Results 1  10
of
12
Regular Model Checking Using Inference of Regular Languages
, 2004
"... Regular model checking is a method for verifying infinitestate systems based on coding their configurations as words over a finite alphabet, sets of configurations as finite automata, and transitions as finite transducers. We introduce a new general approach to regular model checking based on infer ..."
Abstract

Cited by 34 (4 self)
 Add to MetaCart
Regular model checking is a method for verifying infinitestate systems based on coding their configurations as words over a finite alphabet, sets of configurations as finite automata, and transitions as finite transducers. We introduce a new general approach to regular model checking based on inference of regular languages. The method builds upon the observation that for infinitestate systems whose behaviour can be modelled using lengthpreserving transducers, there is a finite computation for obtaining all reachable configurations up to a certain length n. These configurations are a (positive) sample of the reachable configurations of the given system, whereas all other words up to length n are a negative sample. Then, methods of inference of regular languages can be used to generalize the sample to the full reachability set (or an overapproximation of it). We have implemented our method in a prototype tool which shows that our approach is competitive on a number of concrete examples. Furthermore, in contrast to all other existing regular model checking methods, termination is guaranteed in general for all systems with regular sets of reachable configurations. The method can be applied in a similar way to dealing with reachability relations instead of reachability sets too.
Actively learning to verify safety for FIFO automata
 In LNCS 3328, Proc. of FSTTCS’04
, 2004
"... We apply machine learning techniques to verify safety properties of finite state machines which communicate over unbounded FIFO channels. Instead of attempting to iteratively compute the reachable states, we use Angluin's L* algorithm to learn these states. The learnt set of reachable states ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
(Show Context)
We apply machine learning techniques to verify safety properties of finite state machines which communicate over unbounded FIFO channels. Instead of attempting to iteratively compute the reachable states, we use Angluin's L* algorithm to learn these states. The learnt set of reachable states is then used either to prove that the system is safe, or to produce a valid execution of the system that leads to an unsafe state (i.e. to produce a counterexample). Specifically, we assume that we are given a model of the system and we provide a novel procedure which answers both membership and equivalence queries for a representation of the reachable states. We define a new encoding scheme for representing reachable states and their witness execution; this enables the learning algorithm to analyze a larger class of FIFO systems automatically than a naive encoding would allow.
Using Language Inference to Verify omegaregular Properties
 In Proc. of TACAS’05, volume 3440 of LNCS
, 2005
"... A novel machine learning based approach was proposed recently as a complementary technique to the acceleration based methods for verifying infinite state systems. In this method, the set of states satisfying a fixpoint property is learnt as opposed to being iteratively computed. We extend the ma ..."
Abstract

Cited by 12 (3 self)
 Add to MetaCart
(Show Context)
A novel machine learning based approach was proposed recently as a complementary technique to the acceleration based methods for verifying infinite state systems. In this method, the set of states satisfying a fixpoint property is learnt as opposed to being iteratively computed. We extend the machine learning based approach to verifying general #regular properties that include both safety and liveness.
Inferring network invariants automatically
 In Proc. International Joint Conference on Automated Reasoning (IJCAR ’06), volume 4130 of LNAI
, 2006
"... Abstract. Verification by network invariants is a heuristic to solve uniform verification of parameterized systems. Given a system P, a network invariant for P is a system that abstracts the composition of every number of copies of P running in parallel. If there is such a network invariant, by reas ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
Abstract. Verification by network invariants is a heuristic to solve uniform verification of parameterized systems. Given a system P, a network invariant for P is a system that abstracts the composition of every number of copies of P running in parallel. If there is such a network invariant, by reasoning about it, uniform verification with respect to the family P [1] ‖ · · · ‖ P [n] can be carried out. In this paper, we propose a procedure that searches systematically for a network invariant satisfying a given safety property. The search is based on algorithms for learning finite automata due to Angluin and Biermann. We optimize the search by combining both algorithms for improving successive possible invariants. We also show how to reduce the learning problem to SAT, allowing efficient SAT solvers to be used, which turns out to yield a very competitive learning algorithm. The overall search procedure finds a minimal such invariant, if it exists. 1
Learning to verify branching time properties
 In Proc. of the Twentieth IEEE/ACM International Conference on Automated Software Engineering
, 2005
"... Abstract. We present a new model checking algorithm for verifying computation tree logic (CTL) properties. Our technique is based on using language inference to learn the fixpoints necessary for checking a CTL formula instead of computing them iteratively as is done in traditional model checking. Th ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We present a new model checking algorithm for verifying computation tree logic (CTL) properties. Our technique is based on using language inference to learn the fixpoints necessary for checking a CTL formula instead of computing them iteratively as is done in traditional model checking. This allows us to analyze infinite or large statespace systems where the traditional iterations may not converge or may take too long to converge. We allow fairness constraints to be specified for verification of various liveness properties. The main challenge in developing a learning based model checking algorithm for CTL is that CTL properties express nested fixpoints. We overcome this challenge by developing a new characterization of CTL properties in terms of functions that have unique fixpoints. We instantiate our technique to systems in which states are encoded as strings and use a regular inference algorithm to learn the CTL fixpoints. We prove that if the fixpoints have a regular representation, our procedure will always terminate with the correct answer. We have extended our Lever tool to use the technique presented in this paper and demonstrate its effectiveness by verifying a number of parametric and integer systems. 1
Compositional Reasoning for Portbased Distributed Systems ABSTRACT
"... Many distributed systems using IPbased communication protocols consist of chains of components that run concurrently and communicate asynchronously with their neighbours through ports. We present a compositional reasoning method using model checking and theorem proving to verify liveness properties ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Many distributed systems using IPbased communication protocols consist of chains of components that run concurrently and communicate asynchronously with their neighbours through ports. We present a compositional reasoning method using model checking and theorem proving to verify liveness properties of a communication protocol for chains of connections consisting of an unknown number of components. We outline how our method is used to verify properties of the call protocol of AT&T’s Distributed Feature Composition (DFC) architecture.
