10,535 research outputs found
Variability Abstraction and Refinement for Game-Based Lifted Model Checking of Full CTL
One of the most promising approaches to fighting the configuration space explosion problem in lifted model checking are variability abstractions. In this work, we define a novel game-based approach for variability-specific abstraction and refinement for lifted model checking of the full CTL, interpreted over 3-valued semantics. We propose a direct algorithm for solving a 3-valued (abstract) lifted model checking game. In case the result of model checking an abstract variability model is indefinite, we suggest a new notion of refinement, which eliminates indefinite results. This provides an iterative incremental variability-specific abstraction and refinement framework, where refinement is applied only where indefinite results exist and definite results from previous iterations are reused. The practicality of this approach is demonstrated on several variability models
Expressiveness and Completeness in Abstraction
We study two notions of expressiveness, which have appeared in abstraction
theory for model checking, and find them incomparable in general. In
particular, we show that according to the most widely used notion, the class of
Kripke Modal Transition Systems is strictly less expressive than the class of
Generalised Kripke Modal Transition Systems (a generalised variant of Kripke
Modal Transition Systems equipped with hypertransitions). Furthermore, we
investigate the ability of an abstraction framework to prove a formula with a
finite abstract model, a property known as completeness. We address the issue
of completeness from a general perspective: the way it depends on certain
abstraction parameters, as well as its relationship with expressiveness.Comment: In Proceedings EXPRESS/SOS 2012, arXiv:1208.244
Labelled transition systems as a Stone space
A fully abstract and universal domain model for modal transition systems and
refinement is shown to be a maximal-points space model for the bisimulation
quotient of labelled transition systems over a finite set of events. In this
domain model we prove that this quotient is a Stone space whose compact,
zero-dimensional, and ultra-metrizable Hausdorff topology measures the degree
of bisimilarity such that image-finite labelled transition systems are dense.
Using this compactness we show that the set of labelled transition systems that
refine a modal transition system, its ''set of implementations'', is compact
and derive a compactness theorem for Hennessy-Milner logic on such
implementation sets. These results extend to systems that also have partially
specified state propositions, unify existing denotational, operational, and
metric semantics on partial processes, render robust consistency measures for
modal transition systems, and yield an abstract interpretation of compact sets
of labelled transition systems as Scott-closed sets of modal transition
systems.Comment: Changes since v2: Metadata updat
Structural Analysis of Boolean Equation Systems
We analyse the problem of solving Boolean equation systems through the use of
structure graphs. The latter are obtained through an elegant set of
Plotkin-style deduction rules. Our main contribution is that we show that
equation systems with bisimilar structure graphs have the same solution. We
show that our work conservatively extends earlier work, conducted by Keiren and
Willemse, in which dependency graphs were used to analyse a subclass of Boolean
equation systems, viz., equation systems in standard recursive form. We
illustrate our approach by a small example, demonstrating the effect of
simplifying an equation system through minimisation of its structure graph
Controllability in partial and uncertain environments
Ā© 2014 IEEE.Controller synthesis is a well studied problem that attempts to automatically generate an operational behaviour model of the system-to-be that satisfies a given goal when deployed in a given domain model that behaves according to specified assumptions. A limitation of many controller synthesis techniques is that they require complete descriptions of the problem domain. This is limiting in the context of modern incremental development processes when a fully described problem domain is unavailable, undesirable or uneconomical. Previous work on Modal Transition Systems (MTS) control problems exists, however it is restricted to deterministic MTSs and deterministic Labelled Transition Systems (LTS) implementations. In this paper we study the Modal Transition System Control Problem in its full generality, allowing for nondeterministic MTSs modelling the environments behaviour and nondeterministic LTS implementations. Given an nondeterministic MTS we ask if all, none or some of the nondeterministic LTSs it describes admit an LTS controller that guarantees a given property. We show a technique that solves effectively the MTS realisability problem and it can be, in some cases, reduced to deterministic control problems. In all cases the MTS realisability problem is in same complexity class as the corresponding LTS problem
Incompleteness of States w.r.t. Traces in Model Checking
Cousot and Cousot introduced and studied a general past/future-time
specification language, called mu*-calculus, featuring a natural time-symmetric
trace-based semantics. The standard state-based semantics of the mu*-calculus
is an abstract interpretation of its trace-based semantics, which turns out to
be incomplete (i.e., trace-incomplete), even for finite systems. As a
consequence, standard state-based model checking of the mu*-calculus is
incomplete w.r.t. trace-based model checking. This paper shows that any
refinement or abstraction of the domain of sets of states induces a
corresponding semantics which is still trace-incomplete for any propositional
fragment of the mu*-calculus. This derives from a number of results, one for
each incomplete logical/temporal connective of the mu*-calculus, that
characterize the structure of models, i.e. transition systems, whose
corresponding state-based semantics of the mu*-calculus is trace-complete
Procedure-modular specification and verification of temporal safety properties
This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application
Towards the specification and verification of modal properties for structured systems
System specification formalisms should come with suitable property specification languages and effective verification tools. We sketch a framework for the verification of quantified temporal properties of systems with dynamically evolving structure. We consider visual specification formalisms like graph transformation systems (GTS) where program states are modelled as graphs, and the program
behavior is specified by graph transformation rules. The state space of a GTS can be represented as a graph transition system (GTrS), i.e. a transition system with states and transitions labelled, respectively, with a graph, and with a partial morphism representing the evolution of state components. Unfortunately, GTrSs are prohibitively large or infinite even for simple systems, making verification intractable and hence calling for appropriate abstraction techniques
Verification of Agent-Based Artifact Systems
Artifact systems are a novel paradigm for specifying and implementing
business processes described in terms of interacting modules called artifacts.
Artifacts consist of data and lifecycles, accounting respectively for the
relational structure of the artifacts' states and their possible evolutions
over time. In this paper we put forward artifact-centric multi-agent systems, a
novel formalisation of artifact systems in the context of multi-agent systems
operating on them. Differently from the usual process-based models of services,
the semantics we give explicitly accounts for the data structures on which
artifact systems are defined. We study the model checking problem for
artifact-centric multi-agent systems against specifications written in a
quantified version of temporal-epistemic logic expressing the knowledge of the
agents in the exchange. We begin by noting that the problem is undecidable in
general. We then identify two noteworthy restrictions, one syntactical and one
semantical, that enable us to find bisimilar finite abstractions and therefore
reduce the model checking problem to the instance on finite models. Under these
assumptions we show that the model checking problem for these systems is
EXPSPACE-complete. We then introduce artifact-centric programs, compact and
declarative representations of the programs governing both the artifact system
and the agents. We show that, while these in principle generate infinite-state
systems, under natural conditions their verification problem can be solved on
finite abstractions that can be effectively computed from the programs. Finally
we exemplify the theoretical results of the paper through a mainstream
procurement scenario from the artifact systems literature
- ā¦