54 research outputs found
Model checking of mobile systems and diagnosability of weakly fair systems
PhD ThesisThis thesis consists of two independent contributions. The rst deals
with model checking of reference passing systems, and the second considers
diagnosability under the weak fairness assumption.
Reference passing systems, like mobile and recon gurable systems are
everywhere nowadays. The common feature of such systems is the
possibility to form dynamic logical connections between the individual
modules. However, such systems are very di cult to verify, as
their logical structure is dynamic. Traditionally, decidable fragments
of -calculus, e.g. the well-known Finite Control Processes (FCP),
are used for formal modelling of reference passing systems. Unfortunately,
FCPs allow only `global' concurrency between processes, and
thus cannot naturally express scenarios involving `local' concurrency
inside a process. This thesis proposes Extended Finite Control Processes
(EFCP), which are more convenient for practical modelling.
Moreover, an almost linear translation of EFCPs to FCPs is developed,
which enables e cient model checking of EFCPs.
In partially observed systems, diagnosis is the task of detecting whether
or not the given sequence of observed labels indicates that some unobservable
fault has occurred. Diagnosability is an associated property,
stating that in any possible execution an occurrence of a fault can
eventually be diagnosed. In this thesis, diagnosability is considered
under the weak fairness (WF) assumption, which intuitively states
that no transition from a given set can stay enabled forever - it must
eventually either re or be disabled. A major
aw in a previous approach
to WF-diagnosability in the literature is identi ed and corrected,
and an e cient method for verifying WF-diagnosability based
on a reduction to LTL-X model checking is presented
The Complexity of Diagnosability and Opacity Verification for Petri Nets
International audienceDiagnosability and opacity are two well-studied problems in discrete-event systems. We revisit these two problems with respect to expressiveness and complexity issues. We first relate different notions of diagnosability and opacity. We consider in particular fairness issues and extend the definition of Germanos et al. [ACM TECS, 2015] of weakly fair diagnosability for safe Petri nets to general Petri nets and to opacity questions. Second, we provide a global picture of complexity results for the verification of diagnosability and opacity. We show that diagnosability is NL-complete for finite state systems, PSPACE-complete for safe Petri nets (even with fairness), and EXPSPACE-complete for general Petri nets without fairness, while non diagnosability is inter-reducible with reachability when fault events are not weakly fair. Opacity is ESPACE-complete for safe Petri nets (even with fairness) and undecidable for general Petri nets already without fairness
Quantitative Analysis of Opacity in Cloud Computing Systems
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Federated cloud systems increase the reliability and reduce the cost of the computational support.
The resulting combination of secure private clouds and less secure public clouds, together with the fact that resources need to be located within different clouds, strongly affects the information flow security of the entire system. In this paper, the clouds as well as entities of a federated cloud system are
assigned security levels, and a probabilistic flow sensitive security model for a federated cloud system is proposed. Then the notion of opacity --- a notion capturing the security of information flow ---
of a cloud computing systems is introduced, and different variants of quantitative analysis of opacity are presented. As a result, one can track the information flow in a cloud system, and analyze the impact of different resource allocation strategies by quantifying the corresponding opacity characteristics
Discrete and hybrid methods for the diagnosis of distributed systems
Many important activities of modern society rely on the proper functioning of complex systems such as electricity networks, telecommunication networks, manufacturing plants and aircrafts. The supervision of such systems must include strong diagnosis capability to be able to effectively detect the occurrence of faults and ensure appropriate corrective measures can be taken in order to recover from the faults or prevent total failure. This thesis addresses issues in the diagnosis of large complex systems. Such systems are usually distributed in nature, i.e. they consist of many interconnected components each having their own local behaviour. These components interact together to produce an emergent global behaviour that is complex. As those systems increase in complexity and size, their diagnosis becomes increasingly challenging. In the first part of this thesis, a method is proposed for diagnosis on distributed systems that avoids a monolithic global computation. The method, based on converting the graph of the system into a junction tree, takes into account the topology of the system in choosing how to merge local diagnoses on the components while still obtaining a globally consistent result. The method is shown to work well for systems with tree or near-tree structures. This method is further extended to handle systems with high clustering by selectively ignoring some connections that would still allow an accurate diagnosis to be obtained. A hybrid system approach is explored in the second part of the thesis, where continuous dynamics information on the system is also retained to help better isolate or identify faults. A hybrid system framework is presented that models both continuous dynamics and discrete evolution in dynamical systems, based on detecting changes in the fundamental governing dynamics of the system rather than on residual estimation. This makes it possible to handle systems that might not be well characterised and where parameter drift is present. The discrete aspect of the hybrid system model is used to derive diagnosability conditions using indicator functions for the detection and isolation of multiple, arbitrary sequential or simultaneous events in hybrid dynamical networks. Issues with diagnosis in the presence of uncertainty in measurements due sensor or actuator noise are addressed. Faults may generate symptoms that are in the same order of magnitude as the latter. The use of statistical techniques,within a hybrid system framework, is proposed to detect these elusive fault symptoms and translate this information into probabilities for the actual operational mode and possibility of transition between modes which makes it possible to apply probabilistic analysis on the system to handle the underlying uncertainty present
Formal Verification of Secure Information Flow in Cloud Computing
Federated cloud systems increase the reliability and reduce the cost of computational support to an organization. However, the resulting combination of secure private clouds and less secure public clouds impacts on the overall security of the system as applications need to be located within di�erent clouds. In this paper, the entities of a federated cloud system as well as the clouds are assigned security levels of a given security lattice. Then a dynamic
ow sensitive security model for a federated cloud system is introduced within
which the Bell-LaPadula rules and cloud security rule can be captured. The
rest of the paper demonstrates how Petri nets and the associated veri�cation
techniques could be used to analyze the security of information
ow in
federated cloud systems
The Complexity of Synthesizing Uniform Strategies
We investigate uniformity properties of strategies. These properties involve
sets of plays in order to express useful constraints on strategies that are not
\mu-calculus definable. Typically, we can state that a strategy is
observation-based. We propose a formal language to specify uniformity
properties, interpreted over two-player turn-based arenas equipped with a
binary relation between plays. This way, we capture e.g. games with winning
conditions expressible in epistemic temporal logic, whose underlying
equivalence relation between plays reflects the observational capabilities of
agents (for example, synchronous perfect recall). Our framework naturally
generalizes many other situations from the literature. We establish that the
problem of synthesizing strategies under uniformity constraints based on
regular binary relations between plays is non-elementary complete.Comment: In Proceedings SR 2013, arXiv:1303.007
Synthesizing strategies under expected and exceptional environment behaviors
We consider an agent that operates with two models of the environment: one that captures expected behaviors and one that captures additional exceptional behaviors. We study the problem of synthesizing agent strategies that enforce a goal against environments operating as expected while also making a best effort against exceptional environment behaviors. We formalize these concepts in the context of linear-temporal logic, and give an algorithm for solving this problem. We also show that there is no trade-off between enforcing the goal under the expected environment specification and making a best-effort for it under the exceptional one
Tools and Algorithms for the Construction and Analysis of Systems
This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems
Tools and Algorithms for the Construction and Analysis of Systems
This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems
- …