Discrete-time Promela and Spin

Spin is a software package for the verification of concurrent systems. A system to be verified is modeled in Promela — Spin’s input language. We present an extension of Promela and Spin with discrete time that provides an opportunity to model systems whose correct functioning crucially depends on timing parameters. This extension is completely compatible with all the features of the standard package, in particular the partial order reduction algorithm. We have tested the prototype tool on several applications known from the verification literature and the first results are promising

Model checking:recent improvements and applications

\u3cp\u3eModel checking (Baier and Katoen in Principles of model checking, MIT Press, Cambridge, 2008; Clarke et al. in Model checking, MIT Press, Cambridge, 2001) is an automatic technique to formally verify that a given specification of a concurrent system meets given functional properties. Its use has been demonstrated many times over the years. Key characteristics that make the method so appealing are its level of automaticity, its ability to determine the absence of errors in the system (contrary to testing techniques) and the fact that it produces counter-examples when errors are detected, that clearly demonstrate not only that an error is present, but also how the error can be produced. The main drawback of model checking is its limited scalability, and for this reason, research on reducing the computational effort has received much attention over the last decades. Besides the verification of qualitative functional properties, the model checking technique can also be applied for other types of analyses, such as planning and the verification of quantitative properties. We briefly discuss several contributions in the model checking field that address both its scalability and its applicability to perform planning and quantitative analysis. In particular, we introduce six papers selected from the 23rd International SPIN Symposium on Model Checking Software (SPIN 2016).\u3c/p\u3

Many-core on-the-fly model checking of safety properties using GPUs

Model checking is an automatic method to formally verify the correctness of a system specification. Such model checking specifications can be viewed as implicit descriptions of a large directed graph or state space, which, for most model checking operations, needs to be analysed. However, construction or on-the-fly exploration of the state space is computationally intensive and often can be prohibitive in practical applications. In this work, we present techniques to perform graph generation and exploration using general purpose graphics processors (GPUs). GPUs have been successfully applied in multiple application domains to drastically speed up computations. We explain the limitations involved when trying to achieve efficient state space exploration with GPUs and present solutions how to overcome these. We discuss the possible approaches involving related work and propose an alternative, using a new hash table approach for GPUs. As input, we consider models that can be represented by a fixed number of communicating finite-state Labelled Transition Systems. This means that we assume that all variables used in a model range over finite data domains. Additionally, we show how our exploration technique can be extended to detect deadlocks and check safety properties on-the-fly. Experimental evaluations with our prototype implementations show significant speed-ups compared to the established sequential counterparts. Keywords: GPU; Model checking; Safety properties; Graph search; Refinemen

Efficient probabilistic model checking on general purpose graphic processors

We present algorithms for parallel probabilistic model checking on general purpose graphic processing units (GPGPUs). For this purpose we exploit the fact that some of the basic algorithms for probabilistic model checking rely on matrix vector multiplication. Since this kind of linear algebraic operations are implemented very efficiently on GPGPUs, the new parallel algorithms can achieve considerable runtime improvements compared to their counterparts on standard architectures. We implemented our parallel algorithms on top of the probabilistic model checker PRISM. The prototype implementation was evaluated on several case studies in which we observed significant speedup over the standard CPU implementation of the tool

Enhancing partial-order reduction via process clustering

Partial-order reduction is a well-known technique to cope with the state-space-explosion problem in the verification of concurrent systems. Using the hierarchical structure of concurrent systems, we present an enhancement of the partial-order-reduction scheme of [12, 19]. A prototype of the new algorithm has been implemented on top of the verification tool SPIN. The first experimental results are encouraging

Modular termination verification of single-threaded and multithreaded programs

\u3cp\u3eWe propose an approach for the modular specification and verification of total correctness properties of object-oriented programs. The core of our approach is a specification style that prescribes a way to assign a level expression to each method such that each callee's level is below the caller's, even in the presence of dynamic binding. The specification style yields specifications that properly hide implementation details. The main idea is to use multisets of method names as levels, and to associate with each object levels that abstractly reflect the way the object is built from other objects. A method's level is then defined in terms of the method's own name and the levels associated with the objects passed as arguments. We first present the specification style in the context of programs that do not modify object fields.We then combine it with separation logic and abstract predicate families to obtain an approach for programs with heap mutation. In a third step, we address concurrency, by incorporating an existing approach for verifying deadlock freedom of channels and locks. Our main contribution here is to achieve information hiding by using the proposed termination levels for lock ordering as well. Also, we introduce call permissions to enable elegant verification of termination of programs where threads cause work in other threads, such as in thread pools or fine-grained concurrent algorithms involving compare-and-swap loops. We explain how our approach can be used also to verify the liveness of nonterminating programs.\u3c/p\u3

Symmetric Spin

We give a detailed description of SymmSpin, a symmetry-reduction package for Spin. It offers four strategies for state-space reduction, based on the heuristic that we presented in [3], and a fifth mode for reference. A series of new experiments is described, underlining the effectiveness of the heuristic and demonstrating the generalisation of the implementation to multiple scalar sets, multiple process families, as well as almost the full Promela language

Third Dutch model checking day, Eindhoven, November 7, 2001 : proceedings

This report contains the preliminary proceedings of the third Dutch Model Checking Day, held on 7th November 2001 at the Technische Universiteit Eindhoven. Model checking is an automatic technique for verifying hardware and software systems. The advance of the research in this area in the past few years has lead to a significant improvement of the model checking tools. Successful applications of model checking have been reported in the verification of a wide variety of systems, like complex sequential circuit designs and communication protocols. An important evidence of the great practical potential of model checking is the development of in-house model checking tools within the major companies from the information and telecommunication industry. The objective of the Model Checking Day was to bring together researchers and practitioners from academia and industry who are interested in model checking. The presentations featured both practical and theoretical advances in the area. This includes new techniques and methodologies, as well as experience with their application in various areas, such as embedded systems, communication protocols, hardware components, production processes, etc. Besides this, the Model Checking Day provided an opportunity to exchange experiences, and to have discussions about new ideas and the latest developments in the area. This proceedings contains contributions related to the presentations on this day, details are given in the table of contents. The Model Checking Day received generous support from the Formal Methods Group of the Technische Universiteit Eindhoven and the research school IPA (Institute for Programming research and Algorithmics). At this point I would like to thank the members of the program committee Dragan Bosnacki (TU/e Computer Science), Leszek Holenderski (Philips Research) and Jeroen Voeten (TU/e Electrical Engineering), and the secretary Elize Russell (TU/e Computer Science) for all their work

Partial-order reduction for GPU model checking

\u3cp\u3eModel checking using GPUs has seen increased popularity over the last years. Because GPUs have a limited amount of memory, only small to medium-sized systems can be verified. For on-the-fly explicitstate model checking, we improve memory efficiency by applying partialorder reduction. We propose novel parallel algorithms for three practical approaches to partial-order reduction. Correctness of the algorithms is proved using a new, weaker version of the cycle proviso. Benchmarks show that our implementation achieves a reduction similar to or better than the state-of-the-art techniques for CPUs, while the amount of runtime overhead is acceptable.\u3c/p\u3

Robustness of the gray code arrangements of the genetic code in mitochondria

The genetic code determines how the genetic information is translated into proteins, which are building blocks of the living organisms. Genetic code can be related to Gray codes, a class of error resisting codes. In this paper we investigate the robustness of the Gray code representations of the genetic code in mitochondria, small cell organelles that contain genetic information separate from the rest of the cell. Mitochondria use a slightly modified version of the standard code which defines the main genetic information. Our result show that despite the fact that the mitochondrial codes seemingly show more regularities than the standard code, they are less robust with regard to the Gray code arrangement criterion. This could be a result of the lighter evolutionary pressure that the mitochondrial codes have endured compared to the standard code