115 research outputs found
A Machine Checked Model of Idempotent MGU Axioms For Lists of Equational Constraints
We present formalized proofs verifying that the first-order unification
algorithm defined over lists of satisfiable constraints generates a most
general unifier (MGU), which also happens to be idempotent. All of our proofs
have been formalized in the Coq theorem prover. Our proofs show that finite
maps produced by the unification algorithm provide a model of the axioms
characterizing idempotent MGUs of lists of constraints. The axioms that serve
as the basis for our verification are derived from a standard set by extending
them to lists of constraints. For us, constraints are equalities between terms
in the language of simple types. Substitutions are formally modeled as finite
maps using the Coq library Coq.FSets.FMapInterface. Coq's method of functional
induction is the main proof technique used in proving many of the axioms.Comment: In Proceedings UNIF 2010, arXiv:1012.455
The STRESS Method for Boundary-point Performance Analysis of End-to-end Multicast Timer-Suppression Mechanisms
Evaluation of Internet protocols usually uses random scenarios or scenarios
based on designers' intuition. Such approach may be useful for average-case
analysis but does not cover boundary-point (worst or best-case) scenarios. To
synthesize boundary-point scenarios a more systematic approach is needed.In
this paper, we present a method for automatic synthesis of worst and best case
scenarios for protocol boundary-point evaluation.
Our method uses a fault-oriented test generation (FOTG) algorithm for
searching the protocol and system state space to synthesize these scenarios.
The algorithm is based on a global finite state machine (FSM) model. We extend
the algorithm with timing semantics to handle end-to-end delays and address
performance criteria. We introduce the notion of a virtual LAN to represent
delays of the underlying multicast distribution tree. The algorithms used in
our method utilize implicit backward search using branch and bound techniques
and start from given target events. This aims to reduce the search complexity
drastically. As a case study, we use our method to evaluate variants of the
timer suppression mechanism, used in various multicast protocols, with respect
to two performance criteria: overhead of response messages and response time.
Simulation results for reliable multicast protocols show that our method
provides a scalable way for synthesizing worst-case scenarios automatically.
Results obtained using stress scenarios differ dramatically from those obtained
through average-case analyses. We hope for our method to serve as a model for
applying systematic scenario generation to other multicast protocols.Comment: 24 pages, 10 figures, IEEE/ACM Transactions on Networking (ToN) [To
appear
Advances in ACL2 Proof Debugging Tools
The experience of an ACL2 user generally includes many failed proof attempts.
A key to successful use of the ACL2 prover is the effective use of tools to
debug those failures. We focus on changes made after ACL2 Version 8.5: the
improved break-rewrite utility and the new utility, with-brr-data.Comment: In Proceedings ACL2-2023, arXiv:2311.0837
- …