Results 1  10
of
57
Randomized active atomicity violation detection in concurrent programs
 In SIGSOFT ’08/FSE16: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering
, 2008
"... Atomicity is an important specification that enables programmers to understand atomic blocks of code in a multithreaded program as if they are sequential. This significantly simplifies the programmer’s job to reason about correctness. Several modern multithreaded programming languages provide no bu ..."
Abstract

Cited by 69 (9 self)
 Add to MetaCart
(Show Context)
Atomicity is an important specification that enables programmers to understand atomic blocks of code in a multithreaded program as if they are sequential. This significantly simplifies the programmer’s job to reason about correctness. Several modern multithreaded programming languages provide no builtin support to ensure atomicity; instead they rely on the fact that programmers would use locks properly in order to guarantee that atomic code blocks are indeed atomic. However, improper use of locks can sometimes fail to ensure atomicity. Therefore, we need tools that can check atomicity properties of lockbased code automatically. We propose a randomized dynamic analysis technique to detect a special, but important, class of atomicity violations that are often found in realworld programs. Specifically, our technique modifies the existing Java thread scheduler behavior to create atomicity violations with high probability. Our approach has several advantages over existing dynamic analysis tools. First, we can create a real atomicity violation and see if an exception can be thrown. Second, we can replay an atomicity violating execution by simply using the same seed for random number generation—we do not need to record the execution. Third, we give no false warnings unlike existing dynamic atomicity checking techniques. We have implemented the technique in a prototype tool for Java and have experimented on a number of large multithreaded Java programs and libraries. We report a number of previously known and unknown bugs and atomicity violations in these Java programs.
A Bayesian Approach to Model Checking Biological Systems ⋆
"... Abstract. Recently, there has been considerable interest in the use of Model Checking for Systems Biology. Unfortunately, the state space of stochastic biological models is often too large for classical Model Checking techniques. For these models, a statistical approach to Model Checking has been sh ..."
Abstract

Cited by 52 (15 self)
 Add to MetaCart
(Show Context)
Abstract. Recently, there has been considerable interest in the use of Model Checking for Systems Biology. Unfortunately, the state space of stochastic biological models is often too large for classical Model Checking techniques. For these models, a statistical approach to Model Checking has been shown to be an effective alternative. Extending our earlier work, we present the first algorithm for performing statistical Model Checking using Bayesian Sequential Hypothesis Testing. We show that our Bayesian approach outperforms current statistical Model Checking techniques, which rely on tests from Classical (aka Frequentist) statistics, by requiring fewer system simulations. Another advantage of our approach is the ability to incorporate prior Biological knowledge about the model being verified. We demonstrate our algorithm on a variety of models from the Systems Biology literature and show that it enables faster verification than stateoftheart techniques, even when no prior knowledge is available. 1
Bayesian Statistical Model Checking with Application to Stateflow/Simulink Verification
, 2010
"... We address the problem of model checking stochastic systems, i.e. checking whether a stochastic system satisfies a certain temporal property with a probability greater (or smaller) than a fixed threshold. In particular, we present a novel Statistical Model Checking (SMC) approach based on Bayesian s ..."
Abstract

Cited by 45 (7 self)
 Add to MetaCart
(Show Context)
We address the problem of model checking stochastic systems, i.e. checking whether a stochastic system satisfies a certain temporal property with a probability greater (or smaller) than a fixed threshold. In particular, we present a novel Statistical Model Checking (SMC) approach based on Bayesian statistics. We show that our approach is feasible for hybrid systems with stochastic transitions, a generalization of Simulink/Stateflow models. Standard approaches to stochastic (discrete) systems require numerical solutions for large optimization problems and quickly become infeasible with larger state spaces. Generalizations of these techniques to hybrid systems with stochastic effects are even more challenging. The SMC approach was pioneered by Younes and Simmons in the discrete and nonBayesian case. It solves the verification problem by combining randomized sampling of system traces (which is very efficient for Simulink/Stateflow) with hypothesis testing or estimation. We believe SMC is essential for scaling up to large Stateflow/Simulink models. While the answer to the verification problem is not guaranteed to be correct, we prove that Bayesian SMC can make the probability of giving a wrong answer arbitrarily small. The advantage is that answers can usually be obtained much faster than with standard, exhaustive model checking
Parallel randomized statespace search
 in International Conference on Software Engineering
"... Model checkers search the space of possible program behaviors to detect errors and to demonstrate their absence. Despite major advances in reduction and optimization techniques, statespace search can still become costprohibitive as program size and complexity increase. In this paper, we present a ..."
Abstract

