K. Larsen. Efficient local correctness checking. In Proceedings of CAV'92, volume 663 of Lecture Notes in Computer Science. Springer, 1992.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....expressiveness of the logic was reduced, or both. Here, we remain with the general verification problem, transform it into an algebraic form, and investigate it with algebraic means. For finite state systems many authors have used Boolean equation systems for model checking in the modal calculus [2,1,10,18]. One reason is, that Supported by the HCM Network EXPRESS Boolean equation systems (as considered here) have a simple mathematical structure: a modal calculus formula and a transition system are encoded in one equation system; the equations contain only conjunctions and disjunctions, but no ....

....a Boolean equation system. Transferring theorem 17 to the setting of games it shows the existence of history free winning strategies. 4 Equivalence For the case of systems with finite state space several authors solved the model checking problem via a reduction to Boolean equation systems, e.g. [2,1,10,18]. Here, we will show the equivalence of both problems for the infinite case: modal calculus model checking and solving Boolean equation systems. Section 4.1 contains the reduction from model checking to solving Boolean equation systems. In section 4.2 we give a construction that creates for each ....

K. Larsen. Efficient local correctness checking. In Proceedings of CAV'92, volume 663 of Lecture Notes in Computer Science. Springer, 1992.

.... 1416 2:28 general LSS Verif 1037 [1 x 107] Simplex LSS Verif True 191 2031 10098 210845 1468 13:01 HalfDuplex LSS Verif True 20 458 5192 51633 1456 4:14 Link Subs ervice Verif True 1468 17:15 Modular HLRTP Verif True 1468 19:43 HLRTP Verif True 1468 19:43 RTP Verif True 1468 23:22 Table 1: Verification results for the remote task system. Mem is the total memory required in kB. Under No. of states, the first subcolumn relates to the lhs model and the second subcolumn relates to the rhs model. In each subcolumn, the first figure is the total number of states generated by a ....

.... is inspired by Park s elegant notion of bisimulation [28] Similar definitions have been adopted by other semantic relations now referred collectively as simulations or bisimulations for examples, see [25, 26, 30, 21, 2, 9] Several algorithms have been proposed for checking such relations [9, 5, 22, 12] As in [22] and [12] we use an on the fly algorithm which does not require the complete state space to be computed and stored a priori. The algorithm is based on the computation of a synchronized product, as done in [12] but uses a deterministic technique with explicit subset construction. ....

[Article contains additional citation context not shown here]

K. G. Larsen. Efficient local correctness checking. In Proceedings of Jth Workshop on Computer-Aided Versification, pages 35-47, 1992.

....0 where r is the root of a modal graph M, the model checking problem is to determine if p j= f , i.t. if p 2 [ r 0 ] In this section we assume G and M are over a finite data domain Val . The model checking algorithm is presented in Figure 2. It belongs to the family of local algorithms ([6, 1, 12, 3]) as it only visits the part of search space needed for the computation. States are generated in a demand driven fashion. In particular input variables are instantiated on the fly , when input modalities are checked. A state s in the underlying search space S is a pair consisting of a process and ....

K. Larsen. Efficient local correctness checking. In CAV'92, volume 663 of Lecture Notes in Computer Science, pages 30--43. Springer--Verlag, 1992.

....with arbitrary systems whose state space is likely to be infinite. One very appealing way of reducing such a limitation is to check whether a state satisfies a property without computing all the states of the model that satisfy the property. This approach is referred to as local model checking [60, 58, 89, 22, 92, 83, 84, 59, 85] and has the clear advantage that only the necessary part of the model is explored. Winskel [92] proposes a very elegant technique for avoiding the global computation of fixpoints by exploiting some interesting properties concerning the unfolding of fixpoints. We propose a compositional labelled ....

....of this algorithm, where the goal is of avoiding repeating all the proof, when the system is possibly modified. The main limitation of this algorithmic approach is due to the state explosion problem, since it cannot cope with arbitrary systems whose state space is infinite or large. In contrast [60, 58, 89, 22, 92, 83, 84, 59, 85] advocate the use of either a proof system or a set of reduction rules for performing local model checking, where some interesting properties of fixpoints are exploited. One advantage of this proof theoretic approach is that it may be possible to prove properties also for infinite state systems. ....