Cutoffs and Automata in Formal Verification of InfiniteState Systems
, 2006
"... In this habilitation thesis, we discuss two complementary approaches to formal verification of infinitestate systems—namely, the use cutoffs and automatabased symbolic model checking (especially the socalled regular model checking). The thesis is based on extended versions of multiple conference ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
In this habilitation thesis, we discuss two complementary approaches to formal verification of infinitestate systems—namely, the use cutoffs and automatabased symbolic model checking (especially the socalled regular model checking). The thesis is based on extended versions of multiple conference and journal papers joint into a unified framework and accompanied with a significantly extended overview of other existing approaches. The presented original results include cutoffs for verification of parameterised networks of processes with shared resources, the approach of abstract regular model checking combining regular model checking with the counterexampleguided abstraction refinement (CEGAR) loop, a proposal of using language inference for regular model checking, techniques for an application of regular model checking to verification of programs manipulating dynamic linked data structures, the approach of abstract regular tree model checking as well as a proposal of a novel class of tree automata with size constraints with applications in verification of programs manipulating balanced tree structures.
A) Researchrelated Topics with possible internships in research centers
"... Context: Development of algorithms and tools for the verification of reactive systems and the synthesis of such systems Reactive systems are computer systems that maintain a continuous interaction with an environment in order to control it and to ensure that some properties are enforced. The control ..."
Abstract
 Add to MetaCart
(Show Context)
Context: Development of algorithms and tools for the verification of reactive systems and the synthesis of such systems Reactive systems are computer systems that maintain a continuous interaction with an environment in order to control it and to ensure that some properties are enforced. The controller of a lift system is a typical reactive system: it reacts to stimuli from the environment (e.g. an user push a bottom to call the lift) and it controls the lift in order to fulfill a given specification (e.g. whenever a user asks for the lift at floor i, the lift eventually reach floor i). Reactive systems are notoriously difficult to develop correctly. Difficulties arise because of concurrency, realtime constraints, parallelism, etc. Because they are difficult to develop and often used in safety critical situations (e.g. control of automatic transportation devices, embedded systems in plane or aeronautics, etc), a large research effort has been devoted to the development of computer aided methods able to certify the correctness of reactive systems. The most successful of those techniques are based on the socalled modelchecking approach. Modelchecking relies on algorithms that receive as inputs mathematical models (for example in the form of a finite state automaton) of the behaviours of the reactive system and the environment in which it is embedded, a logical formula defining the expected correct behaviour of the system within its environment. Then the algorithm verify that all the possible executions of the model are satisfying the formula. A more ambitious goal is to synthesis correct reactive systems directly from their specifications. Our research group at ULB has done significant progress recently on this problem (see
Asynchronously Communicating Visibly Pushdown Systems
"... Abstract. We introduce an automatabased formal model suitable for specifying, modeling, analyzing, and verifying asynchronous taskbased and messagepassing programs. Our model consists of visibly pushdown automata communicating over unbounded reliable pointtopoint firstinfirstout queues. Such ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We introduce an automatabased formal model suitable for specifying, modeling, analyzing, and verifying asynchronous taskbased and messagepassing programs. Our model consists of visibly pushdown automata communicating over unbounded reliable pointtopoint firstinfirstout queues. Such a combination unifies two branches of research, one focused on taskbased models, and the other on models of messagepassing programs. Our model generalizes previously proposed models that have decidable reachability in several ways. Unlike taskbased models of asynchronous programs, our model allows sending and receiving of messages even when stacks are not empty, without imposing restrictions on the number of contextswitches or communication topology. Our model also generalizes the wellknown communicating finitestate machines with recognizable channel property allowing (1) individual components to be visibly pushdown automata, which are more suitable for modeling (possibly recursive) programs, (2) the set of words (i.e., languages) of messages on queues to form a visibly pushdown language, which permits modeling of remote procedure calls and simple forms of counting, and (3) the relations formed by tuples of such languages to be synchronized, which permits modeling of complex interactions among processes. In spite of these generalizations, we prove that the composite configuration and controlstate reachability are still decidable for our model. 1
INFINITY 2004 Preliminary Version Regular Model Checking Using Inference of Regular Languages
"... Regular model checking is a method for verifying infinitestate systems based on coding their configurations as words over a finite alphabet, sets of configurations as finite automata, and transitions as finite transducers. We introduce a new general approach to regular model checking based on infer ..."
Abstract
 Add to MetaCart
(Show Context)
Regular model checking is a method for verifying infinitestate systems based on coding their configurations as words over a finite alphabet, sets of configurations as finite automata, and transitions as finite transducers. We introduce a new general approach to regular model checking based on inference of regular languages. The method builds upon the observation that for infinitestate systems whose behaviour can be modelled using lengthpreserving transducers, there is a finite computation for obtaining all reachable configurations up to a certain length n. These configurations are a (positive) sample of the reachable configurations of the given system, whereas all other words up to length n are a negative sample. Then, methods of inference of regular languages can be used to generalize the sample to the full reachability set (or an overapproximation of it). We have implemented our method in a prototype tool which shows that our approach is competitive on a number of concrete examples. Furthermore, in contrast to all other existing regular model checking methods, termination is guaranteed in general for all systems with regular sets of reachable configurations. The method can be applied in a similar way to dealing with reachability relations instead of reachability sets too. Key words: regular model checking, inference of regular languages 1