Results 11  20
of
41
Past Pushdown Timed Automata and Safety Verification
 Theoretical Computer Science
"... We consider past pushdown timed automata that are discrete pushdown timed automata with past formulas as enabling conditions. Using past formulas allows a past pushdown timed automaton to access the past values of the finite state variables in the automaton. We prove that the reachability (i.e., the ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
We consider past pushdown timed automata that are discrete pushdown timed automata with past formulas as enabling conditions. Using past formulas allows a past pushdown timed automaton to access the past values of the finite state variables in the automaton. We prove that the reachability (i.e., the set of reachable configurations from an initial configuration) of a past pushdown timed automaton can be accepted by a nondeterministic reversalbounded counter machine augmented with a pushdown stack (i.e., a reversalbounded NPCM). By using the known fact that the emptiness problem for reversalbounded NPCMs is decidable, we show that modelchecking past pushdown timed automata against Presburger safety properties on discrete clocks and stack word counts is decidable. We also investigate the reachability problem for a class of transition systems under some fairness constraints in the form of generalized past formulas. Finally, we present an example ASTRAL specification to demonstrate the usefulness of the results.
Generalized discrete timed automata: decidable approximations for safety verification
 Theoretical Computer Science
"... Abstract. We consider generalized discrete timed automata with general linearrelations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and t ..."
Abstract

Cited by 4 (4 self)
 Add to MetaCart
Abstract. We consider generalized discrete timed automata with general linearrelations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and the hB; ricrossingbounded approximation), and derive automatatheoretic characterizations of the binary reachability under these approximations. The characterizations allow us to show that the safety analysis problem is decidable for generalized discrete timed automata with unit durations and for deterministic generalizeddiscrete timed automata with parameterized durations. An example specification written in ASTRAL is used to run a number of experiments using one of theapproximation techniques. 1 Introduction As a standard model for analyzing realtime systems, timed automata [3] have receivedenormous attention during the past decade. A timed automaton can be considered as a finite automaton augmented with a finite number of clocks. The clocks can be reset orprogress at the same rate, and can be tested against clock constraints in the form of clock regions (i.e., comparisons of a clock or the difference of two clocks against an integerconstant, e.g.,
Dealing With ZeroTime Transitions in Axiom Systems
 INFCTRL: Information and Computation (formerly Information and Control
, 1999
"... In the modelization of timedependent systems it is often useful to use the abstraction of zerotime transitions, i.e., changes of system state that occur in a time that can be neglected with respect to the whole dynamics of system evolution. Such an abstraction, however, sometimes generates critica ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
In the modelization of timedependent systems it is often useful to use the abstraction of zerotime transitions, i.e., changes of system state that occur in a time that can be neglected with respect to the whole dynamics of system evolution. Such an abstraction, however, sometimes generates critical situations in the formal system analysis. This may lead to limitations or unnatural use of such formal analysis. In this paper we present an approach that keeps the intuitive appealing of the zerotime transition abstraction yet maintaining simplicity and generality in its use. The approach is based on considering zerotime transitions as occurring in an infinitesimal, yet nonnull time. The adopted notation is borrowed from nonstandard analysis. The approach is illustrated through Petri nets as a case of state machines and TRIO as a case of logicbased assertion language, but it can be easily applied to any formal system dealing with states, time, and transitions.
Three Approximation Techniques for ASTRAL Symbolic Model Checking of Infinite State Realtime Systems
 IN PROCEEDINGS OF THE 22ND INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING
, 2000
"... ASTRAL is a highlevel formal specification language for realtime systems. It has structuring mechanisms that allow one to build modularized specifications of complex realtime systems with layering. Based upon the ASTRAL symbolic model checker reported in [13], three approximation techniques to sp ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
(Show Context)
ASTRAL is a highlevel formal specification language for realtime systems. It has structuring mechanisms that allow one to build modularized specifications of complex realtime systems with layering. Based upon the ASTRAL symbolic model checker reported in [13], three approximation techniques to speedup the model checking process for use in debugging a specification are presented. The techniques are random walk, partial image and dynamic environment generation. Ten mutation tests on a railroad crossing benchmark are used to compare the performance of the techniques applied separately and in combination. The test results are presented and analyzed.
Proof Assistance for RealTime Systems Using an Interactive Theorem Prover
 5th International AMAST Workshop on RealTime and Probabilistic Systems, LNCS
"... . This paper discusses the adaptation of the PVS theorem prover for performing analysis of realtime systems written in the ASTRAL formal specification language. A number of issues were encountered during the encoding of ASTRAL that are relevant to the encoding of many realtime specification la ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
. This paper discusses the adaptation of the PVS theorem prover for performing analysis of realtime systems written in the ASTRAL formal specification language. A number of issues were encountered during the encoding of ASTRAL that are relevant to the encoding of many realtime specification languages. These issues are presented as well as how they were handled in the ASTRAL encoding. A translator has been written that translates any ASTRAL specification into its corresponding PVS encoding. After performing the proofs of several systems using the encoding, PVS strategies have been developed to automate the proofs of certain types of properties. In addition, the encoding has been used as the basis for a transition sequence generator tool. 1 Introduction A realtime system is a system that must perform its actions within specified time bounds. With the advent of cheap processing power and increasingly sophisticated consumer demands, realtime systems have become commonplace ...
Formal Specification and Analysis of an eVoting System. In:
 The 5th International Conference on Availability Reliability and Security, IEEE
, 2010
"... AbstractElectronic voting systems are a perfect example of securitycritical computing. One of the critical and complex parts of such systems is the voting process, which is responsible for correctly and securely storing intentions and actions of the voters. Unfortunately, recent studies revealed ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
(Show Context)
AbstractElectronic voting systems are a perfect example of securitycritical computing. One of the critical and complex parts of such systems is the voting process, which is responsible for correctly and securely storing intentions and actions of the voters. Unfortunately, recent studies revealed that various evoting systems show serious specification, design, and implementation flaws. The application of formal specification and verification can greatly help to better understand the system requirements of evoting systems by thoroughly specifying and analyzing the underlying assumptions and the security specific properties. This paper presents the specification and verification of the electronic voting process for the Election Systems & Software (ES&S) system. We used the ASTRAL language to specify the voting process of ES&S machines and the critical security requirements for the system. Proof obligations that verify that the specified system meets the critical requirements were automatically generated by the ASTRAL Software Development Environment (SDE). The PVS interactive theorem prover was then used to apply the appropriate proof strategies and discharge the proof obligations.
Decidable Approximations on Generalized and Parameterized Discrete Timed Automata
 COCOON'01, LNCS 2108
"... . We consider generalized discrete timed automata with general linear relations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and the hB ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
. We consider generalized discrete timed automata with general linear relations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and the hB; ricrossingbounded approximation), and derive automatatheoretic characterizations of the binary reachability under these approximations. The characterizations allow us to show that the safety analysis problem is decidable for generalized discrete timed automata with unit durations and for deterministic generalized discrete timed automata with parameterized durations. An example specification written in ASTRAL is used to run a number of experiments using one of the approximation techniques. 1
A Theorem Prover for ASTRAL
, 1998
"... The ASTRAL realtime formal specification language has been encoded into the PVS theorem prover. A translator has been developed to completely translate any singlelevel ASTRAL specification into its corresponding PVS encoding. The semantics of the ASTRAL abstract machine have been revised and expan ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
The ASTRAL realtime formal specification language has been encoded into the PVS theorem prover. A translator has been developed to completely translate any singlelevel ASTRAL specification into its corresponding PVS encoding. The semantics of the ASTRAL abstract machine have been revised and expanded for use with PVS. This paper describes the encoding and semantics and explains their use along with providing other possible applications of the encoding. Introduction A realtime system is a system whose actions must be performed within certain time bounds in order to guarantee correct behavior. With the advent of cheap processing power and increasingly sophisticated consumer demands, realtime systems have become commonplace in everything from refrigerators to automobiles. Besides such numerous everyday uses, realtime systems are also being employed in more complex and potentially deadly applications such as weapons systems and nuclear reactor control where deviation from critical t...
Formal analysis of attacks for evoting system
 In CRiSIS ’09: Fourth international
, 2009
"... AbstractRecently, the use of formal methods to specify and verify properties of electronic voting (evoting) systems, with particular interest in security, verifiability, and anonymity, is getting much attention. Formal specification and verification of such systems can greatly help to better unde ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
AbstractRecently, the use of formal methods to specify and verify properties of electronic voting (evoting) systems, with particular interest in security, verifiability, and anonymity, is getting much attention. Formal specification and verification of such systems can greatly help to better understand the system requirements by thoroughly specifying and analyzing the underlying assumptions and security specific properties. Unfortunately, even though these systems have been formally verified to satisfy the desired system security requirements, they are still vulnerable to attack. In this paper we extend a formal specification of the ES&S voting system by specifying attacks that have been shown to successfully compromise the system. We believe that performing such analysis is important for two reasons: first, it allows us to discover some missing critical requirements for the specification and/or assumptions that were not met. Second, it allows us to derive mitigation or countermeasure strategies when the system behaves differently than it should. We used the ASTRAL language for the specification, and the verification is performed using the PVS tool.
Testing Systems of Concurrent Blackboxes—an AutomataTheoretic and Decompositional Approach ⋆
, 2005
"... Abstract. The global testing problem studied in this paper is to seek a definite answer to whether a system of concurrent blackboxes has an observable behavior in a given finite (but could be huge) set Bad. We introduce a novel approach to solve the problem that does not require integration testing ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. The global testing problem studied in this paper is to seek a definite answer to whether a system of concurrent blackboxes has an observable behavior in a given finite (but could be huge) set Bad. We introduce a novel approach to solve the problem that does not require integration testing. Instead, in our approach, the global testing problem is reduced to testing individual blackboxes in the system one by one in some given order. Using an automatatheoretic approach, test sequences for each individual blackbox are generated from the system’s description as well as the test results of blackboxes prior to this blackbox in the given order. In contrast to the conventional compositional/modular verification/testing approaches, our approach is essentially decompositional. Also, our technique is complete, sound, and can be carried out automatically. Our experiment results show that the total number of tests needed to solve the global testing problem is substantially small even for an extremely large Bad. 1