K.G. Larsen. Efficient Local Correctness Checking. In Proceedings of CAV 92, volume 663 of Lecture Notes in Computer Science, pages 30--43. SpringerVerlag, Berlin, 1992.

....expressiveness, it turns out that validity is decidable for the modal calculus, and for finite state processes the problem of deciding satisfaction between a process and an assertion is decidable too. A range of algorithms and proof systems for this problem has been given in the literature, e.g. [9, 4, 11, 18, 6, 25, 8, 2, 21, 12, 7, 1]. They mostly rely on globally Appears in: Proceedings of LICS 94, IEEE Computer Society Press. Supported by the Danish Technical Research Council. Basic Research in Computer Science, Centre of the Danish National Research Foundation. or locally computing the underlying transition system. ....

Kim G. Larsen. Efficient local correctness checking. In v.Bochmann and Probst [20].

.... been implemented in the verification tool Epsilon which provides automatic computation of distinguishing formulae for a variety of equivalences and refinements (in particular time abstracting and observational ones) The implementation uses the (efficient) local correctness checking described in [Lar92] To give the reader some idea of the resulting implementation we offer below a very informal outline. In checking the pointed symbolic (ps ) bi)similarity of a pointed symbolic state hOE; vi the implementation makes use of two datastructures: 1) a set B of symbolic states (assumed to be ....

K.G. Larsen. Efficient local correctness checking. lncs, 663, 1992.

....expressiveness of the logic was reduced, or both. Here, we remain with the general verification problem, transform it into an algebraic form, and investigate it with algebraic means. For finite state systems many authors have used Boolean equation systems for model checking in the modal calculus [2,1,10,18]. One reason is, that 1 Supported by the HCM Network EXPRESS Boolean equation systems (as considered here) have a simple mathematical structure: a modal calculus formula and a transition system are encoded in one equation system; the equations contain only conjunctions and disjunctions, but ....

....a Boolean equation system. Transferring theorem 17 to the setting of games it shows the existence of history free winning strategies. 4 Equivalence For the case of systems with finite state space several authors solved the model checking problem via a reduction to Boolean equation systems, e.g. [2,1,10,18]. Here, we will show the equivalence of both problems for the infinite case: modal calculus model checking and solving Boolean equation systems. Section 4.1 contains the reduction from model checking to solving Boolean equation systems. In section 4.2 we give a construction that creates for each ....

K. Larsen. Efficient local correctness checking. In Proceedings of CAV'92, volume 663 of Lecture Notes in Computer Science. Springer, 1992.

.... A range of algorithms and proof systems for this problem has been given in the literature, e.g. Emerson and Lei, 1986, Arnold and Crubille, 1988, Larsen, 1988, Stirling and Walker, 1991, Cleaveland, 1990, Winskel, 1989, Cleaveland and Steffen, 1992, 5 Andersen, 1994, Vergauwen and Lewi, 1992, Larsen, 1992, Cleaveland et al. 1992, Andersen, 1993] They mostly rely on globally or locally computing the underlying transition system. However, what we seek here is a method that is compositional in the structure of processes, and which does not rely on computing the underlying transition system. ....

Larsen, K. G. (1992). Efficient local correctness checking. In

....system satisfies a given formula. Because of this, it is not always necessary to examine all the states in the transition system. However, the worst case complexity of these approaches is generally larger than the complexity of the global methods, though recent work by Andersen [And94] Larsen [Lar92] and others has improved the bounds. Global model checking procedures [CGL93] work bottom up through the formula, evaluating each subformula based on the value of its subformulae. In this way, the truth of a given formula is determined for each state in the model. In global model checking, the ....

K. G. Larsen. Efficient local correctness checking. In G. V. Bochmann and D. K. Probst, editors, Proceedings of the Fourth Workshop on Computer Aided Verification, volume 663 of LNCS, Berlin, 1992. Springer.

....logics have been defined, allowing to capture different kinds of correctness properties, and several corresponding model checking algorithms have been proposed. Also, numerous tool environments allowing verification by model checking have been developed, such as Emc [4] Cwb [6] Spin [15] Tav [19], Mec [1] Jack [3] and Concurrency Factory [5] to mention only a few of them. However, many of the currently available tools are either dedicated to a particular description language and or temporal logic (e.g. the language Promela [15] used in 1 Language of Temporal Ordering Specification ....

