Abstract. We present MC 2, what we believe to be the first randomized, Monte Carlo algorithm for temporal-logic model checking, the classical problem of deciding whether or not a property specified in temporal logic holds of a system specification. Given a specification S of a finite-state system, an LTL (Linear Temporal Logic) formula ϕ, and parameters ɛ and δ, MC 2 takes N = ln(δ) / ln(1 − ɛ) random samples (random walks ending in a cycle, i.e lassos) from the Büchi automaton B = BS × B¬ϕ to decide if L(B) = ∅. Should a sample reveal an accepting lasso l, MC 2 returns false with l as a witness. Otherwise, it returns true and reports that with probability less than δ, pZ < ɛ, where pZ is the expectation of an accepting lasso in B. It does so in time O(N · D) and space O(D), where D is B’s recurrence diameter, using a number of samples N that is optimal to within a constant factor. Our experimental results demonstrate that MC 2 is fast, memory-efficient, and scales very well.

We present Protagoras, a new plug-in architecture for the GNU compiler collection that allows one to modify GCC’s internal representation of the program under compilation. We illustrate the utility of Protagoras by presenting plug-ins for both compile-time and runtime software verification and monitoring. In the compiletime case, we have developed plug-ins that interpret the GIMPLE intermediate representation to verify properties statically. In the runtime case, we have developed plug-ins for GCC to perform memory leak detection, array bounds checking, and reference-count access monitoring. 1

The primary focus of my research is to develop formal methods and tools which support the modeling and automated analysis of complex computational systems, including software systems, embedded systems and biological systems. To manage complexity we used two complementary approaches: statistical analysis and modular reasoning. For the latter we carefully distinguish between architectural hierarchy, behavioral hierarchy and interaction hierarchy. Moreover, we equip the modeling formalisms and their associated semantics with corresponding hierarchy building operators. To support automated analysis we focused on (software) model checking and testing techniques. In this context, we use statistical methods to derive a novel Monte Carlo model checking algorithm, which allows to trade time and space for precision and confidence in the result. We also exploit behavioral and interaction hierarchies to devise more efficient search routines as well as new modular reasoning techniques. To apply our techniques to a large variety of applications we developed modeling formalisms for both discrete and mixed discrete and continuous systems. In particular, for discrete systems we proposed algebraic techniques, stream processing functions and relations, hierarchic reactive

The primary focus of my research is to develop formal methods and tools which support the modeling and automated analysis of complex computational systems, including software systems, embedded systems and biological systems. The main emphasis is on approaches that scale well for realistic applications. My most notable contributions are in: Establishing a noncommutative Cayley-Hamilton theorem for finite automata; Showing that minimal nondeterministic finite automata may be related via linear transformations; Automatically detecting emergent properties in networks of cardiac myocytes; Automatically learning an efficient model for excitable cells; Defining a model checking technique that allows to trade time and space for precision and confidence; Defining compositional models for discrete and hybrid hierarchic automata, together with modular proof rules and search routines; Providing compositional semantics and refinement rules for UML sequence diagrams, and their automatic translation to statecharts; Providing an algebraic foundation of UML-RT in terms of trace categories; Giving a denotational semantics for dynamically reconfigurable systems. My work resulted in a number of publicly available tools, including model checkers jMocha, Hermes, Gmc and Tempo, and hybrid systems simulators Charon and Eha. Below is a brief description of this work, classified by projects and in inverse chronological order. Ongoing projects also contain a summary of future work. Next-Generation Model Checking and Abstract Interpretation: With a Focus on Embedded