Exact Real Arithmetic with Perturbation Analysis and Proof of Correctness

In this article, we consider a simple representation for real numbers and propose top-down procedures to approximate various algebraic and transcendental operations with arbitrary precision. Detailed algorithms and proofs are provided to guarantee the correctness of the approximations. Moreover, we develop and apply a perturbation analysis method to show that our approximation procedures only recompute expressions when unavoidable. In the last decade, various theories have been developed and implemented to realize real computations with arbitrary precision. Proof of correctness for existing approaches typically consider basic algebraic operations, whereas detailed arguments about transcendental operations are not available. Another important observation is that in each approach some expressions might require iterative computations to guarantee the desired precision. However, no formal reasoning is provided to prove that such iterative calculations are essential in the approximation procedures. In our approximations of real functions, we explicitly relate the precision of the inputs to the guaranteed precision of the output, provide full proofs and a precise analysis of the necessity of iterations

Distribution of Behaviour into Parallel Communicating Subsystems

The process of decomposing a complex system into simpler subsystems has been of interest to computer scientists over many decades, for instance, for the field of distributed computing. In this paper, motivated by the desire to distribute the process of active automata learning onto multiple subsystems, we study the equivalence between a system and the total behaviour of its decomposition which comprises subsystems with communication between them. We show synchronously- and asynchronously-communicating decompositions that maintain branching bisimilarity, and we prove that there is no decomposition operator that maintains divergence-preserving branching bisimilarity over all LTSs.Comment: In Proceedings EXPRESS/SOS 2019, arXiv:1908.0821

Modelling and Verification of a Cluster-tree Formation Protocol Implementation for the IEEE 802.15.4 TSCH MAC Operation Mode

Correct and efficient initialization of wireless sensor networks can be challenging in the face of many uncertainties present in ad hoc wireless networks. In this paper we examine an implementation for the formation of a cluster-tree topology in a network which operates on top of the TSCH MAC operation mode of the IEEE 802.15.4 standard, and investigate it using formal methods. We show how both the mCRL2 language and toolset help us in identifying scenarios where the implementation does not form a proper topology. More importantly, our analysis leads to the conclusion that the cluster-tree formation algorithm has a super linear time complexity. So, it does not scale to large networks.Comment: In Proceedings MARS 2017, arXiv:1703.0581

Computing minimal distinguishing Hennessy-Milner formulas is NP-hard, but variants are tractable

We study the problem of computing minimal distinguishing formulas for non-bisimilar states in finite LTSs. We show that this is NP-hard if the size of the formula must be minimal. Similarly, the existence of a short distinguishing trace is NP-complete. However, we can provide polynomial algorithms, if minimality is formulated as the minimal number of nested modalities, and it can even be extended by recursively requiring a minimal number of nested negations. A prototype implementation shows that the generated formulas are much smaller than those generated by the method introduced by Cleaveland.Comment: Accepted at CONCUR 202

Computing Minimal Distinguishing Hennessy-Milner Formulas is NP-Hard, but Variants are Tractable

We study the problem of computing minimal distinguishing formulas for non-bisimilar states in finite LTSs. We show that this is NP-hard if the size of the formula must be minimal. Similarly, the existence of a short distinguishing trace is NP-complete. However, we can provide polynomial algorithms, if minimality is formulated as the minimal number of nested modalities, and it can even be extended by recursively requiring a minimal number of nested negations. A prototype implementation shows that the generated formulas are much smaller than those generated by the method introduced by Cleaveland

Transition system specifications with negative premises

AbstractIn this article the general approach to Plotkin-style operational semantics of Groote and Vaandrager (1989) is extended to transition system specifications (TSSs) with rules that may contain negative premises. Two problems arise: firstly the rules may be inconsistent, and secondly it is not obvious how a TSS determines a transition relation. We present a general method, based on the stratification technique in logic programming, to prove consistency of a set of rules and we show how a specific transition relation can be associated with a TSS in a natural way. Then a special format for the rules, the ntyft/ntyxt format, is defined. It is shown that for this format three important theorems hold. The first theorem says that bisimulation is a congruence if all operators are defined using this format. The second theorem states that, under certain restrictions, a TSS in ntyft format can be added conservatively to a TSS in pure ntyft/ntyxt format. Finally, it is shown that the trace congruence for image-finite processes induced by the pure ntyft/ntyxt format is precisely bisimulation equivalence

Communication Patterns in Mean Field Models for Wireless Sensor Networks

Wireless sensor networks are usually composed of a large number of nodes, and with the increasing processing power and power consumption efficiency they are expected to run more complex protocols in the future. These pose problems in the field of verification and performance evaluation of wireless networks. In this paper, we tailor the mean-field theory as a modeling technique to analyze their behavior. We apply this method to the slotted ALOHA protocol, and establish results on the long term trends of the protocol within a very large network, specially regarding the stability of ALOHA-type protocols.Comment: 22 pages, in LNCS format, Submitted to QEST'1

Structured operational semantics and bisimulation as a congruence

AbstractIn this paper we are interested in general properties of classes of transition system specifications in Plotkin style. The discussion takes place in a setting of labelled transition systems. The states of the transition systems are terms generated by a single sorted signature and the transitions between states are defined by conditional rules over the syntax. It is argued that in this setting it is natural to require that strong bisimulation equivalence be a congruence on the states of the transition systems. A general format, called the tyft/tyxt format, is presented for the rules in a transition system specification, such that bisimulation is always a congruence when all the rules fit this format. With a series of examples it is demonstrated that the tyft/tyxt format cannot be generalized in any obvious way. Another series of examples illustrates the usefulness of our congruence theorem. Briefly we touch upon the issue of modularity of transition system specifications. It is argued that certain pathological tyft/tyxt rules (the ones which are not pure) can be disqualified because they behave badly with respect to modularization. Next we address the issue of full abstraction. We characterize the completed trace congruence induced by the operators in pure tyft/tyxt format as 2-nested simulation equivalence. The pure tyft/tyxt format includes the format given by de Simone (Theoret. Comput. Sci. 37, 245–267 (1985)) but is incomparable to the GSOS format of Bloom, Istrail, and Meyer (in “Conference Record of the 15th Annual Symposium on Principles of Programming Languages, San Diego, California, 1988,” pp. 229–239). However, it turns out that 2-nested simulation equivalence strictly refines the completed trace congruence induced by the GSOS format