416 research outputs found
Methods to Model-Check Parallel Systems Software
We report on an effort to develop methodologies for formal verification of
parts of the Multi-Purpose Daemon (MPD) parallel process management system. MPD
is a distributed collection of communicating processes. While the individual
components of the collection execute simple algorithms, their interaction leads
to unexpected errors that are difficult to uncover by conventional means. Two
verification approaches are discussed here: the standard model checking
approach using the software model checker SPIN and the nonstandard use of a
general-purpose first-order resolution-style theorem prover OTTER to conduct
the traditional state space exploration. We compare modeling methodology and
analyze performance and scalability of the two methods with respect to
verification of MPD.Comment: 12 pages, 3 figures, 1 tabl
Property specification and static verification of UML models
We present a static verification tool (SVT), a system that performs static verification on UML models composed of UML class and state machine diagrams. Additionally, the SVT allows the user to add extra behavior specification in the form of guards and effects by defining a small action language. UML models are checked against properties written in a special-purpose property language that allows the user to specify linear temporal logic formulas that explicitly reason about UML components. Thus, the SVT provides a strong foundation for the design of reliable systems and a step towards model-driven security
Verifying a signature architecture: a comparative case study
We report on a case study in applying different formal methods to model and verify an architecture for administrating digital signatures. The architecture comprises several concurrently executing systems that authenticate users and generate and store digital signatures by passing security relevant data through a tightly controlled interface. The architecture is interesting from a formal-methods perspective as it involves complex operations on data as well as process coordination and hence is a candidate for both data-oriented and process-oriented formal methods. We have built and verified two models of the signature architecture using two representative formal methods. In the first, we specify a data model of the architecture in Z that we extend to a trace model and interactively verify by theorem proving. In the second, we model the architecture as a system of communicating processes that we verify by finite-state model checking. We provide a detailed comparison of these two different approaches to formalization (infinite state with rich data types versus finite state) and verification (theorem proving versus model checking). Contrary to common belief, our case study suggests that Z is well suited for temporal reasoning about process models with complex operations on data. Moreover, our comparison highlights the advantages of proving theorems about such models and provides evidence that, in the hands of an experienced user, theorem proving may be neither substantially more time-consuming nor more complex than model checkin
Model Checking Paxos in Spin
We present a formal model of a distributed consensus algorithm in the
executable specification language Promela extended with a new type of guards,
called counting guards, needed to implement transitions that depend on majority
voting. Our formalization exploits abstractions that follow from reduction
theorems applied to the specific case-study. We apply the model checker Spin to
automatically validate finite instances of the model and to extract
preconditions on the size of quorums used in the election phases of the
protocol.Comment: In Proceedings GandALF 2014, arXiv:1408.556
An Approach to Model Checking of Multi-agent Data Analysis
The paper presents an approach to verification of a multi-agent data analysis
algorithm. We base correct simulation of the multi-agent system by a finite
integer model. For verification we use model checking tool SPIN. Protocols of
agents are written in Promela language and properties of the multi-agent data
analysis system are expressed in logic LTL. We run several experiments with
SPIN and the model.Comment: In Proceedings MOD* 2014, arXiv:1411.345
Using SPIN to Analyse the Tree Identification Phase of the IEEE 1394 High-Performance Serial Bus(FireWire)Protocol
We describe how the tree identification phase of the IEEE 1394 high-performance serial bus (FireWire) protocol is modelled in Promela and verified using SPIN. The verification of arbitrary system configurations is discussed
A multi-paradigm language for reactive synthesis
This paper proposes a language for describing reactive synthesis problems
that integrates imperative and declarative elements. The semantics is defined
in terms of two-player turn-based infinite games with full information.
Currently, synthesis tools accept linear temporal logic (LTL) as input, but
this description is less structured and does not facilitate the expression of
sequential constraints. This motivates the use of a structured programming
language to specify synthesis problems. Transition systems and guarded commands
serve as imperative constructs, expressed in a syntax based on that of the
modeling language Promela. The syntax allows defining which player controls
data and control flow, and separating a program into assumptions and
guarantees. These notions are necessary for input to game solvers. The
integration of imperative and declarative paradigms allows using the paradigm
that is most appropriate for expressing each requirement. The declarative part
is expressed in the LTL fragment of generalized reactivity(1), which admits
efficient synthesis algorithms, extended with past LTL. The implementation
translates Promela to input for the Slugs synthesizer and is written in Python.
The AMBA AHB bus case study is revisited and synthesized efficiently,
identifying the need to reorder binary decision diagrams during strategy
construction, in order to prevent the exponential blowup observed in previous
work.Comment: In Proceedings SYNT 2015, arXiv:1602.0078
Translating synchronous Petri Nets into PROMELA for verifying behavioural properties
For developing embedded systems, the design process may benefit in some contexts from the usage of formal methods, namely to find critical errors and flaws, before final design and implementation decisions are taken. The Synchronous and Interpreted Petri Net (SIP-net) modelling language is considered in this article to model embedded systems. This model of computation is based on safe Petri nets with guarded transitions and synchronous transitions firing, and also includes enabling and inhibitor arcs. The Spin tool, whose input language is PROMELA, is a verification system based on model checking techniques. This article presents a program to translate SIP-net models into PROMELA code and discusses in detail the adequacy of the created PROMELA specification for verification through
model checking techniques.Fundação para a Ciência e a Tecnologia (FCT) - bolsa SFRH/BD/19718/200
- …