Results 1  10
of
141
WellStructured Transition Systems Everywhere!
 THEORETICAL COMPUTER SCIENCE
, 1998
"... Wellstructured transition systems (WSTS's) are a general class of infinite state systems for which decidability results rely on the existence of a wellquasiordering between states that is compatible with the transitions. In this article, we provide an extensive treatment of the WSTS idea and ..."
Abstract

Cited by 250 (8 self)
 Add to MetaCart
(Show Context)
Wellstructured transition systems (WSTS's) are a general class of infinite state systems for which decidability results rely on the existence of a wellquasiordering between states that is compatible with the transitions. In this article, we provide an extensive treatment of the WSTS idea and show several new results. Our improved definitions allow many examples of classical systems to be seen as instances of WSTS's.
Model Checking in CLP
, 1999
"... We show that Constraint Logic Programming (CLP) can serve as a conceptual basis and as a practical implementation platform for the model checking of infinitestate systems. Our contributions are: (1) a semanticspreserving translation of concurrent systems into CLP programs, (2) a method for verifyi ..."
Abstract

Cited by 103 (28 self)
 Add to MetaCart
We show that Constraint Logic Programming (CLP) can serve as a conceptual basis and as a practical implementation platform for the model checking of infinitestate systems. Our contributions are: (1) a semanticspreserving translation of concurrent systems into CLP programs, (2) a method for verifying safety and liveness properties on the CLP programs produced by the translation. We have implemented the method in a CLP system and verified wellknown examples of infinitestate programs over integers, using here linear constraints as opposed to Presburger arithmetic as in previous solutions.
A classification of symbolic transition systems
 ACM TRANSACTIONS ON COMPUTATIONAL LOGIC
, 2005
"... We define five increasingly comprehensive classes of infinitestate systems, called STS1STS5, whose state spaces have finitary structure. For four of these classes, we provide examples from hybrid systems.STS1 These are the systems with finite bisimilarity quotients. They can be analyzed symbolica ..."
Abstract

Cited by 53 (6 self)
 Add to MetaCart
We define five increasingly comprehensive classes of infinitestate systems, called STS1STS5, whose state spaces have finitary structure. For four of these classes, we provide examples from hybrid systems.STS1 These are the systems with finite bisimilarity quotients. They can be analyzed symbolically by iteratively applying predecessor and Boolean operations on state sets, starting from a finite number of observable state sets. Any such iteration is guaranteed to terminate in that only a finite number of state sets can be generated. This enables model checking of the μcalculus.STS2 These are the systems with finite similarity quotients. They can be analyzed symbolically by iterating the predecessor and positive Boolean operations. This enables model checking of the existential and universal fragments of the μcalculus.STS3 These are the systems with finite traceequivalence quotients. They can be analyzed symbolically by iterating the predecessor operation and a restricted form of positive Boolean operations (intersection is restricted to intersection with observables). This enables model checking of all ωregular properties, including linear temporal logic.STS4 These are the systems with finite distanceequivalence quotients (two states are equivalent if for every distance d, the same observables can be reached in d transitions). The systems in this class can be analyzed symbolically by iterating the predecessor operation and terminating when no new state sets are generated. This enables model checking of the existential conjunctionfree and universal disjunctionfree fragments of the μcalculus.STS5 These are the systems with finite boundedreachability quotients (two states are equivalent if for every distance d, the same observables can be reached in d or fewer transitions). The systems in this class can be analyzed symbolically by iterating the predecessor operation and terminating when no new states are encountered (this is a weaker termination condition than above). This enables model checking of reachability properties.
Reset Nets Between Decidability and Undecidability
, 1998
"... We study Petri nets with Reset arcs (also Transfer and Doubling arcs) in combination with other extensions of the basic Petri net model. While Reachability is undecidable in all these extensions (indeed they are Turingpowerful), we exhibit unexpected frontiers for the decidability of Termination, C ..."
Abstract

Cited by 49 (10 self)
 Add to MetaCart
We study Petri nets with Reset arcs (also Transfer and Doubling arcs) in combination with other extensions of the basic Petri net model. While Reachability is undecidable in all these extensions (indeed they are Turingpowerful), we exhibit unexpected frontiers for the decidability of Termination, Coverability, Boundedness and placeBoundedness. In particular, we show counterintuitive separations between seemingly related problems. Our main theorem is the very surprising fact that boundedness is undecidable for Petri nets with Reset arcs.
Regular Model Checking without Transducers (On Efficient Verification of Parameterized Systems)
, 2006
"... We give a simple and efficient method to prove safety properties for parameterized systems with linear topologies. A process in the system is a finitestate automaton, where the transitions are guarded by both local and global conditions. Processes may communicate via broadcast, rendezvous and share ..."
Abstract

Cited by 44 (18 self)
 Add to MetaCart
(Show Context)
We give a simple and efficient method to prove safety properties for parameterized systems with linear topologies. A process in the system is a finitestate automaton, where the transitions are guarded by both local and global conditions. Processes may communicate via broadcast, rendezvous and shared variables. The method derives an overapproximation of the induced transition system, which allows the use of a simple class of regular expressions as a symbolic representation. Compared to traditional regular model checking methods, the analysis does not require the manipulation of transducers, and hence its simplicity andefficiency. We have implemented a prototype which works well on several mutual exclusion algorithms and cache coherence protocols.
Model Checking Lossy Vector Addition Systems
 In STACS
, 1999
"... Lossy VASS (vector addition systems with states) are defined as a subclass of VASS in analogy to lossy FIFOchannel systems. They can be used to model concurrent systems with unreliable communication. We analyze the decidability of model checking problems for lossy systems and several branching ..."
Abstract

