Maximal good step graph methods for reducing the generation of the state space

This paper proposes an effective method based on the two main partial order techniques which are persistent sets and covering step graph techniques, to deal with the state explosion problem. First, we introduce a new definition of sound steps, the firing of which enables to extremely reduce the state space. Then, we propose a weaker sufficient condition about how to find the set of sound steps at each current marking. Next, we illustrate the relation between maximal sound steps and persistent sets, and propose a concept of good steps. Based on the maximal sound steps and good steps, a construction algorithm for generating a maximal good step graph (MGSG) of a Petri net (PN) is established. This algorithm first computes the maximal good step at each marking if there exists one, otherwise maximal sound steps are fired at the marking. Furthermore, we have proven that an MGSG can effectively preserve deadlocks of a Petri net. Finally, the change performance evaluation is made to demonstrate the superiority of our proposed method, compared with other related partial order techniques

Model checking finite paths and trees

This thesis presents efficient parallel algorithms for checking temporal logic formulas over finite paths and trees. We show that LTL path checking is in AC1(logDCFL) and CTL tree checking is in AC2(logDCFL). For LTL with pastime and bounded modalities, which is an exponentially more succinct logic, we show that the path checking problem remains in AC1(logDCFL). Our results provide a foundation for efficient algorithms of various applications in monitoring, testing, and verification as well as for query processing for tree-datastructures, e.g. XML documents. The presented path and tree checking algorithms are based on efficient parallel evaluation strategies for monotone Boolean circuits. We reduce the evaluation of product circuits to the problem of evaluating one-input-face monotone planar Boolean circuits: for a monotone Boolean circuit that is a product of a tree and a path, we provide an AC1-reduction; for a monotone Boolean circuit that is a product of two trees, we provide an AC2-reduction. We develop a classification of Kripke structures with respect to the complexity of LTL model checking: Kripke structures for which the problem is PSPACE- complete, Kripke structures for which the problem is coNP-complete, and Kripke structures for which the problem is in NC.Wir präsentieren effiziente parallele Algorithmen zum Überprüfen der Erfülltheit von temporal logischen Formeln auf Pfaden und Bäumen. Wir zeigen, dass für die Logik LTL das Überprüfen von Ausführungspfaden in der Komplexitätsklasse AC1(logDCFL) liegt. Für die Logik CTL ist das Überprüfen von Bäumen in AC2(logDCFL). Für Erweiterungen von LTL mit Vergangenheit und beschränkten zeitlichen Modalitäten beweisen wir, dass Pfade ebenfalls in AC1(logDCFL) überprüft werden können, obwohl die Logik exponentiell kompakter ist als einfaches LTL. Unsere Resultate bielden eine Grundlage für effiziente Algorithmen für verschiedene Anwendungen in den Bereichen der Systemüberwachung, des Testens und der Verfikation sowie für die Anfragebearbeitung für Baumdatenstrukturen, wie zum Beispiel XML Dokumente. Die präsentierten Algorithmen zum Überprüfen von Pfaden und Bäumen basieren auf effizient parallelen Strategien zur Evaluierung von monotonen Boolschen Schaltkreisen. Wir reduzieren die Evaluierung von Produkt-Schaltkreisen auf das Problem der Evaluierung von monoton planaren Boolschen Schaltkreisen, bei denen sich alle Eingaben auf dem äußeren Rand befinden. Für monotone Boolsche Schaltkreise, die das Produkt von einem Baum und einem Pfad sind, geben wir eine AC1-Reduktion an. Für monotone Boolsche Schaltkreise, die das Produkt von zwei Bäumen sind, geben wir eine AC2-Reduktion an. Wir entwickeln eine Klassifizierung von Kripkestrukturen im Hinblick auf die Komplexität des Erfülltheitsproblems für LTL: Kripkestrukturen, für die das Problem PSPACE-vollständig ist, Kripkestrukturen, für die das Problem coNP- vollständig ist, und Kripkestrukturen, für die das Problem in NC liegt

Exploration efficace de l'espace d'état pour les programmes distribués asynchrones: Adaptation de l’UDPOR aux programes MPI.

