Flat counter automata almost everywhere!

This paper argues that flatness appears as a central notion in the verification of counter automata. A counter automaton is called flat when its control graph can be ``replaced\u27\u27, equivalently w.r.t. reachability, by another one with no nested loops. From a practical view point, we show that flatness is a necessary and sufficient condition for termination of accelerated symbolic model checking, a generic semi-algorithmic technique implemented in successful tools like FAST, LASH or TReX. From a theoretical view point, we prove that many known semilinear subclasses of counter automata are flat: reversal bounded counter machines, lossy vector addition systems with states, reversible Petri nets, persistent and conflict-free Petri nets, etc. Hence, for these subclasses, the semilinear reachability set can be computed using a emph{uniform} accelerated symbolic procedure (whereas previous algorithms were specifically designed for each subclass)

Dense-Timed Petri Nets: Checking Zenoness, Token liveness and Boundedness

We consider Dense-Timed Petri Nets (TPN), an extension of Petri nets in which each token is equipped with a real-valued clock and where the semantics is lazy (i.e., enabled transitions need not fire; time can pass and disable transitions). We consider the following verification problems for TPNs. (i) Zenoness: whether there exists a zeno-computation from a given marking, i.e., an infinite computation which takes only a finite amount of time. We show decidability of zenoness for TPNs, thus solving an open problem from [Escrig et al.]. Furthermore, the related question if there exist arbitrarily fast computations from a given marking is also decidable. On the other hand, universal zenoness, i.e., the question if all infinite computations from a given marking are zeno, is undecidable. (ii) Token liveness: whether a token is alive in a marking, i.e., whether there is a computation from the marking which eventually consumes the token. We show decidability of the problem by reducing it to the coverability problem, which is decidable for TPNs. (iii) Boundedness: whether the size of the reachable markings is bounded. We consider two versions of the problem; namely semantic boundedness where only live tokens are taken into consideration in the markings, and syntactic boundedness where also dead tokens are considered. We show undecidability of semantic boundedness, while we prove that syntactic boundedness is decidable through an extension of the Karp-Miller algorithm.Comment: 61 pages, 18 figure

Vector Addition System Reversible Reachability Problem

The reachability problem for vector addition systems is a central problem of net theory. This problem is known to be decidable but the complexity is still unknown. Whereas the problem is EXPSPACE-hard, no elementary upper bounds complexity are known. In this paper we consider the reversible reachability problem. This problem consists to decide if two configurations are reachable one from each other, or equivalently if they are in the same strongly connected component of the reachability graph. We show that this problem is EXPSPACE-complete. As an application of the introduced materials we characterize the reversibility domains of a vector addition system

