Results 1  10
of
13
PartialCoherence Abstractions for Relaxed Memory Models
"... We present an approach for automatic verification and fence inference in concurrent programs running under relaxed memory models. Verification under relaxed memory models is a hard problem. Given a finite state program and a safety specification, verifying that the program satisfies the specificatio ..."
Abstract

Cited by 25 (5 self)
 Add to MetaCart
(Show Context)
We present an approach for automatic verification and fence inference in concurrent programs running under relaxed memory models. Verification under relaxed memory models is a hard problem. Given a finite state program and a safety specification, verifying that the program satisfies the specification under a sufficiently relaxed memory model is undecidable. For stronger models, the problem is decidable but has nonprimitive recursive complexity. In this paper, we focus on models that have storebuffer based semantics, e.g., SPARC TSO and PSO. We use abstract interpretation to provide an effective verification procedure for programs running under this type of models. Our main contribution is a family of novel partialcoherence abstractions, specialized for relaxed memory models, which partially preserve information required for memory coherence and consistency. We use our abstractions to automatically verify programs under relaxed memory models. In addition, when a program violates its specification but can be fixed by adding fences, our approach can automatically infer a correct fence placement that is optimal under the abstraction. We implemented our approach in a tool called BLENDER and applied it to verify and infer fences in several concurrent algorithms.
Lattice Automata: A Representation for Languages on Infinite Alphabets, and Some Applications to Verification
"... Abstract. This paper proposes a new abstract domain for languages on infinite alphabets, which acts as a functor taking an abstract domain for a concrete alphabet and lift it to an abstract domain for words on this alphabet. The abstract representation is based on lattice automata, which are finite ..."
Abstract

Cited by 15 (1 self)
 Add to MetaCart
(Show Context)
Abstract. This paper proposes a new abstract domain for languages on infinite alphabets, which acts as a functor taking an abstract domain for a concrete alphabet and lift it to an abstract domain for words on this alphabet. The abstract representation is based on lattice automata, which are finite automata labeled by elements of an atomic lattice. We define a normal form, standard language operations and a widening operator for these automata. We apply this abstract lattice for the verification of symbolic communicating machines, and we discuss its usefulness for interprocedural analysis. 1
Synthesis of Communicating Controllers for Distributed Systems
, 2011
"... We consider the control of distributed systems composed of subsystems communicating asynchronously; the aim is to build local controllers that restrict the behavior of a distributed system in order to satisfy a global state avoidance property. We model our distributed systems as communicating finit ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
We consider the control of distributed systems composed of subsystems communicating asynchronously; the aim is to build local controllers that restrict the behavior of a distributed system in order to satisfy a global state avoidance property. We model our distributed systems as communicating finite state machines with reliable unbounded FIFO queues between subsystems. Local controllers can only observe their proper local subsystems and do not observe the queues. To refine their control policy, they can use the FIFO queues to communicate by piggybacking extra information to the messages sent by the subsystems. We define synthesis algorithms allowing to compute the local controllers. We explain how we can ensure the termination of this control algorithm by using abstract interpretation techniques, to overapproximate queue contents by regular languages. An implementation of our algorithms provides an empirical evaluation of our method.
Analysis of communicating infinite state machines using lattice automata
"... Communication protocols can be formally described by the Communicating FiniteState Machines (CFSM) model. This model is expressive, but not expressive enough to deal with complex protocols that involve structured messages encapsulating integers or lists of integers. This is the reason why we propos ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Communication protocols can be formally described by the Communicating FiniteState Machines (CFSM) model. This model is expressive, but not expressive enough to deal with complex protocols that involve structured messages encapsulating integers or lists of integers. This is the reason why we propose an extension of this model: the Symbolic Communicating Machines (SCM). We also propose an approximate reachability analysis method, based on lattice automata. Lattice automata are finite automata, the transitions of which are labeled with elements of an atomic lattice. We tackle the problem of the determinization as well as the definition of a widening operator for these automata. We also show that lattice automata are useful for the interprocedural analysis.
