Results 1  10
of
37
Reachability Analysis of Pushdown Automata: Application to ModelChecking
, 1997
"... We apply the symbolic analysis principle to pushdown systems. We represent (possibly infinite) sets of configurations of such systems by means of finitestate automata. In order to reason in a uniform way about analysis problems involving both existential and universal path quantification (like mode ..."
Abstract

Cited by 385 (39 self)
 Add to MetaCart
We apply the symbolic analysis principle to pushdown systems. We represent (possibly infinite) sets of configurations of such systems by means of finitestate automata. In order to reason in a uniform way about analysis problems involving both existential and universal path quantification (like modelchecking for branchingtime logics), we consider the more general class of alternating pushdown systems and use alternating finitestate automata as a representation structure for their sets of configurations. We give a simple and natural procedure to compute sets of predecessors for this representation structure. We apply this procedure and the automatatheoretic approach to modelchecking to define new modelchecking algorithms for pushdown systems and both linear and branchingtime properties. From these results we derive upper bounds for several modelchecking problems, and we also provide matching lower bounds, using reductions based on some techniques introduced by Walukiewicz.
Verification on Infinite Structures
, 2000
"... In this chapter, we present a hierarchy of infinitestate systems based on the primitive operations of sequential and parallel composition; the hierarchy includes a variety of commonlystudied classes of systems such as contextfree and pushdown automata, and Petri net processes. We then examine the ..."
Abstract

Cited by 91 (2 self)
 Add to MetaCart
In this chapter, we present a hierarchy of infinitestate systems based on the primitive operations of sequential and parallel composition; the hierarchy includes a variety of commonlystudied classes of systems such as contextfree and pushdown automata, and Petri net processes. We then examine the equivalence and regularity checking problems for these classes, with special emphasis on bisimulation equivalence, stressing the structural techniques which have been devised for solving these problems. Finally, we explore the model checking problem over these classes with respect to various linear and branchingtime temporal logics.
Checking Finite Traces using Alternating Automata
, 2001
"... We present three algorithms to check at runtime whether a reactive program satisfies a temporal specification, expressed by a future lineartime temporal logic formula. The three methods are all based on alternating automata, but traverse the automaton in different ways: depthfirst, breadthfirst, ..."
Abstract

Cited by 45 (7 self)
 Add to MetaCart
(Show Context)
We present three algorithms to check at runtime whether a reactive program satisfies a temporal specification, expressed by a future lineartime temporal logic formula. The three methods are all based on alternating automata, but traverse the automaton in different ways: depthfirst, breadthfirst, and backwards, respectively. All three methods have been implemented and experimental results are presented. We outline an extension to these algorithms that is applicable to ltl formulas containing both past and future operators.
Temporal Logic with Forgettable Past
 In LICS’02
, 2002
"... We investigate NLTL, a lineartime temporal logic with forgettable past. NLTL can be exponentially more succinct than LTL + Past (which in turn can be more succinct than LTL). We study satisfiability and model checking for NLTL and provide optimal automatatheoretic algorithms for these EXPSPACEcom ..."
Abstract

Cited by 43 (4 self)
 Add to MetaCart
We investigate NLTL, a lineartime temporal logic with forgettable past. NLTL can be exponentially more succinct than LTL + Past (which in turn can be more succinct than LTL). We study satisfiability and model checking for NLTL and provide optimal automatatheoretic algorithms for these EXPSPACEcomplete problems. 1.
Statistical Model Checking in BioLab: Applications to the automated analysis of TCell Receptor Signaling Pathway ⋆
"... Abstract. We present an algorithm, called BioLab, for verifying temporal properties of rulebased models of cellular signalling networks. BioLab models are encoded in the BioNetGen language, and properties are expressed as formulae in probabilistic bounded linear temporal logic. Temporal logic is a ..."
Abstract

Cited by 25 (7 self)
 Add to MetaCart
(Show Context)
Abstract. We present an algorithm, called BioLab, for verifying temporal properties of rulebased models of cellular signalling networks. BioLab models are encoded in the BioNetGen language, and properties are expressed as formulae in probabilistic bounded linear temporal logic. Temporal logic is a formalism for representing and reasoning about propositions qualified in terms of time. Properties are then verified using sequential hypothesis testing on executions generated using stochastic simulation. BioLab is optimal, in the sense that it generates the minimum number of executions necessary to verify the given property. BioLab also provides guarantees on the probability of it generating TypeI (i.e., falsepositive) and TypeII (i.e., falsenegative) errors. Moreover, these error bounds are prespecified by the user. We demonstrate BioLab by verifying stochastic effects and bistability in the dynamics of the Tcell receptor signaling network. 1
H.: Model checking information flow in reactive systems
 In: Proceedings of VMCAI. (2012) 169–185
"... Abstract. Most analysis methods for information flow properties do not consider temporal restrictions. In practice, however, such properties rarely occur statically, but have to consider constraints such as when and under which conditions a variable has to be kept secret. In this paper, we propose ..."
Abstract

