Quantified CTL: Expressiveness and Complexity

While it was defined long ago, the extension of CTL with quantification over atomic propositions has never been studied extensively. Considering two different semantics (depending whether propositional quantification refers to the Kripke structure or to its unwinding tree), we study its expressiveness (showing in particular that QCTL coincides with Monadic Second-Order Logic for both semantics) and characterise the complexity of its model-checking and satisfiability problems, depending on the number of nested propositional quantifiers (showing that the structure semantics populates the polynomial hierarchy while the tree semantics populates the exponential hierarchy)

Decidability Results for the Boundedness Problem

We prove decidability of the boundedness problem for monadic least fixed-point recursion based on positive monadic second-order (MSO) formulae over trees. Given an MSO-formula phi(X,x) that is positive in X, it is decidable whether the fixed-point recursion based on phi is spurious over the class of all trees in the sense that there is some uniform finite bound for the number of iterations phi takes to reach its least fixed point, uniformly across all trees. We also identify the exact complexity of this problem. The proof uses automata-theoretic techniques. This key result extends, by means of model-theoretic interpretations, to show decidability of the boundedness problem for MSO and guarded second-order logic (GSO) over the classes of structures of fixed finite tree-width. Further model-theoretic transfer arguments allow us to derive major known decidability results for boundedness for fragments of first-order logic as well as new ones

Metamodel-based model conformance and multiview consistency checking

Model-driven development, using languages such as UML and BON, often makes use of multiple diagrams (e.g., class and sequence diagrams) when modeling systems. These diagrams, presenting different views of a system of interest, may be inconsistent. A metamodel provides a unifying framework in which to ensure and check consistency, while at the same time providing the means to distinguish between valid and invalid models, that is, conformance. Two formal specifications of the metamodel for an object-oriented modeling language are presented, and it is shown how to use these specifications for model conformance and multiview consistency checking. Comparisons are made in terms of completeness and the level of automation each provide for checking multiview consistency and model conformance. The lessons learned from applying formal techniques to the problems of metamodeling, model conformance, and multiview consistency checking are summarized

Tractability in Constraint Satisfaction Problems: A Survey

International audienceEven though the Constraint Satisfaction Problem (CSP) is NP-complete, many tractable classes of CSP instances have been identified. After discussing different forms and uses of tractability, we describe some landmark tractable classes and survey recent theoretical results. Although we concentrate on the classical CSP, we also cover its important extensions to infinite domains and optimisation, as well as #CSP and QCSP

Modular Verification of Biological Systems

Systems of interest in systems biology (such as metabolic pathways, signalling pathways and gene regulatory networks) often consist of a huge number of components interacting in different ways, thus exhibiting very complex behaviours. In biology, such behaviours are usually explored by means of simulation techniques applied to models defined on the basis of system observation and of hypotheses on its functioning. Model checking has also been recently applied to the analysis of biological systems. This analysis technique typically relies on a state space representation whose size, unfortunately, makes the analysis often intractable for realistic models. A method for trying to avoid the state space explosion problem is to consider a decomposition of the system, and to apply a modular verification technique. In particular, properties to be verified often concern only a small portion of the modelled system rather than the system as a whole. Hence, for each property it would be useful to be able to isolate a minimal fragment of the model that is necessary to verify such a property. In this thesis we introduce a modular verification technique in which the system of interest is described by means of an automata-based formalism, called sync-programs, that supports modular construction. Our modular verification technique is based on results of Grumberg et al.~and on their application to the theory of concurrent systems proposed by Attie and Emerson. In particular, we adapt Attie and Emerson's approach to deal with biological systems by allowing automata to synchronise by performing transitions simultaneously. Modular verification allows qualitative aspects of systems to be analysed with the guarantee that properties proved to hold in a suitable model fragment also hold in the whole model. The correctness of the verification technique is proved. The class of properties preserved is ACTL$^{-}$, the universal fragment of temporal logic CTL. The preservation holds only for positive answers and negative answers are not necessarily preserved. In order to verify properties we use the NuSMV model checker, which is a well-established and efficient instrument. We provide a formal translation of sync-programs to simpler automata, which can be given as input to NuSMV. We prove the correspondence of the verification problems. We show the application of our verification technique in some biological case studies. We compare the time required to verify the property on the whole model with the time needed to verify the same property by only considering those modules which are involved in the behaviour of the system related to the property. In order to handle modelling and verification of more realistic biological scenarios, we propose also a dynamic version of our formalism. It allows entities to be created dynamically, in particular by other already running entities, as it often happens in biological systems. Moreover, multiple copies of the same entities can be present at the same time in a system. We show a correspondence of our model with Petri Nets. This has a consequence that tools developed for Petri Nets could be used also for dynamic sync-programs. Modular verification allows properties expressed as DACTL- formulae (dynamic version of ACTL-) to be verified on a portion of the model. The results of analysis of the case study of the MAP kinase cascade activated by surface and internalised EGF receptors, which consists of 143 species and 80 reactions, suggest applicability and scalability of the approach. The results raise the prospect of rendering tractable problems that are currently intractable in the verification of biological systems. In addition, we expect that the techniques developed in the thesis could be applied with profit not only to models of biological systems, but more generally to models of concurrent systems

Logical Concurrency Control from Sequential Proofs

We are interested in identifying and enforcing the isolation requirements of a concurrent program, i.e., concurrency control that ensures that the program meets its specification. The thesis of this paper is that this can be done systematically starting from a sequential proof, i.e., a proof of correctness of the program in the absence of concurrent interleavings. We illustrate our thesis by presenting a solution to the problem of making a sequential library thread-safe for concurrent clients. We consider a sequential library annotated with assertions along with a proof that these assertions hold in a sequential execution. We show how we can use the proof to derive concurrency control that ensures that any execution of the library methods, when invoked by concurrent clients, satisfies the same assertions. We also present an extension to guarantee that the library methods are linearizable or atomic