Results 11  20
of
48
Extended directed search for probabilistic timed reachability
 In FORMATS’06, volume 4202 of LNCS
, 2006
"... Abstract. Current numerical model checkers for stochastic systems can efficiently analyse stochastic models. However, the fact that they are unable to provide debugging information constrains their practical use. In precursory work we proposed a method to select diagnostic traces, in the parlance of ..."
Abstract

Cited by 14 (7 self)
 Add to MetaCart
Abstract. Current numerical model checkers for stochastic systems can efficiently analyse stochastic models. However, the fact that they are unable to provide debugging information constrains their practical use. In precursory work we proposed a method to select diagnostic traces, in the parlance of functional model checking commonly referred to as failure traces or counterexamples, for probabilistic timed reachability properties on discretetime and continuoustime Markov chains. We applied directed explicitstate search algorithms, like Z ∗ , to determine a diagnostic trace which carries large amount of probability. In this paper we extend this approach to determining sets of traces that carry large probability mass, since properties of stochastic systems are typically not violated by single traces, but by collections of those. To this end we extend existing heuristics guided search algorithms so that they select sets of traces. The result is provided in the form of a Markov chain. Such diagnostic Markov chains are not just essential tools for diagnostics and debugging but, they also allow the solution of timed reachability probability to be approximated from below. In particular cases, they also provide real counterexamples which can be used to show the violation of the given property. Our algorithms have been implemented in the stochastic model checker PRISM. We illustrate the applicability of our approach using a number of case studies. 1
Safe OnTheFly SteadyState Detection for TimeBounded Reachability
, 2005
"... The timebounded reachability problem for continuoustime Markov chains (CTMCs) amounts to determine the probability to reach a (set of) goal state(s) within a given time span, such that prior to reaching the goal certain states are avoided. Efficient algorithms for timebounded reachability are at ..."
Abstract

Cited by 11 (4 self)
 Add to MetaCart
The timebounded reachability problem for continuoustime Markov chains (CTMCs) amounts to determine the probability to reach a (set of) goal state(s) within a given time span, such that prior to reaching the goal certain states are avoided. Efficient algorithms for timebounded reachability are at the heart of probabilistic model checkers such as PRISM and ETMCC. For large time spans, onthefly steadystate detection is commonly applied. To obtain correct results (up to a given accuracy), it is essential to avoid detecting premature stationarity. This technical report gives a detailed account of criteria for steadystate detection in the setting of timebounded reachability. This is done for forward and backward reachability algorithms. As a spinoff of this study, new results for onthefly steadystate detection during CTMC transient analysis are reported. Based on these results, a precise procedure for steadystate detection for timebounded reachability is obtained. Experiments show the impact of these results in probabilistic model checking.
Generalized Queries and Bayesian Statistical Model Checking in Dynamic Bayesian Networks: Application to Personalized Medicine
 In: Proc. 8th Ann. Intnl Conf. on Comput. Sys. Bioinf. (CSB
, 2009
"... We introduce the concept of generalized probabilistic queries in Dynamic Bayesian Networks (DBN) — computing P (φ1φ2), where φi is a formula in temporal logic encoding an equivalence class of trajectories through the variables of the model. Generalized queries include as special cases traditional ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
(Show Context)
We introduce the concept of generalized probabilistic queries in Dynamic Bayesian Networks (DBN) — computing P (φ1φ2), where φi is a formula in temporal logic encoding an equivalence class of trajectories through the variables of the model. Generalized queries include as special cases traditional query types for DBNs (i.e., filtering, smoothing, prediction, and classification), but can also be used to express inference problems that are either impossible, or impractical to answer using traditional algorithms for inference in DBNs. We then discuss the relationship between answering generalized queries and the Probabilistic Model Checking Problem and introduce two novel algorithms for efficiently estimating P (φ1φ2) in a Bayesian fashion. Finally, we demonstrate our method by answering generalized queries that arise in the context of critical care medicine. Specifically, we show that our approach can be used to make treatment decisions for a cohort of 1,000 simulated sepsis patients, and that it outperforms Support Vector Machines, Neural Networks, and Random Forests on the same task.