Global State Estimates for Distributed Systems
, 2011
"... Abstract. We consider distributed systems modeled as communicating finite state machines with reliable unbounded FIFO channels. As an essential subroutine for control, monitoring and diagnosis applications, we provide an algorithm that computes, during the execution of the system, an estimate of th ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We consider distributed systems modeled as communicating finite state machines with reliable unbounded FIFO channels. As an essential subroutine for control, monitoring and diagnosis applications, we provide an algorithm that computes, during the execution of the system, an estimate of the current global state of the distributed system for each local subsystem. This algorithm does not change the behavior of the system; each subsystem only computes and records a symbolic representation of the state estimates, and piggybacks some extra information to the messages sent to the other subsystems in order to refine their estimates. Our algorithm relies on the computation of reachable states. Since the reachability problem is undecidable in our model, we use abstract interpretation techniques to obtain regular overapproximations of the possible FIFO channel contents, and hence of the possible current global states. An implementation of this algorithm provides an empirical evaluation of our method. 1
Extrapolationbased Path Invariants for Abstraction Refinement of Fifo Systems
"... The technique of counterexampleguided abstraction refinement (Cegar) has been successfully applied in the areas of software and hardware verification. Automatic abstraction refinement is also desirable for the safety verification of complex infinitestate models. This paper investigates Cegar in ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
The technique of counterexampleguided abstraction refinement (Cegar) has been successfully applied in the areas of software and hardware verification. Automatic abstraction refinement is also desirable for the safety verification of complex infinitestate models. This paper investigates Cegar in the context of formal models of network protocols, in our case, the verification of fifo systems. Our main contribution is the introduction of extrapolationbased path invariants for abstraction refinement. We develop a range of algorithms that are based on this novel theoretical notion, and which are parametrized by different extrapolation operators. These are utilized as subroutines in the refinement step of our Cegar semialgorithm that is based on recognizable partition abstractions. We give sufficient conditions for the termination of Cegar by constraining the extrapolation operator. Our empirical evaluation confirms the benefit of extrapolationbased path invariants.
2.1. Overall Objectives 1
"... 3. Scientific Foundations....................................................................... 2 3.1. Embedded systems and their safe design 2 3.1.1. The safe design of embedded realtime control systems. 2 3.1.2. Models, methods and techniques. 3 3.2. Issues in design automation for complex syste ..."
Abstract
 Add to MetaCart
(Show Context)
3. Scientific Foundations....................................................................... 2 3.1. Embedded systems and their safe design 2 3.1.1. The safe design of embedded realtime control systems. 2 3.1.2. Models, methods and techniques. 3 3.2. Issues in design automation for complex systems 4 3.2.1. Hard problems 4 3.2.2. Applicative needs 4 3.2.3. Our approach 5
On Languages of Channels for Communicating ODP Engineering Objects
"... Processing (RMODP) defines a framework within which support of distribution, interoperability and portability can be integrated. An ODP system is defined in terms of five viewpoints. The ODP engineering specification consists of a set of engineering objects which communicate via a channel object. T ..."
Abstract
 Add to MetaCart
(Show Context)
Processing (RMODP) defines a framework within which support of distribution, interoperability and portability can be integrated. An ODP system is defined in terms of five viewpoints. The ODP engineering specification consists of a set of engineering objects which communicate via a channel object. The engineering viewpoint defines the ODP transparencies and ODP functions. We focus in this paper on the language of the channel engineering object. We associate to each component state of a global state a set of words that may be contained in channels. We define, for each object, a grammar ‘like ’ context free in which, each rule is of the form X → u1 Yv, where u1 Yv stand for the residual of the language (L(Y)v) with regard to u. We use contextfree grammar properties to make transformations and appear a symbol X in the right member of each Xproduction to express loop and cycle transitions in the CFSM. The algebraic property of contextfree languages is then used to calculate these languages which are minimal solution of a system of equations. These languages can be used to verify some protocol properties such as reachability and deadlock problems.