Results 11  20
of
89
A Markov Chain Model Checker
, 2000
"... . Markov chains are widely used in the context of performance and reliability evaluation of systems of various nature. Model checking of such chains with respect to a given (branching) temporal logic formula has been proposed for both the discrete [17, 6] and the continuous time setting [4, 8]. ..."
Abstract

Cited by 57 (22 self)
 Add to MetaCart
(Show Context)
. Markov chains are widely used in the context of performance and reliability evaluation of systems of various nature. Model checking of such chains with respect to a given (branching) temporal logic formula has been proposed for both the discrete [17, 6] and the continuous time setting [4, 8]. In this paper, we describe a prototype model checker for discrete and continuoustime Markov chains, the ErlangenTwente Markov Chain Checker (E MC 2 ), where properties are expressed in appropriate extensions of CTL. We illustrate the general benefits of this approach and discuss the structure of the tool. Furthermore we report on first successful applications of the tool to nontrivial examples, highlighting lessons learned during development and application of E T MC 2 . 1 Introduction Markov chains are widely used as simple yet adequate models in diverse areas, ranging from mathematics and computer science to other disciplines such as operations research, industrial engine...
On the Logical Characterisation of Performability Properties
, 2000
"... . Markovreward models, as extensions of continuoustime Markov chains, have received increased attention for the specication and evaluation of performance and dependability properties of systems. Until now, however, the specication of rewardbased performance and dependability measures has been don ..."
Abstract

Cited by 52 (15 self)
 Add to MetaCart
. Markovreward models, as extensions of continuoustime Markov chains, have received increased attention for the specication and evaluation of performance and dependability properties of systems. Until now, however, the specication of rewardbased performance and dependability measures has been done manually and informally. In this paper, we change this undesirable situation by the introduction of a continuoustime, rewardbased stochastic logic. We argue that this logic is adequate for expressing performability measures of a large variety. We isolate two important sublogics, the logic CSL [1, 3], and the novel logic CRL that allows one to express rewardbased properties. These logics turn out to be complementary, which is formally established in our main duality theorem. This result implies that rewardbased properties expressed in CRL for a particular Markov reward model can be interpreted as CSL properties over a derived continuoustime Markov chain, so that model checking proce...
Weak probabilistic anonymity
 INRIA FUTURS AND LIX
, 2005
"... Anonymity means that the identity of the user performing a certain action is maintained secret. The protocols for ensuring anonymity often use random mechanisms which can be described probabilistically. In this paper we propose a notion of weak probabilistic anonymity, where weak refers to the fact ..."
Abstract

Cited by 49 (11 self)
 Add to MetaCart
(Show Context)
Anonymity means that the identity of the user performing a certain action is maintained secret. The protocols for ensuring anonymity often use random mechanisms which can be described probabilistically. In this paper we propose a notion of weak probabilistic anonymity, where weak refers to the fact that some amount of probabilistic information may be revealed by the protocol. This information can be used by an observer to infer the likeliness that the action has been performed by a certain user. The aim of this work is to study the degree of anonymity that the protocol can still ensure, despite the leakage of information. We illustrate our ideas by using the example of the dining cryptographers with biased coins. We consider both the cases of nondeterministic and probabilistic users. Correspondingly, we propose two notions of weak anonymity and we investigate their respective dependencies on the biased factor of the coins.
Faster and Symbolic CTMC Model Checking
, 2001
"... This paper reports on the implementation and the experiments with symbolic model checking of continuoustime Markov chains using multiterminal binary decision diagrams (MTBDDs). Properties are expressed in Continuous Stochastic Logic (CSL) [7] which includes the means to express both transient ..."
Abstract

Cited by 45 (21 self)
 Add to MetaCart
This paper reports on the implementation and the experiments with symbolic model checking of continuoustime Markov chains using multiterminal binary decision diagrams (MTBDDs). Properties are expressed in Continuous Stochastic Logic (CSL) [7] which includes the means to express both transient and steadystate performance measures.
D.: Symmetry reduction for probabilistic model checking
 International Organization for Standardization. ISO Information Processing Systems  Data Communication HighLevel Data Link Control Procedure  Frame Structure. IS 3309
, 2006
"... Abstract. We present an approach for applying symmetry reduction techniques to probabilistic model checking, a formal verification method for the quantitative analysis of systems with stochastic characteristics. We target systems with a set of nontrivial, but interchangeable, components such as tho ..."
Abstract

Cited by 44 (13 self)
 Add to MetaCart
(Show Context)
Abstract. We present an approach for applying symmetry reduction techniques to probabilistic model checking, a formal verification method for the quantitative analysis of systems with stochastic characteristics. We target systems with a set of nontrivial, but interchangeable, components such as those which commonly arise in randomised distributed algorithms or probabilistic communication protocols. We show, for three types of probabilistic models, that symmetry reduction, similarly to the nonprobabilistic case, allows verification to instead be performed on a bisimilar quotient model which may be up to factorially smaller. We then propose an efficient algorithm for the construction of the quotient model using a symbolic implementation based on multiterminal binary decision diagrams (MTBDDs) and, using four large case studies, demonstrate that this approach offers not only a dramatic increase in the size of probabilistic model which can be quantitatively analysed but also a significant decrease in the corresponding runtimes. 1
Probabilistic Automata: System Types, Parallel Composition and Comparison
 In Validation of Stochastic Systems: A Guide to Current Research
, 2004
"... We survey various notions of probabilistic automata and probabilistic bisimulation, accumulating in an expressiveness hierarchy of probabilistic system types. The aim of this paper is twofold: On the one hand it provides an overview of existing types of probabilistic systems and, on the other ha ..."
Abstract

