Showing papers by "Joost-Pieter Katoen published in 2010"

libalf: the automata learning framework

Abstract: This paper presents libalf, a comprehensive, open-source library for learning formal languages libalf covers various well-known learning techniques for finite automata (eg Angluin's L*, Biermann, RPNI etc) as well as novel learning algorithms (such as for NFA and visibly one-counter automata) libalf is flexible and allows facilely interchanging learning algorithms and combining domain-specific features in a plug-and-play fashion Its modular design and C++ implementation make it a suitable platform for adding and engineering further learning algorithms for new target models (eg, Buchi automata)

Performance evaluation and model checking join forces

Abstract: A call for the perfect marriage between classical performance evaluation and state-of-the-art verification techniques.

Linear-invariant generation for probabilistic programs: automated support for proof-based methods

Abstract: We present a constraint-based method for automatically generating quantitative invariants for linear probabilistic programs, and we show how it can be used, in combination with proof-based methods, to verify properties of probabilistic programs that cannot be analysed using existing automated methods. To our knowledge, this is the first automated method proposed for quantitative-invariant generation.

DTMC Model Checking by SCC Reduction

Abstract: Discrete-Time Markov Chains (DTMCs) are a widely-used formalism to model probabilistic systems. On the one hand, available tools like PRISM or MRMC offer efficient model checking algorithms and thus support the verification of DTMCs. However, these algorithms do not provide any diagnostic information in the form of counterexamples, which are highly important for the correction of erroneous systems. On the other hand, there exist several approaches to generate counterexamples for DTMCs, but all these approaches require the model checking result for completeness. In this paper we introduce a model checking algorithm for DTMCs that also supports the generation of counterexamples. Our algorithm, based on the detection and abstraction of strongly connected components, offers abstract counterexamples, which can be interactively refined by the user.

Computing Optimal Schedules of Battery Usage in Embedded Systems

Abstract: The use of mobile devices is often limited by the battery lifetime. Some devices have the option to connect an extra battery, or to use smart battery-packs with multiple cells to extend the lifetime. In these cases, scheduling the batteries or battery cells over the load to exploit the recovery properties of the batteries helps to extend the overall systems lifetime. Straightforward scheduling schemes, like round-robin or choosing the best battery available, already provide a big improvement compared to a sequential discharge of the batteries. In this paper, we compare these scheduling schemes with the optimal scheduling scheme produced with two different modeling approaches: an approach based on a priced-timed automaton model (implemented and evaluated in Uppaal Cora), as well as an analytical approach (partly formulated as nonlinear optimization problem) for a slightly adapted scheduling problem. We show that in some cases the results of the simple scheduling schemes (round-robin, and best-first) are close to optimal. However, the optimal schedules, computed according to both methods, also clearly show that in a variety of scenarios, the simple schedules are far from optimal.

A model checker for AADL

Abstract: We present a graphical toolset for verifying AADL models, which are gaining widespread acceptance in aerospace, automobile and avionics industries for comprehensively specifying safety-critical systems by capturing functional, probabilistic and hybrid aspects Analyses are implemented on top of mature model checking tools and range from requirements validation to functional verification, safety assessment via automatic derivation of FMEA tables and dynamic fault trees, to performability evaluation, and diagnosability analysis The toolset is currently being applied to several case studies by a major industrial developer of aerospace systems.

Performability assessment by model checking of Markov reward models

Abstract: This paper describes efficient procedures for model checking Markov reward models, that allow us to evaluate, among others, the performability of computer-communication systems. We present the logic CSRL (Continuous Stochastic Reward Logic) to specify performability measures. It provides flexibility in measure specification and paves the way for the numerical evaluation of a wide variety of performability measures. The formal measure specification in CSRL also often helps in reducing the size of the Markov reward models that need to be numerically analysed. The paper presents background on Markov-reward models, as well as on the logic CSRL (syntax and semantics), before presenting an important duality result between reward and time. We discuss CSRL model-checking algorithms, and present five numerical algorithms and their computational complexity for verifying time- and reward-bounded until-properties, one of the key operators in CSRL. The versatility of our approach is illustrated through a performability case study.