Probabilistic model checking for the quantification of DoS security threats
"... Secure authentication features of communication and electronic commerce protocols involve computationally expensive and memory intensive cryptographic operations that have the potential to be turned into denialofservice (DoS) exploits. Recent proposals attempt to improve DoS resistance by implemen ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
(Show Context)
Secure authentication features of communication and electronic commerce protocols involve computationally expensive and memory intensive cryptographic operations that have the potential to be turned into denialofservice (DoS) exploits. Recent proposals attempt to improve DoS resistance by implementing a tradeoff between the resources required for the potential victim(s) with the resources used by a prospective attacker. Such improvements have been proposed for the Internet Key Exchange (IKE), the Just Fast Keying (JFK) key agreement protocol and the Secure Sockets Layer (SSL/TLS) protocol. In present article, we introduce probabilistic model checking as an efficient toolassisted approach for systematically quantifying DoS security threats. We model a security protocol with a fixed network topology using probabilistic specifications for the protocol participants. We attach into the protocol model, a probabilistic attacker model which performs DoS related actions with assigned cost values. The costs for the protocol participants and the attacker reflect the level of some resource expenditure (memory, processing capacity or communication bandwidth) for the associated actions. From the
System Level Formal Verification via Model Checking Driven Simulation
"... Abstract. We show how by combining Explicit Model Checking techniques and simulation it is possible to effectively carry out (bounded) System Level Formal Verification of large Hybrid Systems such as those defined using modelbased tools like Simulink. We use an explicit model checker (namely, CMurp ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
(Show Context)
Abstract. We show how by combining Explicit Model Checking techniques and simulation it is possible to effectively carry out (bounded) System Level Formal Verification of large Hybrid Systems such as those defined using modelbased tools like Simulink. We use an explicit model checker (namely, CMurphi) to generate all possible (finite horizon) simulation scenarios and then optimise the simulation of such scenarios by exploiting the ability of simulators to save and restore visited states. We show feasibility of our approach by presenting experimental results on the verification of the fuel control system example in the Simulink distribution. To the best of our knowledge this is the first time that (exhaustive) verification has been carried out for hybrid systems of such a size. 1
M.: Stable Availability under Denial of Service Attacks through Formal Patterns
, 2012
"... Abstract. Availability is an important security property for Internet services and a key ingredient of most service level agreements. It can be compromised by distributed Denial of Service (DoS) attacks. In this work we propose a formal patternbased approach to study defense mechanisms against DoS ..."
Abstract

Cited by 6 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Availability is an important security property for Internet services and a key ingredient of most service level agreements. It can be compromised by distributed Denial of Service (DoS) attacks. In this work we propose a formal patternbased approach to study defense mechanisms against DoS attacks. We enhance pattern descriptions with formal models that allow the designer to give guarantees on the behavior of the proposed solution. The underlying executable specification formalism we use is the rewriting logic language Maude and its realtime and probabilistic extensions. We introduce the notion of stable availability, which means that with very high probability service quality remains very close to a threshold, regardless of how bad the DoS attack can get. Then we present two formal patterns which can serve as defenses against DoS attacks: the Adaptive Selective Verification (ASV) pattern, which enhances a communication protocol with a defense mechanism, and the Server Replicator (SR) pattern, which provisions additional resources on demand. However, ASV achieves availability without stability, and SR cannot achieve stable availability at a reasonable cost. As a main result we show, by statistical model checking with the PVeStA tool, that the composition of both patterns yields a new improved pattern which guarantees stable availability at a reasonable cost.
