D.L. Dill, A.J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proc. 3rd CAV, LNCS 575, pages 255--265, 1991  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... Verification Based on Relation Checking in SPIN: A Case Study Hakan Erdogmus, Robert Johnston, and Charles Cleary Software Engineering November 1, 1995 NRC 39183 This report also appears in Proceedings of FMPS 96, The Fit Workshop on Fonal Methods in Software Practice, San Diego, CA, January 10 11, 1996. Copyright 1995 by National Research Council of Permission is granted to quote short excerpts and to reproduce figures and tables from ....

.... Verification Based on Relation Checking in SPIN: A Case Study Hakan Erdogmus, Robert Johnston, and Charles Cleary Software Engineering November 1, 1995 NRC 39183 This report also appears in Proceedings of FMPS 96, The Fit Workshop on Fonal Methods in Software Practice, San Diego, CA, January 10 11, 1996. Copyright 1995 by National Research Council of Permission is granted to quote short excerpts and to reproduce figures and tables from this ....

[Article contains additional citation context not shown here]

D. Dill, A. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proceedings of $rd Workshop on Computer-Aided Versification, 1991.

....obligations of a system are independent of the actual behavioral model and the equivalence relation adopted. The problem of deciding behavioral relations between system specifications is not addressed here. This problem is well known in the model checking literature; the reader is referred to [19,11,40,25,56]. Examples of behavioral equivalences can be found in [17,16,39,46,30] The distinction between open and closed systems is important in the proposed approach. An open system can interact with other systems, whereas a closed system can only be observed. It is assumed that only proof obligations of ....

....equivalence [38] can be used. It is also possible to define the correctness criterion in terms of a behavioral preorder rather than an equivalence. A behavioral preorder captures the notion of a concrete system implementing, refining, or simulating an abstract system. Examples can be found in [19,11,9]. In this case, proof obligations would be derived from complete partial orders of modules rather than equivalence classes. The techniques presented for obligation decomposition and reduction can easily be adapted to a preorder based correctness criterion. ....

D.L. Dill, A.J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proc. 3rd Workshop on Computer-Aided Verification, 1991.

....structure, which is mostly fulfilled using stepwise refinement within the development process. A labeled transition system # simulates a labeled transition system # if # can match every step of # by a step with the same label. We use the concept of safety simulation relation as described in [DHWT92] The algorithm of our simulation check works as follows: Firstly, we compute the composition for # and #. Secondly, we compute the set of reachable configurations of this composition. We consider this set of tuples ### ## as the initial relation for trying to build a simulation relation between ....

David L. Dill, Alan J. Hu, and Howard Wong-Toi. Checking for language inclusion using simulation preorders. In A. Skou K. Larsen, editor, Proceedings of the 3rd International Workshop on Computer Aided Verification (CAV'91), LNCS 575, pages 255--265. Springer-Verlag, 1992.

....quotienting with respect to fair simulation fails badly to preserve the underlying language, under any reasonable definition of a quotient. On the other hand, there is an obvious and well known way to define simulation so that quotients do preserve the underlying language: direct simulation 3 ([Mil89,DHWT91]) simply accommodates acceptance into the standard definition of simulation by asserting that only an accept state can simulate another accept state. Direct simulation has already been used extensively (see, e.g. EH00,SB00] to reduce the state space of automata. Both [EH00] and [SB00] describe ....

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proceedings of CAV'91, pages 329--341, 1991.

....others. Our algorithm amounts to computing a strong version of a fair simulation relation, one that works for both finite and automata. This kind of fair simulation is termed direct simulation and used in the independent work of [SB00] and as they point out, had been previously used in [DHWT91]. As pointed out before, algorithms with better complexity ( HHK95] as well as algorithms that yield greater reduction but have worst complexity ( HKR97] exist in the recent literature. We chose our implementation based on its simplicity and relatively good performance in practice. The ....

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proceedings of CAV'91, pages 329--341, 1991.

....obligations of a system are independent of the actual behavioral model and the equivalence relation adopted. The problem of deciding behavioral relations between system specifications is not addressed here. This problem is well known in the model checking literature; the reader is referred to [19,11,40,25,56]. Examples of behavioral equivalences can be found in [17,16,39,46,30] The distinction between open and closed systems is important in the proposed approach. An open system can interact with other systems, whereas a closed system can only be observed. It is assumed that only proof obligations of ....

....equivalence [38] can be used. It is also possible to define the correctness criterion in terms of a behavioral preorder rather than an equivalence. A behavioral preorder captures the notion of a concrete system implementing, refining, or simulating an abstract system. Examples can be found in [19,11,9]. In this case, proof obligations would be derived from complete partial orders of modules rather than equivalence classes. The techniques presented for obligation decomposition and reduction can easily be adapted to a preorder based correctness criterion. ....

D.L. Dill, A.J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proc. 3rd Workshop on Computer-Aided Verification, 1991.

