Axiomatisation and decidability of multi-dimensional Duration Calculus

AbstractThe Shape Calculus is a spatio-temporal logic based on an n-dimensional Duration Calculus tailored for the specification and verification of mobile real-time systems. After showing non-axiomatisability, we give a complete embedding in n-dimensional interval temporal logic and present two different decidable subsets, which are important for tool support and practical use

On Model Checking Boolean BI

The logic of bunched implications (BI), introduced by O'Hearn and Pym, is a substructural logic which freely combines additive and multiplicative implications. Boolean BI (BBI) denotes BI with classical interpretation of additives and its model is the commutative monoid. We show that when the monoid is finitely generated and propositions are recursively defined, or the monoid is infinitely generated and propositions are restricted to generator propositions, the model checking problem is undecidable. In the case of finitely related monoid and,generator propositions. the model checking problem is EXPSPACE-complete.http://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:000270711900021&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=8e1609b174ce4e31116a60747a720701Computer Science, Theory & MethodsEICPCI-S(ISTP)

When Ambients Cannot be Opened

International audienceWe investigate expressiveness of a fragment of the ambient calculus, a formalism for describing distributed and mobile computations. More precisely, we study expressiveness of the pure and public ambient calculus from which the capability open has been removed, in terms of the reachability problem of the reduction relation. Surprisingly, we show that even for this very restricted fragment, the reachability problem is not decidable. At a second step, for a slightly weaker reduction relation, we prove that reachability can be decided by reducing this problem to markings reachability for Petri nets. Finally, we show that the name-convergence problem as well as the model-checking problem turn out to be undecidable for both the original and the weaker reduction relation. The authors are grateful to S. Tison and Y. Roos for fruitful discussions and thank the anony mous ferees for valuable comments. This work is supported by an ATIP grant from CNRS

A Logic for Choreographies

We explore logical reasoning for the global calculus, a coordination model based on the notion of choreography, with the aim to provide a methodology for specification and verification of structured communications. Starting with an extension of Hennessy-Milner logic, we present the global logic (GL), a modal logic describing possible interactions among participants in a choreography. We illustrate its use by giving examples of properties on service specifications. Finally, we show that, despite GL is undecidable, there is a significant decidable fragment which we provide with a sound and complete proof system for checking validity of formulae.Comment: In Proceedings PLACES 2010, arXiv:1110.385

Elimination of spatial connectives in static spatial logics

AbstractThe recent interest for specification on resources yields so-called spatial logics, that is specification languages offering new forms of reasoning: the local reasoning through the separation of the resource space into two disjoint subspaces, and the contextual reasoning through hypothetical extension of the resource space.We consider two resource models and their related logics:•The static ambient model, proposed as an abstraction of semistructured data (Proc. ESOP’01, Lecture Notes in Computer Science, vol. 2028, Springer, Berlin, 2001, pp. 1–22 (invited paper)) with the static ambient logic (SAL) that was proposed as a request language, both obtained by restricting the mobile ambient calculus (Proc. FOSSACS’98, Lecture Notes in Computer Science, vol. 1378, Springer, Berlin, 1998, pp. 140–155) and logic (Proc. POPL’00, ACM Press, New York, 2000, pp. 365–377) to their purely static aspects.•The memory model and the assertion language of separation logic, both defined in Reynolds (Proc. LICS’02, 2002) for the purpose of the axiomatic semantic of imperative programs manipulating pointers.We raise the questions of the expressiveness and the minimality of these logics. Our main contribution is a minimalisation technique we may apply for these two logics. We moreover show some restrictions of this technique for the extension SAL∀ with universal quantification, and we establish the minimality of the adjunct-free fragment (SALint)

An observational model for spatial logics

Spatiality is an important aspect of distributed systems because their computations depend both on the dynamic behaviour and on the structure of their components. Spatial logics have been proposed as the formal device for expressing spatial properties of systems. We define CCS∥, a CCS-like calculus whose semantics allows one to observe spatial aspects of systems on the top of which we define models of the spatial logic. Our alternative definition of models is proved equivalent to the standard one. Furthermore, logical equivalence is characterized in terms of the bisimilarity of CCS∥

About compositional analysis of pi-calculus processes

We set up a logical framework for the compositional analysis of finite pi-calculus processes. In particular, we extend the partial model checking techniques developed for value passing process algebras to a nominal calculus, i.e. the pi-calculus. The logic considered is an adaptation of the ambient logic to the pi-calculus. As one of the possible applications, we show that our techniques may be used to study interesting security properties as confidentiality for (finite) pi-calculus processes

A model checking-based approach for security policy verification of mobile systems

International audienceThis article describes an approach for the automated verification of mobile systems. Mobile systems are characterized by the explicit notion of (e.g., sites where they run) and the ability to execute at different locations, yielding a number of security issues. To this aim, we formalize mobile systems as Labeled Kripke Structures, encapsulating the notion of that describes the hierarchical nesting of the threads constituting the system. Then, we formalize a generic that includes rules for expressing and manipulating the code location. In contrast to many other approaches, our technique supports both access control and information flow specification. We developed a prototype framework for model checking of mobile systems. It works directly on the program code (in contrast to most traditional process-algebraic approaches that can model only limited details of mobile systems) and uses abstraction-refinement techniques, based also on location abstractions, to manage the program state space. We experimented with a number of mobile code benchmarks by verifying various security policies. The experimental results demonstrate the validity of the proposed mobile system modeling and policy specification formalisms and highlight the advantages of the model checking-based approach, which combines the validation of security properties with other checks, such as the validation of buffer overflows

Design-time formal verification for smart environments: an exploratory perspective

Smart environments (SmE) are richly integrated with multiple heterogeneous devices; they perform the operations in intelligent manner by considering the context and actions/behaviors of the users. Their major objective is to enable the environment to provide ease and comfort to the users. The reliance on these systems demands consistent behavior. The versatility of devices, user behavior and intricacy of communication complicate the modeling and verification of SmE's reliable behavior. Of the many available modeling and verification techniques, formal methods appear to be the most promising. Due to a large variety of implementation scenarios and support for conditional behavior/processing, the concept of SmE is applicable to diverse areas which calls for focused research. As a result, a number of modeling and verification techniques have been made available for designers. This paper explores and puts into perspective the modeling and verification techniques based on an extended literature survey. These techniques mainly focus on some specific aspects, with a few overlapping scenarios (such as user interaction, devices interaction and control, context awareness, etc.), which were of the interest to the researchers based on their specialized competencies. The techniques are categorized on the basis of various factors and formalisms considered for the modeling and verification and later analyzed. The results show that no surveyed technique maintains a holistic perspective; each technique is used for the modeling and verification of specific SmE aspects. The results further help the designers select appropriate modeling and verification techniques under given requirements and stress for more R&D effort into SmE modeling and verification researc

When Ambients Cannot be Opened

International audienceWe investigate expressiveness of a fragment of the ambient calculus, a formalism for describing distributed and mobile computations. More precisely, we study expressiveness of the pure and public ambient calculus from which the capability open has been removed, in terms of the reachability problem of the reduction relation. Surprisingly, we show that even for this very restricted fragment, the reachability problem is not decidable. At a second step, for a slightly weaker reduction relation, we prove that reachability can be decided by reducing this problem to markings reachability for Petri nets. Finally, we show that the name-convergence problem as well as the model-checking problem turn out to be undecidable for both the original and the weaker reduction relation. The authors are grateful to S. Tison and Y. Roos for fruitful discussions and thank the anony mous ferees for valuable comments. This work is supported by an ATIP grant from CNRS