168,843 research outputs found
Automatic Generation of Minimal Cut Sets
A cut set is a collection of component failure modes that could lead to a
system failure. Cut Set Analysis (CSA) is applied to critical systems to
identify and rank system vulnerabilities at design time. Model checking tools
have been used to automate the generation of minimal cut sets but are generally
based on checking reachability of system failure states. This paper describes a
new approach to CSA using a Linear Temporal Logic (LTL) model checker called BT
Analyser that supports the generation of multiple counterexamples. The approach
enables a broader class of system failures to be analysed, by generalising from
failure state formulae to failure behaviours expressed in LTL. The traditional
approach to CSA using model checking requires the model or system failure to be
modified, usually by hand, to eliminate already-discovered cut sets, and the
model checker to be rerun, at each step. By contrast, the new approach works
incrementally and fully automatically, thereby removing the tedious and
error-prone manual process and resulting in significantly reduced computation
time. This in turn enables larger models to be checked. Two different
strategies for using BT Analyser for CSA are presented. There is generally no
single best strategy for model checking: their relative efficiency depends on
the model and property being analysed. Comparative results are given for the
A320 hydraulics case study in the Behavior Tree modelling language.Comment: In Proceedings ESSS 2015, arXiv:1506.0325
Survey of Distributed Decision
We survey the recent distributed computing literature on checking whether a
given distributed system configuration satisfies a given boolean predicate,
i.e., whether the configuration is legal or illegal w.r.t. that predicate. We
consider classical distributed computing environments, including mostly
synchronous fault-free network computing (LOCAL and CONGEST models), but also
asynchronous crash-prone shared-memory computing (WAIT-FREE model), and mobile
computing (FSYNC model)
Recommended from our members
Verifying and comparing finite state machines for systems that have distributed interfaces
This paper concerns state-based systems that interact with their environment at physically distributed interfaces, called ports. When such a system is used a projection of the global trace, a local trace, is observed at each port. As a result the environment has reduced observational power: the set of local traces observed need not define the global trace that occurred. We consider the previously defined implementation relation ⊆s and prove that it is undecidable whether N ⊆s M and so it is also undecidable whether testing can distinguishing two states or FSMs. We also prove that a form of model-checking is undecidable when we have distributed observations and give conditions under which N ⊆s M is decidable. We then consider implementation relation ⊆sk that concerns input sequences of length κ or less. If we place bounds on κ and the number of ports then we can decide N ⊆sk M in polynomial time but otherwise this problem is NP-hard
Verification of Agent-Based Artifact Systems
Artifact systems are a novel paradigm for specifying and implementing
business processes described in terms of interacting modules called artifacts.
Artifacts consist of data and lifecycles, accounting respectively for the
relational structure of the artifacts' states and their possible evolutions
over time. In this paper we put forward artifact-centric multi-agent systems, a
novel formalisation of artifact systems in the context of multi-agent systems
operating on them. Differently from the usual process-based models of services,
the semantics we give explicitly accounts for the data structures on which
artifact systems are defined. We study the model checking problem for
artifact-centric multi-agent systems against specifications written in a
quantified version of temporal-epistemic logic expressing the knowledge of the
agents in the exchange. We begin by noting that the problem is undecidable in
general. We then identify two noteworthy restrictions, one syntactical and one
semantical, that enable us to find bisimilar finite abstractions and therefore
reduce the model checking problem to the instance on finite models. Under these
assumptions we show that the model checking problem for these systems is
EXPSPACE-complete. We then introduce artifact-centric programs, compact and
declarative representations of the programs governing both the artifact system
and the agents. We show that, while these in principle generate infinite-state
systems, under natural conditions their verification problem can be solved on
finite abstractions that can be effectively computed from the programs. Finally
we exemplify the theoretical results of the paper through a mainstream
procurement scenario from the artifact systems literature
- …