Learning Communicating Automata from MSCs

Abstract: This paper is concerned with bridging the gap between requirements and distributed systems. Requirements are defined as basic message sequence charts (MSCs) specifying positive and negative scenarios. Communicating finite-state machines (CFMs), i.e., finite automata that communicate via FIFO buffers, act as system realizations. The key contribution is a generalization of Angluin's learning algorithm for synthesizing CFMs from MSCs. This approach is exact-the resulting CFM precisely accepts the set of positive scenarios and rejects all negative ones-and yields fully asynchronous implementations. The paper investigates for which classes of MSC languages CFMs can be learned, presents an optimization technique for learning partial orders, and provides substantial empirical evidence indicating the practical feasibility of the approach.

The How and Why of Interactive Markov Chains

Abstract: This paper reviews the model of interactive Markov chains (IMCs, for short), an extension of labelled transition systems with exponentially delayed transitions. We show that IMCs are closed under parallel composition and hiding, and show how IMCs can be compositionally aggregated prior to analysis by e.g., bisimulation minimisation or aggressive abstraction based on simulation pre-congruences. We survey some recent analysis techniques for IMCs, i.e., explaining how measures such as reachability probabilities can be obtained. Finally, we demonstrate that IMCs are a natural (and simple) semantic model for stochastic process algebras and generalised stochastic Petri nets and can be used for engineering formalisms such as AADL and dynamic fault trees.

Formal Verification and Validation of AADL Models

Abstract: Safety-critical systems are increasingly difficult to comprehend due to their rising complexity Methodologies, tools and modeling formalisms have been developed to overcome this Component-based design is an important paradigm that is shared by many of them It helps to master the overall complexity while in addition allowing for reusability Furthermore, it easily supports the common issues in the engineering disciplines, like hardware/software (ie, co-engineering), performability, dependability, reliability, availability, maintainability and safety engineering (RAMS) Model artifacts that are typical for a discipline can be encapsulated in the affected components, while staying imperceptible for non-affected components This leads to different views of the system under development, which subsequently entails the natural distinction in different system abstractions, formalisms and tools Nonetheless, there is only one system under development With the current methodologies, there is no single view of this system that links all aspects relevant to all involved engineering disciplines in a coherent manner

Three-valued abstraction for stochastic systems

Abstract: Formal methods are a mathematical tool for modeling and verifying qualitative and quantitative aspects of systems of a wide variety of types. A most acknowledged technique in this context is the model checking approach that allows for an automated verification of system models with respect to sets of formal requirements. The underlying analysis techniques systematically and exhaustively explore all configurations of a system, resulting in a high memory consumption. To deal with this bottleneck, several solutions have been proposed, ranging from the use of efficient data structures to a number of reduction techniques. This thesis is concerned with abstraction, that is, with the reduction of available information in the system’s model, and the question of what properties are preserved when applying abstraction. We are focusing on the more intricate quantitative properties of probabilistic timed systems that can be expressed in PCTL and CSL, probabilistic variants of the computation tree logic (CTL). The models under consideration are discrete-time and continuous-time Markov chains (DTMCs, CTMCs) as well as interactive Markov chains (IMCs) that extend CTMCs with functional behavior and provide facilities for compositional modeling. Markov chains are the underlying low-level models for many modeling formalisms that are used, amongst others, in the area of reliability, dependability and performance analysis as well as in systems biology. In this thesis, abstraction is implemented by merging states of a system’s model; when states with different behavior are to be merged, nondeterminism is added to the corresponding abstract state to capture the uncertainty on what concrete state is occupied when looking at the abstract picture. Due to this newly introduced nondeterminism, we obtain abstractions that may contain more (but no less) possible behavior compared to the given concrete system; hence, when analyzing the abstraction, we obtain safe overand

A Linear Process-Algebraic Format for Probabilistic Systems with Data

Abstract: This paper presents a novel linear process-algebraic format for probabilistic automata. The key ingredient is a symbolic transformation of probabilistic process algebra terms that incorporate data into this linear format while preserving strong probabilistic bisimulation. This generalises similar techniques for traditional process algebras with data, and — more importantly — treats data and data-dependent probabilistic choice in a fully symbolic manner, paving the way to the symbolic analysis of parameterised probabilistic systems.