K. G. Larsen. Efficient Local Correctness Checking. In G. v. Bochmann and D. K. Probst, editors, Proceedings of CAV'92, LNCS 663, pages 30--43, 1992.

....modal calculus [25] The main difference will be the use of simultaneous fixed points expressed as extreme solutions to sets of equations. In this respect it follows quite closely Park s original calculus [29] and the recent trend on model checking (see for example [7] 16] 34] 2] [26]) Assertions A are given by the following syntax: A : F j T j X j A A j A A j hffiA j [ff]A; where X ranges over a set of variables and ff over a set of actions Act . From assertions we build sequences of assertion equations E, denoting by ffl the empty sequence of equations: E : X = A E ....

Kim G. Larsen. Efficient local correctness checking. In v. Bochmann and Probst [32].

....in Section 6. Regular MC Macro MC CFR PDA MC Equational Systems Solving FIXPOINT ANALYSIS MACHINE Intraprocedural DFA Higher Order DFA Interprocedural DFA Behavioural Relations hardwiring compilation logical characterization [Stef91] Stef93] Stef89] StIn94] Knoo93] Hung94] Ande92] [Lars92] [BuSt92] BuSt94] Stef93] KnRS94] Fig. 1. Setup of the Analysis Environment Interprocedural data flow analysis : in this setting we are able to cover a wide class of programs that contain recursive procedures with value parameters. The corresponding data flow analysis generator, which uses ....

K.G. Larsen: "Efficient Local Correctness Checking", Proc. of CAV'92, Montreal (CAN), LNCS N.663, pp. 410-422, Springer V.

....in the transition system. However, the worst case complexity of these approaches is generally larger than the complexity of the global methods. Tableau based local approaches have been developed by Cleaveland [8] Stirling and Walker [19] and Winskel [21] More recently, Andersen [1] and Larsen [13] have developed efficient local methods for a subset of the calculus. Mader [15] has also proposed improvements to the tableau based method of Stirling and Walker that seem to increase its efficiency. In this paper, we restrict ourselves to global model checking procedures. Global procedures ....

K. G. Larsen. Efficient local correctness checking. In Bochmann and Probst [3].

....expressed in the modal calculus holds for particular states of a process is called model checking [CE81, CES86] Various algorithms are available. The main approaches are model checkers based on the fixpoint approximation [EmL86, CDS92, And92, BCMDH92, LBCJM94] and tableau based model checkers [StW89, Cle90, Lar92, Mad92]. One important technique consists of the transformation of a property and a model to a (Boolean) equation system [AC88, And92, CDS92, Lar92, VeL92] Then model checking is equivalent to the computation of a certain fixpoint. In fact, various correctness problems may be represented in this way. In ....

.... The main approaches are model checkers based on the fixpoint approximation [EmL86, CDS92, And92, BCMDH92, LBCJM94] and tableau based model checkers [StW89, Cle90, Lar92, Mad92] One important technique consists of the transformation of a property and a model to a (Boolean) equation system [AC88, And92, CDS92, Lar92, VeL92]. Then model checking is equivalent to the computation of a certain fixpoint. In fact, various correctness problems may be represented in this way. In this paper we present a novel, algebraic approach for solving Boolean equation systems. It does not use approximation techniques and therefore does ....

[Article contains additional citation context not shown here]

K. Larsen. Efficient Local Correctness Checking. In Proc. of CAV'92, LNCS 663, 1993.

....algorithms have been developed and implemented in verification tools. The most efficient global algorithms include [29, 23, 82] for the alternation free mu calculus. The algorithms in [21, 51] have the best time complexities for the full modal mu calculus. Several local algorithms exist, e.g. [73, 20, 48, 9, 83, 14] to name just a few. Of these, the first two handle the full mu calculus, but exhibit exponential worst case behaviour, even for alternation free formulas. 48] and [9] provide polynomial solutions for the alternation free case, while [83] handles formulas of alternation depth two. The algorithm ....