Cited by 35 (5 self)
 Add to MetaCart
We survey various notions of probabilistic automata and probabilistic bisimulation, accumulating in an expressiveness hierarchy of probabilistic system types. The aim of this paper is twofold: On the one hand it provides an overview of existing types of probabilistic systems and, on the other hand, it explains the relationship between these models.
Model Checking Performability Properties
 DSN 2002, IEEE CS
, 2002
"... Model checking has been introduced as an automated technique to verify whether functional properties, expressed in a formal logic like computational tree logic (CTL), do hold in a formallyspecified system. In recent years, we have extended CTL such that it allows for the specification of propertie ..."
Abstract

Cited by 35 (8 self)
 Add to MetaCart
(Show Context)
Model checking has been introduced as an automated technique to verify whether functional properties, expressed in a formal logic like computational tree logic (CTL), do hold in a formallyspecified system. In recent years, we have extended CTL such that it allows for the specification of properties over finitestate continuoustime Markov chains (CTMCs). Computational techniques for model checking have been developed and successfully applied in the dependability context. Further work in this area has recently led to the continuous stochastic reward logic (CSRL), a logic to specify measures over CTMCs extended with a reward structure (socalled Markov reward models). Wellknown performability measures, most notably also Meyer’s performability distribution, can be easily defined with CSRL. However, using CSRL it is possible to specify performability measures that have not yet been addressed in the literature, hence, for which no computational procedures have been developed yet. In this paper we present a number of computational procedures to perform model checking of CSRL over finite Markov reward models, thereby stressing their computational complexity (time and space) and applicability from a practical point of view (accuracy, stability). A case study in the area of ad hoc mobile computing under power constraints shows the merits of CSRL and the new computational procedures.
Model checking discounted temporal properties
 In TACAS04, LNCS 2988
, 2004
"... Temporal logic is twovalued: formulas are interpreted as either true or false. When applied to the analysis of stochastic systems, or systems with imprecise formal models, temporal logic is therefore fragile: even small changes in the model can lead to opposite truth values for a specication. We p ..."
Abstract

Cited by 33 (8 self)
 Add to MetaCart
(Show Context)
Temporal logic is twovalued: formulas are interpreted as either true or false. When applied to the analysis of stochastic systems, or systems with imprecise formal models, temporal logic is therefore fragile: even small changes in the model can lead to opposite truth values for a specication. We present a generalization of the branchingtime logic Ctl which achieves robustness with respect to model perturbations by giving a quantitative interpretation to predicates and logical operators, and by discounting the importance of events according to how late they occur. In every state, the value of a formula is a real number in the interval [0,1], where 1 corresponds to truth and 0 to falsehood. The boolean operators and and or are replaced by min and max, the path quantiers 9 and 8 determine sup and inf over all paths from a given state, and the temporal operators 3 and 2 specify sup and inf over a given path; a new operator averages all values along a path. Furthermore, all path operators are discounted by a parameter that can be chosen to give more weight to states that are closer to the beginning of the path.
Beyond Memoryless Distributions: Model Checking SemiMarkov Chains
 In Proceedings of the Joint International Workshop on Process Algebra and Probabilistic Methods, Performance Modeling and Verification, volume 2165 of LNCS
, 2001
"... Recent investigationsh vesh wnthW th automated verification of continuoustime Markov chWbL (CTMCs) against CSL (Continuous Stoch#bWb Logic) can be performed in arathW e#cient manner. Th statehatex# time distributions in CTMCs are restricted to negative exponential distributions.Ths paper investigat ..."
Abstract

Cited by 31 (6 self)
 Add to MetaCart
Recent investigationsh vesh wnthW th automated verification of continuoustime Markov chWbL (CTMCs) against CSL (Continuous Stoch#bWb Logic) can be performed in arathW e#cient manner. Th statehatex# time distributions in CTMCs are restricted to negative exponential distributions.Ths paper investigates model ch8 king of semiMarkov ch### (SMCs), a model inwhW h statehatexW times are governed by general distributions. We report on th semantical issues of adopting CSL for specifying properties of SMCs and present model chb kingalgorithx for thx logic. 1
Logical and stochastic modeling with SMART
, 2003
"... We describe the main features of SmArT, a software package providing a seamless environment for the logic and probabilistic analysis of complex systems. SmArT can combine dierent formalisms in the same modeling study. For the analysis of logical behavior, both explicit and symbolic statespace g ..."
Abstract

Cited by 29 (15 self)
 Add to MetaCart
We describe the main features of SmArT, a software package providing a seamless environment for the logic and probabilistic analysis of complex systems. SmArT can combine dierent formalisms in the same modeling study. For the analysis of logical behavior, both explicit and symbolic statespace generation techniques, as well as symbolic CTL modelchecking algorithms, are available. For the study of stochastic and timing behavior, both sparsestorage and Kronecker numerical solution approaches are available when the underlying process is a Markov chain. In addition,