Integrated Modeling and Verification of Real-Time Systems through Multiple Paradigms

Complex systems typically have many different parts and facets, with different characteristics. In a multi-paradigm approach to modeling, formalisms with different natures are used in combination to describe complementary parts and aspects of the system. This can have a beneficial impact on the modeling activity, as different paradigms an be better suited to describe different aspects of the system. While each paradigm provides a different view on the many facets of the system, it is of paramount importance that a coherent comprehensive model emerges from the combination of the various partial descriptions. In this paper we present a technique to model different aspects of the same system with different formalisms, while keeping the various models tightly integrated with one another. In addition, our approach leverages the flexibility provided by a bounded satisfiability checker to encode the verification problem of the integrated model in the propositional satisfiability (SAT) problem; this allows users to carry out formal verification activities both on the whole model and on parts thereof. The effectiveness of the approach is illustrated through the example of a monitoring system.Comment: 27 page

Who watches the watchers: Validating the ProB Validation Tool

Over the years, ProB has moved from a tool that complemented proving, to a development environment that is now sometimes used instead of proving for applications, such as exhaustive model checking or data validation. This has led to much more stringent requirements on the integrity of ProB. In this paper we present a summary of our validation efforts for ProB, in particular within the context of the norm EN 50128 and safety critical applications in the railway domain.Comment: In Proceedings F-IDE 2014, arXiv:1404.578

ADsafety: Type-Based Verification of JavaScript Sandboxing

Web sites routinely incorporate JavaScript programs from several sources into a single page. These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of JavaScript demand robust verification of the actual sandbox source. We use a novel type system for JavaScript to encode and verify sandboxing properties. The resulting verifier is lightweight and efficient, and operates on actual source. We demonstrate the effectiveness of our technique by applying it to ADsafe, which revealed several bugs and other weaknesses.Comment: in Proceedings of the USENIX Security Symposium (2011

Modeling the Elastic Energy of Alloys: Potential Pitfalls of Continuum Treatments

Some issues that arise when modeling elastic energy for binary alloys are discussed within the context of a Keating model and density functional calculations. The Keating model is based on atomistic modeling of elastic interactions in binary alloy using harmonic springs with species dependent equilibrium lengths. It is demonstrated that the continuum limit for the strain field are the usual equations of linear elasticity for alloys and that they correctly capture the coarse-grained displacement field. In addition, it is established that Euler-Lagrange equation of the continuum limit of the elastic energy will yield the same strain field equation. However, a direct calculation of the elastic energy of the atomistic model reveals that the continuum expression for the elastic energy is both qualitatively and quantitatively incorrect. This is because it does not take atomistic scale compositional non-uniformity into account. Importantly, we also shows that finely mixed alloys tend to have more elastic energy than segregated systems, which is the opposite of predictions by some continuum theories. It is also shown that for strained thin films the traditionally used effective misfit for alloys systematically underestimate the strain energy. In some models, this drawback is handled by including an elastic contribution to the enthalpy of mixing which is characterized in terms of the continuum concentration. The direct calculation of the atomistic model reveals that this approach suffers serious difficulties. It is demonstrated that elastic contribution to the enthalpy of mixing is non-isotropic and scale dependent. It also shown that such effects are present in density-functional theory calculations for the Si/Ge and Ag/Pt systems. This work demonstrates that it is critical to include the microscopic arrangements in any elastic model to achieve even qualitatively correct behavior

Checking the fact-checkers in 2008: predicting political ad scrutiny and assessing consistency

Which types of political ads are most likely to draw criticism from fact-checkers? Are fact-checkers consistent in their evaluations of political ads? Examining general election television ads from the 2008 U.S. presidential race, and based upon the evaluations of FactCheck.org, PolitiFact.com, and the Washington Post's Fact Checker, this study demonstrates it was the attack ads from candidates that were most likely to draw scrutiny from the fact-checkers. Most importantly, a high level of agreement between the fact-checkers indicates their success at selecting political claims that can be consistently evaluated. While political advertisers are increasingly using evidence to support their claims, what may be more critical in drawing evaluations from fact-checkers is the verifiability of a claim. The implications of consistent fact-checking on the public, political actors, journalism and democracy are discussed. With the revelation that fact-checking can be consistently practiced, localized efforts at fact-checking need encouragement, particularly as political TV ads increasingly drown out other potential sources of information for the public and increasingly are used in downballot races, local initiatives, referendums and judicial races

Improving a Modular Verification Technique for Aspect Oriented Programming

As aspect oriented software becomes more popular, there will be more demand for a method of verifying the correctness of the programs. This paper tries to address the verification issue by improving a modular verification technique proposed by Krisnamuhrti et al. The technique has the problem that it can not handle every aspect, which may result in a false awnser. By checking the type of the aspect in advance we can prevent this behavior. The proposed solution also improves some other issues regarding the model-checker