65 research outputs found
Anonymity and Information Hiding in Multiagent Systems
We provide a framework for reasoning about information-hiding requirements in
multiagent systems and for reasoning about anonymity in particular. Our
framework employs the modal logic of knowledge within the context of the runs
and systems framework, much in the spirit of our earlier work on secrecy
[Halpern and O'Neill 2002]. We give several definitions of anonymity with
respect to agents, actions, and observers in multiagent systems, and we relate
our definitions of anonymity to other definitions of information hiding, such
as secrecy. We also give probabilistic definitions of anonymity that are able
to quantify an observer s uncertainty about the state of the system. Finally,
we relate our definitions of anonymity to other formalizations of anonymity and
information hiding, including definitions of anonymity in the process algebra
CSP and definitions of information hiding using function views.Comment: Replacement. 36 pages. Full version of CSFW '03 paper, submitted to
JCS. Made substantial changes to Section 6; added references throughou
Rich Counter-Examples for Temporal-Epistemic Logic Model Checking
Model checking verifies that a model of a system satisfies a given property,
and otherwise produces a counter-example explaining the violation. The verified
properties are formally expressed in temporal logics. Some temporal logics,
such as CTL, are branching: they allow to express facts about the whole
computation tree of the model, rather than on each single linear computation.
This branching aspect is even more critical when dealing with multi-modal
logics, i.e. logics expressing facts about systems with several transition
relations. A prominent example is CTLK, a logic that reasons about temporal and
epistemic properties of multi-agent systems. In general, model checkers produce
linear counter-examples for failed properties, composed of a single computation
path of the model. But some branching properties are only poorly and partially
explained by a linear counter-example.
This paper proposes richer counter-example structures called tree-like
annotated counter-examples (TLACEs), for properties in Action-Restricted CTL
(ARCTL), an extension of CTL quantifying paths restricted in terms of actions
labeling transitions of the model. These counter-examples have a branching
structure that supports more complete description of property violations.
Elements of these counter-examples are annotated with parts of the property to
give a better understanding of their structure. Visualization and browsing of
these richer counter-examples become a critical issue, as the number of
branches and states can grow exponentially for deeply-nested properties.
This paper formally defines the structure of TLACEs, characterizes adequate
counter-examples w.r.t. models and failed properties, and gives a generation
algorithm for ARCTL properties. It also illustrates the approach with examples
in CTLK, using a reduction of CTLK to ARCTL. The proposed approach has been
implemented, first by extending the NuSMV model checker to generate and export
branching counter-examples, secondly by providing an interactive graphical
interface to visualize and browse them.Comment: In Proceedings IWIGP 2012, arXiv:1202.422
MCMAS-SLK: A Model Checker for the Verification of Strategy Logic Specifications
We introduce MCMAS-SLK, a BDD-based model checker for the verification of
systems against specifications expressed in a novel, epistemic variant of
strategy logic. We give syntax and semantics of the specification language and
introduce a labelling algorithm for epistemic and strategy logic modalities. We
provide details of the checker which can also be used for synthesising agents'
strategies so that a specification is satisfied by the system. We evaluate the
efficiency of the implementation by discussing the results obtained for the
dining cryptographers protocol and a variant of the cake-cutting problem
A novel symbolic approach to verifying epistemic properties of programs
We introduce a framework for the symbolic verification of epistemic properties of programs expressed in a class of general-purpose programming languages. To this end, we reduce the verification problem to that of satisfiability of first-order formulae in appropriate theories. We prove the correctness of our reduction and we validate our proposal by applying it to two examples: the dining cryptographers problem and the ThreeBallot voting protocol. We put forward an implementation using existing solvers, and report experimental results showing that the approach can perform better than state-of-the-art symbolic model checkers for temporal-epistemic logic
MCMAS: an open-source model checker for the verification of multi-agent systems
We present MCMAS, a model checker for the verification of multi-agent systems. MCMAS supports efficient symbolic techniques for the verification of multi-agent systems against specifications representing temporal, epistemic and strategic properties. We present the underlying semantics of the specification language supported and the algorithms implemented in MCMAS, including its fairness and counterexample generation features. We provide a detailed description of the implementation. We illustrate its use by discussing a number of examples and evaluate its performance by comparing it against other model checkers for multi-agent systems on a common case study
A novel symbolic approach to verifying epistemic properties of programs
We introduce a framework for the symbolic verification of epistemic properties of programs expressed in a class of general-purpose programming languages. To this end, we reduce the verification problem to that of satisfiability of first-order formulae in appropriate theories. We prove the correctness of our reduction and we validate our proposal by applying it to two examples: the dining cryptographers problem and the ThreeBallot voting protocol. We put forward an implementation using existing solvers, and report experimental results showing that the approach can perform better than state-of-the-art symbolic model checkers for temporal-epistemic logic
Verifying Computation Tree Logic of Knowledge via Knowledge-Oriented Petri Nets and Ordered Binary Decision Diagrams
Computation Tree Logic of Knowledge (CTLK) can specify many requirements of privacy and security of multi-agent systems (MAS). In our previous papers, we defined Knowledge-oriented Petri Net (KPN) to model MAS, proposed similar reachability graph to verify CTLK, gave their model checking algorithms and developed a related tool. In this paper, we use the technique of Ordered Binary Decision Diagrams (OBDD) to encode similar reachability graph in order to alleviate the state explosion problem, and verify more epistemic operators of CTLK. We design the corresponding symbolic model checking algorithms and improve our tool. We compare our model and method with MCMAS that is the state-of-the-art CTLK model checker, and experiments illustrate the advantages of our model and method. We also explain the reasons why our model and method can obtain better performances
- …