....in [21, 51] have the best time complexities for the full modal mu calculus. Several local algorithms exist, e.g. 73, 20, 48, 9, 83, 14] to name just a few. Of these, the first two handle the full mu calculus, but exhibit exponential worst case behaviour, even for alternation free formulas. [48] and [9] provide polynomial solutions for the alternation free case, while [83] handles formulas of alternation depth two. The algorithm of [14] solves the model checking problem for the fragments L 1 and L 2 (introduced in [28] 1.2 Real Time Verification Specification of distributed systems as ....

K. G. Larsen. Efficient local correctness checking. In Proceedings of CAV'92. LNCS 663, 1992.

....advantages, previously only obtained in different solutions of some of these problems. For example, our methodology can be used to generate diagnostic information [CC92] efficiently. It can be used to do model checking efficiently, for various fragments of modal mu calculus. It is naturally local [SW91, Lar92]; and it can be made to run both on the fly [VW86, CVWY92, FM91, BCG95] and incrementally [SS94] Our results show that previous methodologies involving systems of Boolean equations [Lar92, And94] can be simulated by finding maximal and minimal solutions of weakly positive and weakly negative Horn ....

....to do model checking efficiently, for various fragments of modal mu calculus. It is naturally local [SW91, Lar92] and it can be made to run both on the fly [VW86, CVWY92, FM91, BCG95] and incrementally [SS94] Our results show that previous methodologies involving systems of Boolean equations [Lar92, And94] can be simulated by finding maximal and minimal solutions of weakly positive and weakly negative Horn formulas. Since efficient algorithms for finding minimal and maximal satisfying assignments for HORNSAT and its variant NHORNSAT can be easily obtained [DG84, AI91] we use them to develop ....

[Article contains additional citation context not shown here]

K. G. Larsen. Efficient local correctness checking. In CAV 92, LNCS 663, pages 30--43, 1992.

....bottom up strategy, global procedures require the a pri 2 Xiaoqun Du et al. Local Model Checking and Protocol Analysis ori generation of all system states, and storing these states may consume large quantities of memory owing to the state explosion problem. In contrast, local model checkers [13,20, 14] proceed via a top down examination of the formula in question. In order to determine if a given state satisfies a given formula, such procedures generate subgoals involving states and subformulas that must hold in order for the initial goal to be true. As there is no need for the state space to ....

K. G. Larsen. Efficient local correctness checking. In Proceedings of the 4th Workshop on Computer Aided Verification, volume 663 of Lecture Notes in Computer Science, 1992.

....Workbench [7, 8] There is also scope for investigating on the fly , or local , approaches to model checking in the mu calculus [4, 23, 26] The advantage to these methods is that they do not require the a priori construction of the entire labeled transition system. Andersen [1] and Larsen [17] have given on the fly algorithms for the alternation free modal mu calculus that are almost as efficient as the algorithm reported on in this paper. Investigating improvements in these algorithms, and developing an efficient on the fly algorithm for the full modal mu calculus, could be fruitful. ....

K. Larsen. "Efficient Local Correctness Checking." To appear in Proceedings of the 1992 Workshop on Computer-Aided Verification.

....and model structures important for the considered application. 1 Introduction and Motivation Over the past decade model checking has emerged as a powerful tool for the automatic analysis of concurrent systems. Whereas model checking for finitestate systems has already a long history (cf. e.g. [EmLe86, ClES86, Lars88, StWa89, Wins89, BCMD90, Clea90, ClSt91, EnFT91, ClGL92, ClPS93, Lars92, AnSW94]) the theory for infinite systems is still in its initial phase. Bradfield and Stirling [BrSt91] observed that tableaux based model checking covers general infinite state systems. However, their method is not effective. Therefore much work has focussed on context free processes , a subclass of ....

....order to determine the full potential for optimizing program transformations. Moreover, for structurally unrestricted problems of tractable size, standard iterative methods are most efficient. Data flow analysis provides a typical example of this class of problems. Thus, we do not consider local [StWa89, Wins89, Clea90, Lars92, HuSt93, AnSW94] or BBDbased [BCMD90, EnFT91] model checking techniques in this paper, simply because they do not fit the considered application profile. Concentrating on global iterative model checking techniques allows a uniform treatment based on a fixpoint analysis machine, which, despite its uniformity, ....

[Article contains additional citation context not shown here]

K.G. Larsen: "Efficient Local Correctness Checking," Proc. of CAV'92, Montreal (CAN), LNCS N.663, pp.410-422, Springer V.