Cited by 35 (0 self)
 Add to MetaCart
(Show Context)
Model checkers search the space of possible program behaviors to detect errors and to demonstrate their absence. Despite major advances in reduction and optimization techniques, statespace search can still become costprohibitive as program size and complexity increase. In this paper, we present a technique for dramatically improving the costeffectiveness of statespace search techniques for error detection using parallelism. Our approach can be composed with all of the reduction and optimization techniques we are aware of to amplify their benefits. It was developed based on insights gained from performing a large empirical study of the costeffectiveness of randomization techniques in statespace analysis. We explain those insights and our technique, and then show through a focused empirical study that our technique speeds up analysis by factors ranging from 2 to over 1000 as compared to traditional modes of statespace search, and does so with relatively small numbers of parallel processors. 1.
Statistical model checking: An overview
 RV 2010
, 2010
"... Quantitative properties of stochastic systems are usually specified in logics that allow one to compare the measure of executions satisfying certain temporal properties with thresholds. The model checking problem for stochastic systems with respect to such logics is typically solved by a numerical a ..."
Abstract

Cited by 28 (6 self)
 Add to MetaCart
(Show Context)
Quantitative properties of stochastic systems are usually specified in logics that allow one to compare the measure of executions satisfying certain temporal properties with thresholds. The model checking problem for stochastic systems with respect to such logics is typically solved by a numerical approach [31,8,35,22,21,5] that iteratively computes (or approximates) the exact measure of paths satisfying relevant subformulas; the algorithms themselves depend on the class of systems being analyzed as well as the logic used for specifying the properties. Another approach to solve the model checking problem is to simulate the system for finitely many executions, and use hypothesis testing to infer whether the samples provide a statistical evidence for the satisfaction or violation of the specification. In this tutorial, we survey the statistical approach, and outline its main advantages in terms of efficiency, uniformity, and simplicity.
Enhancing random walk state space exploration
 In Proc. of Formal Methods for Industrial Critical Systems (FMICS’05
, 2005
"... Abstract. We study the behaviour of the random walk method in the context of model checking and its capacity to explore a state space. We describe the methodology we have used for observing the random walk and report on the results obtained. We also describe many possible enhancements of the random ..."
Abstract

Cited by 17 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We study the behaviour of the random walk method in the context of model checking and its capacity to explore a state space. We describe the methodology we have used for observing the random walk and report on the results obtained. We also describe many possible enhancements of the random walk and study their behaviour and limits. Finally, we discuss some practically important but often neglected issues like counterexamples, coverage estimation, and setting of parameters. Similar methodology can be used for studying other state space exploration techniques like bitstate hashing, partial storage methods, or partial order reduction. 1
Formal Analysis Techniques for Gossiping Protocols
 ACM SIGOPS Oper. Syst. Rev.
, 2007
"... We give a survey of formal verification techniques that can be used to corroborate existing experimental results for gossiping protocols in a rigorous manner. We present properties of interest for gossiping protocols and discuss how various formal evaluation techniques can be employed to predict the ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
We give a survey of formal verification techniques that can be used to corroborate existing experimental results for gossiping protocols in a rigorous manner. We present properties of interest for gossiping protocols and discuss how various formal evaluation techniques can be employed to predict them.
Exploration of the robustness of plans
 In AAAI
, 2006
"... This paper considers the problem of stochastic robustness testing for plans. Although plan generation systems might be proven sound the resulting plans are valid only with respect to the abstract domain model. It is wellunderstood that unforseen executiontime variations, both in the effects of act ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
This paper considers the problem of stochastic robustness testing for plans. Although plan generation systems might be proven sound the resulting plans are valid only with respect to the abstract domain model. It is wellunderstood that unforseen executiontime variations, both in the effects of actions and in the times at which they occur, can result in a valid plan failing to execute correctly. Other authors have investigated the stochastic validity of plans with nondeterministic action outcomes. In this paper we focus on the uncertainty that arises as a result of inaccuracies in the measurement of time and other numeric quantities. We describe a probing strategy that produces a stochastic estimate of the robustness of a temporal plan. This strategy is based on Gupta, Henzinger and Jagadeesan’s (Gupta, Henzinger, & Jagadeesan 1997) notion of the “fuzzy ” robustness of traces through timed hybrid automata. 1
Probabilistic temporal logic falsification of cyberphysical systems
 ACM Transactions on Embedded Computing Systems
"... We present a MonteCarlo optimization technique for finding system behaviors that falsify a Metric Temporal Logic (MTL) property. Our approach performs a random walk over the space of system inputs guided by a robustness metric defined by the MTL property. Robustness is guiding the search for a fal ..."
Abstract

Cited by 14 (12 self)
 Add to MetaCart
(Show Context)
We present a MonteCarlo optimization technique for finding system behaviors that falsify a Metric Temporal Logic (MTL) property. Our approach performs a random walk over the space of system inputs guided by a robustness metric defined by the MTL property. Robustness is guiding the search for a falsifying behavior by exploring trajectories with smaller robustness values. The resulting testing framework can be applied to a wide class of CyberPhysical Systems (CPS). We show through experiments on complex system models that using our framework can help automatically falsify properties with more consistency as compared to other means such as uniform sampling. 1