21 research outputs found
Promptness and Bounded Fairness in Concurrent and Parameterized Systems
We investigate the satisfaction of specifications in Prompt
Linear Temporal Logic (Prompt-LTL) by concurrent systems. Prompt-LTL is an extension of LTL that allows to specify parametric bounds onthe satisfaction of eventualities, thus adding a quantitative aspect to the specification language. We establish a connection between bounded fairness, bounded stutter equivalence, and the satisfaction of Prompt-LTL\X
formulas. Based on this connection, we prove the first cutoff results for different classes of systems with a parametric number of components and quantitative specifications, thereby identifying previously unknown
decidable fragments of the parameterized model checking problem
Parameterized Verification of Systems with Global Synchronization and Guards
Inspired by distributed applications that use consensus or other agreement
protocols for global coordination, we define a new computational model for
parameterized systems that is based on a general global synchronization
primitive and allows for global transition guards. Our model generalizes many
existing models in the literature, including broadcast protocols and guarded
protocols. We show that reachability properties are decidable for systems
without guards, and give sufficient conditions under which they remain
decidable in the presence of guards. Furthermore, we investigate cutoffs for
reachability properties and provide sufficient conditions for small cutoffs in
a number of cases that are inspired by our target applications.Comment: Accepted at CAV 202
Tight Cutoffs for Guarded Protocols with Fairness
Guarded protocols were introduced in a seminal paper by Emerson and Kahlon
(2000), and describe systems of processes whose transitions are enabled or
disabled depending on the existence of other processes in certain local states.
We study parameterized model checking and synthesis of guarded protocols, both
aiming at formal correctness arguments for systems with any number of
processes. Cutoff results reduce reasoning about systems with an arbitrary
number of processes to systems of a determined, fixed size. Our work stems from
the observation that existing cutoff results for guarded protocols i) are
restricted to closed systems, and ii) are of limited use for liveness
properties because reductions do not preserve fairness. We close these gaps and
obtain new cutoff results for open systems with liveness properties under
fairness assumptions. Furthermore, we obtain cutoffs for the detection of
global and local deadlocks, which are of paramount importance in synthesis.
Finally, we prove tightness or asymptotic tightness for the new cutoffs.Comment: Accepted for publication at VMCAI 2016. Extended version, revised
after conference review
Improving the Efficiency of Formal Verification: The Case of Clock-Domain Crossings
International audienceWe propose a novel semi-automatic methodology to formally verify clock-domain synchronization protocols in industrial-scale hardware designs. To establish the functional correctness of all clock-domain crossings (CDCs) in a system-on-chip (SoC), semi-automatic approaches require non-trivial manual deductive reasoning. In contrast, our approach produces a small sequence of easy queries to the user. The key idea is to use counterexample-guided abstraction refinement (CEGAR) as the algorithmic back-end. The user influences the course of the algorithm based on information extracted from intermediate abstract counterexamples. The workload on the user is small, both in terms of number of queries and the degree of design insight he is asked to provide. With this approach, we formally proved the correctness of every CDC in a recent SoC design from STMicroelectronics comprising over 300,000 registers and seven million gates
Verifying an infinite family of inductions simultaneously using data independence and FDR
We present a technique for formally establishing results for scalable systems, such as distributed systems and communication protocol networks, where the results are independent of the system's parameters. Example parameters are network topology, size and buffer capacity. The technique combines the use of the process algebra CSP to model systems and their specifications, and the FDR tool to help reason about them. We give examples of the techniques implementation on a simple distributed system and a communications protocol involving the multiplexing of channels
Context-aware counter abstraction.
The trend towards multi-core computing has made concurrent software an important target of computer-aided verification. Unfortunately, Model Checkers for such software suffer tremendously from combinatorial state space explosion. We show how to apply counter abstraction to real-world concurrent programs to factor out redundancy due to thread replication. The traditional global state representation as a vector of local states is replaced by a vector of thread counters, one per local state. In practice, straightforward implementations of this idea are unfavorably sensitive to the number of local states. We present a novel symbolic exploration algorithm that avoids this problem by carefully scheduling which counters to track at any moment during the search. We have carried out experiments on Boolean programs, an abstraction promoted by the success of the Slam project. The experiments give evidence of the applicability of our method to realistic programs, and of the often huge savings obtained in comparison to plain symbolic state space exploration, and to exploration optimized by partial-order methods. To our knowledge, our tool marks the first implementation of counter abstraction to programs with non-trivial local state spaces, resulting in a Model Checker for concurrent Boolean programs that promises true scalability. © 2010 Springer Science+Business Media, LLC