492 research outputs found
The Cost of Monitoring Alone
We compare the succinctness of two monitoring systems for properties of
infinite traces, namely parallel and regular monitors. Although a parallel
monitor can be turned into an equivalent regular monitor, the cost of this
transformation is a double-exponential blowup in the syntactic size of the
monitors, and a triple-exponential blowup when the goal is a deterministic
monitor. We show that these bounds are tight and that they also hold for
translations between corresponding fragments of Hennessy-Milner logic with
recursion over infinite traces.Comment: 22 page
A Short Counterexample Property for Safety and Liveness Verification of Fault-tolerant Distributed Algorithms
Distributed algorithms have many mission-critical applications ranging from
embedded systems and replicated databases to cloud computing. Due to
asynchronous communication, process faults, or network failures, these
algorithms are difficult to design and verify. Many algorithms achieve fault
tolerance by using threshold guards that, for instance, ensure that a process
waits until it has received an acknowledgment from a majority of its peers.
Consequently, domain-specific languages for fault-tolerant distributed systems
offer language support for threshold guards.
We introduce an automated method for model checking of safety and liveness of
threshold-guarded distributed algorithms in systems where the number of
processes and the fraction of faulty processes are parameters. Our method is
based on a short counterexample property: if a distributed algorithm violates a
temporal specification (in a fragment of LTL), then there is a counterexample
whose length is bounded and independent of the parameters. We prove this
property by (i) characterizing executions depending on the structure of the
temporal formula, and (ii) using commutativity of transitions to accelerate and
shorten executions. We extended the ByMC toolset (Byzantine Model Checker) with
our technique, and verified liveness and safety of 10 prominent fault-tolerant
distributed algorithms, most of which were out of reach for existing
techniques.Comment: 16 pages, 11 pages appendi
Efficient Symmetry Reduction and the Use of State Symmetries for Symbolic Model Checking
One technique to reduce the state-space explosion problem in temporal logic
model checking is symmetry reduction. The combination of symmetry reduction and
symbolic model checking by using BDDs suffered a long time from the
prohibitively large BDD for the orbit relation. Dynamic symmetry reduction
calculates representatives of equivalence classes of states dynamically and
thus avoids the construction of the orbit relation. In this paper, we present a
new efficient model checking algorithm based on dynamic symmetry reduction. Our
experiments show that the algorithm is very fast and allows the verification of
larger systems. We additionally implemented the use of state symmetries for
symbolic symmetry reduction. To our knowledge we are the first who investigated
state symmetries in combination with BDD based symbolic model checking
Real-Time Synthesis is Hard!
We study the reactive synthesis problem (RS) for specifications given in
Metric Interval Temporal Logic (MITL). RS is known to be undecidable in a very
general setting, but on infinite words only; and only the very restrictive BRRS
subcase is known to be decidable (see D'Souza et al. and Bouyer et al.). In
this paper, we precise the decidability border of MITL synthesis. We show RS is
undecidable on finite words too, and present a landscape of restrictions (both
on the logic and on the possible controllers) that are still undecidable. On
the positive side, we revisit BRRS and introduce an efficient on-the-fly
algorithm to solve it
Randomness for Free
We consider two-player zero-sum games on graphs. These games can be
classified on the basis of the information of the players and on the mode of
interaction between them. On the basis of information the classification is as
follows: (a) partial-observation (both players have partial view of the game);
(b) one-sided complete-observation (one player has complete observation); and
(c) complete-observation (both players have complete view of the game). On the
basis of mode of interaction we have the following classification: (a)
concurrent (both players interact simultaneously); and (b) turn-based (both
players interact in turn). The two sources of randomness in these games are
randomness in transition function and randomness in strategies. In general,
randomized strategies are more powerful than deterministic strategies, and
randomness in transitions gives more general classes of games. In this work we
present a complete characterization for the classes of games where randomness
is not helpful in: (a) the transition function probabilistic transition can be
simulated by deterministic transition); and (b) strategies (pure strategies are
as powerful as randomized strategies). As consequence of our characterization
we obtain new undecidability results for these games
A model checking approach to the parameter estimation of biochemical pathways
Model checking has historically been an important tool to
verify models of a wide variety of systems. Typically a model has to exhibit
certain properties to be classed ‘acceptable’. In this work we use
model checking in a new setting; parameter estimation. We characterise
the desired behaviour of a model in a temporal logic property and alter
the model to make it conform to the property (determined through
model checking). We have implemented a computational system called
MC2(GA) which pairs a model checker with a genetic algorithm. To
drive parameter estimation, the fitness of set of parameters in a model is
the inverse of the distance between its actual behaviour and the desired
behaviour. The model checker used is the simulation-based Monte Carlo
Model Checker for Probabilistic Linear-time Temporal Logic with numerical
constraints, MC2(PLTLc). Numerical constraints as well as the
overall probability of the behaviour expressed in temporal logic are used
to minimise the behavioural distance. We define the theory underlying
our parameter estimation approach in both the stochastic and continuous
worlds. We apply our approach to biochemical systems and present
an illustrative example where we estimate the kinetic rate constants in
a continuous model of a signalling pathway
On-stack replacement, distilled
On-stack replacement (OSR) is essential technology for adaptive optimization, allowing changes to code actively executing in a managed runtime. The engineering aspects of OSR are well-known among VM architects, with several implementations available to date. However, OSR is yet to be explored as a general means to transfer execution between related program versions, which can pave the road to unprecedented applications that stretch beyond VMs. We aim at filling this gap with a constructive and provably correct OSR framework, allowing a class of general-purpose transformation functions to yield a special-purpose replacement. We describe and evaluate an implementation of our technique in LLVM. As a novel application of OSR, we present a feasibility study on debugging of optimized code, showing how our techniques can be used to fix variables holding incorrect values at breakpoints due to optimizations
Distributed Synthesis in Continuous Time
We introduce a formalism modelling communication of distributed agents
strictly in continuous-time. Within this framework, we study the problem of
synthesising local strategies for individual agents such that a specified set
of goal states is reached, or reached with at least a given probability. The
flow of time is modelled explicitly based on continuous-time randomness, with
two natural implications: First, the non-determinism stemming from interleaving
disappears. Second, when we restrict to a subclass of non-urgent models, the
quantitative value problem for two players can be solved in EXPTIME. Indeed,
the explicit continuous time enables players to communicate their states by
delaying synchronisation (which is unrestricted for non-urgent models). In
general, the problems are undecidable already for two players in the
quantitative case and three players in the qualitative case. The qualitative
undecidability is shown by a reduction to decentralized POMDPs for which we
provide the strongest (and rather surprising) undecidability result so far
Improving BDD Based Symbolic Model Checking with Isomorphism Exploiting Transition Relations
Symbolic model checking by using BDDs has greatly improved the applicability
of model checking. Nevertheless, BDD based symbolic model checking can still be
very memory and time consuming. One main reason is the complex transition
relation of systems. Sometimes, it is even not possible to generate the
transition relation, due to its exhaustive memory requirements. To diminish
this problem, the use of partitioned transition relations has been proposed.
However, there are still systems which can not be verified at all. Furthermore,
if the granularity of the partitions is too fine, the time required for
verification may increase. In this paper we target the symbolic verification of
asynchronous concurrent systems. For such systems we present an approach which
uses similarities in the transition relation to get further memory reductions
and runtime improvements. By applying our approach, even the verification of
systems with an previously intractable transition relation becomes feasible.Comment: In Proceedings GandALF 2011, arXiv:1106.081
- …