model of the system and learn the set of reachable states from a sample set of exec ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
(Show Context)
We present a novel approach for verifying safety properties of finite state machines communicating over unbounded FIFO channels that is based on applying machine learning techniques. We assume that we are given a model of the system and learn the set of reachable states from a sample set of executions of the system, instead of attempting to iteratively compute the reachable states. The learnt set of reachable states is then used to either prove that the system is safe or to produce a valid execution of the system leading to an unsafe state (i.e. a counterexample). We have implemented this method for verifying FIFO automata in a tool called Lever that uses a regular language learning algorithm called RPNI. We apply our tool to a few case studies and report our experience with this method. We also demonstrate how this method can be generalized and applied to the verification of other infinite state systems.
Abstract Ant Colony Optimization with Partial Order Reduction for Discovering Safety Property Violations in Concurrent Models ⋆ Francisco Chicano
"... In this article we analyze the combination of ACOhg, a new metaheuristic algorithm, plus partial order reduction applied to the problem of finding safety property violations in concurrent models using a model checking approach. ACOhg is a new kind of ant colony optimization algorithm inspired by the ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
(Show Context)
In this article we analyze the combination of ACOhg, a new metaheuristic algorithm, plus partial order reduction applied to the problem of finding safety property violations in concurrent models using a model checking approach. ACOhg is a new kind of ant colony optimization algorithm inspired by the foraging behaviour of real ants equipped with internal resorts to search in very large search landscapes. We here apply ACOhg to concurrent models in scenarios located near the edge of the existing knowledge in detecting property violations. The results state that the combination is computationally beneficial for the search and represents a considerable step forward in this field with respect to exact and other heuristic techniques. Key words: Program correctness, ant colony optimization, metaheuristics, model checking, HSFSPIN
Finding Liveness Errors with ACO
 In Proceedings of the IEEE World Congress on Computational Intelligence (WCCI ’08
"... Abstract — Model Checking is a wellknown and fully automatic technique for checking software properties, usually given as temporal logic formulae on the program variables. Most of model checkers found in the literature use exact deterministic algorithms to check the properties. These algorithms us ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
(Show Context)
Abstract — Model Checking is a wellknown and fully automatic technique for checking software properties, usually given as temporal logic formulae on the program variables. Most of model checkers found in the literature use exact deterministic algorithms to check the properties. These algorithms usually require huge amounts of memory if the checked model is large. We propose here the use of an algorithm based on ACOhg, a new kind of Ant Colony Optimization model, to search for liveness property violations in concurrent systems. This algorithm has been previously applied to the search for safety errors with very good results and we apply it here for the first time to liveness errors. The results state that our algorithmic proposal, called ACOhglive, is able to obtain very short error trails in faulty concurrent systems using a low amount of resources, outperforming by far the results of NestedDFS, the traditional algorithm used for this task in the model checking community and implemented in most of the explicit state model checkers. This fact makes ACOhglive a very suitable algorithm for finding liveness errors in large faulty concurrent systems, in which traditional techniques fail because of the model size. I.
Theory and Practice of TimeSpace TradeOffs in Memory Limited Search
 In Proceedings of KI01, Lecture Notes in Computer Science
, 2001
"... . Having to cope with memory limitations is an ubiquitous issue in heuristic search. We present theoretical and practical results on new variants for exploring statespace with respect to memory limitations. We establish ##### ## minimumspace algorithms that omit both the open and the closed li ..."
Abstract

Cited by 7 (4 self)
 Add to MetaCart
(Show Context)
. Having to cope with memory limitations is an ubiquitous issue in heuristic search. We present theoretical and practical results on new variants for exploring statespace with respect to memory limitations. We establish ##### ## minimumspace algorithms that omit both the open and the closed list to determine the shortest path between every two nodes and study the gap in between full memorization in a hash table and the informationtheoretic lower bound. The proposed structure of suffixlists elaborates on a concise binary representation of states by applying bitstate hashing techniques. Significantly more states can be stored while searching and inserting # items into suffix lists is still available in ### ### ## time. Bitstate hashing leads to the new paradigm of partial iterativedeepening heuristic search, in which full exploration is sacrificed for a better detection of duplicates in large search depth. We give first promising results in the application area of communication protocols. 1
Finding optimal solutions to Atomix
 KI 2001: ADVANCES IN ARTIFICIAL INTELLIGENCE, VOLUME 2174 OF LNCS/LNAI
, 2001
"... We present solutions of benchmark instances to the solitaire computer game Atomix found with different heuristic search methods. The problem is PSPACEcomplete. An implementation of the heuristic algorithm A * is presented that needs no priority queue, thereby having very low memory overhead. The li ..."
Abstract

Cited by 6 (5 self)
 Add to MetaCart
We present solutions of benchmark instances to the solitaire computer game Atomix found with different heuristic search methods. The problem is PSPACEcomplete. An implementation of the heuristic algorithm A * is presented that needs no priority queue, thereby having very low memory overhead. The limited memory algorithm IDA * is handicapped by the fact that, due to move transpositions, duplicates appear very frequently in the problem space; several schemes of using memory to mitigate this weakness are explored, among those, “partial” schemes which trade memory savings for a small probability of not finding an optimal solution. Even though the underlying search graph is directed, backward search is shown to be viable, since the branching factor can be proven to be the same as for forward search.