....language equality are equivalent notions. 5.1.1 Simulation refinement and languages inclusion Simulation preorder is a stronger relation than languages inclusion. It can thought be seen as a sufficient condition for the languages inclusion, and that is much easier and more efficient to verify ([Dill et al. 1991]) This allows us to have an efficient algorithm for the computation of inclusion of languages, which can be applied to the reduced forms. Proposition 5.2 (p A OE q A P re A (p) LB (p) ae LB 0 (q) Proof 5.2 LA (p) ae LA 0 (q) by the definition of OE LB (p) ae LB 0 (q) ....

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proceedings of CAV'91, 1991.

....(1) for all i 0, we have hw i ; w 0 i i 2 H , and (2) the projection w 0 Delta w 1 Delta Delta Delta of w to W is a fair w 0 computation of S iff the projection w 0 0 Delta w 0 1 Delta Delta Delta of w to W 0 is a fair w 0 0 computation of S 0 . 8 bisimulation [LT87,DHW91] A binary relation H W Theta W 0 is a 8 bisimulation relation between S and S 0 if the following conditions hold: 1. H is a bisimulation relation between S and S 0 . 2. If H(w;w 0 ) then for every fair w computation of S and for every w 0 computation 0 of S 0 , if H( 0 ) ....

D.L. Dill, A.J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proc. 3rd CAV, LNCS 575, pp. 255--265, 1991.

....The computational complexity of logic conformance is significantly less than that of complete trace failures testing. When no transitions exist, the check is linear on the state space in time. Several attempts at creating loose specifications have been made in the theoretical community [CS90, DHWT91, FM91, Lar89, Xin92] These groups have used partial orders to achieve the looseness (or partiality) of specifications for behavioral systems. Some of the partial orders include 2 3 bisimulation, divergence preorders, and network preorders. Although these may have practical applications in ....

David L. Dill, Alan J. Hu, and Howard Wong-Toi. Checking for Language Inclusion Using Simulation Preorders. In K. G. Larsen and A. Skou, editors, Proceedings of CAV'91, number 575 in LNCS, pages 255--265, 1991.

....automaton. Rather, they minimize the number of states and transitions heuristically. We deal with the simplification of the acceptance conditions in Section 6. Our results derive from the notions of direct and reverse simulation. Direct simulation relations for Buchi automata have been studied in [6], and used in [1] for state space minimization. Raimi [17] uses both direct and reverse simulations to minimize the state space, but does not take fairness into account. In Subsection 5.3, we contrast simulation with language containment. Loosely speaking, simulation takes care of correspondence ....

.... R . If both p R q and q R p, then p and q are reverse simulation equivalent (p R q) The largest direct and reverse simulation relations can be found in polynomial time as the greatest fixpoints of the recursive definitions. Our definition of direct simulation corresponds to that of BSR aa of [6]. If p D q in A, then L(A p ) L(A q ) 16, 6] 5.1 Direct Simulation A simulation relation between two states may allow us to remove a transition without disturbing the simulation relation. Theorem 1. Let A be a B uchi automaton. For p; q 2 Q, p 6= q, assume that p D q. Let M = hQ; Q 0M ....

[Article contains additional citation context not shown here]

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In K. G. Larsen and A. Skou, editors, Third Workshop on Computer Aided Verification (CAV'91), pages 255--265. Springer, Berlin, July 1991. LNCS 575.

....tasks into simpler, alternative subtasks proved successful; we were ultimately able to show our final design to be correct with a high degree of confidence. 10 Task or Subtask Verdict No. of states Mem Time Flat RTP Verif True 169 1313 4015 5649 1332 3:39 HLRTP LP Verif 69 [3 10 7 ] [9 10 9 ] HLRTP StdLSS Verif True 69 1960 3045 46715 1416 2:28 General LSS Verif 1037 [1 10 7 ] Simplex LSS Verif True 191 2031 10098 210845 1468 13:01 HalfDuplex LSS Verif True 20 458 5192 51633 1456 4:14 Link Subservice Verif True 1468 17:15 Modular HLRTP Verif True 1468 ....

.... in turn gives it a global nature; see [1] The definition of inductive relation given here is inspired by Park s elegant notion of bisimulation [28] Similar definitions have been adopted by other semantic relations now referred collectively as simulations or bisimulations for examples, see [25, 26, 30, 21, 2, 9]. Several algorithms have been proposed for checking such relations [9, 5, 22, 12] As in [22] and [12] we use an on the fly algorithm which does not require the complete state space to be computed and stored a priori. The algorithm is based on the computation of a synchronized product, as done ....

[Article contains additional citation context not shown here]

D. Dill, A. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proceedings of 3rd Workshop on Computer-Aided Verification, 1991.

....obligations of a system are independent of the actual behavioral model and the equivalence relation adopted. The problem of deciding behavioral relations between system specifications is not addressed here. This problem is well known in the model checking literature; the reader is referred to [19, 11, 39, 24, 55]. Examples of behavioral equivalences can be found in [17, 16, 38, 45, 29] The distinction between open and closed systems is important in the proposed approach. An open system can interact with other systems, whereas a closed system can only be observed. It is assumed that only proof obligations ....