Cited by 17 (4 self)
 Add to MetaCart
Abstract. Most analysis methods for information flow properties do not consider temporal restrictions. In practice, however, such properties rarely occur statically, but have to consider constraints such as when and under which conditions a variable has to be kept secret. In this paper, we propose a natural integration of information flow properties into lineartime temporal logics (LTL). We add a new modal operator, the hide operator, expressing that the observable behavior of a system is independent of the valuations of a secret variable. We provide a complexity analysis for the model checking problem of the resulting logic SecLTL and we identify an expressive fragment for which this question is efficiently decidable. We also show that the path based nature of the hide operator allows for seamless integration into branching time logics. 1
Model checking freeze LTL over onecounter automata
, 2008
"... We study complexity issues related to the modelchecking problem for LTL with registers (a.k.a. freeze LTL) over onecounter automata. We consider several classes of onecounter automata (mainly deterministic vs. nondeterministic) and several syntactic fragments (restriction on the number of regist ..."
Abstract

Cited by 16 (2 self)
 Add to MetaCart
(Show Context)
We study complexity issues related to the modelchecking problem for LTL with registers (a.k.a. freeze LTL) over onecounter automata. We consider several classes of onecounter automata (mainly deterministic vs. nondeterministic) and several syntactic fragments (restriction on the number of registers and on the use of propositional variables for control locations). The logic has the ability to store a counter value and to test it later against the current counter value. By introducing a nontrivial abstraction on counter values, we show that model checking LTL with registers over deterministic onecounter automata is PSPACEcomplete with infinite accepting runs. By constrast, we prove that model checking LTL with registers over nondeterministic onecounter automata is Σ 1 1complete [resp. Σ 0 1complete] in the infinitary [resp. finitary] case even if only one register is used and with no propositional variable. This makes a difference with the facts that several verification problems for onecounter automata are known to be decidable with relatively low complexity, and that finitary satisfiability for LTL with a unique register is decidable. Our results pave the way for modelchecking LTL with registers over other classes of operational models, such as reversalbounded counter machines and deterministic pushdown systems.
Synthesis from KnowledgeBased Specifications (Extended Abstract)
"... ) Ron van der Meyden 1 and Moshe Y. Vardi 2 1 Computing Sciences University of Technology, Sydney P.O. Box 123, Broadway, NSW 2007, Australia ron@socs.uts.edu.au http://wwwstaff.socs.uts.edu.au/ ¸ ron 2 Department of Computer Science Mail Stop 132, Rice University 6100 S. Main Street Houst ..."
Abstract

Cited by 14 (5 self)
 Add to MetaCart
(Show Context)
) Ron van der Meyden 1 and Moshe Y. Vardi 2 1 Computing Sciences University of Technology, Sydney P.O. Box 123, Broadway, NSW 2007, Australia ron@socs.uts.edu.au http://wwwstaff.socs.uts.edu.au/ ¸ ron 2 Department of Computer Science Mail Stop 132, Rice University 6100 S. Main Street Houston, TX 770051892, U.S.A vardi@cs.rice.edu http://www.cs.rice.edu/ ¸ vardi Abstract. In program synthesis, we transform a specification into a program that is guaranteed to satisfy the specification. In synthesis of reactive systems, the environment in which the program operates may behave nondeterministically, e.g., by generating different sequences of inputs in different runs of the system. To satisfy the specification, the program needs to act so that the specification holds in every computation generated by its interaction with the environment. Often, the program cannot observe all attributes of its environment. In this case, we should transform a specification into a program whose be...
Deadlock And Reachability Checking With Finite Complete Prefixes
, 1999
"... McMillan has presented a verification method for finitestate Petri nets based on finite complete prefixes of net unfoldings. Computational complexity of using finite complete prefixes as a symbolic representation of the state space is discussed. In addition novel way of deadlock and reachability ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
McMillan has presented a verification method for finitestate Petri nets based on finite complete prefixes of net unfoldings. Computational complexity of using finite complete prefixes as a symbolic representation of the state space is discussed. In addition novel way of deadlock and reachability checking using the net unfolding approach is devised. More specifically, the main contributions are: (i) A proof of NPcompleteness of a subroutine of the finite complete prefix generation algorithm. (ii) A proof of PSPACEcompleteness of model checking with finite complete prefixes. (iii) Translations of the problems of deadlock and reachability checking into the problem of finding a stable model of a logic program. (iv) An implementation of the translations in the mcsmodels tool, with experimental results supporting the feasibility of the approach. The implementation combines the prefix generator of the PEPtool, the translations, and an implementation of a constraintbased logic programming framework, the Smodels system. The experiments show that the proposed approach is quite competitive when compared to previous finite complete prefix based deadlock checking algorithms.
Alternating timed automata over bounded time
 In LICS. IEEE Computer
, 2010
"... Abstract—Alternating timed automata are a powerful extension of classical AlurDill timed automata that are closed under all Boolean operations. They have played a key role, among others, in providing verification algorithms for prominent specification formalisms such as Metric Temporal Logic. Unf ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
(Show Context)
Abstract—Alternating timed automata are a powerful extension of classical AlurDill timed automata that are closed under all Boolean operations. They have played a key role, among others, in providing verification algorithms for prominent specification formalisms such as Metric Temporal Logic. Unfortunately, when interpreted over an infinite dense time domain (such as the reals), alternating timed automata have an undecidable language emptiness problem. The main result of this paper is that, over bounded time domains, language emptiness for alternating timed automata is decidable (but nonelementary). The proof involves showing decidability of a class of parametric McNaughton games that are played over timed words and that have winning conditions expressed in the monadic logic of order augmented with the distanceone relation. As a corollary, we establish the decidability of the timebounded modelchecking problem for AlurDill timed automata against specifications expressed as alternating timed automata. KeywordsAlternation; Timed Automata; Church’s Problem I.