Results 21  30
of
112
Verification of Parameterized Protocols
, 2001
"... Recently there has been much interest in the automatic and semiautomatic verification of parameterized networks, i.e., verification of a family of systems fP i j i 2 !g, where each P i is a network consisting of i processes. In this paper, we present a method for the verification of socalled unive ..."
Abstract

Cited by 14 (0 self)
 Add to MetaCart
Recently there has been much interest in the automatic and semiautomatic verification of parameterized networks, i.e., verification of a family of systems fP i j i 2 !g, where each P i is a network consisting of i processes. In this paper, we present a method for the verification of socalled universal properties of fair parameterized networks of similar processes, that is, properties of the form 8p1 : : : pn : , where is a quantifierfree LTL formula and the p i refer to processes. To prove an universal property of a parameterized network, we first model the infinite family of networks by a single fair WS1S transition system, that is, a transition system whose variables are set (2ndorder) variables and whose transitions are described in WS1S. Then, we abstract the WS1S system into a finite state system that can be modelchecked. We present a generic abstraction relation for verifying universal properties as well as an algorithm for computing an abstract system. However, the abstract system may contain infinite computations that have no corresponding fair computations at the concrete level, and hence, in case the property of interest is a progress property, verification may fail because of this. Therefore, we present methods that allow to synthesize fairness conditions from the parameterized network and discuss under which conditions and how to lift fairness conditions of this network to fairness conditions on the abstract system. We implemented our methods in a tool, called pax, and applied it to several examples.
Model Checking LargeScale and Parameterized Resource Allocation Systems
 In Proc. of TACAS'02, LNCS 2280
, 2002
"... Abstract. In this paper, techniques are proposed for limiting state explosion in the context of resource allocation problems. It is shown that given any system organized into a — possibly irregular — network of ¡ — possibly heterogeneous — processes, model checking over that system can be reduced b ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
(Show Context)
Abstract. In this paper, techniques are proposed for limiting state explosion in the context of resource allocation problems. It is shown that given any system organized into a — possibly irregular — network of ¡ — possibly heterogeneous — processes, model checking over that system can be reduced by an efficient, fully automatic and exact method to model checking over a certain small system. These results are established for correctness properties expressed in LTL ¢ X. The precise size and topology of the small system are dependent on the large system, as well as the correctness specification. When the network is symmetric and the processes homogeneous, this new method provides an efficient solution to the Parameterized Model Checking Problem. As an application, it is shown how to efficiently verify a variety of solutions to the parameterized Dining Philosophers Problem. 1
Linking Theorem Proving and ModelChecking with WellFounded Bisimulation
, 1999
"... . We present an approach to verification that combines the strengths of modelchecking and theorem proving. We use theorem proving to show a bisimulation up to stuttering on apotentially infinitestatesystem. Our characterization of stuttering bisimulation allows us to do such proofs by rea ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
. We present an approach to verification that combines the strengths of modelchecking and theorem proving. We use theorem proving to show a bisimulation up to stuttering on apotentially infinitestatesystem. Our characterization of stuttering bisimulation allows us to do such proofs by reasoning only about single steps of the system. We present an onthefly method that extracts the reachable quotient structure induced by the bisimulation, if the structure is finite. If our specification is a temporal logic formula, we modelcheck the quotient structure. If our specification is a simpler system, we use an equivalence checker to show that the quotient structure is stuttering bisimilar to the simpler system. The results obtained on the quotient structure lift to the original system, because the quotient, by construction, is refined by the original system. We demonstrate our methodology by verifying the alternating bit protocol. This protocol cannot be directly modelch...
On the Existence of Network Invariants for Verifying Parameterized Systems
 In Correct System Design  Recent Insights and Advances, 1710, LNCS
, 1999
"... Over the last decade, finitestate verification methods have been developed to an impressive tool for analysis of complex programs, such as protocols and hardware circuits. Partialorder reduction and BDDbased symbolic model checking have been instrumental in this development. Currently, much ef ..."
Abstract

