A mechanized proof of loop freedom of the (untimed) AODV routing protocol

The Ad hoc On-demand Distance Vector (AODV) routing protocol allows the nodes in a Mobile Ad hoc Network (MANET) or a Wireless Mesh Network (WMN) to know where to forward data packets. Such a protocol is 'loop free' if it never leads to routing decisions that forward packets in circles. This paper describes the mechanization of an existing pen-and-paper proof of loop freedom of AODV in the interactive theorem prover Isabelle/HOL. The mechanization relies on a novel compositional approach for lifting invariants to networks of nodes. We exploit the mechanization to analyse several improvements of AODV and show that Isabelle/HOL can re-establish most proof obligations automatically and identify exactly the steps that are no longer valid.Comment: The Isabelle/HOL source files, and a full proof document, are available in the Archive of Formal Proofs, at http://afp.sourceforge.net/entries/AODV.shtm

On Verifying Complex Properties using Symbolic Shape Analysis

One of the main challenges in the verification of software systems is the analysis of unbounded data structures with dynamic memory allocation, such as linked data structures and arrays. We describe Bohne, a new analysis for verifying data structures. Bohne verifies data structure operations and shows that 1) the operations preserve data structure invariants and 2) the operations satisfy their specifications expressed in terms of changes to the set of objects stored in the data structure. During the analysis, Bohne infers loop invariants in the form of disjunctions of universally quantified Boolean combinations of formulas. To synthesize loop invariants of this form, Bohne uses a combination of decision procedures for Monadic Second-Order Logic over trees, SMT-LIB decision procedures (currently CVC Lite), and an automated reasoner within the Isabelle interactive theorem prover. This architecture shows that synthesized loop invariants can serve as a useful communication mechanism between different decision procedures. Using Bohne, we have verified operations on data structures such as linked lists with iterators and back pointers, trees with and without parent pointers, two-level skip lists, array data structures, and sorted lists. We have deployed Bohne in the Hob and Jahob data structure analysis systems, enabling us to combine Bohne with analyses of data structure clients and apply it in the context of larger programs. This report describes the Bohne algorithm as well as techniques that Bohne uses to reduce the ammount of annotations and the running time of the analysis

The non-abelian Born-Infeld action at order F^6

To gain insight into the non-abelian Born-Infeld (NBI) action, we study coinciding D-branes wrapped on tori, and turn on magnetic fields on their worldvolume. We then compare predictions for the spectrum of open strings stretching between these D-branes, from perturbative string theory and from the effective NBI action. Under some plausible assumptions, we find corrections to the Str-prescription for the NBI action at order F^6. In the process we give a way to classify terms in the NBI action that can be written in terms of field strengths only, in terms of permutation group theory.Comment: LaTeX, 31 pages, 30 figure

Resource Competition on Integral Polymatroids

We study competitive resource allocation problems in which players distribute their demands integrally on a set of resources subject to player-specific submodular capacity constraints. Each player has to pay for each unit of demand a cost that is a nondecreasing and convex function of the total allocation of that resource. This general model of resource allocation generalizes both singleton congestion games with integer-splittable demands and matroid congestion games with player-specific costs. As our main result, we show that in such general resource allocation problems a pure Nash equilibrium is guaranteed to exist by giving a pseudo-polynomial algorithm computing a pure Nash equilibrium.Comment: 17 page

Strengthening Model Checking Techniques with Inductive Invariants

This paper describes optimized techniques to efficiently compute and reap benefits from inductive invariants within SAT-based model checking. We address sequential circuit verification, and we consider both equivalences and implications between pairs of nodes in the logic networks. First, we present a very efficient dynamic procedure, based on equivalence classes and incremental SAT, specifically oriented to reduce the set of checked invariants. Then, we show how to effectively integrate the computation of inductive invariants within state-of-the-art SAT-based model checking procedures. Experiments (on more than 600 designs) show the robustness of our approach on verification instances on which stand-alone techniques fai

Optimizing the Post Sandvik Nanoflex material model using inverse optimization and the finite element method

This article describes an inverse optimization method for the Sandvik Nanoflex steel in cold forming\ud processes. The optimization revolves around measured samples and calculations using the Finite Element\ud Method. Sandvik Nanoflex is part of the group of meta-stable stainless steels. These materials are characterized\ud by a good corrosion resistance, high strength, good formability and crack resistance. In addition, Sandvik\ud Nanoflex has a strain-induced transformation and, depending on austenising conditions and chemical composition,\ud a stress-assisted transformation can occur. The martensite phase of this material shows a substantial aging\ud response. The inverse optimization is a sub-category of the optimization techniques. The inverse optimization\ud method uses a top down approach, as the name implies. The starting point is a prototype state where the current\ud state is to converge on. In our experiment the test specimen is used as prototype and a calculation result as\ud current state. The calculation is then adapted so that the result converges towards the test example. An iterative\ud numerical optimization algorithm controls the adaptation. For the inverse optimization method two parameters\ud are defined: shape of the product and martensite profile. These parameters are extracted from both calculation\ud and test specimen, using Fourier analysis and integrals. An optimization parameter is then formulated from\ud the extracted parameters. The method uses this optimization parameter to increase the accuracy of ”The Post”\ud material model for Sandvik Nanoflex. [1] The article will describe a method to optimize material models, using\ud a combination practical experiments, Finite Element Method and parameter extraction

Reducing the Number of Annotations in a Verification-oriented Imperative Language

Automated software verification is a very active field of research which has made enormous progress both in theoretical and practical aspects. Recently, an important amount of research effort has been put into applying these techniques on top of mainstream programming languages. These languages typically provide powerful features such as reflection, aliasing and polymorphism which are handy for practitioners but, in contrast, make verification a real challenge. In this work we present Pest, a simple experimental, while-style, multiprocedural, imperative programming language which was conceived with verifiability as one of its main goals. This language forces developers to concurrently think about both the statements needed to implement an algorithm and the assertions required to prove its correctness. In order to aid programmers, we propose several techniques to reduce the number and complexity of annotations required to successfully verify their programs. In particular, we show that high-level iteration constructs may alleviate the need for providing complex loop annotations.Comment: 15 pages, 8 figure

The Topological Theory of the Milnor Invariant μˉ(1,2,3)\bar{\mu}(1,2,3)

We study a topological Abelian gauge theory that generalizes the Abelian Chern-Simons one, and that leads in a natural way to the Milnor's link invariant $\bar{\mu}(1,2,3)$ when the classical action on-shell is calculated.Comment: 4 pages; corrected equatio