23,962 research outputs found
Learning to Prove Safety over Parameterised Concurrent Systems (Full Version)
We revisit the classic problem of proving safety over parameterised
concurrent systems, i.e., an infinite family of finite-state concurrent systems
that are represented by some finite (symbolic) means. An example of such an
infinite family is a dining philosopher protocol with any number n of processes
(n being the parameter that defines the infinite family). Regular model
checking is a well-known generic framework for modelling parameterised
concurrent systems, where an infinite set of configurations (resp. transitions)
is represented by a regular set (resp. regular transducer). Although verifying
safety properties in the regular model checking framework is undecidable in
general, many sophisticated semi-algorithms have been developed in the past
fifteen years that can successfully prove safety in many practical instances.
In this paper, we propose a simple solution to synthesise regular inductive
invariants that makes use of Angluin's classic L* algorithm (and its variants).
We provide a termination guarantee when the set of configurations reachable
from a given set of initial configurations is regular. We have tested L*
algorithm on standard (as well as new) examples in regular model checking
including the dining philosopher protocol, the dining cryptographer protocol,
and several mutual exclusion protocols (e.g. Bakery, Burns, Szymanski, and
German). Our experiments show that, despite the simplicity of our solution, it
can perform at least as well as existing semi-algorithms.Comment: Full version of FMCAD'17 pape
Practical Distributed Control Synthesis
Classic distributed control problems have an interesting dichotomy: they are
either trivial or undecidable. If we allow the controllers to fully
synchronize, then synthesis is trivial. In this case, controllers can
effectively act as a single controller with complete information, resulting in
a trivial control problem. But when we eliminate communication and restrict the
supervisors to locally available information, the problem becomes undecidable.
In this paper we argue in favor of a middle way. Communication is, in most
applications, expensive, and should hence be minimized. We therefore study a
solution that tries to communicate only scarcely and, while allowing
communication in order to make joint decision, favors local decisions over
joint decisions that require communication.Comment: In Proceedings INFINITY 2011, arXiv:1111.267
Desynchronization: Synthesis of asynchronous circuits from synchronous specifications
Asynchronous implementation techniques, which measure logic delays at run time and activate registers accordingly, are inherently more robust than their synchronous counterparts, which estimate worst-case delays at design time, and constrain the clock cycle accordingly. De-synchronization is a new paradigm to automate the design of asynchronous circuits from synchronous specifications, thus permitting widespread adoption of asynchronicity, without requiring special design skills or tools. In this paper, we first of all study different protocols for de-synchronization and formally prove their correctness, using techniques originally developed for distributed deployment of synchronous language specifications. We also provide a taxonomy of existing protocols for asynchronous latch controllers, covering in particular the four-phase handshake protocols devised in the literature for micro-pipelines. We then propose a new controller which exhibits provably maximal concurrency, and analyze the performance of desynchronized circuits with respect to the original synchronous optimized implementation. We finally prove the feasibility and effectiveness of our approach, by showing its application to a set of real designs, including a complete implementation of the DLX microprocessor architectur
ATLsc with partial observation
Alternating-time temporal logic with strategy contexts (ATLsc) is a powerful
formalism for expressing properties of multi-agent systems: it extends CTL with
strategy quantifiers, offering a convenient way of expressing both
collaboration and antagonism between several agents. Incomplete observation of
the state space is a desirable feature in such a framework, but it quickly
leads to undecidable verification problems. In this paper, we prove that
uniform incomplete observation (where all players have the same observation)
preserves decidability of the model-checking problem, even for very expressive
logics such as ATLsc.Comment: In Proceedings GandALF 2015, arXiv:1509.0685
Unfolding-Based Process Discovery
This paper presents a novel technique for process discovery. In contrast to
the current trend, which only considers an event log for discovering a process
model, we assume two additional inputs: an independence relation on the set of
logged activities, and a collection of negative traces. After deriving an
intermediate net unfolding from them, we perform a controlled folding giving
rise to a Petri net which contains both the input log and all
independence-equivalent traces arising from it. Remarkably, the derived Petri
net cannot execute any trace from the negative collection. The entire chain of
transformations is fully automated. A tool has been developed and experimental
results are provided that witness the significance of the contribution of this
paper.Comment: This is the unabridged version of a paper with the same title
appearead at the proceedings of ATVA 201
Process Algebras
Process Algebras are mathematically rigorous languages with well defined semantics that permit describing and verifying properties of concurrent communicating systems.
They can be seen as models of processes, regarded as agents that act and interact continuously with other similar agents and with their common environment. The agents may be real-world objects (even people), or they may be artifacts, embodied perhaps in computer hardware or software systems.
Many different approaches (operational, denotational, algebraic) are taken for describing the meaning of processes. However, the operational approach is the reference one. By relying on the so called Structural Operational Semantics (SOS), labelled transition systems are built and composed by using the different operators of the many different process algebras. Behavioral equivalences are used to abstract from unwanted details and identify those systems that react similarly to external
experiments
TAPAs: A Tool for the Analysis of Process Algebras
Process algebras are formalisms for modelling concurrent systems that permit mathematical reasoning with respect to a set of desired properties. TAPAs is a tool that can be used to support the use of process algebras to specify and analyze concurrent systems. It does not aim at guaranteeing high performances, but has been developed as a support to teaching. Systems are described as process algebras terms that are then mapped to labelled transition systems (LTSs). Properties are verified either by checking equivalence of concrete and abstract systems descriptions, or by model checking temporal formulae over the obtained LTS. A key feature of TAPAs, that makes it particularly suitable for teaching, is that it maintains a consistent double representation of each system both as a term and as a graph. Another useful didactical feature is the exhibition of counterexamples in case equivalences are not verified or the proposed formulae are not satisfied
- …