Results 11  20
of
112
On notions of regularity for data languages
 In FCT
, 2007
"... Motivated by considerations in XML database theory and model checking, data strings have been introduced as an extension of finite alphabet strings which carry, at each position, a symbol and a data value from an infinite domain. Previous work has shown that it is difficult to come up with an expres ..."
Abstract

Cited by 28 (5 self)
 Add to MetaCart
(Show Context)
Motivated by considerations in XML database theory and model checking, data strings have been introduced as an extension of finite alphabet strings which carry, at each position, a symbol and a data value from an infinite domain. Previous work has shown that it is difficult to come up with an expressive yet decidable automaton model for data languages. Recently, such a model, data automata, was introduced. This paper introduces a simpler but equivalent model and investigates its expressive power, algorithmic and closure properties, and some extensions. 1
Verification of Parameterized Systems Using Logic Program Transformations
, 1999
"... We show how the problem of verifying parameterized systems can be... ..."
Abstract

Cited by 24 (7 self)
 Add to MetaCart
We show how the problem of verifying parameterized systems can be...
Dynamic cutoff detection in parameterized concurrent programs
 In CAV
, 2010
"... Abstract. The verification problem for parameterized concurrent programs is a grand challenge in computing. We consider the class of finitestate programs executed by an unbounded number of replicated threads, which is essential in concurrent software verification using predicate abstraction. Whil ..."
Abstract

Cited by 20 (5 self)
 Add to MetaCart
(Show Context)
Abstract. The verification problem for parameterized concurrent programs is a grand challenge in computing. We consider the class of finitestate programs executed by an unbounded number of replicated threads, which is essential in concurrent software verification using predicate abstraction. While the reachability problem for this class is decidable, existing algorithms are of limited use in practice, due to an exponentialspace lower bound. In this paper, we present an alternative method based on a reachability cutoff: a number n of threads that suffice to generate all reachable program locations. We give a sufficient condition, verifiable dynamically during the reachability analysis, that allows us to conclude that n is a cutoff. We then make the method complete, using a lean backward coverability analysis. We demonstrate the efficiency of the approach on Petri net encodings of communication protocols, as well as on nonrecursive Boolean programs run by arbitrarily many parallel threads. 1
Liveness with Invisible Ranking
 SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER
, 2006
"... The method of Invisible Invariants was developed originally in order to verify safety properties of parameterized systems in a fully automatic manner. The method is based on (1) a project&generalize heuristic to generate auxiliary constructs for parameterized systems, and (2) a small model theor ..."
Abstract

Cited by 20 (7 self)
 Add to MetaCart
(Show Context)
The method of Invisible Invariants was developed originally in order to verify safety properties of parameterized systems in a fully automatic manner. The method is based on (1) a project&generalize heuristic to generate auxiliary constructs for parameterized systems, and (2) a small model theorem implying that it is sufficient to check the validity of logical assertions of certain syntactic form on small instantiations of a parameterized system. The approach can be generalized to any deductive proof rule that (1) requires auxiliary constructs that can be generated by project&generalize, and (2) the premises resulting when using the constructs are of the form covered by the small model theorem. The method of invisible ranking, presented here, generalizes the approach to liveness properties of parameterized systems. Starting with a proof rule and cases where the method can be applied almost “as is,” the paper progresses to develop deductive proof rules for liveness and extend the small model theorem to cover many intricate families of parameterized systems.
Compositional Analysis for Verification of Parameterized Systems
 Theoretical Computer Science
, 2003
"... Many safetycritical systems that have been considered by the verification community are parameterized by the number of concurrent components in the system, and hence describe an infinite family of systems. Traditional model checking techniques can only be used to verify specific instances of this f ..."
Abstract