Vérification efficace de systèmes à compteurs à l'aide de relaxations

Abstract : Counter systems are popular models used to reason about systems in various fields such as the analysis of concurrent or distributed programs and the discovery and verification of business processes. We study well-established problems on various classes of counter systems. This thesis focusses on three particular systems, namely Petri nets, which are a type of model for discrete systems with concurrent and sequential events, workflow nets, which form a subclass of Petri nets that is suited for modelling and reasoning about business processes, and continuous one-counter automata, a novel model that combines continuous semantics with one-counter automata. For Petri nets, we focus on reachability and coverability properties. We utilize directed search algorithms, using relaxations of Petri nets as heuristics, to obtain novel semi-decision algorithms for reachability and coverability, and positively evaluate a prototype implementation. For workflow nets, we focus on the problem of soundness, a well-established correctness notion for such nets. We precisely characterize the previously widely-open complexity of three variants of soundness. Based on our insights, we develop techniques to verify soundness in practice, based on reachability relaxation of Petri nets. Lastly, we introduce the novel model of continuous one-counter automata. This model is a natural variant of one-counter automata, which allows reasoning in a hybrid manner combining continuous and discrete elements. We characterize the exact complexity of the reachability problem in several variants of the model.Les systèmes à compteurs sont des modèles utilisés afin de raisonner sur les systèmes de divers domaines tels l’analyse de programmes concurrents ou distribués, et la découverte et la vérification de systèmes d’affaires. Nous étudions des problèmes bien établis de différentes classes de systèmes à compteurs. Cette thèse se penche sur trois systèmes particuliers : les réseaux de Petri, qui sont un type de modèle pour les systèmes discrets à événements concurrents et séquentiels ; les « réseaux de processus », qui forment une sous-classe des réseaux de Petri adaptée à la modélisation et au raisonnement des processus d’affaires ; les automates continus à un compteur, un nouveau modèle qui combine une sémantique continue à celles des automates à un compteur. Pour les réseaux de Petri, nous nous concentrons sur les propriétés d’accessibilité et de couverture. Nous utilisons des algorithmes de parcours de graphes, avec des relaxations de réseaux de Petri comme heuristiques, afin d’obtenir de nouveaux algorithmes de semi-décision pour l’accessibilité et la couverture, et nous évaluons positivement un prototype. Pour les «réseaux de processus», nous nous concentrons sur le problème de validité, une notion de correction bien établie pour ces réseaux. Nous caractérisions précisément la complexité calculatoire jusqu’ici largement ouverte de trois variantes du problème de validité. En nous basant sur nos résultats, nous développons des techniques pour vérifier la validité en pratique, à l’aide de relaxations d’accessibilité dans les réseaux de Petri. Enfin, nous introduisons le nouveau modèle d’automates continus à un compteur. Ce modèle est une variante naturelle des automates à un compteur, qui permet de raisonner de manière hybride en combinant des éléments continus et discrets. Nous caractérisons la complexité exacte du problème d’accessibilité dans plusieurs variantes du modèle

Verification of Flat FIFO Systems

The decidability and complexity of reachability problems and model-checking for flat counter systems have been explored in detail. However, only few results are known for flat FIFO systems, only in some particular cases (a single loop or a single bounded expression). We prove, by establishing reductions between properties, and by reducing SAT to a subset of these properties that many verification problems like reachability, non-termination, unboundedness are NP-complete for flat FIFO systems, generalizing similar existing results for flat counter systems. We construct a trace-flattable counter system that is bisimilar to a given flat FIFO system, which allows to model-check the original flat FIFO system. Our results lay the theoretical foundations and open the way to build a verification tool for (general) FIFO systems based on analysis of flat subsystems

