Forest automata for verification of heap manipulation

We consider verification of programs manipulating dynamic linked data structures such as various forms of singly and doubly-linked lists or trees. We consider important properties for this kind of systems like no null-pointer dereferences, absence of garbage, shape properties, etc. We develop a verification method based on a novel use of tree automata to represent heap configurations. A heap is split into several ??separated?? parts such that each of them can be represented by a tree automaton. The automata can refer to each other allowing the different parts of the heaps to mutually refer to their boundaries. Moreover, we allow for a hierarchical representation of heaps by allowing alphabets of the tree automata to contain other, nested tree automata. Program instructions can be easily encoded as operations on our representation structure. This allows verification of programs based on symbolic state-space exploration together with refinable abstraction within the so-called abstract regular tree model checking. A motivation for the approach is to combine advantages of automata-based approaches (higher generality and flexibility of the abstraction) with some advantages of separation-logic-based approaches (efficiency). We have implemented our approach and tested it successfully on multiple non-trivial case studies.     

基于证据自动机的软件回归验证

为了在多版本程序验证中利用邻近版本之间的共享信息,提取并重用之前版本证据自动机中的循环不变式,提出基于证据自动机的软件回归验证。首先通过证据预处理生成适用于新版程序的证据文件,然后在辅助不变式增强的k-归纳方法的基础上实现了检验新证据文件及验证新版程序的回归验证过程,最后通过对比实验比较了不使用不变式信息的直接验证与结合或不结合数据流分析的三种回归验证的验证性能。与直接验证相比,不结合与结合数据流分析的回归验证的验证耗时分别减少了49%与75%,而内存消耗分别减少了18%与50%。实验结果表明,当程序满足其验证属性时,基于证据自动机的回归验证能极大地提高验证效率,而将证据自动机与数据流分析相结合的验证方式能得到更好的验证效果。     

OCL约束验证与实现的方法

为了能在运行时验证OCL约束,提出了约束验证框架.针对OCL-Java代码(即OCL约束对应的可执行Java代码)插入的简单方案和封装方法存在的不足,给出了改进的代码插入方案,其中应用异常处理技术从而能够捕获冲突的约束.为了使OCL-Java代码根据设计的代码模式插入到Java程序中,对Java解析器作了修改.最后,实验结果表明了该方法的可行性.     

m-Asynchronous cellular automata: from fairness to quasi-fairness

A new model for the study of asynchronous cellular automata dynamical behavior is introduced with the main purpose of unifying several existing paradigms. The main idea is to measure the set of updating sequences to quantify the dependency of the properties under investigation from them. We propose to use the class of quasi-fair measures, namely measures that satisfy some fairness conditions on the updating sequences. Basic set properties like injectivity and surjectivity are adapted to the new setting and studied. In particular, we prove that they are dimensions sensitive properties (i.e., they are decidable in dimension 1 and undecidable in higher dimensions). A first exploration of dynamical properties is also started, some results about equicontinuity and expansivity behaviors are provided.     

Efficient verification of timed automata with BDD-like data structures

We investigate the effect on efficiency of various design issues for BDD-like data structures of TA state space representation and manipulation. We find that the efficiency is highly sensitive to decision atom design and canonical form definition. We explore the two issues in detail and propose to use CRD (Clock-Restriction Diagram) for TA state space representation and present algorithms for manipulating CRD in the verification of TAs. We compare three canonical forms for zones, develop a procedure for quick zone-containment detection, and present algorithms for verification with backward reachability analysis. Three possible evaluation orderings are also considered and discussed. We implement our idea in our tool Red 4.2 and carry out experiments to compare with other tools and various strategies of Red in both forward and backward analysis. Finally, we discuss the possibility of future improvement.     

Learning register automata: from languages to program structures

This paper reviews the development of Register Automaton learning, an enhancement of active automata learning to deal with infinite-state systems. We will revisit the precursor techniques and influences, which in total span over more than a decade. A large share of this development was guided and motivated by the increasingly popular application of grammatical inference techniques in the field of software engineering. We specifically focus on a key problem to achieve practicality in this field: the adequate treatment of data values ranging over infinite domains, a major source of undecidability. Starting with the first case studies, in which data was completely abstracted away, we revisit different steps towards dealing with data explicitly at a model level: we discuss Mealy machines as a model for systems with (data) output, automated alphabet abstraction refinement techniques as a two-dimensional extension of the partition-refinement based approach of active automata learning to also inferring optimal alphabet abstractions, and Register Mealy Machines, which can be regarded as programs restricted to data-independent data processing as it is typical for protocols or interface programs. We are convinced that this development will significantly contribute to paving the road for active automata learning to become a technology of high practical importance.     

