148,662 research outputs found
Symbolic Reachability Analysis of B through ProB and LTSmin
We present a symbolic reachability analysis approach for B that can provide a
significant speedup over traditional explicit state model checking. The
symbolic analysis is implemented by linking ProB to LTSmin, a high-performance
language independent model checker. The link is achieved via LTSmin's PINS
interface, allowing ProB to benefit from LTSmin's analysis algorithms, while
only writing a few hundred lines of glue-code, along with a bridge between ProB
and C using ZeroMQ. ProB supports model checking of several formal
specification languages such as B, Event-B, Z and TLA. Our experiments are
based on a wide variety of B-Method and Event-B models to demonstrate the
efficiency of the new link. Among the tested categories are state space
generation and deadlock detection; but action detection and invariant checking
are also feasible in principle. In many cases we observe speedups of several
orders of magnitude. We also compare the results with other approaches for
improving model checking, such as partial order reduction or symmetry
reduction. We thus provide a new scalable, symbolic analysis algorithm for the
B-Method and Event-B, along with a platform to integrate other model checking
improvements via LTSmin in the future
Parameterized Complexity of Critical Node Cuts
We consider the following natural graph cut problem called Critical Node Cut
(CNC): Given a graph on vertices, and two positive integers and
, determine whether has a set of vertices whose removal leaves
with at most connected pairs of vertices. We analyze this problem in the
framework of parameterized complexity. That is, we are interested in whether or
not this problem is solvable in time (i.e., whether
or not it is fixed-parameter tractable), for various natural parameters
. We consider four such parameters:
- The size of the required cut.
- The upper bound on the number of remaining connected pairs.
- The lower bound on the number of connected pairs to be removed.
- The treewidth of .
We determine whether or not CNC is fixed-parameter tractable for each of
these parameters. We determine this also for all possible aggregations of these
four parameters, apart from . Moreover, we also determine whether or not
CNC admits a polynomial kernel for all these parameterizations. That is,
whether or not there is an algorithm that reduces each instance of CNC in
polynomial time to an equivalent instance of size , where
is the given parameter
Using Flow Specifications of Parameterized Cache Coherence Protocols for Verifying Deadlock Freedom
We consider the problem of verifying deadlock freedom for symmetric cache
coherence protocols. In particular, we focus on a specific form of deadlock
which is useful for the cache coherence protocol domain and consistent with the
internal definition of deadlock in the Murphi model checker: we refer to this
deadlock as a system- wide deadlock (s-deadlock). In s-deadlock, the entire
system gets blocked and is unable to make any transition. Cache coherence
protocols consist of N symmetric cache agents, where N is an unbounded
parameter; thus the verification of s-deadlock freedom is naturally a
parameterized verification problem. Parametrized verification techniques work
by using sound abstractions to reduce the unbounded model to a bounded model.
Efficient abstractions which work well for industrial scale protocols typically
bound the model by replacing the state of most of the agents by an abstract
environment, while keeping just one or two agents as is. However, leveraging
such efficient abstractions becomes a challenge for s-deadlock: a violation of
s-deadlock is a state in which the transitions of all of the unbounded number
of agents cannot occur and so a simple abstraction like the one above will not
preserve this violation. In this work we address this challenge by presenting a
technique which leverages high-level information about the protocols, in the
form of message sequence dia- grams referred to as flows, for constructing
invariants that are collectively stronger than s-deadlock. Efficient
abstractions can be constructed to verify these invariants. We successfully
verify the German and Flash protocols using our technique
Partial Orders for Efficient BMC of Concurrent Software
This version previously deposited at arXiv:1301.1629v1 [cs.LO]The vast number of interleavings that a concurrent program can have is typically identified as the root cause of the difficulty of automatic analysis of concurrent software. Weak memory is generally believed to make this problem even harder. We address both issues by modelling programs' executions with partial orders rather than the interleaving semantics (SC). We implemented a software analysis tool based on these ideas. It scales to programs of sufficient size to achieve first-time formal verification of non-trivial concurrent systems code over a wide range of models, including SC, Intel x86 and IBM Power
Prototyping the Semantics of a DSL using ASF+SDF: Link to Formal Verification of DSL Models
A formal definition of the semantics of a domain-specific language (DSL) is a
key prerequisite for the verification of the correctness of models specified
using such a DSL and of transformations applied to these models. For this
reason, we implemented a prototype of the semantics of a DSL for the
specification of systems consisting of concurrent, communicating objects. Using
this prototype, models specified in the DSL can be transformed to labeled
transition systems (LTS). This approach of transforming models to LTSs allows
us to apply existing tools for visualization and verification to models with
little or no further effort. The prototype is implemented using the ASF+SDF
Meta-Environment, an IDE for the algebraic specification language ASF+SDF,
which offers efficient execution of the transformation as well as the ability
to read models and produce LTSs without any additional pre or post processing.Comment: In Proceedings AMMSE 2011, arXiv:1106.596
- …