103,238 research outputs found
Finite Countermodel Based Verification for Program Transformation (A Case Study)
Both automatic program verification and program transformation are based on
program analysis. In the past decade a number of approaches using various
automatic general-purpose program transformation techniques (partial deduction,
specialization, supercompilation) for verification of unreachability properties
of computing systems were introduced and demonstrated. On the other hand, the
semantics based unfold-fold program transformation methods pose themselves
diverse kinds of reachability tasks and try to solve them, aiming at improving
the semantics tree of the program being transformed. That means some
general-purpose verification methods may be used for strengthening program
transformation techniques. This paper considers the question how finite
countermodels for safety verification method might be used in Turchin's
supercompilation method. We extract a number of supercompilation sub-algorithms
trying to solve reachability problems and demonstrate use of an external
countermodel finder for solving some of the problems.Comment: In Proceedings VPT 2015, arXiv:1512.0221
A Logical Framework for Reputation Systems
Reputation systems are meta systems that record, aggregate and distribute information about the past behaviour of principals in an application. Typically, these applications are large-scale open distributed systems where principals are virtually anonymous, and (a priori) have no knowledge about the trustworthiness of each other. Reputation systems serve two primary purposes: helping principals decide whom to trust, and providing an incentive for principals to well-behave. A logical policy-based framework for reputation systems is presented. In the framework, principals specify policies which state precise requirements on the past behaviour of other principals that must be fulfilled in order for interaction to take place. The framework consists of a formal model of behaviour, based on event structures; a declarative logical language for specifying properties of past behaviour; and efficient dynamic algorithms for checking whether a particular behaviour satisfies a property from the language. It is shown how the framework can be extended in several ways, most notably to encompass parameterized events and quantification over parameters. In an extended application, it is illustrated how the framework can be applied for dynamic history-based access control for safe execution of unknown and untrusted programs
Using Flow Specifications of Parameterized Cache Coherence Protocols for Verifying Deadlock Freedom
We consider the problem of verifying deadlock freedom for symmetric cache
coherence protocols. In particular, we focus on a specific form of deadlock
which is useful for the cache coherence protocol domain and consistent with the
internal definition of deadlock in the Murphi model checker: we refer to this
deadlock as a system- wide deadlock (s-deadlock). In s-deadlock, the entire
system gets blocked and is unable to make any transition. Cache coherence
protocols consist of N symmetric cache agents, where N is an unbounded
parameter; thus the verification of s-deadlock freedom is naturally a
parameterized verification problem. Parametrized verification techniques work
by using sound abstractions to reduce the unbounded model to a bounded model.
Efficient abstractions which work well for industrial scale protocols typically
bound the model by replacing the state of most of the agents by an abstract
environment, while keeping just one or two agents as is. However, leveraging
such efficient abstractions becomes a challenge for s-deadlock: a violation of
s-deadlock is a state in which the transitions of all of the unbounded number
of agents cannot occur and so a simple abstraction like the one above will not
preserve this violation. In this work we address this challenge by presenting a
technique which leverages high-level information about the protocols, in the
form of message sequence dia- grams referred to as flows, for constructing
invariants that are collectively stronger than s-deadlock. Efficient
abstractions can be constructed to verify these invariants. We successfully
verify the German and Flash protocols using our technique
Parameterized Verification of Graph Transformation Systems with Whole Neighbourhood Operations
We introduce a new class of graph transformation systems in which rewrite
rules can be guarded by universally quantified conditions on the neighbourhood
of nodes. These conditions are defined via special graph patterns which may be
transformed by the rule as well. For the new class for graph rewrite rules, we
provide a symbolic procedure working on minimal representations of upward
closed sets of configurations. We prove correctness and effectiveness of the
procedure by a categorical presentation of rewrite rules as well as the
involved order, and using results for well-structured transition systems. We
apply the resulting procedure to the analysis of the Distributed Dining
Philosophers protocol on an arbitrary network structure.Comment: Extended version of a submittion accepted at RP'14 Worksho
A Generic Framework for Reasoning about Dynamic Networks of Infinite-State Processes
We propose a framework for reasoning about unbounded dynamic networks of
infinite-state processes. We propose Constrained Petri Nets (CPN) as generic
models for these networks. They can be seen as Petri nets where tokens
(representing occurrences of processes) are colored by values over some
potentially infinite data domain such as integers, reals, etc. Furthermore, we
define a logic, called CML (colored markings logic), for the description of CPN
configurations. CML is a first-order logic over tokens allowing to reason about
their locations and their colors. Both CPNs and CML are parametrized by a color
logic allowing to express constraints on the colors (data) associated with
tokens. We investigate the decidability of the satisfiability problem of CML
and its applications in the verification of CPNs. We identify a fragment of CML
for which the satisfiability problem is decidable (whenever it is the case for
the underlying color logic), and which is closed under the computations of post
and pre images for CPNs. These results can be used for several kinds of
analysis such as invariance checking, pre-post condition reasoning, and bounded
reachability analysis.Comment: 29 pages, 5 tables, 1 figure, extended version of the paper published
in the the Proceedings of TACAS 2007, LNCS 442
A Formal Framework for Concrete Reputation Systems
In a reputation-based trust-management system, agents maintain information about the past behaviour of other agents. This information is used to guide future trust-based decisions about interaction. However, while trust management is a component in security decision-making, many existing reputation-based trust-management systems provide no formal security-guarantees. In this extended abstract, we describe a mathematical framework for a class of simple reputation-based systems. In these systems, decisions about interaction are taken based on policies that are exact requirements on agents’ past histories. We present a basic declarative language, based on pure-past linear temporal logic, intended for writing simple policies. While the basic language is reasonably expressive (encoding e.g. Chinese Wall policies) we show how one can extend it with quantification and parameterized events. This allows us to encode other policies known from the literature, e.g., ‘one-out-of-k’. The problem of checking a history with respect to a policy is efficient for the basic language, and tractable for the quantified language when policies do not have too many variables
- …