Results 1  10
of
13
Symbolic Model Checking of InfiniteState Systems Using Narrowing
"... Rewriting is a general and expressive way of specifying concurrent systems, where concurrent transitions are axiomatized by rewrite rules. Narrowing is a complete symbolic method for model checking reachability properties. We show that this method can be reinterpreted as a lifting simulation relatin ..."
Abstract

Cited by 24 (12 self)
 Add to MetaCart
(Show Context)
Rewriting is a general and expressive way of specifying concurrent systems, where concurrent transitions are axiomatized by rewrite rules. Narrowing is a complete symbolic method for model checking reachability properties. We show that this method can be reinterpreted as a lifting simulation relating the original system and the symbolic system associated to the narrowing transitions. Since the narrowing graph can be infinite, this lifting simulation only gives us a semidecision procedure for the failure of invariants. However, we propose new methods for folding the narrowing tree that can in practice result in finite systems that symbolically simulate the original system and can be used to algorithmically verify its properties. We also show how both narrowing and folding can be used to symbolically model check systems which, in addition, have state predicates, and therefore correspond to Kripke structures on which ACTL∗ and LTL formulas can be algorithmically verified using such finite symbolic abstractions.
Analyzing Asynchronous Programs with Preemption
"... ABSTRACT. Multiset pushdown systems have been introduced by Sen and Viswanathan as an adequate model for asynchronous programs where some procedure calls can be stored as tasks to be processed later. The model is a pushdown system supplied with a multiset of pending tasks. Tasks may be added to the ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
ABSTRACT. Multiset pushdown systems have been introduced by Sen and Viswanathan as an adequate model for asynchronous programs where some procedure calls can be stored as tasks to be processed later. The model is a pushdown system supplied with a multiset of pending tasks. Tasks may be added to the multiset at each transition, whereas a task is taken from the multiset only when the stack is empty. In this paper, we consider an extension of these models where tasks may be of different priority level, and can be preempted at any point of their execution by tasks of higher priority. We investigate the control point reachability problem for these models. Our main result is that this problem is decidable by reduction to the reachability problem for a decidable class of Petri nets with inhibitor arcs. We also identify two subclasses of these models for which the control point reachability problem is reducible respectively to the reachability problem and to the coverability problem for Petri nets (without inhibitor arcs). 1
Analysis of Recursively Parallel Programs
, 2011
"... We propose a general formal model of isolated hierarchical parallel computations, and identify several fragments to match the concurrency constructs present in realworld programming languages such as Cilk and X10. By associating fundamental formal models (vector addition systems with recursive tran ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
(Show Context)
We propose a general formal model of isolated hierarchical parallel computations, and identify several fragments to match the concurrency constructs present in realworld programming languages such as Cilk and X10. By associating fundamental formal models (vector addition systems with recursive transitions) to each fragment, we provide a common platform for exposing the relative difficulties of algorithmic reasoning. For each case we measure the complexity of deciding statereachability for finitedata recursive programs, and propose algorithms for the decidable cases. The complexities which include PTIME, NP, EXPSPACE, and 2EXPTIME contrast with undecidable statereachability for recursive multithreaded programs.
Substructural Logical Specifications
, 2012
"... Any opinions, findings, conclusions or recommendations expressed in this publication are those of the author and A logical framework and its implementation should serve as a flexible tool for specifying, simulating, and reasoning about formal systems. When the formal systems we are interested in exh ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
(Show Context)
Any opinions, findings, conclusions or recommendations expressed in this publication are those of the author and A logical framework and its implementation should serve as a flexible tool for specifying, simulating, and reasoning about formal systems. When the formal systems we are interested in exhibit state and concurrency, however, existing logical frameworks fall short of this goal. Logical frameworks based on a rewriting interpretation of substructural logics, ordered and linear logic in particular, can help. To this end, this dissertation introduces and demonstrates four methodologies for developing and using substructural logical frameworks for specifying and reasoning about stateful and concurrent systems. Structural focalization is a synthesis of ideas from Andreoli’s focused sequent calculi and Watkins’s hereditary substitution. We can use structural focalization to take a logic and define a restricted form of derivations, the focused derivations, that form the basis of a logical framework. We apply this methodology to define SLS, a logical framework for substructural logical specifications, as a fragment of ordered
From multi to single stack automata
 In Proc. of CONCUR 2010, volume 6269 of LNCS
, 2010
"... Abstract. Verification of concurrent programs modelled as multistack machines is an active research area. Recently decidability/complexity results have been established for powerful models such as boundedphase visibly pushdown automata (BVMPA) [16] and ordered multipushdown automata (OMPA) [1]. ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
