Computing Quantiles in Markov Reward Models

Probabilistic model checking mainly concentrates on techniques for reasoning about the probabilities of certain path properties or expected values of certain random variables. For the quantitative system analysis, however, there is also another type of interesting performance measure, namely quantiles. A typical quantile query takes as input a lower probability bound p and a reachability property. The task is then to compute the minimal reward bound r such that with probability at least p the target set will be reached before the accumulated reward exceeds r. Quantiles are well-known from mathematical statistics, but to the best of our knowledge they have not been addressed by the model checking community so far. In this paper, we study the complexity of quantile queries for until properties in discrete-time finite-state Markov decision processes with non-negative rewards on states. We show that qualitative quantile queries can be evaluated in polynomial time and present an exponential algorithm for the evaluation of quantitative quantile queries. For the special case of Markov chains, we show that quantitative quantile queries can be evaluated in time polynomial in the size of the chain and the maximum reward.Comment: 17 pages, 1 figure; typo in example correcte

Typing and Compositionality for Security Protocols::A Generalization to the Geometric Fragment

We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that any security protocol that fulfils a number of sufficient conditions has an attack if it has a well-typed attack. The second kind considers the parallel composition of protocols, showing that when running two protocols in parallel allows for an attack, then at least one of the protocols has an attack in isolation. The most important generalization over previous work is the support for all security properties of the geometric fragment

Testing Reactive Probabilistic Processes

We define a testing equivalence in the spirit of De Nicola and Hennessy for reactive probabilistic processes, i.e. for processes where the internal nondeterminism is due to random behaviour. We characterize the testing equivalence in terms of ready-traces. From the characterization it follows that the equivalence is insensitive to the exact moment in time in which an internal probabilistic choice occurs, which is inherent from the original testing equivalence of De Nicola and Hennessy. We also show decidability of the testing equivalence for finite systems for which the complete model may not be known

Prototyping the Semantics of a DSL using ASF+SDF: Link to Formal Verification of DSL Models

A formal definition of the semantics of a domain-specific language (DSL) is a key prerequisite for the verification of the correctness of models specified using such a DSL and of transformations applied to these models. For this reason, we implemented a prototype of the semantics of a DSL for the specification of systems consisting of concurrent, communicating objects. Using this prototype, models specified in the DSL can be transformed to labeled transition systems (LTS). This approach of transforming models to LTSs allows us to apply existing tools for visualization and verification to models with little or no further effort. The prototype is implemented using the ASF+SDF Meta-Environment, an IDE for the algebraic specification language ASF+SDF, which offers efficient execution of the transformation as well as the ability to read models and produce LTSs without any additional pre or post processing.Comment: In Proceedings AMMSE 2011, arXiv:1106.596

A Comparison of Time- and Reward-Bounded Probabilistic Model Checking Techniques

In the design of probabilistic timed systems, requirements concerning behaviour that occurs within a given time or energy budget are of central importance. We observe that model-checking such requirements for probabilistic timed automata can be reduced to checking reward-bounded properties on Markov decision processes. This is traditionally implemented by unfolding the model according to the bound, or by solving a sequence of linear programs. Neither scales well to large models. Using value iteration in place of linear programming achieves scalability but accumulates approximation error. In this paper, we correct the value iteration-based scheme, present two new approaches based on scheduler enumeration and state elimination, and compare the practical performance and scalability of all techniques on a number of case studies from the literature. We show that state elimination can significantly reduce runtime for large models or high bounds

Modular Verification of Protocol Equivalence in the Presence of Randomness

Security protocols that provide privacy and anonymity guarantees are growing increasingly prevalent in the online world. The highly intricate nature of these protocols makes them vulnerable to subtle design flaws. Formal methods have been successfully deployed to detect these errors, where protocol correctness is formulated as a notion of equivalence (indistinguishably). The high overhead for verifying such equivalence properties, in conjunction with the fact that protocols are never run in isolation, has created a need for modular verification techniques. Existing approaches in formal modeling and (compositional) verification of protocols for privacy have abstracted away a fundamental ingredient in the effectiveness of these protocols, randomness. We present the first composition results for equivalence properties of protocols that are explicitly able to toss coins. Our results hold even when protocols share data (such as long term keys) provided that protocol messages are tagged with the information of which protocol they belong to.Ope

Catalyzing Transcriptomics Research in Cardiovascular Disease : The CardioRNA COST Action CA17129

Cardiovascular disease (CVD) remains the leading cause of death worldwide and, despite continuous advances, better diagnostic and prognostic tools, as well as therapy, are needed. The human transcriptome, which is the set of all RNA produced in a cell, is much more complex than previously thought and the lack of dialogue between researchers and industrials and consensus on guidelines to generate data make it harder to compare and reproduce results. This European Cooperation in Science and Technology (COST) Action aims to accelerate the understanding of transcriptomics in CVD and further the translation of experimental data into usable applications to improve personalized medicine in this field by creating an interdisciplinary network. It aims to provide opportunities for collaboration between stakeholders from complementary backgrounds, allowing the functions of different RNAs and their interactions to be more rapidly deciphered in the cardiovascular context for translation into the clinic, thus fostering personalized medicine and meeting a current public health challenge. Thus, this Action will advance studies on cardiovascular transcriptomics, generate innovative projects, and consolidate the leadership of European research groups in the field.COST (European Cooperation in Science and Technology) is a funding organization for research and innovation networks (www.cost.eu)

Composing systems while preserving probabilities

Restricting the power of the schedulers that resolve the nondeterminism in probabilistic concurrent systems has recently drawn the attention of the research community. The goal is to preserve the probabilistic behaviour of systems when composed, and at the same time, to guarantee compositionality for trace-like equivalences. In our previous work, we have defined a model of probabilistic systems with labels on the internal transitions, that restrict the power of the schedulers. A trace-style equivalence for the same model, compatible with a synchronous parallel composition, was proposed. In the present paper we generalize the parallel composition to allow for action interleaving and synchronization on a given set of actions, combined with hiding afterwards. We propose a method for automatic labeling of the internal transitions that arise due to the parallel composition. These labels reflect the information that the components use in order to resolve the nondeterminism in the composition, and thus restrict the power of the schedulers. We show that our equivalence is compositional w.r.t. the parallel composition. We also define operational semantics that, besides the parallel composition, includes deadlock, and four types of choices – action, external, internal, and probabilistic

MDE basics with a DSL focus

Small languages are gaining popularity in the software engineering community. The development of MOF and EMF has given the Domain Specific Language community a tremendous boost. In this tutorial the basic aspects of model driven engineering in combination with Domain Specific Languages will be discussed. The focus is on textual Domain Specific Languages developed using the language invention pattern. The notion of abstract syntax will be linked to metamodels as well as the definition of concrete syntax. Defining static and dynamic semantics will be discussed. A small but non trivial Domain Specific Language SLCO will be used to illustrate our ideas