Cited by 42 (8 self)
 Add to MetaCart
Lossy VASS (vector addition systems with states) are defined as a subclass of VASS in analogy to lossy FIFOchannel systems. They can be used to model concurrent systems with unreliable communication. We analyze the decidability of model checking problems for lossy systems and several branchingtime and lineartime temporal logics. We present an almost complete picture of the decidability of model checking for normal VASS, lossy VASS and lossy VASS with test for zero. 1 Introduction Systems are usually modeled by finite control transition systems with different kinds of variables and data structures like counters, clocks, stacks, fifochannels, etc. One of the widely used models of concurrent systems is the model of Petri nets which is equivalent to the model of vector addition systems with states (VASS for short). These models can be considered as particular cases of counter machines where tests to zero are forbidden (the addition of inhibitor arcs gives them the full power o...
Homeomorphic embedding for online termination of symbolic methods
 In The essence of computation, volume 2566 of LNCS
, 2002
"... Abstract. Wellquasi orders in general, and homeomorphic embedding in particular, have gained popularity to ensure the termination of techniques for program analysis, specialisation, transformation, and verification. In this paper we survey and discuss this use of homeomorphic embedding and clarify ..."
Abstract

Cited by 41 (7 self)
 Add to MetaCart
(Show Context)
Abstract. Wellquasi orders in general, and homeomorphic embedding in particular, have gained popularity to ensure the termination of techniques for program analysis, specialisation, transformation, and verification. In this paper we survey and discuss this use of homeomorphic embedding and clarify the advantages of such an approach over one using wellfounded orders. We also discuss various extensions of the homeomorphic embedding relation. We conclude with a study of homeomorphic embedding in the context of metaprogramming, presenting some new (positive and negative) results and open problems.
On the decidability and complexity of metric temporal logic over finite words
 Logical Methods in Computer Science
, 2007
"... Abstract. Metric Temporal Logic (MTL) is a prominent specification formalism for realtime systems. In this paper, we show that the satisfiability problem for MTL over finite timed words is decidable, with nonprimitive recursive complexity. We also consider the modelchecking problem for MTL: whethe ..."
Abstract

Cited by 38 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Metric Temporal Logic (MTL) is a prominent specification formalism for realtime systems. In this paper, we show that the satisfiability problem for MTL over finite timed words is decidable, with nonprimitive recursive complexity. We also consider the modelchecking problem for MTL: whether all words accepted by a given AlurDill timed automaton satisfy a given MTL formula. We show that this problem is decidable over finite words. Over infinite words, we show that model checking the safety fragment of MTL— which includes invariance and timebounded response properties—is also decidable. These results are quite surprising in that they contradict various claims to the contrary that have appeared in the literature. 1.
On the language inclusion problem for timed automata: Closing a decidability gap
 in Proc. LICS’04. IEEE
"... We consider the language inclusion problem for timed automata: given two timed automata A and B, are all the timed traces accepted by B also accepted by A? While this problem is known to be undecidable, we show here that it becomes decidable if A is restricted to having at most one clock. This is so ..."
Abstract

Cited by 35 (5 self)
 Add to MetaCart
(Show Context)
We consider the language inclusion problem for timed automata: given two timed automata A and B, are all the timed traces accepted by B also accepted by A? While this problem is known to be undecidable, we show here that it becomes decidable if A is restricted to having at most one clock. This is somewhat surprising, since it is wellknown that there exist timed automata with a single clock that cannot be complemented. The crux of our proof consists in reducing the language inclusion problem to a reachability question on an infinite graph; we then construct a suitable wellquasiorder on the nodes of this graph, which ensures the termination of our search algorithm. We also show that the language inclusion problem is decidable if the only constant appearing among the clock constraints of A is zero. Moreover, these two cases are essentially the only decidable instances of language inclusion, in terms of restricting the various resources of timed automata. 1.
Coverability of reset Petri nets and other wellstructured transition systems by partial deduction
 Proceedings of the International Conference on Computational Logic (CL’2000), LNAI 1861
, 2000
"... Abstract. In recent work it has been shown that infinite state model checking can be performed by a combination of partial deduction of logic programs and abstract interpretation. It has also been shown that partial deduction is powerful enough to mimic certain algorithms to decide coverability prop ..."
Abstract

Cited by 30 (15 self)
 Add to MetaCart
(Show Context)
Abstract. In recent work it has been shown that infinite state model checking can be performed by a combination of partial deduction of logic programs and abstract interpretation. It has also been shown that partial deduction is powerful enough to mimic certain algorithms to decide coverability properties of Petri nets. These algorithms are forward algorithms and hard to scale up to deal with more complicated systems. Recently, it has been proposed to use a backward algorithm scheme instead. This scheme is applicable to so–called well–structured transition systems and was successfully used, e.g., to solve coverability problems for reset Petri nets. In this paper, we discuss how partial deduction can mimic many of these backward algorithms as well. We prove this link in particular for reset Petri nets and Petri nets with transfer and doubling arcs. We thus establish a surprising link between algorithms in Petri net theory and program specialisation, and also shed light on the power of using logic program specialisation for infinite state model checking. 1