Results 1  10
of
383
Model Checking for a Probabilistic Branching Time Logic with Fairness
 Distributed Computing
, 1998
"... We consider concurrent probabilistic systems, based on probabilistic automata of Segala & Lynch [55], which allow nondeterministic choice between probability distributions. These systems can be decomposed into a collection of "computation trees" which arise by resolving the nondeterm ..."
Abstract

Cited by 137 (41 self)
 Add to MetaCart
We consider concurrent probabilistic systems, based on probabilistic automata of Segala & Lynch [55], which allow nondeterministic choice between probability distributions. These systems can be decomposed into a collection of "computation trees" which arise by resolving the nondeterministic, but not probabilistic, choices. The presence of nondeterminism means that certain liveness properties cannot be established unless fairness is assumed. We introduce a probabilistic branching time logic PBTL, based on the logic TPCTL of Hansson [30] and the logic PCTL of [55], resp. pCTL of [14]. The formulas of the logic express properties such as "every request is eventually granted with probability at least p". We give three interpretations for PBTL on concurrent probabilistic processes: the first is standard, while in the remaining two interpretations the branching time quantifiers are taken to range over a certain kind of fair computation trees. We then present a model checking algorithm for...
On probabilistic model checking
, 1996
"... Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative ..."
Abstract

Cited by 106 (26 self)
 Add to MetaCart
Abstract. This tutorial presents an overview of model checking for both discrete and continuoustime Markov chains (DTMCs and CTMCs). Model checking algorithms are given for verifying DTMCs and CTMCs against specifications written in probabilistic extensions of temporal logic, including quantitative properties with rewards. Example properties include the probability that a fault occurs and the expected number of faults in a given time period. We also describe the practical application of stochastic model checking with the probabilistic model checker PRISM by outlining the main features supported by PRISM and three realworld case studies: a probabilistic security protocol, dynamic power management and a biological pathway. 1
Verification of relational datacentric dynamic systems with external services
, 2013
"... Datacentric dynamic systems are systems where both the process controlling the dynamics and the manipulation of data are equally central. We study verification of (firstorder) µcalculus variants over relational datacentric dynamic systems, where data are maintained in a relational database, and ..."
Abstract

Cited by 50 (19 self)
 Add to MetaCart
(Show Context)
Datacentric dynamic systems are systems where both the process controlling the dynamics and the manipulation of data are equally central. We study verification of (firstorder) µcalculus variants over relational datacentric dynamic systems, where data are maintained in a relational database, and the process is described in terms of atomic actions that evolve the database. Action execution may involve calls to external services, thus inserting fresh data into the system. As a result such systems are infinitestate. We show that verification is undecidable in general, and we isolate notable cases where decidability is achieved. Specifically we start by considering service calls that return values deterministically (depending only on passed parameters). We show that in a µcalculus variant that preserves knowledge of objects appeared along a run we get decidability under the assumption that the fresh data introduced along a
Symbolic model checking of software product lines
 In ICSE’11
, 2011
"... We study the problem of model checking software product line (SPL) behaviours against temporal properties. This is more difficult than for single systems because an SPL with n features yields up to 2n individual systems to verify. As each individual verification suffers from state explosion, it is c ..."
Abstract

Cited by 46 (5 self)
 Add to MetaCart
(Show Context)
We study the problem of model checking software product line (SPL) behaviours against temporal properties. This is more difficult than for single systems because an SPL with n features yields up to 2n individual systems to verify. As each individual verification suffers from state explosion, it is crucial to propose efficient formalisms and heuristics. We recently proposed featured transition systems (FTS), a compact representation for SPL behaviour, and defined algorithms for model checking FTS against linear temporal properties. Although they showed to outperform individual system verifications, they still face a state explosion problem as they enumerate and visit system states one by one. In this paper, we tackle this latter problem by using symbolic representations of the state space. This lead us to
Deciding Bisimilarity and Similarity for Probabilistic Processes
, 2000
"... This paper deals with probabilistic and nondeterministic processes represented by a variant of labelled transition systems where any outgoing transition of a state s is augmented with probabilities for the possible successor states. Our main contribution are algorithms for computing the bisimulatio ..."
Abstract

Cited by 41 (4 self)
 Add to MetaCart
This paper deals with probabilistic and nondeterministic processes represented by a variant of labelled transition systems where any outgoing transition of a state s is augmented with probabilities for the possible successor states. Our main contribution are algorithms for computing the bisimulation equivalence classes as introduced by Larsen & Skou [44] and the simulation preorder `a la Segala & Lynch [57]. The algorithm for deciding bisimilarity is based on a variant of the traditional partitioning technique [43, 51] and runs in time O(mn(log m+ log n)) where m is the number of transitions and n the number of states. The main idea for computing the simulation preorder is the reduction to maximum flow problems in suitable networks. Using the method of Cheriyan, Hagerup & Mehlhorn [15] for computing the maximum flow, the algorithm runs in time O((mn 6 +m 2 n 3 )= log n). Moreover, we show that the networkbased technique is also applicable to compute the simulationlike relation...
B.: Counterexample generation in probabilistic model checking
 IEEE Trans. on Software Engineering
"... Abstract—Providing evidence for the refutation of a property is an essential, if not the most important, feature of model checking. This paper considers algorithms for counterexample generation for probabilistic CTL formulas in discretetime Markov chains. Finding the strongest evidence (i.e., the m ..."
Abstract