....equivalence [37] can be used. It is also possible to define the correctness criterion in terms of a behavioral preorder rather than an equivalence. A behavioral preorder captures the notion of a concrete system implementing, refining, or simulating an abstract system. Examples can be found in [19, 11, 9]. In this case, proof obligations would be derived from complete partial orders of modules rather than equivalence classes. The techniques presented for obligation decomposition and reduction can easily be adapted to a preorder based correctness criterion. An assume guarantee style reasoning was ....

D. Dill, A. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proc. 3rd Workshop on Computer-Aided Verification, 1991.

....the basis of verification. By contrast here proof obligations are derived from purely structural specifications. The problem of deciding behavioral relations between system specifications is not treated here. This problem is well known in the model checking literature; the reader is referred to [12, 6, 21, 15, 32]. Examples of behavioral equivalences can be found in [10, 9, 24] The distinction between open and closed systems is important in the proposed approach. An open system can interact with other systems, whereas a closed system can only be observed. It is assumed that only proof obligations of ....

....equivalence [20] can be used. It is also possible to define the correctness criterion in terms of a behavioral preorder rather than an equivalence. A behavioral preorder captures the notion of a concrete system implementing, refining, or simulating an abstract system. Examples can be found in [12, 6, 5]. In this case, proof obligations would be derived from complete partial orders of modules rather than equivalence classes. The techniques presented for obligation decomposition and reduction can be adapted to a preorder based correctness criterion. An assume guarantee style reasoning was used in ....

D. Dill, A. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Proc. 3rd Workshop on Computer-Aided Verification, 1991.

.... functions to relate implementation and specification state graphs is very widely used, especially when manual or automatic theorem proving is used [30] 29] 22] indeed, whole volumes have been written on the subject [8] The idea has also been used with finite state techniques [19] [11]. Ladkin et al. 21] have used a refinement mapping [1] to verify a simple caching algorithm. Their refinement mapping hides some implementation variables, which may have the effect of aggregating steps if the specification visible variables do not change. Our aggregation functions generalize on ....

D. Dill, A.Hu,andH.Wong-Toi.Checking for language inclusion using simulation relation. In Computer Aided Verification,3rd International Workshop, pages 255--265, July 1991.

.... abstraction functions to relate implementation and specification state graphs is very widely used, especially when manual or automatic theoremproving is used [Lyn88, LS84] indeed, whole volumes have been written on the subject [dBdRR90] The idea has also been used with finite state techniques [Kur94, DHWT91]. Ladkin, et al. LLOR96] have used a refinement mapping [AL91] to verify a simple caching algorithm. Their refinement mapping hides some implementation variables, which may have the effect of aggregating steps if the specification visible variables do not change. Our aggregation functions ....

D. Dill, A. Hu, and H. Wong-Toi. Checking for languageinclusion using simulation relation. In Computer Aided Verification, 3rd International Workshop, pages 255-- 265, July 1991.

No context found.

D.L. Dill, A.J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proc. 3rd CAV, LNCS 575, pages 255--265, 1991

No context found.

D.L. Dill, A.J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relation. In ComputerAided Verification, LNCS 575, pages 255--265, 1991.

No context found.

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation preorders. In Kim Guldstrand Larsen and Arne Skou, eds., Computer Aided Verification, 3rd Int. Workshop, CAV '91, vol. 575 of LNCS, pp. 255--265, 1991. 36

No context found.

David L. Dill, Alan J. Hu, and Howard Wong-Toi. Checking for language inclusion using simulation preorders. In Kim Guldstrand Larsen and Arne Skou, editors, Computer Aided Verification, 3rd International Workshop, CAV '91, vol. 575 of LNCS, pp. 255--265, 1991.

No context found.

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proceedings of CAV'91, pages 329--341, 1991.

No context found.

David L. Dill, Alan J. Hu, and Howard Wong-Toi. Checking for language inclusion using simulation preorders. In Kim G. Larsen and Arne Skou, editors, CAV

No context found.

David L. Dill, Alan J. Hu, and Howard Wong-Toi. Checking for language inclusion using simulation preorders. In Kim Guldstrand Larsen and Arne Skou, editors, Computer Aided Verification, 3rd International Workshop, CAV '91, vol. 575 of LNCS, pp. 255--265, 1991.

No context found.

D. Dill, A. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In Proc. 3rd Conference on Computer Aided Veri cation, volume 575 of Lecture Notes in Computer Science, pages 255-265, Aalborg, July 1991. SpringerVerlag.

No context found.

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In K. G. Larsen and A. Skou, editors, Third Workshop on Computer Aided Veri cation (CAV'91), pages 255-265. Springer, Berlin, July 1991. LNCS 575.

No context found.

D. L. Dill, A. J. Hu, and H. Wong-Toi. Checking for language inclusion using simulation relations. In K. G. Larsen and A. Skou, editors, Third Workshop on Computer Aided Verification (CAV'91), pages 255--265. Springer, Berlin, July 1991. LNCS 575.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC