Results 1  10
of
10
On probabilistic model checking
, 1996
"... Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative ..."
Abstract

Cited by 106 (26 self)
 Add to MetaCart
(Show Context)
Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative properties with rewards. Example properties include the probability that a fault occurs and the expected number of faults in a given time period. We also describe the practical application of stochastic model checking with the probabilistic model checker PRISM by outlining the main features supported by PRISM and three realworld case studies: a probabilistic security protocol, dynamic power management and a biological pathway. 1
Observing Branching Structure through Probabilistic Contexts
 SIAM J. Comput
"... Abstract. Probabilistic automata (PAs) constitute a general framework for modeling and analyzing discrete event systems that exhibit both nondeterministic and probabilistic behavior, such as distributed algorithms and network protocols. The behavior of PAs is commonly defined using schedulers (also ..."
Abstract

Cited by 27 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Probabilistic automata (PAs) constitute a general framework for modeling and analyzing discrete event systems that exhibit both nondeterministic and probabilistic behavior, such as distributed algorithms and network protocols. The behavior of PAs is commonly defined using schedulers (also called adversaries or strategies), which resolve all nondeterministic choices based on past history. From the resulting purely probabilistic structures, trace distributions can be extracted, whose intent is to capture the observable behavior of a PA. However, when PAs are composed via an (asynchronous) parallel composition operator, a global scheduler may establish strong correlations between the behavior of system components and, for example, resolve nondeterministic choices in one PA based on the outcome of probabilistic choices in the other. It is well known that, as a result of this, the (lineartime) trace distribution precongruence is not compositional for PAs. In his 1995 Ph.D. thesis, Segala has shown that the (branchingtime) probabilistic simulation preorder is compositional for PAs. In this paper, we establish that the simulation preorder is, in fact, the coarsest refinement of the trace distribution preorder that is compositional. We prove our characterization result by providing (1) a context of a given PA A, called the tester, which may announce the state of A to the outside world, and (2) a specific global scheduler, called the observer, which ensures that the state information that is announced is actually correct. Now when another PA B is composed with the tester, it may generate the same external behavior as the observer only when it is able to simulate A in the sense that whenever A goes to some state s, B can go to a corresponding state u, from which it may generate the same external behavior. Our result shows that probabilistic contexts together with global schedulers are able to exhibit the branching structure of PAs.
Lower Bounds for Randomized Consensus under a Weak Adversary
, 2008
"... This paper studies the inherent tradeoff between termination probability and total step complexity of randomized consensus algorithms. It shows that for every integer k, the probability that an fresilient randomized consensus algorithm of n processes does not terminate with agreement within k(n − ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
This paper studies the inherent tradeoff between termination probability and total step complexity of randomized consensus algorithms. It shows that for every integer k, the probability that an fresilient randomized consensus algorithm of n processes does not terminate with agreement within k(n − f) steps is at least 1 ck, for some constant c. The lower bound holds for asynchronous systems, where processes communicate either by message passing or through shared memory, under a very weak adversary that determines the schedule in advance, without observing the algorithm’s actions. This complements algorithms of Kapron et al. [22], for messagepassing systems, and of Aumann et al. [6, 7], for sharedmemory systems.
A modular approach to sharedmemory consensus, with applications to the probabilisticwrite
, 2010
"... model ..."
(Show Context)
Using Bounded Model Checking to Verify Consensus Algorithms
"... This paper presents an approach to automatic verification of asynchronous roundbased consensus algorithms. We use model checking, a widely practiced verification method; but its application to asynchronous distributed algorithms is difficult because the state space of these algorithms is often infi ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
This paper presents an approach to automatic verification of asynchronous roundbased consensus algorithms. We use model checking, a widely practiced verification method; but its application to asynchronous distributed algorithms is difficult because the state space of these algorithms is often infinite. The proposed approach addresses this difficulty by reducing the verification problem to small model checking problems that involve only single phases of algorithm execution. Because a phase consists of a finite number of rounds, bounded model checking, a technique using satisfiability solving, can be effectively used to solve these problems. The proposed approach allows us to model check some consensus algorithms up to around 10 processes. 1.
Tight Bounds for Anonymous AdoptCommit Objects
"... We ( give ( matching)) upper and lower bounds of log m Θ min, n for the space and individual log log m step complexity of a waitfree mvalued adoptcommit object implemented using multiwriter registers for n anonymous processes. While the upper bound is deterministic, the lower bound holds for ran ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
(Show Context)
We ( give ( matching)) upper and lower bounds of log m Θ min, n for the space and individual log log m step complexity of a waitfree mvalued adoptcommit object implemented using multiwriter registers for n anonymous processes. While the upper bound is deterministic, the lower bound holds for randomized adoptcommit objects as well. Our results are based on showing that adoptcommit objects are equivalent, up to small additive constants, to a simpler class of objects that we call weak conflictdetectors. It follows that the same lower bound holds on the individual step complexity of mvalued waitfree anonymous consensus, even for randomized algorithms with global coins against an oblivious adversary. The upper bound can also be used to slightly improve the cost of randomized consensus in the probabilisticwrite model.
Algorithms, Theory
"... This paper presents waitfree randomized algorithms for solving setagreement in asynchronous sharedmemory systems under a strong adversary. First, the definition of a sharedcoin algorithm is generalized to a multisided sharedcoin algorithm, and it is shown how to use any multisided shared coin ..."
Abstract
 Add to MetaCart
This paper presents waitfree randomized algorithms for solving setagreement in asynchronous sharedmemory systems under a strong adversary. First, the definition of a sharedcoin algorithm is generalized to a multisided sharedcoin algorithm, and it is shown how to use any multisided shared coin in order to obtain a randomized setagreement algorithm for agreeing on k values out of k + 1. Then, an implementation is given for a (k + 1)sided shared coin for n processes with a constant agreement parameter, O(n 2 /k) total step complexity, and O(n/k) individual step complexity. This implementation yields a randomized setagreement algorithm for agreeing on k values out of k + 1 with a total step complexity of O(n 2 /k + nk) and an individual step complexity of O(n/k + k). Next, other setagreement algorithms for agreeing on ℓ values out of k + 1, where ℓ is smaller than k, are presented. This includes the case of multivalued consensus in which ℓ = 1, k> 1. To the best of our knowledge, these are the first waitfree algorithms for setagreement in the asynchronous sharedmemory model under a strong adversary that are not for the specific case of binary consensus, where ℓ = k = 1. Finally, an application of asynchronous waitfree multivalued consensus is presented, in implementing atmostonce semantics with optimal effectiveness.
Tight Bounds for AdoptCommit Objects
, 2011
"... log m We give matching upper and lower bounds of Θ min, n log log m for the space and individual step complexity of a waitfree mvalued adoptcommit object implemented using multiwriter registers for n anonymous processes. While the upper bound is deterministic, the lower bound holds for randomized ..."
Abstract
 Add to MetaCart
(Show Context)
log m We give matching upper and lower bounds of Θ min, n log log m for the space and individual step complexity of a waitfree mvalued adoptcommit object implemented using multiwriter registers for n anonymous processes. While the upper bound is deterministic, the lower bound holds for randomized adoptcommit objects as well. Our results are based on showing that adoptcommit objects are equivalent, up to small additive constants, to a simpler class of objects that we call conflict detectors. Our anonymous lower bound also applies to the individual step complexity of mvalued waitfree anonymous consensus, even for randomized algorithms with global coins against an oblivious adversary. The upper bound can be used to slightly improve the cost of randomized consensus in an obliviousadversary model. For nonanonymous deterministic implementations ( ( of adoptcommit log m objects, we show a lower bound of Ω min log log m, √)) log n and an log log n log m upper bound of O min, log n on the worstcase individual log log m step complexity. 1
Brief Announcement: A Shared Disk on Distributed Storage
"... A shared disk implementation on distributed storage requires consistent behavior of disk operations. Deterministic consensus on such behavior is impossible when even a single storage node can fail. Atomic registers show how consistency can be achieved without reaching consensus, but suffer from a cr ..."
Abstract
 Add to MetaCart
(Show Context)
A shared disk implementation on distributed storage requires consistent behavior of disk operations. Deterministic consensus on such behavior is impossible when even a single storage node can fail. Atomic registers show how consistency can be achieved without reaching consensus, but suffer from a crash consistency problem. The presented shared disk algorithm, based on atomic registers and probabilistic consensus, can survive multiple storage node failures, as long as a majority of nodes respond.