Formal verification of multitasking applications based on timed automata model

The aim of this paper is to show, how a multitasking application running under a real-time operating system compliant with an OSEK/VDX standard can be modeled by timed automata. The application under consideration consists of several non-preemptive tasks and interrupt service routines that can be synchronized by events. A model checking tool is used to verify time and logical properties of the proposed model. Use of this methodology is demonstrated on an automated gearbox case study and the result of the worst-case response time verification is compared with the classical method based on the time-demand analysis. It is shown that the model-checking approach provides less pessimistic results due to a more detailed model and exhaustive state-space exploration.

Hybrid automata, reachability, and Systems Biology

Hybrid automata are a powerful formalism for the representation of systems evolving according to both discrete and continuous laws. Unfortunately, undecidability soon emerges when one tries to automatically verify hybrid automata properties. An important verification problem is the reachability one that demands to decide whether a set of points is reachable from a starting region.If we focus on semi-algebraic hybrid automata the reachability problem is semi-decidable. However, high computational costs have to be afforded to solve it. We analyse this problem by exploiting some existing tools and we show that even simple examples cannot be efficiently solved. It is necessary to introduce approximations to reduce the number of variables, since this is the main source of runtime requirements. We propose some standard approximation methods based on Taylor polynomials and ad hoc strategies. We implement our methods within the software SAHA-Tool and we show their effectiveness on two biological examples: the Repressilator and the Delta-Notch protein signaling.     

Transformation of Function Block Diagrams to UPPAAL timed automata for the verification of safety applications

Verification of IEC 61131-3 based safety applications is a challenge in the industrial automation domain. In this paper, the transformation of FBD diagrams to UPPAAL formal models was adopted to address this challenge. A set of transformation rules are defined for the automatic transformation of IEC 61131-3 Function Block based safety applications to UPPAAL timed automata models. These models are next used for the verification of the safety application. Both the source and the target domain models have been formally defined and these definitions are used for the definition of the transformation rules. Based on this a prototype model transformer was developed using Java. The transformer was used with various safety applications to check the efficiency of the transformation process. A laboratory system is presented as a case study to highlight the proposed approach.     

Formal verification of components assembly based on SysML and interface automata

We propose an approach which combines component SysML models and interface automata in order to assemble components and to verify formally their interoperability. So we propose to verify formally the assembly of components specified with the expressive and semi-formal modeling language, SysML. We specify component-based system architecture with SysML Block Definition Diagram, and the composition links between components with Internal Block Diagrams. Component’s protocols are specified with sequence diagrams, they are necessary to exploit interface automata formalism. Interface automata is a common Input Output (I/O) automata-based formalism intended to specify the signature and the protocol level of the component interfaces. We propose formal specifications for SysML semi-formal models in order to exploit interface automata approach. We also improve the interface automata approach by considering system architecture, specified with SysML, in the verification of components composition.     

Hybrid automata for linearizing the model of high-pressure thawing

The heat transfer phenomena concerned during thawing usually lead to non-linear distributed parameter systems, due to the existence of water phase change. When pressure changes, the thermodynamic effects make this model more complex. Hybrid automata allow continuous and discrete dynamics to be combined in the same method. Applied to our process, they allow a linear model to be obtained, and conserve its linearity when pressure changes are taken into account. The discrete events considered here are ice/water transitions and pressure changes. The continuous part of the model is heat transfer, either in solid, liquid or melting state of water.     