Verification of Automata with Storage Mechanisms

An important question in computer science is to ask, whether a given system conforms to a specification. Often this question is equivalent to ask whether a finite automaton with certain memory like a stack or queue can reach some given state. In this thesis we focus this reachability problem of automata having one or more lossy or reliable stacks or queues as their memory. Unfortunately, the reachability problem is undecidable or of high complexity in most of these cases. We circumvent this by several approximation methods. So we extend the exploration algorithm by Boigelot and Godefroid under-approximating the reachability problem of queue automata. We also study some automata having multiple stacks with a restricted behavior. These “asynchronous pushdown systems” have an efficiently decidable reachability problem. To show our results we first have to gain knowledge of several algebraic properties of the so-called transformation monoid of the studied storage mechanisms.An important research topic in computer science is the verification, i.e., the analysis of systems towards their correctness. This analysis consists of two parts: first we have to formalize the system and the desired properties. Afterwards we have to find algorithms to check whether the properties hold in the system. In many cases we can model the system as a finite automaton with a suitable storage mechanism, e.g., functional programs with recursive calls can be modeled as automata with a stack (or pushdown). Here, we consider automata with two variations of stacks and queues: 1. Partially lossy queues and stacks, which are allowed to forget some specified parts of their contents at any time. We are able to model unreliable systems with such memories. 2. Distributed queues and stacks, i.e., multiple such memories with a special synchronization in between. Often we can check the properties of our models by solving the reachability and recurrent reachability problems in our automata models. It is well-known that the decidability of these problems highly depends on the concrete data type of our automata’s memory. Both problems can be solved in polynomial time for automata with one stack. In contrast, these problems are undecidable if we attach a queue or at least two stacks to our automata. In some special cases we are still able to verify such systems. So, we will consider only special automata with multiple stacks - so-called asynchronous pushdown automata. These are multiple (local) automata each having one stack. Whenever these automata try to write something into at least one stack, we require a read action on these stacks right before these actions. We will see that the (recurrent) reachability problem is decidable for such asynchronous pushdown automata in polynomial time. We can also semi-decide the reachability problem of our queue automata by exploration of the configration space. To this end, we can join multiple consecutive transitions to so-called meta-transformations and simulate them at once. Here, we study meta-transformations alternating between writing words from a given regular language into the queues and reading words from another regular language from the queues. We will see that such metatransformations can be applied in polynomial time. To show this result we first study some algebraic properties of our stacks and queues.Ein wichtiges Forschungsthema in der Informatik ist die Verifikation, d.h., die Analyse von Systemen bezüglich ihrer Korrektheit. Diese Analyse erfolgt in zwei Schritten: Zuerst müssen wir das System und die gewünschten Eigenschaften formalisieren. Anschließend benötigen wir Algorithmen zum Testen, ob das System die Eigenschaften erfüllt. Oftmals können wir das Systemals endlichen Automaten mit geeignetem Speichermechanismus modellieren, z.B. rekursive Programme sind im Wesentlichen Automaten mit einem Stack. Hier betrachten wir Automaten mit zwei Varianten von Stacks und Queues: 1. Partiell vergessliche Stacks und Queues, welche bestimmte Teile ihrer Inhalte jederzeit vergessen können. Diese können für unzuverlässige Systeme verwendet werden. 2. Verteilte Stacks und Queues, d.h., mehrere Stacks und Queues mit vordefinierter Synchronisierung. Häufig lassen sich die Eigenschaften unserer Modelle mithilfe des (wiederholten) Erreichbarkeitsproblems in unseren Automaten lösen. Dabei ist bekannt, dass die Entscheidbarkeit dieser Probleme oftmals stark vom konkreten Datentyp des Speichers abhängt. Beide Probleme können für Automaten mit einem Stack in Polynomialzeit gelöst werden. Sie sind jedoch unentscheidbar, wenn wir Automaten mit einer Queue oder zwei Stacks betrachten. In bestimmten Spezialfällen sind aber dennoch in der Lage diese Systeme zu verifizieren. So können wir beispielsweise bestimmte Automaten mit mehreren Stacks betrachten - so genannte Asynchrone Kellerautomaten. Diese bestehen aus mehreren (lokalen) Automaten mit jeweils einem Stack. Wann immer diese Automaten etwas in mind. einen Stack schreiben, müssen sie unmittelbar zuvor von diesen Stacks etwas lesen. Das (wiederholte) Erreichbarkeitsproblem ist in asynchronen Kellerautomaten in Polynomialzeit entscheidbar. Wir können zudem das Erreichbarkeitsproblem von Queueautomaten durch Exploration des Konfigurationsraums semi-entscheiden. Hierzu können wir mehrere aufeinanderfolgende Transitionen zu so genannten Meta-Transformationen zusammenfassen und diese in einem Schritt simulieren. Hier betrachten wir Meta-Transformationen, die zwischen dem Lesen und Schreiben von Wörtern aus zwei gegebenen regulären Sprachen alternieren. Diese Meta-Transformationen können in Polynomialzeit ausgeführt werden. Für dieses Ergebnis müssen wir jedoch zunächst verschiedene algebraische Eigenschaften der Queues betrachten

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 22nd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 29 papers presented in this volume were carefully reviewed and selected from 85 submissions. They deal with foundational research with a clear significance for software science