Comparing BDD and SAT based techniques for model checking Chaum's Dining Cryptographers Protocol

We analyse different versions of the Dining Cryptographers protocol by means of automatic verification via model checking. Specifically we model the protocol in terms of a network of communicating automata and verify that the protocol meets the anonymity requirements specified. Two different model checking techniques (ordered binary decision diagrams and SAT-based bounded model checking) are evaluated and compared to verify the protocols

Group synthesis for alternating-time temporal logic

We present an extension of Alternating-time Temporal Logic ATL, called ATLP (Parametric ATL), where parameters are allowed in place of concrete groups of agents. We devise a procedure to nd all instantiations for the parameters in a given formula of ATLP so that is true in a given model. We propose a formalisation of the problem and symbolic algorithms for its solution. We discuss an experimental implementation of the approach on top of the open-source model checker mcmas and demonstrate the bene ts of the technique through experimental results

Rich Counter-Examples for Temporal-Epistemic Logic Model Checking

Model checking verifies that a model of a system satisfies a given property, and otherwise produces a counter-example explaining the violation. The verified properties are formally expressed in temporal logics. Some temporal logics, such as CTL, are branching: they allow to express facts about the whole computation tree of the model, rather than on each single linear computation. This branching aspect is even more critical when dealing with multi-modal logics, i.e. logics expressing facts about systems with several transition relations. A prominent example is CTLK, a logic that reasons about temporal and epistemic properties of multi-agent systems. In general, model checkers produce linear counter-examples for failed properties, composed of a single computation path of the model. But some branching properties are only poorly and partially explained by a linear counter-example. This paper proposes richer counter-example structures called tree-like annotated counter-examples (TLACEs), for properties in Action-Restricted CTL (ARCTL), an extension of CTL quantifying paths restricted in terms of actions labeling transitions of the model. These counter-examples have a branching structure that supports more complete description of property violations. Elements of these counter-examples are annotated with parts of the property to give a better understanding of their structure. Visualization and browsing of these richer counter-examples become a critical issue, as the number of branches and states can grow exponentially for deeply-nested properties. This paper formally defines the structure of TLACEs, characterizes adequate counter-examples w.r.t. models and failed properties, and gives a generation algorithm for ARCTL properties. It also illustrates the approach with examples in CTLK, using a reduction of CTLK to ARCTL. The proposed approach has been implemented, first by extending the NuSMV model checker to generate and export branching counter-examples, secondly by providing an interactive graphical interface to visualize and browse them.Comment: In Proceedings IWIGP 2012, arXiv:1202.422

SMT-Solvers in Action: Encoding and Solving Selected Problems in NP and EXPTIME

We compare the efficiency of seven modern SMT-solvers for several decision and combinatorial problems: the bounded Post correspondence problem (BPCP), the extended string correction problem (ESCP), and the Towers of Hanoi (ToH) of exponential solutions. For this purpose, we define new original reductions to SMT for all the above problems, and show their complexity. Our extensive experimental results allow for drawing quite interesting conclusions on efficiency and applicability of SMT-solvers depending on the theory used in the encoding

A Logic with Reverse Modalities for History-preserving Bisimulations

We introduce event identifier logic (EIL) which extends Hennessy-Milner logic by the addition of (1) reverse as well as forward modalities, and (2) identifiers to keep track of events. We show that this logic corresponds to hereditary history-preserving (HH) bisimulation equivalence within a particular true-concurrency model, namely stable configuration structures. We furthermore show how natural sublogics of EIL correspond to coarser equivalences. In particular we provide logical characterisations of weak history-preserving (WH) and history-preserving (H) bisimulation. Logics corresponding to HH and H bisimulation have been given previously, but not to WH bisimulation (when autoconcurrency is allowed), as far as we are aware. We also present characteristic formulas which characterise individual structures with respect to history-preserving equivalences.Comment: In Proceedings EXPRESS 2011, arXiv:1108.407

Towards Independent Particle Reconstruction from Cryogenic Transmission Electron Microscopy

Coronary heart disease is the single largest killer of Americans so improved means of detecting risk factors before arterial obstructions appear are expected to lead to a improvement in quality of life with a reduced cost. This paper introduces a new approach to 3-D reconstruction of individual particles based on statistical modeling from a sparse set of 2-D projection images. This paper introduces a new approach to 3-D reconstruction of individual particles based on statistical modeling from a sparse set of 2-D projection images. The method is in contrast to the current state of practice where reconstruction is performed via signal processing or Bayesian methods that use averaged images acquired from an ensemble of particles. As such, this new approach has its impetus in use for novel diagnostic tests such as LDL and HDL particle shape characterization. The approach is also expected to have uses in areas such as quality assurance for drug delivery nano-technologies and for general proteomic studies. The individual particle reconstruction algorithm is based on a hidden Markov model. Higher order Markov chain statistics, which are generated from the a priori model of the target of interest, can be derived from traditional methods such as single particle reconstruction and/or the underlying physical properties of the particle. By placing the reconstruction voxel space at a 45° angle to the projection image, 4-passes of the HMM processing can be performed from a single image. Reconstruction results from a simple model and a single projection image resulted in better than 98% reconstruction accuracy as compared to the original target

Consistency and Standardization of Color in Medical Imaging: a Consensus Report

This article summarizes the consensus reached at the Summit on Color in Medical Imaging held at the Food and Drug Administration (FDA) on May 8–9, 2013, co-sponsored by the FDA and ICC (International Color Consortium). The purpose of the meeting was to gather information on how color is currently handled by medical imaging systems to identify areas where there is a need for improvement, to define objective requirements, and to facilitate consensus development of best practices. Participants were asked to identify areas of concern and unmet needs. This summary documents the topics that were discussed at the meeting and recommendations that were made by the participants. Key areas identified where improvements in color would provide immediate tangible benefits were those of digital microscopy, telemedicine, medical photography (particularly ophthalmic and dental photography), and display calibration. Work in these and other related areas has been started within several professional groups, including the creation of the ICC Medical Imaging Working Group

Molecular Architecture of the Human Mediator–RNA Polymerase II–TFIIF Assembly

The authors perform a cryo-EM study of the 1.9 MDa human Mediator-RNA polymerase II-TFIIF assembly, which reveals the structural organization of the human transcription initiation apparatus

Automata for true concurrency properties

We present an automata-theoretic framework for the model checking of true concurrency properties. These are specified in a fixpoint logic, corresponding to history-preserving bisimilarity, capable of describing events in computations and their dependencies. The models of the logic are event structures or any formalism which can be given a causal semantics, like Petri nets. Given a formula and an event structure satisfying suitable regularity conditions we show how to construct a parity tree automaton whose language is non-empty if and only if the event structure satisfies the formula. The automaton, due to the nature of event structure models, is usually infinite. We discuss how it can be quotiented to an equivalent finite automaton, where emptiness can be checked effectively. In order to show the applicability of the approach, we discuss how it instantiates to finite safe Petri nets. As a proof of concept we provide a model checking tool implementing the technique