1,324 research outputs found
Revisiting Underapproximate Reachability for Multipushdown Systems
Boolean programs with multiple recursive threads can be captured as pushdown
automata with multiple stacks. This model is Turing complete, and hence, one is
often interested in analyzing a restricted class that still captures useful
behaviors. In this paper, we propose a new class of bounded under
approximations for multi-pushdown systems, which subsumes most existing
classes. We develop an efficient algorithm for solving the under-approximate
reachability problem, which is based on efficient fix-point computations. We
implement it in our tool BHIM and illustrate its applicability by generating a
set of relevant benchmarks and examining its performance. As an additional
takeaway, BHIM solves the binary reachability problem in pushdown automata. To
show the versatility of our approach, we then extend our algorithm to the timed
setting and provide the first implementation that can handle timed
multi-pushdown automata with closed guards.Comment: 52 pages, Conference TACAS 202
Reachability Analysis of Communicating Pushdown Systems
The reachability analysis of recursive programs that communicate
asynchronously over reliable FIFO channels calls for restrictions to ensure
decidability. Our first result characterizes communication topologies with a
decidable reachability problem restricted to eager runs (i.e., runs where
messages are either received immediately after being sent, or never received).
The problem is EXPTIME-complete in the decidable case. The second result is a
doubly exponential time algorithm for bounded context analysis in this setting,
together with a matching lower bound. Both results extend and improve previous
work from La Torre et al
Unified Analysis of Collapsible and Ordered Pushdown Automata via Term Rewriting
We model collapsible and ordered pushdown systems with term rewriting, by
encoding higher-order stacks and multiple stacks into trees. We show a uniform
inverse preservation of recognizability result for the resulting class of term
rewriting systems, which is obtained by extending the classic saturation-based
approach. This result subsumes and unifies similar analyses on collapsible and
ordered pushdown systems. Despite the rich literature on inverse preservation
of recognizability for term rewrite systems, our result does not seem to follow
from any previous study.Comment: in Proc. of FRE
Scope-bounded multistack pushdown systems: fixed-point, sequentialization, and tree-width
We present a novel fixed-point algorithm to solve reachability of multi-stack pushdown systems restricted to runs of bounded-scope. The followed approach is compositional, in the sense that the runs of the system are summarized by bounded-size interfaces. Moreover, it is suitable for a direct implementation and can be exploited to prove two new results. We give a sequentialization for this class of systems, i.e., for each such multi-stack pushdown system we construct an equivalent single-stack pushdown system that faithfully simulates the behaviour of each thread. We prove that the behaviour graphs (multiply nested words) for these systems have bounded three-width, and thus a number of decidability results can be derived from Courcelleâs theorem
Visibly Linear Dynamic Logic
We introduce Visibly Linear Dynamic Logic (VLDL), which extends Linear
Temporal Logic (LTL) by temporal operators that are guarded by visibly pushdown
languages over finite words. In VLDL one can, e.g., express that a function
resets a variable to its original value after its execution, even in the
presence of an unbounded number of intermediate recursive calls. We prove that
VLDL describes exactly the -visibly pushdown languages. Thus it is
strictly more expressive than LTL and able to express recursive properties of
programs with unbounded call stacks.
The main technical contribution of this work is a translation of VLDL into
-visibly pushdown automata of exponential size via one-way alternating
jumping automata. This translation yields exponential-time algorithms for
satisfiability, validity, and model checking. We also show that visibly
pushdown games with VLDL winning conditions are solvable in triply-exponential
time. We prove all these problems to be complete for their respective
complexity classes.Comment: 25 Page
Game Characterization of Probabilistic Bisimilarity, and Applications to Pushdown Automata
We study the bisimilarity problem for probabilistic pushdown automata (pPDA)
and subclasses thereof. Our definition of pPDA allows both probabilistic and
non-deterministic branching, generalising the classical notion of pushdown
automata (without epsilon-transitions). We first show a general
characterization of probabilistic bisimilarity in terms of two-player games,
which naturally reduces checking bisimilarity of probabilistic labelled
transition systems to checking bisimilarity of standard (non-deterministic)
labelled transition systems. This reduction can be easily implemented in the
framework of pPDA, allowing to use known results for standard
(non-probabilistic) PDA and their subclasses. A direct use of the reduction
incurs an exponential increase of complexity, which does not matter in deriving
decidability of bisimilarity for pPDA due to the non-elementary complexity of
the problem. In the cases of probabilistic one-counter automata (pOCA), of
probabilistic visibly pushdown automata (pvPDA), and of probabilistic basic
process algebras (i.e., single-state pPDA) we show that an implicit use of the
reduction can avoid the complexity increase; we thus get PSPACE, EXPTIME, and
2-EXPTIME upper bounds, respectively, like for the respective non-probabilistic
versions. The bisimilarity problems for OCA and vPDA are known to have matching
lower bounds (thus being PSPACE-complete and EXPTIME-complete, respectively);
we show that these lower bounds also hold for fully probabilistic versions that
do not use non-determinism
Reachability analysis of first-order definable pushdown systems
We study pushdown systems where control states, stack alphabet, and
transition relation, instead of being finite, are first-order definable in a
fixed countably-infinite structure. We show that the reachability analysis can
be addressed with the well-known saturation technique for the wide class of
oligomorphic structures. Moreover, for the more restrictive homogeneous
structures, we are able to give concrete complexity upper bounds. We show ample
applicability of our technique by presenting several concrete examples of
homogeneous structures, subsuming, with optimal complexity, known results from
the literature. We show that infinitely many such examples of homogeneous
structures can be obtained with the classical wreath product construction.Comment: to appear in CSL'1
An Experiment in Ping-Pong Protocol Verification by Nondeterministic Pushdown Automata
An experiment is described that confirms the security of a well-studied class
of cryptographic protocols (Dolev-Yao intruder model) can be verified by
two-way nondeterministic pushdown automata (2NPDA). A nondeterministic pushdown
program checks whether the intersection of a regular language (the protocol to
verify) and a given Dyck language containing all canceling words is empty. If
it is not, an intruder can reveal secret messages sent between trusted users.
The verification is guaranteed to terminate in cubic time at most on a
2NPDA-simulator. The interpretive approach used in this experiment simplifies
the verification, by separating the nondeterministic pushdown logic and program
control, and makes it more predictable. We describe the interpretive approach
and the known transformational solutions, and show they share interesting
features. Also noteworthy is how abstract results from automata theory can
solve practical problems by programming language means.Comment: In Proceedings MARS/VPT 2018, arXiv:1803.0866
- âŚ