5 research outputs found
Probabilistic Model Checking of Contention Resolution in the IEEE 802.15.4 Low-Rate Wireless Personal Area Network Protocol
Abstract—The international standard IEEE 802.15.4 defines low-rate wireless personal area networks, a central communi-cation infrastructure of pervasive computing. In order to avoid conflicts caused by multiple devices transmitting at the same time, it uses a contention resolution algorithm based on randomised exponential backoff that is similar to the ones used in IEEE 802.3 for Ethernet and IEEE 802.11 for Wireless LAN. We model the protocol using probabilistic timed automata, a formalism in which both nondeterministic and probabilistic choice can be represented. The probabilistic timed automaton is transformed into a finite-state Markov decision process via a property-preserving integral-time semantics. Using the proba-bilistic model checker PRISM, we verify correctness properties, compare different operation modes of the protocol, and analyse performance and accuracy of different model abstractions. I
Inductive Reachability Witnesses
In this work, we consider the fundamental problem of reachability analysis
over imperative programs with real variables. The reachability property
requires that a program can reach certain target states during its execution.
Previous works that tackle reachability analysis are either unable to handle
programs consisting of general loops (e.g. symbolic execution), or lack
completeness guarantees (e.g. abstract interpretation), or are not automated
(e.g. incorrectness logic/reverse Hoare logic). In contrast, we propose a novel
approach for reachability analysis that can handle general programs, is
(semi-)complete, and can be entirely automated for a wide family of programs.
Our approach extends techniques from both invariant generation and
ranking-function synthesis to reachability analysis through the notion of
(Universal) Inductive Reachability Witnesses (IRWs/UIRWs). While traditional
invariant generation uses over-approximations of reachable states, we consider
the natural dual problem of under-approximating the set of program states that
can reach a target state. We then apply an argument similar to ranking
functions to ensure that all states in our under-approximation can indeed reach
the target set in finitely many steps
Timing Verification by Successive Approximation
We present an algorithm for verifying that a model M with timing constraints satisfies a given temporal property T . The model M is given as a parallel composition of !-automata P i , where each automaton P i is constrained by bounds on delays. The property T is given as an !-automaton as well, and the verification problem is posed as a language inclusion question L(M ) ` L(T ). In constructing the composition M of the constrained automata P i , one needs to rule out the behaviors that are inconsistent with the delay bounds, and this step is (provably) computationally expensive. We propose an iterative solution which involves generating successive approximations M j to M , with containment L(M ) ` L(M j ) and monotone convergence L(M j ) ! L(M ) within a bounded number of steps. As the succession progresses, the approximations M j become more complex. At any step of the iteration one may get a proof or a counterexample to the original language inclusion question. The described algori..