Leader election in anonymous radio networks: model checking energy consumption

Abstract: Leader election has been studied intensively in recent years. In this paper, we present an analysis of a randomized leader election using probabilistic model checking with PRISM. We first investigate the quantitative properties of the original protocol such as the expected number of election rounds. Then we modify the protocol so that it consumes less energy and processes with larger energy have higher chance to be elected. The modified protocol is modeled as Markov Decision Process, which allow us to compute minimum and maximum values, interpreting the best- and worst-case performance of the protocol under any scenario.

Advances in probabilistic model checking

Abstract: Random phenomena occur in many applications: security, communication protocols, distributed algorithms, and performance and dependability analysis, to mention a few. In the last two decades, efficient model-checking algorithms and tools have been developed to support the automated verification of models that incorporate randomness. Popular models are Markov decision processes and (continuous-time) Markov chains. Recent advances such as compositional abstraction-refinement and counterexample generation have significantly improved the applicability of these techniques. First promising steps have been made to cover more powerful models, real-time linear specifications, and parametric model checking. In this tutorial I will describe the state of the art, and will detail some of the major recent advancements in probabilistic model checking.

Analyzing energy consumption in a gossiping MAC protocol

Abstract: In this paper, we analyze the energy-efficiency of a TDMA protocol (gMAC) for gossiping-based wireless sensor networks. In contrast to most schedule-based TDMA protocols, slot allocation in gMAC is decentralized, allowing adaptation to evolving network configurations. The protocol, modeled in the MoDeST language, is evaluated using the discrete-event simulator of the Mobius tool suite. We investigate the impact of collision-detection mechanisms, initiator positioning, and random silence on the gMAC energy efficiency. As a result, we find the number of active slots that optimize the trade-off between low energy consumption and fast information dissemination.

SMA -- The Smyle Modeling Approach

Abstract: This paper introduces the model-based software development lifecycle model SMA -- the Smyle Modeling Approach -- which is centered around Smyle. Smyle is a dedicated learning procedure to support engineers to interactively obtain design models from requirements, characterized as either being desired (positive) or unwanted (negative) system behavior. Within SMA, the learning approach is complemented by so-called scenario patterns where the engineer can specify clearly desired or unwanted behavior. This way, user interaction is reduced to the interesting scenarios limiting the design effort considerably. In SMA, the learning phase is further complemented by an effective analysis phase that allows for detecting design flaws at an early design stage. Using learning techniques allows us to gradually develop and refine requirements, naturally supporting evolving requirements, and allows for a rather inexpensive redesign in case anomalous system behavior is detected during analysis, testing, or maintenance. This paper describes the approach and reports on first practical experiences.

Model checking Markov chains using Krylov subspace methods: an experience report

Abstract: The predominant technique for computing the transient distribution of a Continuous Time Markov Chain (CTMC) exploits uniformization, which is known to be stable and efficient for non-stiff to mildly-stiff CTMCs. On stiff CTMCs however, uniformization suffers from severe performance degradation. In this paper, we report on our observations and analysis of an alternative technique using Krylov subspaces. We implemented a Krylov-based extension to MRMC (Markov Reward Model Checker) and conducted extensive experiments on five case studies from different application domains. The results reveal that the Krylov-based technique is an order of magnitude faster on stiff CTMCs.

Quantitative verification in practice

Abstract: Soon after the birth of model checking, the first theoretical achievements have been reported on the automated verification of quantitative system aspects such as discrete probabilities and continuous time. These theories have been extended in various dimensions, such as continuous probabilities, cost constraints, discounting, hybrid phenomena, and combinations thereof. Due to unremitting improvements of underlying algorithms and data structures, together with the availability of more advanced computing engines, these techniques are nowadays applicable to realistic designs. Powerful software tools allow these techniques to be applied by non-specialists, and efforts have been made to embed these techniques into industrial system design processes. Quantitative verification has a broad application potential -- successful applications in embedded system design, hardware, security, safety-critical software, schedulability analysis, and systems biology exemplify this. It is fair to say, that over the years this application area grows rapidly and there is no sign that this will not continue. This session reports on applying state-of-the-art quantitative verification techniques and tools to a variety of industrial case studies.