Results 1 
8 of
8
A Structural Induction Theorem for Processes
 Information and Computation
, 1989
"... ..."
(Show Context)
Data Flow Analysis For Verifying Correctness Properties Of Concurrent Programs
, 1995
"... Developers of modern software systems are increasingly employing concurrency to meet demanding system requirements. To deal with the inherent complexity that results from concurrency, developers require costeffective automated analysis techniques to gain confidence in the quality of their concurren ..."
Abstract

Cited by 19 (6 self)
 Add to MetaCart
Developers of modern software systems are increasingly employing concurrency to meet demanding system requirements. To deal with the inherent complexity that results from concurrency, developers require costeffective automated analysis techniques to gain confidence in the quality of their concurrent software. We present an approach, called FLAVERS, that is able to provide costeffective analysis of concurrent programs with respect to a rich class of explicitly stated correctness properties. FLAVERS is based on a family of polynomialtime, conservative data flow analysis algorithms. Unlike existing analysis approaches for concurrent software, FLAVERS allows developers to control the tradeoff between analysis cost an...
Modelling Asynchrony with a Synchronous Model
, 1995
"... The I/O Automaton paradigm of Lynch and Tuttle models asynchrony through an interleaving parallel composition and generalizes more common interleaving models based upon messagepassing, such as Hoare's CSP. It is not generally recognized that such interleaving models in fact can be viewed as sp ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
The I/O Automaton paradigm of Lynch and Tuttle models asynchrony through an interleaving parallel composition and generalizes more common interleaving models based upon messagepassing, such as Hoare's CSP. It is not generally recognized that such interleaving models in fact can be viewed as special cases of synchronous parallel composition, in which components all move in lockstep. Let A be any set of finitestate I/O Automata drawing actions from a fixed finite set containing a subset \Delta. In this article we establish a translation T : A ! P to a class of !automata P closed under a synchronous parallel composition, for which T is monotonic with respect to implementation relative to \Delta, and linear with respect to composition. Thus, for A 1 ; : : : ; A m ; B 1 ; : : : ; B n 2 A and A = A 1 jj \Delta \Delta \Delta jjA m , B = B 1 jj \Delta \Delta \Delta jjB n , if \Delta is the set of actions common to both A and B, then A implements B (in the sense of I/O Aut...
A Structural Linearization Principle for Processes
 Formal Methods in System Design
, 1994
"... . In [11], an induction principle for processes was given which allows one to apply modelchecking techniques to parameterized families of processes. A limitation of the induction principle is that it does not apply to the case in which one process depends directly upon a parameterized number of proc ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
(Show Context)
. In [11], an induction principle for processes was given which allows one to apply modelchecking techniques to parameterized families of processes. A limitation of the induction principle is that it does not apply to the case in which one process depends directly upon a parameterized number of processes, which grows without bound. This would seem to preclude its application to families of N processes interconnected in a star topology. Nonetheless, we show that if the dependency can be computed incrementally, then the direct dependency upon the parameterized number of processes may be reexpressed recursively in terms of a linear cascade of processes, yielding in effect a "linearization" of the interprocess dependencies and allowing the induction principle to apply. Keywords: Automatic verification, distributed algorithms, induction, invariant, linearization, model checking, star topology. 1. Introduction Distributed multiprocessor systems often are specified as consisting of a fini...
REASONING ABOUT NETWORKS WITH MANY I)ENTICAL N FINITESTATE PROCESSES
, 1987
"... When Government drawings, specifications, or other data are used for any purpose other than in connection witb a definitely Governmertrelated procurement, the United States Government incurs no responsibility or an 'y obligation whatsoever. The fact that the Government ma 'y have formulat ..."
Abstract
 Add to MetaCart
When Government drawings, specifications, or other data are used for any purpose other than in connection witb a definitely Governmertrelated procurement, the United States Government incurs no responsibility or an 'y obligation whatsoever. The fact that the Government ma 'y have formulated or In any way su pplied the said drawinos, specifications, or other data, is not to be regarded by implication, or otherwise in any warner construed, as licersing the holder, or any other person or corporation; or as conveying ar~y rights or perriission to manufacture, use, or sell any patented invention that may in any * way be related thereto. This report has been reviewed by the Office of Public Affairs (ASD/PA) and is releasable to the National Technical Information Service (NTIS). At NTI1S, it will be available to the general public, including foreign nations.
Exploiting Symmetry for Analysis of Distributed Systems
"... Distributed systems are difficult to design and the simplest of them can have subtle errors. Conventional automatic analysis techniques to catch these errors may be infeasible because the system may have a large, or even an unknown, number of processes. These techniques, which are based on state spa ..."
Abstract
 Add to MetaCart
Distributed systems are difficult to design and the simplest of them can have subtle errors. Conventional automatic analysis techniques to catch these errors may be infeasible because the system may have a large, or even an unknown, number of processes. These techniques, which are based on state space exploration, run into the state explosion problem. Since most distributed systems have one or more sets of identical processes, we exploit the symmetry to reduce the state space for automatic analysis techniques. We describe a model called Decomposed Petri Net that facilitates such analysis. We present symbolic and induction techniques to analyze concurrent systems described using Decomposed Petri Net. We illustrate our techniques by analyzing several examples: 2outof3 problem, dining philosophers problem and mutual exclusion problem. These techniques are applicable to systems that are configured either in a star topology or a ring topology. We also show how to extend these techniques ...
Formal Verification of a Distributed Computer System
, 1997
"... Modeling distributed computer systems is known to be a challenging enterprise. Typically, distributed systems are comprised of large numbers of components whose coordination may require complex interactions. Modeling such systems more often than not leads to the nominal intractability of the resulti ..."
Abstract
 Add to MetaCart
Modeling distributed computer systems is known to be a challenging enterprise. Typically, distributed systems are comprised of large numbers of components whose coordination may require complex interactions. Modeling such systems more often than not leads to the nominal intractability of the resulting state space. Various formal methods have been proposed to address the modeling of coordination among distributed systems components. For the most part, however, these methods do not support formal verification mechanisms. By way of contrast, the Lautomata/Lprocesses model supports formal verification mechanisms which in many examples can successfully circumvent state space explosion problems, and allow verification proofs to be extended to an arbitrary number of components. After reviewing Lautomata/Lprocesses formalisms, we present here the formal specification of a faulttolerant algorithm for a distributed computer system. We also expose the Lautomata/Lprocesses verification of t...
0_ _ RESEARCH ON AUTOMATIC VERIFICATION OF FINITESTATE r = CONCURRENT SYSTEMS(0
, 1987
"... 00 z % z% DOCUMENT IDENTIFICATION rP?; = g,. m appm I ..."