Cited by 20 (8 self)
 Add to MetaCart
Many safetycritical systems that have been considered by the verification community are parameterized by the number of concurrent components in the system, and hence describe an infinite family of systems. Traditional model checking techniques can only be used to verify specific instances of this family. In this paper, we present a technique based on compositional model checking and program analysis for automatic verification of infinite families of systems. The technique views a parameterized system as an expression in a process algebra (CCS) and interprets this expression over a domain of formulas (modal mucalculus), considering a process as a property transformer. The transformers are constructed using partial model checking techniques. At its core, our technique solves the verification problem by finding the limit of a chain of formulas. We present a widening operation to find such a limit for properties expressible in a subset of modal mucalculus. We describe the verification of a number of parameterized systems using our technique to demonstrate its utility.
Feature interaction detection by pairwise analysis of LTL properties  a case study
 FORMAL METHODS IN SYSTEM DESIGN
, 2006
"... A Promela specification and a set of temporal properties are developed for a basic call service with a number of features. The properties are expressed in the logic LTL. Interactions between features are detected by pairwise analysis of features and properties. The analysis quickly results in both s ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
(Show Context)
A Promela specification and a set of temporal properties are developed for a basic call service with a number of features. The properties are expressed in the logic LTL. Interactions between features are detected by pairwise analysis of features and properties. The analysis quickly results in both statespace and property case explosion. To overcome this statespaces are minimised, model checking results generalised through symmetry and bisimulation, and analysis performed automatically using scripts. The result is a more extensive feature interaction analysis than others in the field.
Reachability Sets of Parametrized Rings As Regular Languages
 In Proc. 2nd Int. Workshop on Verification of Infinite State Systems (INFINITY’97
, 1997
"... We present here a method for deriving a regular language that characterizes the set of reachable states of a given parametrized ring (made of N of identical components). The method basically proceeds in two steps: first one generates a regular language L by inductive inference from a finite sample ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
We present here a method for deriving a regular language that characterizes the set of reachable states of a given parametrized ring (made of N of identical components). The method basically proceeds in two steps: first one generates a regular language L by inductive inference from a finite sample of reachable states; second one formally checks that L characterizes the whole set of reachable states. 1 Introduction During these last years, several kinds of methods have been explored in order to prove a property P about a ring of N identical finitestate processes irrespective of its size N . They are essentially three. The first is by induction (see, e.g., [20,19,13]), but often relies on human help for the introduction of appropriate `lemmas' or `invariants'. The second is by reduction to the verification problem for a fixed small size (e.g., N=2) (see, e.g., [10,17]), but works only for restrictive classes of rings. The third is by abstraction (see, e.g., [8,18,15]): an abstract mode...
Modularization and Abstraction: The Keys to Practical Formal Verification
 LECTURE NOTES IN COMPUTER SCIENCE
, 1998
"... In spite of the impressive progress in the development of the two main methods for formal verification of reactive systems  Model Checking (in particular symbolic) and Deductive Verification, they are still limited in their ability to handle large systems. It is generally recognized that the only ..."
Abstract

Cited by 18 (0 self)
 Add to MetaCart
(Show Context)
In spite of the impressive progress in the development of the two main methods for formal verification of reactive systems  Model Checking (in particular symbolic) and Deductive Verification, they are still limited in their ability to handle large systems. It is generally recognized that the only way these methods can ever scale up is by the extensive use of abstraction and modularization, which breaks the task of verifying a large system into several smaller tasks of verifying simpler systems. In this methodological paper, we review the two main tools of compositionality and abstraction in the framework of linear temporal logic. We illustrate the application of these two methods for the reduction of an infinitestate system into a finitestate system that can then be verified using model checking. The modest technical contributions contained in this paper are a full formulation of abstraction when applied to a system with both weak and strong fairness requirements and to a general...
Verification by network decomposition
 IN 15 TH CONCUR, LNCS 3170
, 2004
"... We describe a new method to verify networks of homogeneous processes which communicate by token passing. Given an arbitrary network graph and an indexed LT L \ X property, we show how to decompose the network graph into multiple constant size networks, thereby reducing one model checking call on a ..."
Abstract

Cited by 16 (2 self)
 Add to MetaCart
(Show Context)
We describe a new method to verify networks of homogeneous processes which communicate by token passing. Given an arbitrary network graph and an indexed LT L \ X property, we show how to decompose the network graph into multiple constant size networks, thereby reducing one model checking call on a large network to several calls on small networks. We thus obtain cutoffs for arbitrary classes of networks, adding to previous work by Emerson and Namjoshi on the ring topology. Our results on LT L \ X are complemented by a negative result which precludes the existence of reductions for CT L \ X on general networks.