Cited by 33 (9 self)
 Add to MetaCart
(Show Context)
Abstract—Providing evidence for the refutation of a property is an essential, if not the most important, feature of model checking. This paper considers algorithms for counterexample generation for probabilistic CTL formulas in discretetime Markov chains. Finding the strongest evidence (i.e., the most probable path) violating a (bounded) untilformula is shown to be reducible to a singlesource (hopconstrained) shortest path problem. Counterexamples of smallest size that deviate most from the required probability bound can be obtained by applying (small amendments to) kshortest (hopconstrained) paths algorithms. These results can be extended to Markov chains with rewards, to LTL model checking, and are useful for Markov decision processes. Experimental results show that, typically, the size of a counterexample is excessive. To obtain much more compact representations, we present a simple algorithm to generate (minimal) regular expressions that can act as counterexamples. The feasibility of our approach is illustrated by means of two communication protocols: leader election in an anonymous ring network and the Crowds protocol. Index Terms—Diagnostic feedback, Markov chain, model checking, regular expression, shortest path. Ç 1
Statistical model checking: An overview
 RV 2010
, 2010
"... Quantitative properties of stochastic systems are usually specified in logics that allow one to compare the measure of executions satisfying certain temporal properties with thresholds. The model checking problem for stochastic systems with respect to such logics is typically solved by a numerical a ..."
Abstract

Cited by 28 (6 self)
 Add to MetaCart
(Show Context)
Quantitative properties of stochastic systems are usually specified in logics that allow one to compare the measure of executions satisfying certain temporal properties with thresholds. The model checking problem for stochastic systems with respect to such logics is typically solved by a numerical approach [31,8,35,22,21,5] that iteratively computes (or approximates) the exact measure of paths satisfying relevant subformulas; the algorithms themselves depend on the class of systems being analyzed as well as the logic used for specifying the properties. Another approach to solve the model checking problem is to simulate the system for finitely many executions, and use hypothesis testing to infer whether the samples provide a statistical evidence for the satisfaction or violation of the specification. In this tutorial, we survey the statistical approach, and outline its main advantages in terms of efficiency, uniformity, and simplicity.
Simulation Optimization
 In Proceedings of the 2001 Winter Simulation Conference, edited by
"... planning on register automata ..."
(Show Context)
Foundations of relational artifacts verification
, 2011
"... Artifacts are entities characterized by data of interest (constituting the state of the artifact) in a given business application, and a lifecycle, which constrains the artifact’s possible evolutions. In this paper we study relational artifacts, where data are represented by a full fledged relation ..."
Abstract

Cited by 20 (9 self)
 Add to MetaCart
(Show Context)
Artifacts are entities characterized by data of interest (constituting the state of the artifact) in a given business application, and a lifecycle, which constrains the artifact’s possible evolutions. In this paper we study relational artifacts, where data are represented by a full fledged relational database, and the lifecycle is described by a temporal/dynamic formula expressed in µcalculus. We then consider business processes, modeled as a set of condition/action rules, in which the execution of actions (aka tasks, or atomic services) results in new artifact states. We study conformance of such processes wrt the artifact lifecycle as well as verification of temporal/dynamic properties expressed in µcalculus. Notice that such systems are infinitestate in general, hence undecidable. However, inspired by recent literature on database dependencies developed for data exchange, we present a natural restriction that makes such systems finitestate, and the above problems decidable.
Bounded Situation Calculus Action Theories and Decidable Verification
"... We define a notion of bounded action theory in the situation calculus, where the theory entails that in all situations, the number of ground fluent atoms is bounded by a constant. Such theories can still have an infinite domain and an infinite set of states. We argue that such theories are fairly co ..."
Abstract

Cited by 20 (8 self)
 Add to MetaCart
We define a notion of bounded action theory in the situation calculus, where the theory entails that in all situations, the number of ground fluent atoms is bounded by a constant. Such theories can still have an infinite domain and an infinite set of states. We argue that such theories are fairly common in applications, either because facts do not persist indefinitely or because one eventually forgets some facts, as one learns new ones. We discuss various ways of obtaining bounded action theories. The main result of the paper is that verification of an expressive class of firstorder µcalculus temporal properties in such theories is in fact decidable.