Distributed message passing applications are in the mainstream of information technology since they exploit the power of parallel computer systems to produce higher performance. Designing distributed programs remains challenging because developers have to reason about concurrency, non-determinism, data distribution… that are main characteristics of distributed programs. Besides, it is virtually impossible to ensure the correctness of such programs via classical testing approaches since one may never successfully reach the execution that leads to unwanted behaviors in the programs. There is thus a need for more powerful verification techniques. Model-checking is one of the formal methods that allows to verify automatically and effectively some properties on models of computer systems by exploring all possible behaviors (states and transitions) of the system model. However, state spaces increase exponentially with the number of concurrent processes, leading to “state space explosion”.Unfolding-based Dynamic Partial Order Reduction (UDPOR) is a recent technique mixing Dynamic Partial Order Reduction (DPOR) with concepts of concurrency theory such as unfoldings to efficiently mitigate state space explosion in model-checking of concurrent programs. It is optimal in the sense that each Mazurkiewicz trace, i.e. a class of interleavings equivalent by commuting adjacent independent actions, is explored exactly once. And it is applicable to running programs, not only models of programs.The thesis aims at adapting UDPOR to verify asynchronous distributed programs (e.g. MPI programs) in the setting of the SIMGRID simulator of distributed applications. To do so, an abstract programming model of asynchronous distributed programs is defined and formalized in the TLA+ language, allowing to precisely define an independence relation, a main ingredient of the concurrency semantics. Then, the adaptation of UDPOR, involving the construction of an unfolding, is made efficient by a precise analysis of dependencies in the programming model, allowing efficient computations of usually costly operation. A prototype implementation of UDPOR adapted to distributed asynchronous programs has been developed, giving promising experimental results on a significant set of benchmarks.Distributed message passing applications are in the mainstream of information technology since they exploit the power of parallel computer systems to produce higher performance. Designing distributed programs remains challenging because developers have to reason about concurrency, non-determinism, data distribution… that are main characteristics of distributed programs. Besides, it is virtually impossible to ensure the correctness of such programs via classical testing approaches since one may never successfully reach the execution that leads to unwanted behaviors in the programs. There is thus a need for more powerful verification techniques. Model-checking is one of the formal methods that allows to verify automatically and effectively some properties on models of computer systems by exploring all possible behaviors (states and transitions) of the system model. However, state spaces increase exponentially with the number of concurrent processes, leading to “state space explosion”.Unfolding-based Dynamic Partial Order Reduction (UDPOR) is a recent technique mixing Dynamic Partial Order Reduction (DPOR) with concepts of concurrency theory such as unfoldings to efficiently mitigate state space explosion in model-checking of concurrent programs. It is optimal in the sense that each Mazurkiewicz trace, i.e. a class of interleavings equivalent by commuting adjacent independent actions, is explored exactly once. And it is applicable to running programs, not only models of programs.The thesis aims at adapting UDPOR to verify asynchronous distributed programs (e.g. MPI programs) in the setting of the SIMGRID simulator of distributed applications. To do so, an abstract programming model of asynchronous distributed programs is defined and formalized in the TLA+ language, allowing to precisely define an independence relation, a main ingredient of the concurrency semantics. Then, the adaptation of UDPOR, involving the construction of an unfolding, is made efficient by a precise analysis of dependencies in the programming model, allowing efficient computations of usually costly operation. A prototype implementation of UDPOR adapted to distributed asynchronous programs has been developed, giving promising experimental results on a significant set of benchmarks

IST Austria Thesis

The design and verification of concurrent systems remains an open challenge due to the non-determinism that arises from the inter-process communication. In particular, concurrent programs are notoriously difficult both to be written correctly and to be analyzed formally, as complex thread interaction has to be accounted for. The difficulties are further exacerbated when concurrent programs get executed on modern-day hardware, which contains various buffering and caching mechanisms for efficiency reasons. This causes further subtle non-determinism, which can often produce very unintuitive behavior of the concurrent programs. Model checking is at the forefront of tackling the verification problem, where the task is to decide, given as input a concurrent system and a desired property, whether the system satisfies the property. The inherent state-space explosion problem in model checking of concurrent systems causes naïve explicit methods not to scale, thus more inventive methods are required. One such method is stateless model checking (SMC), which explores in memory-efficient manner the program executions rather than the states of the program. State-of-the-art SMC is typically coupled with partial order reduction (POR) techniques, which argue that certain executions provably produce identical system behavior, thus limiting the amount of executions one needs to explore in order to cover all possible behaviors. Another method to tackle the state-space explosion is symbolic model checking, where the considered techniques operate on a succinct implicit representation of the input system rather than explicitly accessing the system. In this thesis we present new techniques for verification of concurrent systems. We present several novel POR methods for SMC of concurrent programs under various models of semantics, some of which account for write-buffering mechanisms. Additionally, we present novel algorithms for symbolic model checking of finite-state concurrent systems, where the desired property of the systems is to ensure a formally defined notion of fairness

