2,580 research outputs found
On Verifying Causal Consistency
Causal consistency is one of the most adopted consistency criteria for
distributed implementations of data structures. It ensures that operations are
executed at all sites according to their causal precedence. We address the
issue of verifying automatically whether the executions of an implementation of
a data structure are causally consistent. We consider two problems: (1)
checking whether one single execution is causally consistent, which is relevant
for developing testing and bug finding algorithms, and (2) verifying whether
all the executions of an implementation are causally consistent.
We show that the first problem is NP-complete. This holds even for the
read-write memory abstraction, which is a building block of many modern
distributed systems. Indeed, such systems often store data in key-value stores,
which are instances of the read-write memory abstraction. Moreover, we prove
that, surprisingly, the second problem is undecidable, and again this holds
even for the read-write memory abstraction. However, we show that for the
read-write memory abstraction, these negative results can be circumvented if
the implementations are data independent, i.e., their behaviors do not depend
on the data values that are written or read at each moment, which is a
realistic assumption.Comment: extended version of POPL 201
(Un)Decidability Results for Word Equations with Length and Regular Expression Constraints
We prove several decidability and undecidability results for the
satisfiability and validity problems for languages that can express solutions
to word equations with length constraints. The atomic formulas over this
language are equality over string terms (word equations), linear inequality
over the length function (length constraints), and membership in regular sets.
These questions are important in logic, program analysis, and formal
verification. Variants of these questions have been studied for many decades by
mathematicians. More recently, practical satisfiability procedures (aka SMT
solvers) for these formulas have become increasingly important in the context
of security analysis for string-manipulating programs such as web applications.
We prove three main theorems. First, we give a new proof of undecidability
for the validity problem for the set of sentences written as a forall-exists
quantifier alternation applied to positive word equations. A corollary of this
undecidability result is that this set is undecidable even with sentences with
at most two occurrences of a string variable. Second, we consider Boolean
combinations of quantifier-free formulas constructed out of word equations and
length constraints. We show that if word equations can be converted to a solved
form, a form relevant in practice, then the satisfiability problem for Boolean
combinations of word equations and length constraints is decidable. Third, we
show that the satisfiability problem for quantifier-free formulas over word
equations in regular solved form, length constraints, and the membership
predicate over regular expressions is also decidable.Comment: Invited Paper at ADDCT Workshop 2013 (co-located with CADE 2013
Model Checking Synchronized Products of Infinite Transition Systems
Formal verification using the model checking paradigm has to deal with two
aspects: The system models are structured, often as products of components, and
the specification logic has to be expressive enough to allow the formalization
of reachability properties. The present paper is a study on what can be
achieved for infinite transition systems under these premises. As models we
consider products of infinite transition systems with different synchronization
constraints. We introduce finitely synchronized transition systems, i.e.
product systems which contain only finitely many (parameterized) synchronized
transitions, and show that the decidability of FO(R), first-order logic
extended by reachability predicates, of the product system can be reduced to
the decidability of FO(R) of the components. This result is optimal in the
following sense: (1) If we allow semifinite synchronization, i.e. just in one
component infinitely many transitions are synchronized, the FO(R)-theory of the
product system is in general undecidable. (2) We cannot extend the expressive
power of the logic under consideration. Already a weak extension of first-order
logic with transitive closure, where we restrict the transitive closure
operators to arity one and nesting depth two, is undecidable for an
asynchronous (and hence finitely synchronized) product, namely for the infinite
grid.Comment: 18 page
Trees over Infinite Structures and Path Logics with Synchronization
We provide decidability and undecidability results on the model-checking
problem for infinite tree structures. These tree structures are built from
sequences of elements of infinite relational structures. More precisely, we
deal with the tree iteration of a relational structure M in the sense of
Shelah-Stupp. In contrast to classical results where model-checking is shown
decidable for MSO-logic, we show decidability of the tree model-checking
problem for logics that allow only path quantifiers and chain quantifiers
(where chains are subsets of paths), as they appear in branching time logics;
however, at the same time the tree is enriched by the equal-level relation
(which holds between vertices u, v if they are on the same tree level). We
separate cleanly the tree logic from the logic used for expressing properties
of the underlying structure M. We illustrate the scope of the decidability
results by showing that two slight extensions of the framework lead to
undecidability. In particular, this applies to the (stronger) tree iteration in
the sense of Muchnik-Walukiewicz.Comment: In Proceedings INFINITY 2011, arXiv:1111.267
Qualitative Analysis of Partially-observable Markov Decision Processes
We study observation-based strategies for partially-observable Markov
decision processes (POMDPs) with omega-regular objectives. An observation-based
strategy relies on partial information about the history of a play, namely, on
the past sequence of observations. We consider the qualitative analysis
problem: given a POMDP with an omega-regular objective, whether there is an
observation-based strategy to achieve the objective with probability~1
(almost-sure winning), or with positive probability (positive winning). Our
main results are twofold. First, we present a complete picture of the
computational complexity of the qualitative analysis of POMDP s with parity
objectives (a canonical form to express omega-regular objectives) and its
subclasses. Our contribution consists in establishing several upper and lower
bounds that were not known in literature. Second, we present optimal bounds
(matching upper and lower bounds) on the memory required by pure and randomized
observation-based strategies for the qualitative analysis of POMDP s with
parity objectives and its subclasses
Verifying nondeterministic probabilistic channel systems against -regular linear-time properties
Lossy channel systems (LCSs) are systems of finite state automata that
communicate via unreliable unbounded fifo channels. In order to circumvent the
undecidability of model checking for nondeterministic
LCSs, probabilistic models have been introduced, where it can be decided
whether a linear-time property holds almost surely. However, such fully
probabilistic systems are not a faithful model of nondeterministic protocols.
We study a hybrid model for LCSs where losses of messages are seen as faults
occurring with some given probability, and where the internal behavior of the
system remains nondeterministic. Thus the semantics is in terms of
infinite-state Markov decision processes. The purpose of this article is to
discuss the decidability of linear-time properties formalized by formulas of
linear temporal logic (LTL). Our focus is on the qualitative setting where one
asks, e.g., whether a LTL-formula holds almost surely or with zero probability
(in case the formula describes the bad behaviors). Surprisingly, it turns out
that -- in contrast to finite-state Markov decision processes -- the
satisfaction relation for LTL formulas depends on the chosen type of schedulers
that resolve the nondeterminism. While all variants of the qualitative LTL
model checking problem for the full class of history-dependent schedulers are
undecidable, the same questions for finite-memory scheduler can be solved
algorithmically. However, the restriction to reachability properties and
special kinds of recurrent reachability properties yields decidable
verification problems for the full class of schedulers, which -- for this
restricted class of properties -- are as powerful as finite-memory schedulers,
or even a subclass of them.Comment: 39 page
- …