Forest automata for verification of heap manipulation

We consider verification of programs manipulating dynamic linked data structures such as various forms of singly and doubly-linked lists or trees. We consider important properties for this kind of systems like no null-pointer dereferences, absence of garbage, shape properties, etc. We develop a verification method based on a novel use of tree automata to represent heap configurations. A heap is split into several ??separated?? parts such that each of them can be represented by a tree automaton. The automata can refer to each other allowing the different parts of the heaps to mutually refer to their boundaries. Moreover, we allow for a hierarchical representation of heaps by allowing alphabets of the tree automata to contain other, nested tree automata. Program instructions can be easily encoded as operations on our representation structure. This allows verification of programs based on symbolic state-space exploration together with refinable abstraction within the so-called abstract regular tree model checking. A motivation for the approach is to combine advantages of automata-based approaches (higher generality and flexibility of the abstraction) with some advantages of separation-logic-based approaches (efficiency). We have implemented our approach and tested it successfully on multiple non-trivial case studies.     

OCL约束验证与实现的方法

为了能在运行时验证OCL约束,提出了约束验证框架.针对OCL-Java代码(即OCL约束对应的可执行Java代码)插入的简单方案和封装方法存在的不足,给出了改进的代码插入方案,其中应用异常处理技术从而能够捕获冲突的约束.为了使OCL-Java代码根据设计的代码模式插入到Java程序中,对Java解析器作了修改.最后,实验结果表明了该方法的可行性.     

m-Asynchronous cellular automata: from fairness to quasi-fairness

A new model for the study of asynchronous cellular automata dynamical behavior is introduced with the main purpose of unifying several existing paradigms. The main idea is to measure the set of updating sequences to quantify the dependency of the properties under investigation from them. We propose to use the class of quasi-fair measures, namely measures that satisfy some fairness conditions on the updating sequences. Basic set properties like injectivity and surjectivity are adapted to the new setting and studied. In particular, we prove that they are dimensions sensitive properties (i.e., they are decidable in dimension 1 and undecidable in higher dimensions). A first exploration of dynamical properties is also started, some results about equicontinuity and expansivity behaviors are provided.     

Efficient verification of timed automata with BDD-like data structures

We investigate the effect on efficiency of various design issues for BDD-like data structures of TA state space representation and manipulation. We find that the efficiency is highly sensitive to decision atom design and canonical form definition. We explore the two issues in detail and propose to use CRD (Clock-Restriction Diagram) for TA state space representation and present algorithms for manipulating CRD in the verification of TAs. We compare three canonical forms for zones, develop a procedure for quick zone-containment detection, and present algorithms for verification with backward reachability analysis. Three possible evaluation orderings are also considered and discussed. We implement our idea in our tool Red 4.2 and carry out experiments to compare with other tools and various strategies of Red in both forward and backward analysis. Finally, we discuss the possibility of future improvement.     

Learning register automata: from languages to program structures

This paper reviews the development of Register Automaton learning, an enhancement of active automata learning to deal with infinite-state systems. We will revisit the precursor techniques and influences, which in total span over more than a decade. A large share of this development was guided and motivated by the increasingly popular application of grammatical inference techniques in the field of software engineering. We specifically focus on a key problem to achieve practicality in this field: the adequate treatment of data values ranging over infinite domains, a major source of undecidability. Starting with the first case studies, in which data was completely abstracted away, we revisit different steps towards dealing with data explicitly at a model level: we discuss Mealy machines as a model for systems with (data) output, automated alphabet abstraction refinement techniques as a two-dimensional extension of the partition-refinement based approach of active automata learning to also inferring optimal alphabet abstractions, and Register Mealy Machines, which can be regarded as programs restricted to data-independent data processing as it is typical for protocols or interface programs. We are convinced that this development will significantly contribute to paving the road for active automata learning to become a technology of high practical importance.     

Formal verification of multitasking applications based on timed automata model

The aim of this paper is to show, how a multitasking application running under a real-time operating system compliant with an OSEK/VDX standard can be modeled by timed automata. The application under consideration consists of several non-preemptive tasks and interrupt service routines that can be synchronized by events. A model checking tool is used to verify time and logical properties of the proposed model. Use of this methodology is demonstrated on an automated gearbox case study and the result of the worst-case response time verification is compared with the classical method based on the time-demand analysis. It is shown that the model-checking approach provides less pessimistic results due to a more detailed model and exhaustive state-space exploration.

Hybrid automata, reachability, and Systems Biology

Hybrid automata are a powerful formalism for the representation of systems evolving according to both discrete and continuous laws. Unfortunately, undecidability soon emerges when one tries to automatically verify hybrid automata properties. An important verification problem is the reachability one that demands to decide whether a set of points is reachable from a starting region.If we focus on semi-algebraic hybrid automata the reachability problem is semi-decidable. However, high computational costs have to be afforded to solve it. We analyse this problem by exploiting some existing tools and we show that even simple examples cannot be efficiently solved. It is necessary to introduce approximations to reduce the number of variables, since this is the main source of runtime requirements. We propose some standard approximation methods based on Taylor polynomials and ad hoc strategies. We implement our methods within the software SAHA-Tool and we show their effectiveness on two biological examples: the Repressilator and the Delta-Notch protein signaling.     

Transformation of Function Block Diagrams to UPPAAL timed automata for the verification of safety applications

Verification of IEC 61131-3 based safety applications is a challenge in the industrial automation domain. In this paper, the transformation of FBD diagrams to UPPAAL formal models was adopted to address this challenge. A set of transformation rules are defined for the automatic transformation of IEC 61131-3 Function Block based safety applications to UPPAAL timed automata models. These models are next used for the verification of the safety application. