176 research outputs found
Towards modular verification of pathways: fairness and assumptions
Modular verification is a technique used to face the state explosion problem
often encountered in the verification of properties of complex systems such as
concurrent interactive systems. The modular approach is based on the
observation that properties of interest often concern a rather small portion of
the system. As a consequence, reduced models can be constructed which
approximate the overall system behaviour thus allowing more efficient
verification.
Biochemical pathways can be seen as complex concurrent interactive systems.
Consequently, verification of their properties is often computationally very
expensive and could take advantage of the modular approach.
In this paper we report preliminary results on the development of a modular
verification framework for biochemical pathways. We view biochemical pathways
as concurrent systems of reactions competing for molecular resources. A modular
verification technique could be based on reduced models containing only
reactions involving molecular resources of interest.
For a proper description of the system behaviour we argue that it is
essential to consider a suitable notion of fairness, which is a
well-established notion in concurrency theory but novel in the field of pathway
modelling. We propose a modelling approach that includes fairness and we
identify the assumptions under which verification of properties can be done in
a modular way.
We prove the correctness of the approach and demonstrate it on the model of
the EGF receptor-induced MAP kinase cascade by Schoeberl et al.Comment: In Proceedings MeCBIC 2012, arXiv:1211.347
Computation Tree Logic with Deadlock Detection
We study the equivalence relation on states of labelled transition systems of
satisfying the same formulas in Computation Tree Logic without the next state
modality (CTL-X). This relation is obtained by De Nicola & Vaandrager by
translating labelled transition systems to Kripke structures, while lifting the
totality restriction on the latter. They characterised it as divergence
sensitive branching bisimulation equivalence.
We find that this equivalence fails to be a congruence for interleaving
parallel composition. The reason is that the proposed application of CTL-X to
non-total Kripke structures lacks the expressiveness to cope with deadlock
properties that are important in the context of parallel composition. We
propose an extension of CTL-X, or an alternative treatment of non-totality,
that fills this hiatus. The equivalence induced by our extension is
characterised as branching bisimulation equivalence with explicit divergence,
which is, moreover, shown to be the coarsest congruence contained in divergence
sensitive branching bisimulation equivalence
Partially Ordered Two-way B\"uchi Automata
We introduce partially ordered two-way B\"uchi automata and characterize
their expressive power in terms of fragments of first-order logic FO[<].
Partially ordered two-way B\"uchi automata are B\"uchi automata which can
change the direction in which the input is processed with the constraint that
whenever a state is left, it is never re-entered again. Nondeterministic
partially ordered two-way B\"uchi automata coincide with the first-order
fragment Sigma2. Our main contribution is that deterministic partially ordered
two-way B\"uchi automata are expressively complete for the first-order fragment
Delta2. As an intermediate step, we show that deterministic partially ordered
two-way B\"uchi automata are effectively closed under Boolean operations.
A small model property yields coNP-completeness of the emptiness problem and
the inclusion problem for deterministic partially ordered two-way B\"uchi
automata.Comment: The results of this paper were presented at CIAA 2010; University of
Stuttgart, Computer Scienc
Incompleteness of States w.r.t. Traces in Model Checking
Cousot and Cousot introduced and studied a general past/future-time
specification language, called mu*-calculus, featuring a natural time-symmetric
trace-based semantics. The standard state-based semantics of the mu*-calculus
is an abstract interpretation of its trace-based semantics, which turns out to
be incomplete (i.e., trace-incomplete), even for finite systems. As a
consequence, standard state-based model checking of the mu*-calculus is
incomplete w.r.t. trace-based model checking. This paper shows that any
refinement or abstraction of the domain of sets of states induces a
corresponding semantics which is still trace-incomplete for any propositional
fragment of the mu*-calculus. This derives from a number of results, one for
each incomplete logical/temporal connective of the mu*-calculus, that
characterize the structure of models, i.e. transition systems, whose
corresponding state-based semantics of the mu*-calculus is trace-complete
Counterexamples Revisited: Principles, Algorithms, Applications
Abstract. Algorithmic counterexample generation is a central feature of model checking which sets the method apart from other approaches such as theorem proving. The practical value of counterexamples to the verification engineer is evident, and for many years, counterexam-ple generation algorithms have been employed in model checking sys-tems, even though they had not been subject to an adequate fundamen-tal investigation. Recent advances in model checking technology such as counterexample-guided abstraction refinement have put strong em-phasis on counterexamples, and have lead to renewed interest both in fundamental and pragmatic aspects of counterexample generation. In this paper, we survey several key contributions to the subject includ-ing symbolic algorithms, results about the graph-theoretic structure of counterexamples, and applications to automated abstraction as well as software verification. Irrefutability is not a virtue of a theory (as people often think) but a vice
