Results 1 
8 of
8
Generalization Strategies for the Verification of Infinite State Systems
"... Abstract. We present a comparative evaluation of some generalization strategies which are applied by a method for the automated verification of infinite state reactive systems. The verification method is based on (1) the specialization of the constraint logic program which encodes the system with re ..."
Abstract

Cited by 20 (17 self)
 Add to MetaCart
(Show Context)
Abstract. We present a comparative evaluation of some generalization strategies which are applied by a method for the automated verification of infinite state reactive systems. The verification method is based on (1) the specialization of the constraint logic program which encodes the system with respect to the initial state and the property to be verified, and (2) a bottomup evaluation of the specialized program. The generalization strategies are used during the program specialization phase for controlling when and how to perform generalization. Selecting a good generalization strategy is not a trivial task because it must guarantee the termination of the specialization phase itself, and it should be a good balance between precision and performance. Indeed, a coarse generalization strategy may prevent one to prove the properties of interest, while an unnecessarily precise strategy may lead to high verification times. We perform an experimental evaluation of various generalization strategies on several infinite state systems and properties to be verified. 1
Attacking Symbolic State Explosion
"... We propose a new symbolic model checking algorithm for parameterized concurrent systems modeled as (Lossy) Petri Nets, and (Lossy) Vector Addition Systems, based on the following ingredients: a rich assertional language based on the graphbased symbolic representation of upwardclosed sets introduce ..."
Abstract

Cited by 16 (7 self)
 Add to MetaCart
We propose a new symbolic model checking algorithm for parameterized concurrent systems modeled as (Lossy) Petri Nets, and (Lossy) Vector Addition Systems, based on the following ingredients: a rich assertional language based on the graphbased symbolic representation of upwardclosed sets introduced in [DR00], the combination of the backward reachability algorithm of [ACJT96] lifted to the symbolic setting with a new heuristic rule based on structural properties of Petri Nets. We evaluate the method on several Petri Nets and parameterized systems taken from the literature [ABC95, EM00, Fin93, MC99], and we compare the results with other finite and infinitestate verification tools.
Program specialization for verifying infinite state systems: An experimental evaluation
 In LOPSTR’10
, 2010
"... Abstract. We address the problem of the automated verification of temporal properties of infinite state reactive systems. We present some improvements of a verification method based on the specialization of constraint logic programs (CLP). First, we reformulate the verification method as a twophase ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
Abstract. We address the problem of the automated verification of temporal properties of infinite state reactive systems. We present some improvements of a verification method based on the specialization of constraint logic programs (CLP). First, we reformulate the verification method as a twophase procedure: (1) in the first phase a CLP specification of an infinite state system is specialized with respect to the initial state of the system and the temporal property to be verified, and (2) in the second phase the specialized program is evaluated by using a bottomup strategy. In this paper we propose some new strategies for performing program specialization during the first phase. We evaluate the effectiveness of these new strategies, as well as that of some old strategies, by presenting the results of experiments performed on several infinite state systems and temporal properties. Finally, we compare the implementation of our specializationbased verification method with various constraintbased model checking tools. The experimental results show that our method is effective and competitive with respect to the methods used in those other tools. 1
Covering Sharing Trees: A Compact Data Structure for Parameterized Verification
"... The control state reachability problem is decidable for wellstructured infinitestate systems like (Lossy) Petri Nets, Vector Addition Systems, and Broadcast Protocols. An abstract algorithm that solves the problem is the backward reachability algorithm of [1,21]. The algorithm computes the closure ..."
Abstract