Abstract. Verification of concurrent programs modelled as multistack machines is an active research area. Recently decidability/complexity results have been established for powerful models such as boundedphase visibly pushdown automata (BVMPA) [16] and ordered multipushdown automata (OMPA) [1]. However, the proofs of these results are quite complex and are based on different techniques and concepts for each of the considered models. We investigate in this paper the issue of reducing the verification problem of multistack machines to the one for singlestack machines. We believe that this is a general paradigm for understanding the expressive power and for establishing decidability results for various classes of concurrent program models. For instance, elegant (and paractically efficient) algorithms for boundedcontext switch analysis of multipushdown systems have been recently defined based on reductions to the reachability problem of (singlestack) pushdown systems [10, 18]. We extend this view to both OMPA and BVMPA by showing that each of their emptiness problems can be reduced to the one for a class of singlestack machines. For these reductions, we introduce effective generalized pushdown automata (EGPA) where operations on stacks are (1) pop the top symbol of the stack, and (2) push a word in some (effectively) given set of words L over the stack alphabet, assuming that L is in some class of languages for which checking whether L intersects a given regular language is decidable. We show that the automatabased saturation procedure for computing the set of predecessors in standard pushdown automata can be easily extended to prove that for EGPA too the set of all predecessors of a regular set of configurations is an effectively constructible regular set. Our reductions from OMPA and BVMPA to EGPA, together with the reachability analysis procedure for EGPA, allow to provide conceptually simple algorithms for checking the emptiness problem for each of these models, and to significantly simplify the proofs for their 2ETIME upper bounds (matching their lowerbounds). 1
SATbased Summarization for Boolean Programs
"... Abstract. Boolean programs are frequently used to model abstractions of software programs. They have the advantage that reachability properties are decidable, despite the fact that their stack is not bounded. The enabling technique is summarization of procedure calls. Most model checking tools for B ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Boolean programs are frequently used to model abstractions of software programs. They have the advantage that reachability properties are decidable, despite the fact that their stack is not bounded. The enabling technique is summarization of procedure calls. Most model checking tools for Boolean programs use BDDs to represent these summaries, allowing for an efficient fixpoint detection. However, BDDs are highly sensitive to the number of state variables. We present an approach to overapproximate summaries using Bounded Model Checking. Our technique is based on a SAT solver and requires only few calls to a QBF solver for fixpoint detection. We present benchmarks that show that our implementation is able handle a larger number of variables than BDDbased algorithms on some examples. 1
Interprocedural Dataflow Analysis over Weight Domains with Infinite Descending Chains
 in "Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures
"... Abstract. We study generalized fixedpoint equations over idempotent semirings and provide an efficient algorithm for the detection whether a sequence of Kleene’s iterations stabilizes after a finite number of steps. Previously known approaches considered only bounded semirings where there are no in ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We study generalized fixedpoint equations over idempotent semirings and provide an efficient algorithm for the detection whether a sequence of Kleene’s iterations stabilizes after a finite number of steps. Previously known approaches considered only bounded semirings where there are no infinite descending chains. The main novelty of our work is that we deal with semirings without the boundedness restriction. Our study is motivated by several applications from interprocedural dataflow analysis. We demonstrate how the reachability problem for weighted pushdown automata can be reduced to solving equations in the framework mentioned above and we describe a few applications to demonstrate its usability. 1
On the Memory Consumption of Probabilistic Pushdown Automata
 LIPICS LEIBNIZ INTERNATIONAL PROCEEDINGS IN INFORMATICS
, 2009
"... ..."
Rewriting Systems with Data A Framework for Reasoning about Systems with Unbounded Structures over Infinite Data Domains ⋆
"... Abstract. We introduce a uniform framework for reasoning about infinitestate systems with unbounded control structures and unbounded data domains. Our framework is based on constrained rewriting systems on words over an infinite alphabet. We consider several rewriting semantics: factor, prefix, and ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We introduce a uniform framework for reasoning about infinitestate systems with unbounded control structures and unbounded data domains. Our framework is based on constrained rewriting systems on words over an infinite alphabet. We consider several rewriting semantics: factor, prefix, and multiset rewriting. Constraints are expressed in a logic on such words which is parametrized by a firstorder theory on the considered data domain. We show that our framework is suitable for reasoning about various classes of systems such as recursive sequential programs, multithreaded programs, parametrized and dynamic networks of processes, etc. Then, we provide generic results (1) for the decidability of the satisfiability problem of the fragment ∃ ∗ ∀ ∗ of this logic provided that the underlying logic on data is decidable, and (2) for proving inductive invariance and for carrying out Hoare style reasoning within this fragment. We also show that the reachability problem if decidable for a class of prefix rewriting systems with integer data. 1
Pushdown Systems with Stack Manipulation
"... Abstract. Pushdown systems are a model of computation equipped with one stack where only the top of the stack is inspected and modified in each step of transitions. Although this is a natural restriction, some extensions of pushdown systems require more general operations on stack: conditional pushd ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Pushdown systems are a model of computation equipped with one stack where only the top of the stack is inspected and modified in each step of transitions. Although this is a natural restriction, some extensions of pushdown systems require more general operations on stack: conditional pushdown systems inspect the whole stack contents and discrete timed pushdown systems increment the ages of the whole stack contents. In this paper, we present a general framework called pushdown systems with transductions (TrPDS) for extending pushdown systems with transitions that modify the whole stack contents with a transducer. Although TrPDS is Turing complete, it is shown that if the closure of transductions appearing in the transitions of a TrPDS is finite, it can be simulated by an ordinary pushdown system and thus the reachability problem is decidable. Both of conditional and discrete timed pushdown systems can be considered as such subclasses of TrPDS. 1