Cited by 13 (0 self)
 Add to MetaCart
Over the last decade, finitestate verification methods have been developed to an impressive tool for analysis of complex programs, such as protocols and hardware circuits. Partialorder reduction and BDDbased symbolic model checking have been instrumental in this development. Currently, much effort is devoted to advancing further the power of automated verification to cover also infinitestate systems. A prominent class of infinitestate systems are socalled parameterized systems, i.e., systems with many similar processes, in which the number of processes is unbounded and their interconnection pattern may vary within the range of some constraints. In this paper, we partially review the use of induction over the system structure for the verification of parameterized systems. Wolper and Lovinfosse have introduced the term network invariant for the induction hypothesis in such a proof by induction. They also observe that wellbehaved (e.g., finitestate) network invariant...
Automated Inductive Verification of Parameterized Protocols
 In CAV 2001
, 2001
"... A parameterized concurrent system represents an infinite family (of finite state systems) parameterized by a recursively... ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
A parameterized concurrent system represents an infinite family (of finite state systems) parameterized by a recursively...
Regular Model Checking
, 2000
"... We present regular model checking, a framework for algorithmic verification of infinitestate systems with, e.g., queues, stacks, integers, or a parameterized linear topology. States are represented by strings over a finite alphabet and the transition relation by a regular lengthpreserving relation ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
(Show Context)
We present regular model checking, a framework for algorithmic verification of infinitestate systems with, e.g., queues, stacks, integers, or a parameterized linear topology. States are represented by strings over a finite alphabet and the transition relation by a regular lengthpreserving relation on strings. Both sets of states and the transition relation are represented by regular sets. Major problems in the verification of parameterized and infinitestate systems are to compute the set of states that are reachable from some set of initial states, and to compute the transitive closure of the transition relation. We present an automatatheoretic construction for computing a nonfinite composition of regular relations, e.g., the transitive closure of a relation. The method is incomplete in general, but we give sufficient conditions under which it works. We show how to reduce model checking of ωregular properties of parameterized systems into a nonfinite composition of regular relations. We also report on an implementation of regular model checking, based on a new package for nondeterministic finite automata.
Symmetry and completeness in the analysis of parameterized systems
 VMCAI 2007. LNCS
, 2007
"... Abstract. Parameterized systems (e.g., network protocols) are compositions of a number of isomorphic, finitestate processes. While correctness is decidable for any fixedsize instance, correctness over all instances is undecidable in general. Typical proof methods, such as those based on process ..."
Abstract

Cited by 11 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Parameterized systems (e.g., network protocols) are compositions of a number of isomorphic, finitestate processes. While correctness is decidable for any fixedsize instance, correctness over all instances is undecidable in general. Typical proof methods, such as those based on process invariants or cutoffs, rely on summarizing the behavior of a parameterized system by a finitestate process. While these methods have been applied successfully to particular protocols, it is unknown whether such summarization is always possible. In this paper, it is shown that—after essential modifications—the cutoff method (which has the most stringent requirements) is complete for safety properties. The proof also shows that cutoff proofs are equivalent to determining inductive invariants. The paper studies this question next, presenting a new algorithm to construct universally quantified inductive invariants. The algorithm computes the strongest invariant of a given shape, and is therefore complete. The key to this result is a previously unnoticed connection between inductiveness, small model theorems, and compositional analysis, which is interesting in its own right. 1
Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control
, 2009
"... Role based access control (RBAC) is a widely used access control paradigm. In large organizations, the RBAC policy is managed by multiple administrators. An administrative role based access control (ARBAC) policy specifies how each administrator may change the RBAC policy. It is often difficult to f ..."
Abstract

Cited by 11 (2 self)
 Add to MetaCart
(Show Context)
Role based access control (RBAC) is a widely used access control paradigm. In large organizations, the RBAC policy is managed by multiple administrators. An administrative role based access control (ARBAC) policy specifies how each administrator may change the RBAC policy. It is often difficult to fully understand the effect of an ARBAC policy by simple inspection, because sequences of changes by different administrators may interact in unexpected ways. ARBAC policy analysis algorithms can help by answering questions, such as userrole reachability, which asks whether a given user can be assigned to given roles by given administrators. Allowing roles and permissions to have parameters significantly enhances the scalability, flexibility, and expressiveness of ARBAC policies. This paper defines PARBAC, which extends the classic ARBAC97 model to support parameters, and presents an analysis algorithm for PARBAC. To the best of our knowledge, this is the first analysis algorithm specifically for parameterized ARBAC policies. We evaluate its efficiency by analyzing its parameterized complexity and benchmarking it on case studies and synthetic policies.
Inferring network invariants automatically
 In Proc. International Joint Conference on Automated Reasoning (IJCAR ’06), volume 4130 of LNAI
, 2006
"... Abstract. Verification by network invariants is a heuristic to solve uniform verification of parameterized systems. Given a system P, a network invariant for P is a system that abstracts the composition of every number of copies of P running in parallel. If there is such a network invariant, by reas ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Verification by network invariants is a heuristic to solve uniform verification of parameterized systems. Given a system P, a network invariant for P is a system that abstracts the composition of every number of copies of P running in parallel. If there is such a network invariant, by reasoning about it, uniform verification with respect to the family P [1] ‖ · · · ‖ P [n] can be carried out. In this paper, we propose a procedure that searches systematically for a network invariant satisfying a given safety property. The search is based on algorithms for learning finite automata due to Angluin and Biermann. We optimize the search by combining both algorithms for improving successive possible invariants. We also show how to reduce the learning problem to SAT, allowing efficient SAT solvers to be used, which turns out to yield a very competitive learning algorithm. The overall search procedure finds a minimal such invariant, if it exists. 1
Verification of Parametric Concurrent Systems with Prioritized FIFO Resource Management
 In Proc. of Concur’03, volume 2761 of LNCS
, 2003
"... We consider the problem of parametric verification over a class of systems of processes competing for access to shared resources. We suppose the access to the resources to be controlled according to a FIFObased policy with a possibility of distinguishing lowpriority and highpriority resource r ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
(Show Context)
We consider the problem of parametric verification over a class of systems of processes competing for access to shared resources. We suppose the access to the resources to be controlled according to a FIFObased policy with a possibility of distinguishing lowpriority and highpriority resource requests.