Cited by 10 (3 self)
 Add to MetaCart
The control state reachability problem is decidable for wellstructured infinitestate systems like (Lossy) Petri Nets, Vector Addition Systems, and Broadcast Protocols. An abstract algorithm that solves the problem is the backward reachability algorithm of [1,21]. The algorithm computes the closure of the predecessor operator with respect to a given upwardclosed set of target states. When applied to this class of verification problems, symbolic model checkers based on constraints like [7,29] suffer from the state explosion problem. In order to tackle this
ENCoVer: Symbolic Exploration for Information Flow Security
 In Proceedings of the IEEE Computer Security Foundations Symposium
, 2012
"... Abstract—We address the problem of program verification for information flow policies by means of symbolic execution and model checking. Noninterferencelike security policies are formalized using epistemic logic. We show how the policies can be accurately verified using a combination of concolic te ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
Abstract—We address the problem of program verification for information flow policies by means of symbolic execution and model checking. Noninterferencelike security policies are formalized using epistemic logic. We show how the policies can be accurately verified using a combination of concolic testing and SMT solving. As we demonstrate, many scenarios considered tricky in the literature can be solved precisely using the proposed approach. This is confirmed by experiments performed with ENCOVER, a tool based on Java PathFinder and Z3, which we have developed for epistemic noninterference concolic verification. Keywordsinformation flow security, noninterference, model checking, epistemic logic, SMT solver, declassification I.
CSTs (Covering Sharing Trees): Compact Data Structures for Parameterized Verification
 Software Tools for Technology Transfer, 2001. 98
"... The control state reachability problem is decidable for wellstructured in finitestate systems like unbounded Petri Nets, Vector Addition Systems, Lossy Petri Nets, and Broadcast Protocols. An abstract algorithm that solves the problem is given in [A CJT96, FS01]. The algorithm computes the closure ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
The control state reachability problem is decidable for wellstructured in finitestate systems like unbounded Petri Nets, Vector Addition Systems, Lossy Petri Nets, and Broadcast Protocols. An abstract algorithm that solves the problem is given in [A CJT96, FS01]. The algorithm computes the closure of the predecessor operator w.r.t. a given upwardclosed set of target states. When applied to this class of verification problems, traditional (infinitestate) symbolic model checkers suffer from the state explosion problem even for very small examples. We provide a new data structure to represent in a compact way collections of upwards closed sets over numerical domains. This way, we turn the abstract algorithm of [A CJT96, FS01] into a practical method. We also combine of the backward reachability algorithm with a new heuristic rule based on structural properties of Petri Nets. We evaluate the method on several infinite state Petri Nets and parameterized systems taken from the literature [ABC95, EM00, Fin93, MC99], and we compare the results with other finite and infinitestate verification tools.
On Efficient Data Structures for the Verification of Parameterized Synchronous Systems
, 2000
"... We propose a fullyautomatic method for checking safety properties of parameterized synchronous systems based on a backward reachability procedure working over real arithmetics. We consider here concurrent systems consisting of many identical (finitestate) processes and one monitor where processes ..."
Abstract
 Add to MetaCart
We propose a fullyautomatic method for checking safety properties of parameterized synchronous systems based on a backward reachability procedure working over real arithmetics. We consider here concurrent systems consisting of many identical (finitestate) processes and one monitor where processes may react nondeterministically to the messages sent by the monitor. This type of nondeterminism allows us to model abstractions of situations in which processes are reallocated according to individual properties. The resulting class of systems extend previously proposed models [GS92,EN98,EFM99]. We represent concisely collections of global states counting the number of processes in a given state during a run of the global system, i.e., we reason modulo symmetries. We use a special class of linear arithmetic constraints to represent collections of global system states. We define a decision procedure for checking safety properties for parameterized systems using efficient constrain...
Towards a benchmark for model checkers of asynchronous concurrent systems
 University of Warwick, United Kingdom
, 2005
"... Abstract. Benchmarks, such as the established ISCAS benchmarks of digital circuits, have been successfully used to compare the relative merits of many model–checking tools and techniques employed for verifying synchronous systems. However, no benchmark for model checkers of asynchronous concurrent s ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Benchmarks, such as the established ISCAS benchmarks of digital circuits, have been successfully used to compare the relative merits of many model–checking tools and techniques employed for verifying synchronous systems. However, no benchmark for model checkers of asynchronous concurrent systems, such as communications protocols and distributed controllers, currently exists. This not only prevents a transparent evaluation of technologies in the field, but also hinders the accumulation and communication of insights into why and where particular technologies work better than others. This paper takes a first step towards establishing a benchmark for asynchronous concurrent systems. It first discusses the underlying challenges when dealing with model–checking technologies for such systems. A prototype benchmark is then proposed, which is the result of an extensive survey and systematic classification of asynchronous concurrent systems studied in the literature. Finally, the proposed benchmark is evaluated against an established benchmarking theory. 1