基于接口自动机的混合Web服务组合方法

在Web服务描述语言(WSDL)与网络服务的本体语言(OWL-S)共存的环境中难以实现Web服务混合组合,为此提出一种以接口自动机为基础的混合Web服务组合方法。分析和描述WSDL与OWL-S间的关系后,在服务组合过程中用接口自动机实现WSDL与OWL-S自动识别和组合;并将服务组合结果与预先设定好的服务质量进行优化对比,选择服务质量最优的来实现不同的业务逻辑。最后通过一组旅游消费服务实验分析验证表明,该方法可行、有效,服务组合效率提高了5%~10%。     

Automatic program verification I: A logical basis and its implementation

Summary Defining the semantics of programming languages by axioms and rules of inference yields a deduction system within which proofs may be given that programs satisfy specifications. The deduction system herein is shown to be consistent and also deduction complete with respect to Hoare's system. A subgoaler for the deduction system is described whose input is a significant subset of Pascal programs plus inductive assertions. The output is a set of verification conditions or lemmas to be proved. Several non-trivial arithmetic and sorting programs have been shown to satisfy specifications by using an interactive theorem prover to automatically generate proofs of the verification conditions. Additional components for a more powerful verification system are under construction.This research is supported by the Advanced Research Projects Agency under Contracts SD-183 and DAHC 15-72-C-0308, and by the National Aeronautics and Space Administration under Contract NSR 05-020-500.     

Context-aware environments: from specification to implementation

Abstract: This paper deals with the problem of implementing a context model for a smart environment. The problem has already been addressed several times using many different data- or problem-driven methods. In order to separate the modelling phase from implementation, we first represent the context model by a network of situations. Then, different implementations can be automatically generated from this context model depending on user needs and underlying perceptual components. Two different implementations are proposed in this paper: a deterministic one based on Petri nets and a probabilistic one based on hidden Markov models. Both implementations are illustrated and applied to real-world problems.     

On the implementation of frontier-to-root tree automata inrecursive neural networks

We explore the node complexity of recursive neural network implementations of frontier-to-root tree automata (FRA). Specifically, we show that an FRAO (Mealy version) with m states, l input-output labels, and maximum rank N can be implemented by a recursive neural network with O( radical(log l+log m)lm(N)/log l+N log m) units and four computational layers, i.e., without counting the input layer. A lower bound is derived which is tight when no restrictions are placed on the number of layers. Moreover, we present a construction with three computational layers having node complexity of O((log l+log m) radicallm (N)) and O((log l+log m)lm(N)) connections. A construction with two computational layers is given that implements any given FRAO with a node complexity of O(lm(N)) and O((log l+log m)lm(N)) connections. As a corollary we also get a new upper bound for the implementation of finite-state automata into recurrent neural networks with three computational layers.     

Design verification essential for CADMAT/CIM implementation

Some of the developments in the technology of IC design and enhancements to CADMAT tools are reviewed and effects on products are extrapolated from recent trends. User experience on Daisy workstations of designing circuits is described and an integrated design verification and test system is outlined. The importance of modelling and analysis in the implementation of CIM is emphasized. The automation of data collection is also considered.     

覆盖率驱动的芯片功能验证设计与实现

随着芯片集成度的发展,芯片性能越来越高,而上市时间越来越短,芯片验证在芯片设计中非常关键并贯穿于整个设计过程,验证的效率和质量直接决定着芯片的成败。提出了基于覆盖率驱动的芯片功能验证方法,定义了基于功能点覆盖率驱动的验证流程,利用PSL语言描述断言检查很有效,通过模拟工具检查断言是否成功,从而判断设计是否满足系统的功能要求。在网络接口芯片实际应用中,有效地降低了验证工作的复杂度,同时提高了验证的速度和质量。利用功能覆盖率数据判断测试激励的正确性和完整性,同时用覆盖率数据定量评价验证进程,提高了整个设计的效率。     

RISC指令集众核处理器功能验证与实现

众核技术已成为当前处理器体系结构发展的必然趋势,如何对众核处理器设计进行有效而充分的验证,成为当今IC设计验证领域的研究热点之一,也是众核处理器芯片能否成功流片的关键因素之一。目前工业界采用基于仿真的验证作为主要的验证方式,重点介绍了以覆盖率为导向的RISC众核处理器的功能验证环境的整体设计,提出了“被动式”的验证思想,并采用“软硬件协同验证”的策略,最终达到每条指令都比对通过的验证目标,辅以后期阶段所引入的时序验证策略和功耗评估策略,完整地提出了一套芯片验证平台搭建和验证功能实现的方法流程。