Verification of Concurrent Systems : optimality, Scalability and Applicability

Tesis inédita de la Universidad Complutense de Madrid, Facultad de Informática, leída el 14-10-2020Tanto el testing como la verificacion de sistemas concurrentes requieren explorar todos los posibles entrelazados no deterministas que la ejecucion concurrente puede tener, ya que cualquiera de estos entrelazados podra revelar un comportamiento erroneo del sistema. Esto introduce una explosion combinatoria en el numero de estados del programa que deben ser considerados, lo que frecuentemente lleva a un problema computacionalmente intratable. El objetivo de esta tesis es el desarrollo de tecnicas novedosas para el testing y la verificacion de programas concurrentes que permitan reducir esta explosion combinatoria...Both verification and testing of concurrent systems require exploring all possible non-deterministic interleavings that the concurrent execution may have, as any of the interleavings may reveal an erroneous behavior of the system. This introduces a combinatorial explosion on the number of program states that must be considered, what leads often to a computationally intractable problem. The overall goal of this thesis is to investigate novel techniques for testing and verification of concurrent programs that reduce this combinatorial explosion...Fac. de InformáticaTRUEunpu

Applying the Engineering Statechart Formalism to the evaluation of soft real-time in operating systems : a use case tailored modeling and analysis technique

Multimedia applications that have emerged in recent years impose unique requirements on an underlying general purpose operating system (GPOS). The suitability of a GPOS for multimedia processing is judged by its soft real-time capabilities. To date, the question of how these capabilities can be assessed has scarcely been addressed: this is a gap in GPOS research. By answering questions on the impacts of the Interrupt Handling Facility (IHF) on the overall soft real-time capabilities of a GPOS, this thesis contributes to the filling of this blank space. The Engineering Statechart Formalism (ESF), a use case tailored formal method of modeling real-world OS, is syntactically and semantically defined. Models of the IHF of selected real-world operating systems are then created by means of this technique. As no appropriate real-time concept fitting the goals of this thesis as yet exists, a suitable definition is constructed. By projecting this system-wide idea to the interrupt subsystem, specific indicators for this subsystem are erived. These indicators are then evaluated by applying formal techniques such as graph-based analysis and temporal logic model checking to the ESF models. Finally, the assertions derived from this evaluation are interpreted with respect to their impacts on real-time multimedia processing in different general purpose operating systems.Multimedia-Anwendungen haben in den letzten Jahren weite Verbreitung erfahren. Solche Anwendungen stellen besondere Anforderungen an das Betriebssystem (BS), auf dem sie ausgeführt werden. Insbesondere Echtzeitfähigkeiten des Betriebssystems sind von Bedeutung, wenn es um seine Eignung für Multimedia-Verarbeitung geht. Bis heute wurde die Frage, wie sich diese Fähigkeiten konkret innerhalb eines BS manifestieren, nur unzureichend untersucht. Die vorliegende Arbeit leistet einen Beitrag zur Füllung dieser Lücke in der BS-Forschung. Die Effekte des Subsystems zur Unterbrechungsbehandlung in BS auf die Echtzeitfähigkeit des Gesamtsystems werden detailliert auf Basis von Modellen dieses Subsystems in verschiedenen BS analysiert. Um eine formale Auswertung zu erlauben, wird eine auf den Anwendungsfall zugeschnittene formale Methode zur BS-Modellierung verwendet. Die spezifizierte Syntax und Semantik dieses Engineering Statechart Formalism (ESF) basieren auf dem klassischen Statechart-Formalismus. Da bislang kein geeigneter Echtzeit-Begriff existiert, wird eine konsistente Definition hergeleitet. Durch die Abbildung dieser sich auf das Gesamtsystem beziehenden Eigenschaft auf die Unterbrechungsbehandlung werden spezifische Indikatoren für dieses Subsystem hergeleitet. Die Ausprägungen dieser Indikatoren für die verschiedenen untersuchten Betriebssyteme werden anhand formaler Methoden wie graphbasierter Analyse und Temporal Logic Model Checking ausgewertet. Die Interpretation der Untersuchungsergebnisse liefert Aussagen über die Effekte der Implementierung der Unterbrechungsbehandlung auf die Echtzeitfähigkeit der untersuchten Betriebssysteme bei der Verarbeitung von multimedialen Daten