....in the transition system. However, the worst case complexity of these approaches is generally larger than the complexity of the global methods. Tableau based local approaches have been developed by Cleaveland [9] Stirling and Walker [22] and Winskel [24] More recently, Andersen [1] and Larsen [17] have developed efficient local methods for a subset of the calculus. Mader [18] has also proposed improvements to the tableau based method of Stirling and Walker that seem to increase its efficiency (though Mader does not give a complexity bound) Global procedures generally work bottom up ....

K. G. Larsen. Efficient local correctness checking. In Bochmann and Probst [3].

....k Gamma1 m) and locally in time O(n k Gamma1 m log n) where n is the number of variables in the assertion, k 1 is the alternation depth, and m n is the total size of the assertion. Alternatively, the global algorithm of Cleaveland, Dreimuller and Steffen [CDS92] and the local of Larsen [Lar92] could be applied. Hence, it is of major concern to keep the size of these small. It is for this purpose, we included simultaneous fixed points in p K 9 . Moreover, we shall convert any assertion into positive, normal form. This is done by allowing as proper operators [ff] i ; 8; ff 6= a) ....

....point of view and fall short when the BDD heuristic is successful. However, when the heuristics fail it is important to have efficient worst case algorithms. The idea of using model checking algorithms to verify behavioural relations is already present in Cleaveland and Steffen [CS91] and Larsen [Lar92] Our contribution is to formalise this idea by presenting a logic for expressing such relations, the polyadic modal calculus, which, despite the decidability of model checking, turns out to possess properties quite different from the propositional calculus. In [BCM 90] a related ....

Kim G. Larsen. Efficient local correctness checking. In v.Bochmann and Probst [vP92].

....verification of non trivial Lotos programs. From these interesting results, the initial aim of the present work was to re use this algorithm for alternation free calculus [Koz83] model checking. Although previous works have already been carried out in this area (see for instance [Cle90, CS91, Lar92, BVW94, And92] our goal was twofold: first, to propose an algorithm detailed enough to allow a straightforward implementation, but also to obtain a convenient framework for designing on the fly algorithms for checking either equivalence relations or temporal logic formulae. It turns out that ....

K. Larsen. Efficient local correctness checking. In Computer-Aided Verification, LNCS 630, July 1992.

....local. In a global algorithm, the entire transition system representing the system to be analyzed is constructed in advance of the model checking computation; this can sometimes lead to exceedingly large memory requirements due to the state explosion problem. An alternative is local model checking [Lar88, SW91, Lar92], in which the state space Research supported in part by NSF grants CCR 9505562 and CCR 9705998, and AFOSR grants F49620 95 1 0508 and F49620 96 1 0087. is constructed incrementally, as the model checking computation proceeds. An advantage of local model checking is that pruning is often ....

K.G. Larsen. Efficient local correctness checking. Lecture Notes In Computer Science, Springer Verlag, 663, 1992. in Proceedings of the 4th Workshop on Computer Aided Verification, 1992.

....3255 Internet: BRICS brics.dk BRICS publications are in general accessible through the World Wide Web and anonymous FTP through these URLs: http: www.brics.dk ftp: ftp.brics.dk This document in subdirectory RS 97 11 Karlis Cerans , Jens Chr. Godskesen and Kim G. Larsen Abstract [Lar90, LT88] and the Tav system [GLZ89, BLS92] The theory of TMS is an extension of real timed process calculi with the specific aim of allowing loose or partial specifications. Looseness of specifications allows implementation details to be left out, thus allowing several and varying ....

.... Time sensitive notions of refinements that are preserved by these constructs are defined , thus enabling compositional verification. Epsilon provides automatic tools for verifying refinements. We apply Epsilon to a compositional verification of a train crossing example. 1 Introduction [Lar90, BL90, LT88, HL89] and the Tav system [GLZ89, BLS92] During the last few years various process calculi have been extended to include real time in order to handle quantitative aspects of real time systems, for instance that some critical event must not or should happen within a certain time period. ....

[Article contains additional citation context not shown here]

K.G. Larsen. Efficient local correctness checking. In Proceedings of CAV'92, volume 663 of

No context found.

K. G. Larsen, Efficient local correctness checking, CAV 92, Lecture Notes in Computer Science 663, 1992, pp. 30--43.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC