Automata-Based Termination Proofs

This paper describes our generic framework for detecting termination of programs handling infinite and complex data domains, such as pointer structures. The framework is based on a counterexample-driven abstraction refinement loop. We have instantiated the framework for programs handling tree-like data structures, which allowed us to prove automatically termination of programs such as the depth-first tree traversal, the Deutsch-Schorr-Waite tree traversal, or the linking leaves algorithm

Orthomodular lattices with almost orthogonal sets of atoms

summary:The set $A$ of all atoms of an atomic orthomodular lattice is said to be almost ortho\-go\-nal if the set $\{b\in A:b\nleq a'\}$ is finite for every $a\in A$. It is said to be strongly almost ortho\-go\-nal if, for every $a\in A$, any sequence $b_1, b_2,\dots$ of atoms such that $a\nleq b'_1, b_1 \nleq b'_2, \dots$ contains at most finitely many distinct elements. We study the relation and consequences of these notions. We show among others that a complete atomic orthomodular lattice is a compact topological one if and only if the set of all its atoms is almost ortho\-go\-nal

Abstract Regular Tree Model Checking

International audienceRegular (tree) model checking (RMC) is a promising generic method for formal verification of infinite-state systems. It encodes configurations of systems as words or trees over a suitable alphabet, possibly infinite sets of configurations as finite word or tree automata, and operations of the systems being examined as finite word or tree transducers. The reachability set is then computed by a repeated application of the transducers on the automata representing the currently known set of reachable configurations. In order to facilitate termination of RMC, various acceleration schemas have been proposed. One of them is a combination of RMC with the abstract-check-refine paradigm yielding the so-called abstract regular model checking (ARMC). ARMC has originally been proposed for word automata and transducers only and thus for dealing with systems with linear (or easily linearisable) structure. In this paper, we propose a generalisation of ARMC to the case of dealing with trees which arise naturally in a lot of modelling and verification contexts. In particular, we first propose abstractions of tree automata based on collapsing their states having an equal language of trees up to some bounded height. Then, we propose an abstraction based on collapsing states having a non-empty intersection (and thus "satisfying") the same bottom-up tree "predicate" languages. Finally, we show on several examples that the methods we propose give us very encouraging verification results

Abstraction Refinement and Antichains for Trace Inclusion of Infinite State Systems

International audienceA generic register automaton is a finite automaton equipped with variables (which may be viewed as counters or, more generally, registers) ranging over infinite data domains. A trace of a generic register automaton is an alternating sequence of alphabet symbols and values taken by the variables during an execution of the automaton. The problem addressed in this paper is the inclusion between the sets of traces (data languages) recognized by such automata. Since the problem is undecidable in general, we give a semi-algorithm based on a combination of abstraction refinement and antichains, which is proved to be sound and complete, but whose termination is not guaranteed. Moreover, we further enhance the proposed algorithm by exploiting a concept of data simulations, i.e., simulation relations aware of the data associated with the words. We have implemented our technique in a prototype tool and show promising results on multiple non-trivial examples

Reasoning about Regular Properties: A Comparative Study

Several new algorithms for deciding emptiness of Boolean combinations of regular languages and of languages of alternating automata (AFA) have been proposed recently, especially in the context of analysing regular expressions and in string constraint solving. The new algorithms demonstrated a significant potential, but they have never been systematically compared, neither among each other nor with the state-of-the art implementations of existing (non)deterministic automata-based methods. In this paper, we provide the first such comparison as well as an overview of the existing algorithms and their implementations. We collect a diverse benchmark mostly originating in or related to practical problems from string constraint solving, analysing LTL properties, and regular model checking, and evaluate collected implementations on it. The results reveal the best tools and hint on what the best algorithms and implementation techniques are. Roughly, although some advanced algorithms are fast, such as antichain algorithms and reductions to IC3/PDR, they are not as overwhelmingly dominant as sometimes presented and there is no clear winner. The simplest NFA-based technology may be actually the best choice, depending on the problem source and implementation style. Our findings should be highly relevant for development of these techniques as well as for related fields such as string constraint solving

COST ANALYSIS OF TWO TYPES OF THE LUMBAR SPINE STABILIZING SURGERY

The study is aimed at quantifying the actual costs related to the MAST (Minimal Access Spine Technique) operative technique with the MIDLF (Midline Lumbar Fusion) instrumentation as compared to the costs related to the classic technique with transpedicular instrumentation complemented with PLIF (Posterior Lumbar Interbody Fusion) in the treatment of a degenerative disc disease in the lumbar spine. The costs were calculated using the Activity-Based Costing method. The total costs for the surgery of one segment amount to CZK 166,371 for MIDLF, and CZK 160,160 for PLIF. The cost difference of CZK 6,210.46 primarily accounts for higher costs associated with separately charged materials consumed in MIDLF. Further, the study pointed out the fact that the actual costs necessary for both operative techniques are underfinanced in terms of reimbursements from the public health insurance system.