518 research outputs found
Coverage and Vacuity in Network Formation Games
The frameworks of coverage and vacuity in formal verification analyze the effect of mutations applied to systems or their specifications. We adopt these notions to network formation games, analyzing the effect of a change in the cost of a resource. We consider two measures to be affected: the cost of the Social Optimum and extremums of costs of Nash Equilibria. Our results offer a formal framework to the effect of mutations in network formation games and include a complexity analysis of related decision problems. They also tighten the relation between algorithmic game theory and formal verification, suggesting refined definitions of coverage and vacuity for the latter
From Formal Requirement Analysis to Testing and Monitoring of Cyber-Physical Systems
abstract: Cyber-Physical Systems (CPS) are being used in many safety-critical applications. Due to the important role in virtually every aspect of human life, it is crucial to make sure that a CPS works properly before its deployment. However, formal verification of CPS is a computationally hard problem. Therefore, lightweight verification methods such as testing and monitoring of the CPS are considered in the industry. The formal representation of the CPS requirements is a challenging task. In addition, checking the system outputs with respect to requirements is a computationally complex problem. In this dissertation, these problems for the verification of CPS are addressed. The first method provides a formal requirement analysis framework which can find logical issues in the requirements and help engineers to correct the requirements. Also, a method is provided to detect tests which vacuously satisfy the requirement because of the requirement structure. This method is used to improve the test generation framework for CPS. Finally, two runtime verification algorithms are developed for off-line/on-line monitoring with respect to real-time requirements. These monitoring algorithms are computationally efficient, and they can be used in practical applications for monitoring CPS with low runtime overhead.Dissertation/ThesisDoctoral Dissertation Computer Science 201
Bounded Satisfiability for PCTL
While model checking PCTL for Markov chains is decidable in polynomial-time,
the decidability of PCTL satisfiability, as well as its finite model property,
are long standing open problems. While general satisfiability is an intriguing
challenge from a purely theoretical point of view, we argue that general
solutions would not be of interest to practitioners: such solutions could be
too big to be implementable or even infinite. Inspired by bounded synthesis
techniques, we turn to the more applied problem of seeking models of a bounded
size: we restrict our search to implementable -- and therefore reasonably
simple -- models. We propose a procedure to decide whether or not a given PCTL
formula has an implementable model by reducing it to an SMT problem. We have
implemented our techniques and found that they can be applied to the practical
problem of sanity checking -- a procedure that allows a system designer to
check whether their formula has an unexpectedly small model
Interface-aware signal temporal logic
Safety and security are major concerns in the development of Cyber-Physical Systems (CPS). Signal temporal logic (STL) was proposedas a language to specify and monitor the correctness of CPS relativeto formalized requirements. Incorporating STL into a developmentprocess enables designers to automatically monitor and diagnosetraces, compute robustness estimates based on requirements, andperform requirement falsification, leading to productivity gains inverification and validation activities; however, in its current formSTL is agnostic to the input/output classification of signals, andthis negatively impacts the relevance of the analysis results.In this paper we propose to make the interface explicit in theSTL language by introducing input/output signal declarations. Wethen define new measures of input vacuity and output robustnessthat better reflect the nature of the system and the specification in-tent. The resulting framework, which we call interface-aware signaltemporal logic (IA-STL), aids verification and validation activities.We demonstrate the benefits of IA-STL on several CPS analysisactivities: (1) robustness-driven sensitivity analysis, (2) falsificationand (3) fault localization. We describe an implementation of our en-hancement to STL and associated notions of robustness and vacuityin a prototype extension of Breach, a MATLAB®/Simulink®toolboxfor CPS verification and validation. We explore these methodologi-cal improvements and evaluate our results on two examples fromthe automotive domain: a benchmark powertrain control systemand a hydrogen fuel cell system
Conformance Checking Based on Multi-Perspective Declarative Process Models
Process mining is a family of techniques that aim at analyzing business
process execution data recorded in event logs. Conformance checking is a branch
of this discipline embracing approaches for verifying whether the behavior of a
process, as recorded in a log, is in line with some expected behaviors provided
in the form of a process model. The majority of these approaches require the
input process model to be procedural (e.g., a Petri net). However, in turbulent
environments, characterized by high variability, the process behavior is less
stable and predictable. In these environments, procedural process models are
less suitable to describe a business process. Declarative specifications,
working in an open world assumption, allow the modeler to express several
possible execution paths as a compact set of constraints. Any process execution
that does not contradict these constraints is allowed. One of the open
challenges in the context of conformance checking with declarative models is
the capability of supporting multi-perspective specifications. In this paper,
we close this gap by providing a framework for conformance checking based on
MP-Declare, a multi-perspective version of the declarative process modeling
language Declare. The approach has been implemented in the process mining tool
ProM and has been experimented in three real life case studies
Towards a Unified Theory of Timed Automata
Timed automata are finite-state machines augmented with special clock variables that reflect the advancement of time. Able to both capture real-time behavior and be verified algorithmically (model-checked), timed automata are used to model real-time systems. These observations have led to the development of several timed-automata verification tools that have been successfully applied to the analysis of a number of different systems; however, the practical utility of timed automata is undermined by the theories underlying different tools differing in subtle but important ways. Since algorithmic results that hold for the variant used by one tool may not apply to another variant, this complicates the application of different tools to different models. The thesis of this dissertation is this: the theory of timed automata can be unified, and a practical unified approach to timed-automata model checking can be built around the paradigm of proof search.
First, this dissertation establishes the mutual expressivity of timed automata variants, thereby providing precise characterizations of when theoretical results of one variant apply to other variants. Second, it proves powerful expressive properties about different logics for timed behavior, and as a result, enlarges the set of verifiable properties. Third, it discusses an implementation of a verification tool for an expressive fixpoint-based logic, demonstrating an application of this newly developed theory. The tool is based on a proof-search paradigm; verifying timed automata involves constructing proofs using proof rules that enable verification problems to be translated into subproblems that must be solved. The tool's performance is optimized by using derived proof rules, thereby providing a theoretically sound basis for faster model checking. Last, this dissertation utilizes the proofs generated during verification to gain additional information about the vacuous satisfaction of certain formulae: whether the automaton satisfied a formula by never satisfying certain premises of that specification. This extra information is often obtained without significantly decreasing the verifier's performance
- …