Model Checking a Temporal Logic via Program Verification
openThe thesis explores the possibility of viewing Model Checking as an instance of program verification in order to allow for the reuse of the vast theory and toolset of Abstract Interpretation in the setting of Model Checking. Model Checking is a formal verification technique used to analyse the correctness of software systems, based on a representation of the system as a formal model, such as a finite-state machine or a transition system, and on a representation of the properties it must satisfy as temporal logic formulae. On the other hand, Abstract Interpretation is a program analysis method, based on the idea of extracting properties of programs by (over-)approximating their semantics over a so-called abstract domain, typically a complete lattice, whose elements represent program properties. The thesis focuses on ACTL, the universal fragment of the temporal logic CTL, which can describe properties of executions which are universally quantified. It shows how properties expressed in ACTL can be mapped into programs written in a suitable programming language, whose semantics consists of counterexamples to the validity of the formula. Then such a program is analysed by Abstract Interpretation over some abstract domain, exploiting the idea of local completeness as put forward in some recent work, combining lower- and under-approximations.The thesis explores the possibility of viewing Model Checking as an instance of program verification in order to allow for the reuse of the vast theory and toolset of Abstract Interpretation in the setting of Model Checking. Model Checking is a formal verification technique used to analyse the correctness of software systems, based on a representation of the system as a formal model, such as a finite-state machine or a transition system, and on a representation of the properties it must satisfy as temporal logic formulae. On the other hand, Abstract Interpretation is a program analysis method, based on the idea of extracting properties of programs by (over-)approximating their semantics over a so-called abstract domain, typically a complete lattice, whose elements represent program properties. The thesis focuses on ACTL, the universal fragment of the temporal logic CTL, which can describe properties of executions which are universally quantified. It shows how properties expressed in ACTL can be mapped into programs written in a suitable programming language, whose semantics consists of counterexamples to the validity of the formula. Then such a program is analysed by Abstract Interpretation over some abstract domain, exploiting the idea of local completeness as put forward in some recent work, combining lower- and under-approximations
Finite-State Abstractions for Probabilistic Computation Tree Logic
Probabilistic Computation Tree Logic (PCTL) is the established temporal
logic for probabilistic verification of discrete-time Markov chains. Probabilistic
model checking is a technique that verifies or refutes whether a property
specified in this logic holds in a Markov chain. But Markov chains are often
infinite or too large for this technique to apply. A standard solution to
this problem is to convert the Markov chain to an abstract model and to
model check that abstract model. The problem this thesis therefore studies
is whether or when such finite abstractions of Markov chains for model
checking PCTL exist.
This thesis makes the following contributions. We identify a sizeable fragment
of PCTL for which 3-valued Markov chains can serve as finite abstractions;
this fragment is maximal for those abstractions and subsumes many
practically relevant specifications including, e.g., reachability. We also develop
game-theoretic foundations for the semantics of PCTL over Markov
chains by capturing the standard PCTL semantics via a two-player games.
These games, finally, inspire a notion of p-automata, which accept entire
Markov chains. We show that p-automata subsume PCTL and Markov
chains; that their languages of Markov chains have pleasant closure properties;
and that the complexity of deciding acceptance matches that of probabilistic
model checking for p-automata representing PCTL formulae. In addition,
we offer a simulation between p-automata that under-approximates
language containment. These results then allow us to show that p-automata
comprise a solution to the problem studied in this thesis
A state/event-based model-checking approach for the analysis of abstract system properties.
AbstractWe present the UMC framework for the formal analysis of concurrent systems specified by collections of UML state machines. The formal model of a system is given by a doubly labelled transition system, and the logic used to specify its properties is the state-based and event-based logic UCTL. UMC is an on-the-fly analysis framework which allows the user to interactively explore a UML model, to visualize abstract behavioural slices of it and to perform local model checking of UCTL formulae. An automotive scenario from the service-oriented computing (SOC) domain is used as case study to illustrate our approach
- …