3,553 research outputs found
Lost in Abstraction: Monotonicity in Multi-Threaded Programs (Extended Technical Report)
Monotonicity in concurrent systems stipulates that, in any global state,
extant system actions remain executable when new processes are added to the
state. This concept is not only natural and common in multi-threaded software,
but also useful: if every thread's memory is finite, monotonicity often
guarantees the decidability of safety property verification even when the
number of running threads is unknown. In this paper, we show that the act of
obtaining finite-data thread abstractions for model checking can be at odds
with monotonicity: Predicate-abstracting certain widely used monotone software
results in non-monotone multi-threaded Boolean programs - the monotonicity is
lost in the abstraction. As a result, well-established sound and complete
safety checking algorithms become inapplicable; in fact, safety checking turns
out to be undecidable for the obtained class of unbounded-thread Boolean
programs. We demonstrate how the abstract programs can be modified into
monotone ones, without affecting safety properties of the non-monotone
abstraction. This significantly improves earlier approaches of enforcing
monotonicity via overapproximations
COSMICAH 2005: workshop on verification of COncurrent Systems with dynaMIC Allocated Heaps (a Satellite event of ICALP 2005) - Informal Proceedings
Lisboa Portugal, 10 July 200
Formal Model Engineering for Embedded Systems Using Real-Time Maude
This paper motivates why Real-Time Maude should be well suited to provide a
formal semantics and formal analysis capabilities to modeling languages for
embedded systems. One can then use the code generation facilities of the tools
for the modeling languages to automatically synthesize Real-Time Maude
verification models from design models, enabling a formal model engineering
process that combines the convenience of modeling using an informal but
intuitive modeling language with formal verification. We give a brief overview
six fairly different modeling formalisms for which Real-Time Maude has provided
the formal semantics and (possibly) formal analysis. These models include
behavioral subsets of the avionics modeling standard AADL, Ptolemy II
discrete-event models, two EMF-based timed model transformation systems, and a
modeling language for handset software.Comment: In Proceedings AMMSE 2011, arXiv:1106.596
Applied Agile Digital Mission Engineering for Cislunar Space Domain Awareness
In the backdrop of an expansion into cislunar space and a digital transformation, the author synthesizes a methodology from agile system development, DE, ME, and MBSE processes, methods, and tools to develop a basic RA and DT for cislunar SDA mission and system design. The Agile DME methodology is used to conduct basic requirements analysis, develop a concept, understand cislunar physics, study scenario geometries, and perform analyses and the DT implements, executes, and accelerates research by integrating a descriptive tool with analytical and simulation tools. This research demonstrates the value of automated Modeling, Simulation, and Analysis (MSA) work flows and how DE can aid in meeting the DoD\u27s vision to prioritize speed of delivery within rapidly changing operational environments, on limited budgets, and in short timelines using a model-analyze-build methodology
A Generic Framework for Reasoning about Dynamic Networks of Infinite-State Processes
We propose a framework for reasoning about unbounded dynamic networks of
infinite-state processes. We propose Constrained Petri Nets (CPN) as generic
models for these networks. They can be seen as Petri nets where tokens
(representing occurrences of processes) are colored by values over some
potentially infinite data domain such as integers, reals, etc. Furthermore, we
define a logic, called CML (colored markings logic), for the description of CPN
configurations. CML is a first-order logic over tokens allowing to reason about
their locations and their colors. Both CPNs and CML are parametrized by a color
logic allowing to express constraints on the colors (data) associated with
tokens. We investigate the decidability of the satisfiability problem of CML
and its applications in the verification of CPNs. We identify a fragment of CML
for which the satisfiability problem is decidable (whenever it is the case for
the underlying color logic), and which is closed under the computations of post
and pre images for CPNs. These results can be used for several kinds of
analysis such as invariance checking, pre-post condition reasoning, and bounded
reachability analysis.Comment: 29 pages, 5 tables, 1 figure, extended version of the paper published
in the the Proceedings of TACAS 2007, LNCS 442
Rewriting Systems over Nested Data Words
We propose a generic framework for reasoning about infinite state systems handling data like integers, booleans etc. and having complex control structures. We consider that configurations of such systems are represented by nested data words, i.e., words of ... words over a potentially infinite data domain. We define a logic called allowing to reason about nested data words, and we define rewriting systems called over these nested structures. The rewriting systems are constrained by formulas in the logic specifying the rewriting positions as well as structure/data transformations. We define a fragment of with a decidable satisfiability problem. Moreover, we show that the transition relation defined by rewriting systems with constraints can be
effectively defined in the same fragment. These results can be used in the automatization of verification problems such as inductive invariance checking and bounded reachability analysis. Our framework allows to reason about a wide range of concurrent systems including multithreaded programs (with procedure calls, thread creation, global/local variables over infinite data domains, locks, monitors, etc.), dynamic networks of timed systems, cache coherence/mutex/communication protocols, etc
Abstract Interpretation with Unfoldings
We present and evaluate a technique for computing path-sensitive interference
conditions during abstract interpretation of concurrent programs. In lieu of
fixed point computation, we use prime event structures to compactly represent
causal dependence and interference between sequences of transformers. Our main
contribution is an unfolding algorithm that uses a new notion of independence
to avoid redundant transformer application, thread-local fixed points to reduce
the size of the unfolding, and a novel cutoff criterion based on subsumption to
guarantee termination of the analysis. Our experiments show that the abstract
unfolding produces an order of magnitude fewer false alarms than a mature
abstract interpreter, while being several orders of magnitude faster than
solver-based tools that have the same precision.Comment: Extended version of the paper (with the same title and authors) to
appear at CAV 201
- …