1,241 research outputs found
Bounded LTL Model Checking with Stable Models
In this paper bounded model checking of asynchronous concurrent systems is
introduced as a promising application area for answer set programming. As the
model of asynchronous systems a generalisation of communicating automata,
1-safe Petri nets, are used. It is shown how a 1-safe Petri net and a
requirement on the behaviour of the net can be translated into a logic program
such that the bounded model checking problem for the net can be solved by
computing stable models of the corresponding program. The use of the stable
model semantics leads to compact encodings of bounded reachability and deadlock
detection tasks as well as the more general problem of bounded model checking
of linear temporal logic. Correctness proofs of the devised translations are
given, and some experimental results using the translation and the Smodels
system are presented.Comment: 32 pages, to appear in Theory and Practice of Logic Programmin
Local reasoning about the presence of bugs: Incorrectness Separation Logic
There has been a large body of work on local reasoning for proving the absence of bugs, but none for proving their presence. We present a new formal framework for local reasoning about the presence of bugs, building on two complementary foundations: 1) separation logic and 2) incorrectness logic. We explore the theory of this new incorrectness separation logic (ISL), and use it to derive a begin-anywhere, intra-procedural symbolic execution analysis that has no false positives by construction. In so doing, we take a step towards transferring modular, scalable techniques from the world of program verification to bug catching
A practical approach to runtime verification of real-time properties for Java programs
Given the intractability of exhaustively verifying soft-ware, the use of runtime-verification to verify single execution paths at runtime, is becoming increasingly popular in industrial settings. In this paper we present dynamic communicating automata with timers and events to describe properties of systems, implemented in LARVA, an event-based runtime verification tool for monitoring temporal and contextual properties of Java programs. We give the mathematical framework behind LARVAand show how real time logics can be trans-lated into LARVAproviding additional benefits to the runtime monitoring framework. These benefits include guarantees on the memory upperbound required for the monitoring system and guarantees on the effect of varying the execution speed of the system with regards to real-time properties. Index Terms runtime verification, real-time properties, duration cal-culus 1.peer-reviewe
Reasoning about Data Repetitions with Counter Systems
We study linear-time temporal logics interpreted over data words with
multiple attributes. We restrict the atomic formulas to equalities of attribute
values in successive positions and to repetitions of attribute values in the
future or past. We demonstrate correspondences between satisfiability problems
for logics and reachability-like decision problems for counter systems. We show
that allowing/disallowing atomic formulas expressing repetitions of values in
the past corresponds to the reachability/coverability problem in Petri nets.
This gives us 2EXPSPACE upper bounds for several satisfiability problems. We
prove matching lower bounds by reduction from a reachability problem for a
newly introduced class of counter systems. This new class is a succinct version
of vector addition systems with states in which counters are accessed via
pointers, a potentially useful feature in other contexts. We strengthen further
the correspondences between data logics and counter systems by characterizing
the complexity of fragments, extensions and variants of the logic. For
instance, we precisely characterize the relationship between the number of
attributes allowed in the logic and the number of counters needed in the
counter system.Comment: 54 page
Algorithmic Analysis of Qualitative and Quantitative Termination Problems for Affine Probabilistic Programs
In this paper, we consider termination of probabilistic programs with
real-valued variables. The questions concerned are:
1. qualitative ones that ask (i) whether the program terminates with
probability 1 (almost-sure termination) and (ii) whether the expected
termination time is finite (finite termination); 2. quantitative ones that ask
(i) to approximate the expected termination time (expectation problem) and (ii)
to compute a bound B such that the probability to terminate after B steps
decreases exponentially (concentration problem).
To solve these questions, we utilize the notion of ranking supermartingales
which is a powerful approach for proving termination of probabilistic programs.
In detail, we focus on algorithmic synthesis of linear ranking-supermartingales
over affine probabilistic programs (APP's) with both angelic and demonic
non-determinism. An important subclass of APP's is LRAPP which is defined as
the class of all APP's over which a linear ranking-supermartingale exists.
Our main contributions are as follows. Firstly, we show that the membership
problem of LRAPP (i) can be decided in polynomial time for APP's with at most
demonic non-determinism, and (ii) is NP-hard and in PSPACE for APP's with
angelic non-determinism; moreover, the NP-hardness result holds already for
APP's without probability and demonic non-determinism. Secondly, we show that
the concentration problem over LRAPP can be solved in the same complexity as
for the membership problem of LRAPP. Finally, we show that the expectation
problem over LRAPP can be solved in 2EXPTIME and is PSPACE-hard even for APP's
without probability and non-determinism (i.e., deterministic programs). Our
experimental results demonstrate the effectiveness of our approach to answer
the qualitative and quantitative questions over APP's with at most demonic
non-determinism.Comment: 24 pages, full version to the conference paper on POPL 201
Hidden-Markov Program Algebra with iteration
We use Hidden Markov Models to motivate a quantitative compositional
semantics for noninterference-based security with iteration, including a
refinement- or "implements" relation that compares two programs with respect to
their information leakage; and we propose a program algebra for source-level
reasoning about such programs, in particular as a means of establishing that an
"implementation" program leaks no more than its "specification" program.
This joins two themes: we extend our earlier work, having iteration but only
qualitative, by making it quantitative; and we extend our earlier quantitative
work by including iteration. We advocate stepwise refinement and
source-level program algebra, both as conceptual reasoning tools and as targets
for automated assistance. A selection of algebraic laws is given to support
this view in the case of quantitative noninterference; and it is demonstrated
on a simple iterated password-guessing attack
Reasoning About Strategies: On the Model-Checking Problem
In open systems verification, to formally check for reliability, one needs an
appropriate formalism to model the interaction between agents and express the
correctness of the system no matter how the environment behaves. An important
contribution in this context is given by modal logics for strategic ability, in
the setting of multi-agent games, such as ATL, ATL\star, and the like.
Recently, Chatterjee, Henzinger, and Piterman introduced Strategy Logic, which
we denote here by CHP-SL, with the aim of getting a powerful framework for
reasoning explicitly about strategies. CHP-SL is obtained by using first-order
quantifications over strategies and has been investigated in the very specific
setting of two-agents turned-based games, where a non-elementary model-checking
algorithm has been provided. While CHP-SL is a very expressive logic, we claim
that it does not fully capture the strategic aspects of multi-agent systems. In
this paper, we introduce and study a more general strategy logic, denoted SL,
for reasoning about strategies in multi-agent concurrent games. We prove that
SL includes CHP-SL, while maintaining a decidable model-checking problem. In
particular, the algorithm we propose is computationally not harder than the
best one known for CHP-SL. Moreover, we prove that such a problem for SL is
NonElementarySpace-hard. This negative result has spurred us to investigate
here syntactic fragments of SL, strictly subsuming ATL\star, with the hope of
obtaining an elementary model-checking problem. Among the others, we study the
sublogics SL[NG], SL[BG], and SL[1G]. They encompass formulas in a special
prenex normal form having, respectively, nested temporal goals, Boolean
combinations of goals and, a single goal at a time. About these logics, we
prove that the model-checking problem for SL[1G] is 2ExpTime-complete, thus not
harder than the one for ATL\star
- …