6,477 research outputs found
Automated Verification of Practical Garbage Collectors
Garbage collectors are notoriously hard to verify, due to their low-level
interaction with the underlying system and the general difficulty in reasoning
about reachability in graphs. Several papers have presented verified
collectors, but either the proofs were hand-written or the collectors were too
simplistic to use on practical applications. In this work, we present two
mechanically verified garbage collectors, both practical enough to use for
real-world C# benchmarks. The collectors and their associated allocators
consist of x86 assembly language instructions and macro instructions, annotated
with preconditions, postconditions, invariants, and assertions. We used the
Boogie verification generator and the Z3 automated theorem prover to verify
this assembly language code mechanically. We provide measurements comparing the
performance of the verified collector with that of the standard Bartok
collectors on off-the-shelf C# benchmarks, demonstrating their competitiveness
Tableaux Modulo Theories Using Superdeduction
We propose a method that allows us to develop tableaux modulo theories using
the principles of superdeduction, among which the theory is used to enrich the
deduction system with new deduction rules. This method is presented in the
framework of the Zenon automated theorem prover, and is applied to the set
theory of the B method. This allows us to provide another prover to Atelier B,
which can be used to verify B proof rules in particular. We also propose some
benchmarks, in which this prover is able to automatically verify a part of the
rules coming from the database maintained by Siemens IC-MOL. Finally, we
describe another extension of Zenon with superdeduction, which is able to deal
with any first order theory, and provide a benchmark coming from the TPTP
library, which contains a large set of first order problems.Comment: arXiv admin note: substantial text overlap with arXiv:1501.0117
A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing
To ensure the privacy of users in transport systems, researchers are working
on new protocols providing the best security guarantees while respecting
functional requirements of transport operators. In this paper, we design a
secure NFC m-ticketing protocol for public transport that preserves users'
anonymity and prevents transport operators from tracing their customers' trips.
To this end, we introduce a new practical set-membership proof that does not
require provers nor verifiers (but in a specific scenario for verifiers) to
perform pairing computations. It is therefore particularly suitable for our
(ticketing) setting where provers hold SIM/UICC cards that do not support such
costly computations. We also propose several optimizations of Boneh-Boyen type
signature schemes, which are of independent interest, increasing their
performance and efficiency during NFC transactions. Our m-ticketing protocol
offers greater flexibility compared to previous solutions as it enables the
post-payment and the off-line validation of m-tickets. By implementing a
prototype using a standard NFC SIM card, we show that it fulfils the stringent
functional requirement imposed by transport operators whilst using strong
security parameters. In particular, a validation can be completed in 184.25 ms
when the mobile is switched on, and in 266.52 ms when the mobile is switched
off or its battery is flat
Workshop on Verification and Theorem Proving for Continuous Systems (NetCA Workshop 2005)
Oxford, UK, 26 August 200
Tree Buffers
In runtime verification, the central problem is to decide if a given program execution violates a given property. In online runtime verification, a monitor observes a program’s execution as it happens. If the program being observed has hard real-time constraints, then the monitor inherits them. In the presence of hard real-time constraints it becomes a challenge to maintain enough information to produce error traces, should a property violation be observed. In this paper we introduce a data structure, called tree buffer, that solves this problem in the context of automata-based monitors: If the monitor itself respects hard real-time constraints, then enriching it by tree buffers makes it possible to provide error traces, which are essential for diagnosing defects. We show that tree buffers are also useful in other application domains. For example, they can be used to implement functionality of capturing groups in regular expressions. We prove optimal asymptotic bounds for our data structure, and validate them using empirical data from two sources: regular expression searching through Wikipedia, and runtime verification of execution traces obtained from the DaCapo test suite
Join-Idle-Queue with Service Elasticity: Large-Scale Asymptotics of a Non-monotone System
We consider the model of a token-based joint auto-scaling and load balancing
strategy, proposed in a recent paper by Mukherjee, Dhara, Borst, and van
Leeuwaarden (SIGMETRICS '17, arXiv:1703.08373), which offers an efficient
scalable implementation and yet achieves asymptotically optimal steady-state
delay performance and energy consumption as the number of servers .
In the above work, the asymptotic results are obtained under the assumption
that the queues have fixed-size finite buffers, and therefore the fundamental
question of stability of the proposed scheme with infinite buffers was left
open. In this paper, we address this fundamental stability question. The system
stability under the usual subcritical load assumption is not automatic.
Moreover, the stability may not even hold for all . The key challenge stems
from the fact that the process lacks monotonicity, which has been the powerful
primary tool for establishing stability in load balancing models. We develop a
novel method to prove that the subcritically loaded system is stable for large
enough , and establish convergence of steady-state distributions to the
optimal one, as . The method goes beyond the state of the art
techniques -- it uses an induction-based idea and a "weak monotonicity"
property of the model; this technique is of independent interest and may have
broader applicability.Comment: 30 page
- …