17 research outputs found
Temporal analysis of a microkernel
Temporal logic techniques have been
proposed as a way of achieving a very natural
transition from informal requirements to a
formal specification of the requirements. The
paper presents a case study of a real-life
system developed using such techniques.
Both a top-level specification and
implementation semantics are given in
temporal logic. In particular, the progression
from statements in English to temporal logic
is highlighted. A correctness proof that the
implemented system satisfies the
specification has been produced
Disjoint Hamilton cycles in transposition graphs
Most network topologies that have been studied have been subgraphs of transposition graphs.
Edge-disjoint Hamilton cycles are important in network topologies for improving fault-tolerance
and distribution of messaging traffic over the network. Not much was known about edge-disjoint
Hamilton cycles in general transposition graphs until recently Hung produced a construction
of 4 edge-disjoint Hamilton cycles in the 5-dimensional transposition graph and showed how
edge-disjoint Hamilton cycles in (n + 1)-dimensional transposition graphs can be constructed
inductively from edge-disjoint Hamilton cycles in n-dimensional transposition graphs. In the
same work it was conjectured that n-dimensional transposition graphs have n − 1 edge-disjoint
Hamilton cycles for all n greater than or equal to 5. In this paper we provide an edge-labelling
for transposition graphs and, by considering known Hamilton cycles in labelled star subgraphs
of transposition graphs, are able to provide an extra edge-disjoint Hamilton cycle at the inductive
step from dimension n to n + 1, and thereby prove the conjecture
Monodic temporal logic with quantified propositional variables
We extend the monodic fragment of first-order linear temporal logic to include right-linear grammar operators and
quantification of propositional variables. Unlike propositional temporal logic, the use of grammar operators in first-order
temporal logic is not equivalent to general propositional quantification, as the latter admit satisfiable formulae without
countable models. We consider the decision problem for fragments where propositional quantification occurs outside of
quantification of individual variables and temporal (grammar) operators. We show that if externally quantified propositions
inside temporal operators occur within positive occurrences of universal quantifiers for individual variables, then validity
for all propositional prefix classes is recursively enumerable and decidable in the two-variable case. Without this condition
we show that, even with very severe restrictions on the first-order part of the logic, no non-trivial prefix class is recursively
enumerable
Multi-step transactions specification and verification in a mobile database community
Executions of concurrent multi-step transactions
interleave steps in ways that improve the throughput of the
particular transactions processing system. In this paper, we use
temporal logic to specify and verify formally the correctness of
local and mobile transactions executing concurrently on a mobile
database. The correctness condition is that of serializability which
we specify in CTL (Computational Tree Logic). The reason
for using a temporal logic such as CTL, is that the method
can be extended to verifying infinite schedules modelling mobile
environments such as MDBCs (mobile database communities).
The verification is carried out using the symbolic model checking
NuSMV. We verify that a local scheduler based on timestamps
serializes local and mobile multi-step transactions
Symmetry and optimality of disjoint Hamilton cycles in star graphs
Multiple edge-disjoint Hamilton cycles have been obtained in labelled
star graphs Stn of degree n-1, using number-theoretic means, as images
of a known base 2-labelled Hamilton cycle under label-mapping auto-
morphisms of Stn. However, no optimum bounds for producing such
edge-disjoint Hamilton cycles have been given, and no positive or nega-
tive results exist on whether Hamilton decompositions can be produced
by such constructions other than a positive result for St5. We show that
for all even n there exist such collections, here called symmetric collec-
tions, of φ(n)/2 edge-disjoint Hamilton cycles, where φ is Euler's totient
function, and that this bound cannot be improved for any even or odd n.
Thus, Stn is not symmetrically Hamilton decomposable if n is not prime.
Our method improves on the known bounds for numbers of any kind of
edge-disjoint Hamilton cycles in star graphs
The use of formal methods in parallel operating systems
The authors report on the use of formal methods for the development of parallel operating systems for two experimental declarative systems over a five-year period. A common specification approach has evolved as part of the development of these two very different systems: one being for a parallel graph reduction machine and written in a functional language enhanced with state-based objects, the other was written in C++. A brief overview of each system is given before concentrating on the use of formal methods. A description is given of how both a technique for formally specifying sequential systems (VDM) and a technique for specifying concurrent systems (temporal logic) have been used together. In both cases, the issue of verification is addresse
Formal development of remote interfaces for large- scale real-time systems
The design of web-based user interfaces is of
primary importance for achieving successful operation of
Internet-based monitoring and control systems.
Operators need to be able IO act promptly on changing
situations requiring remote actions to process plants. A
formal development process is proposed to determine the
minimum amount of information that needs to be
presented at interfaces. The first stage of the process is a
specifcation of states of components that require
operator actions. The main stage of the process uses
model checking to generate interfaces with a minimal
amount of information sufticient for the operator to
perform all required actions. As well as improving the
efficiency of operators, simpler interfaces allow for
greater concurrency in the implementation of the remote
operation of the process plant
Optimal bounds for disjoint Hamilton cycles in star graphs
In interconnection network topologies, the n-dimensional star graph Stn has n! vertices
corresponding to permutations a (1) : : : a (n) of n symbols a1; : : : ; an and edges which
exchange the positions of the rst symbol a (1) with any one of the other symbols. The
star graph compares favorably with the familiar n-cube on degree, diameter and a number
of other parameters. A desirable property which has not been fully evaluated in star
graphs is the presence of multiple edge-disjoint Hamilton cycles which are important for
fault-tolerance. The only known method for producing multiple edge-disjoint Hamilton
cycles in Stn has been to label the edges in a certain way and then take images of a
known base 2-labelled Hamilton cycle under di erent automorphisms that map labels
consistently. However, optimal bounds for producing edge-disjoint Hamilton cycles in
this way, and whether Hamilton decompositions can be produced, are not known for
any Stn other than for the case of St5 which does provide a Hamilton decomposition.
In this paper we show that, for all n, not more than '(n)=2, where ' is Euler's totient
function, edge-disjoint Hamilton cycles can be produced by such automorphisms. Thus,
for non-prime n, a Hamilton decomposition cannot be produced. We show that the
'(n)=2 upper bound can be achieved for all even n. In particular, if n is a power of
2, Stn has a Hamilton decomposable spanning subgraph comprising more than half of
the edges of Stn. Our results produce a better than twofold improvement on the known
bounds for any kind of edge-disjoint Hamilton cycles in n-dimensional star graphs for
general n
Representation of coherency classes for parallel systems
Some parallel applications do not require a precise
imitation of the behaviour of the physically shared
memory programming model. Consequently, certain
parallel machine architectures have elected to emphasise
different required coherency properties because of
possible efficiency gains. This has led to various definitions
of models of store coherency. These definitions
have not been amenable to detailed analysis and, consequently,
inconsistencies have resulted.
In this paper a unified framework is proposed in
which different models of store coherency are developed
systematically by progressively relaxing the constraints
that they have to satisfy. A demonstration is given of
how formal reasoning can be cam’ed out to compare
different models. Some real-life systems are considered
and a definition of a version of weak coherency is
found to be incomplete
A method of verification in design: an operating system case study
This paper reports a study of verification in the high-level design phase of operating system development in which both a rigorous and formal verification are used, where the rigorous argument is used to determine a manageable formal proof to be carried out. A 2-sorted first order temporal language is used to express several possible high-level designs and the required properties of an operating system store manager. The case of large system limits is reduced to a case of small system limits by use of a rigorous argument. Corresponding proportional temporal logic (PTL) formulae are then verified using a PTL theorem prover