A timed failures model for extended communicating processes:extended abstract

We develop a model for the real-time behaviour of an extension of communicating sequential processes, ECP: the timed failures model. ECP includes a time-out mechanism for actions that synchronize and a broadcast construct. The model maximalizes local activity in processes and allows the delay of enabled synchronization actions to be a-priori bounded. It is a direct generalization of the (non-timed) failures model: traces are generalized to time-action relations, associating actions to the times at which they occur, and failure-sets to time-failure relations, associating actions to the times at which they are refused. In addition to a-priori bounded delay of actions, the model supports nondiscrete time and concurrency of actions; it makes the semantic operators continuous and is fully abstract when actions and the times at which they take place are made observable.\u3cbr/\u3e\u3cbr/\u3e\u3cbr/\u3e\u3cbr/\u3

A compositional proof theory for fault tolerant real-time distributed systems

A compositional network proof theory for specifying and verifying fault tolerant real-time distributed systems is presented. Important in such systems is the failure hypothesis that stipulates the class of failures that must be tolerated. In the formalism presented, the failure hypothesis of a system is represented by a predicate which expresses how faults might transform the behavior of the system. The approach is illustrated by investigating a triple modular redundant system

A partial order approach to branching time logic model checking

Partial order techniques enable reducing the size of the state space used for model checking, thus alleviating the “state space explosion” problem. These reductions are based on selecting a subset of the enabled operations from each program state. So far, these methods have been studied, implemented, and demonstrated for assertional languages that model the executions of a program as computation sequences, in particular the linear temporal logic. The present paper shows, for the first time, how this approach can be applied to languages that model the behavior of a program as a tree. We study here partial order reductions for branching temporal logics, e.g., the logics CTL and CTL* (with the next time operator removed) and process algebra logics such as Hennesy–Milner logic (withτactions). Conditions on the selection of subset of successors from each state during the state-space construction, which guarantee reduction that preserves CTL* properties, are given. The experimental results provided show that the reduction is substantia

A partial order approach to branching time logic model checking

Partial order techniques enable reducing the size of the state graph used for model checking, thus alleviating the 'state space explosion' problem. These reductions are based on selecting a subset of the enabled operations from each program state. So far, these methods have been studied, implemented and demonstrated for assertional languages that model the executions of a program as computation sequences, in particular the logic LTL (linear temporal logic). The paper shows, for the first time, how this approach can be applied to languages that model the behavior of a program as a tree. We study here partial order reductions for branching temporal logics, e.g., the logics CTL and CTL* (all logics with the next-time operator removed) and process algebras such as CCS. Conditions on the subset of successors from each node to guarantee reduction that preserves CTL properties are given. Provided experimental results show that the reduction is substantial

Compositional semantics for real-time distributed computing

We give a compositional denotational semantics for a real-time distributed language, based on the linear history semantics for CSP of Francez et al. Concurrent execution is not modelled by interleaving but by an extension of the maximal parallelism model of Salwicki, that allows the modelling of transmission time for communications. The importance of constructing a semantics (and in general a proof theory) for real-time is stressed by such different sources as the problem of formalizing the real-time aspects of Ada and the elimination of errors in real-time flight control software ([Sunday Times 7-22-84])

Verifying sequentially consistent memory

In distributed shared memory architectures, memory usually obeys weaker constraints than that of ordinary memory in (cache-less) single processor systems. One popular weakening is that of sequential consistency. Proving that a memory is sequentialy consistent does not easily fit the standard refinement and verification strategies. This paper takes a sequential consistent memory-the lazy caching protocol-and verifies it using a number of verification approaches. In almost all cases, existing approaches have to be generalized first