Simulationbased ctmc model checking: an emprical evaluation
 In Proc. QEST’09
, 2009
"... This paper provides an experimental study of the efficiency of simulationbased modelchecking algorithms for continuoustime Markov chains by comparing: MRMC – the only tool that implements (new) confidenceintervalbased algorithms for verification of all main CSL formulae; Ymer – that allows fo ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
This paper provides an experimental study of the efficiency of simulationbased modelchecking algorithms for continuoustime Markov chains by comparing: MRMC – the only tool that implements (new) confidenceintervalbased algorithms for verification of all main CSL formulae; Ymer – that allows for verification of timebounded and timeinterval until using sequential acceptance sampling; and VESTA – that can verify timebounded and unbounded until by means of simple hypothesis testing. The study shows that MRMC provides the most accurate verification results. Ymer and VESTA, unlike MRMC, have almost constant memory consumption. Ymer requires the least number of observations to assess the modelchecking problem, but MRMC is mostly the fastest. This indicates that the tools ’ efficiency does not so much depend on sampling but is rather determined by extra computations. 1.
MonitorBased Statistical Model Checking for Weighted Metric Temporal Logic
, 2012
"... Abstract. We present a novel approach and implementation for analysing weighted timed automata (WTA) with respect to the weighted metric temporal logic (WMTL≤). Based on a stochastic semantics of WTAs, we apply statistical model checking (SMC) to estimate and test probabilities of satisfaction with ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We present a novel approach and implementation for analysing weighted timed automata (WTA) with respect to the weighted metric temporal logic (WMTL≤). Based on a stochastic semantics of WTAs, we apply statistical model checking (SMC) to estimate and test probabilities of satisfaction with desired levels of confidence. Our approach consists in generation of deterministic monitors for formulas in WMTL≤, allowing for efficient SMC by runtime evaluation of a given formula. By necessity, the deterministic observers are in general approximate (over or underapproximations), but are most often exact and experimentally tight. The technique is implemented in the new tool Casaal that we seamlessly connect to Uppaalsmc in a tool chain. We demonstrate the applicability of our technique and the efficiency of our implementation through a number of casestudies. 1
Onthefly Confluence Detection for Statistical Model Checking
, 2013
"... Statistical model checking is an analysis method that circumvents the state space explosion problem in modelbased verification by combining probabilistic simulation with statistical methods that provide clear error bounds. As a simulationbased technique, it can only provide sound results if the un ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
(Show Context)
Statistical model checking is an analysis method that circumvents the state space explosion problem in modelbased verification by combining probabilistic simulation with statistical methods that provide clear error bounds. As a simulationbased technique, it can only provide sound results if the underlying model is a stochastic process. In verification, however, models are usually variations of nondeterministic transition systems. The notion of confluence allows the reduction of such transition systems in classical model checking by removing spurious nondeterministic choices. In this presentation, we show that confluence can be adapted to detect and discard such choices onthefly during simulation, thus extending the applicability of statistical model checking to a subclass of Markov decision processes. In contrast to previous approaches that use partial order reduction, the confluencebased technique can handle additional kinds of nondeterminism. In particular, it is not restricted to interleavings. We evaluate our approach, which is implemented as part of the modes simulator for the MODEST modelling language, on a set of examples that highlight its strengths and limitations and show the improvements compared to the partial orderbased method.
A probabilistic attacker model for quantitative verification of DoS security threats
 In Proc. of the 32nd Annual International Computer and Applications Software (COMPSAC
, 2008
"... This work introduces probabilistic model checking as a viable toolassisted approach for systematically quantifying DoS security threats. The proposed analysis is based on a probabilistic attacker model implementing simultaneous N zombie participants, which subvert secure authentication features in ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
(Show Context)
This work introduces probabilistic model checking as a viable toolassisted approach for systematically quantifying DoS security threats. The proposed analysis is based on a probabilistic attacker model implementing simultaneous N zombie participants, which subvert secure authentication features in communication protocols and electronic commerce systems. DoS threats are expressed as probabilistic reachability properties that are automatically verified through an appropriate Discrete Time Markov Chain representing the protocol participants and attacker models. The overall analysis takes place in a mature probabilistic model checking toolset called PRISM. We believe that the applied quantitative verification approach is a valuable means for comparing protocol implementations with alternative parameter choices, for optimal resistance to the analyzed threats. Key Words Denial of Service, model checking, security 1.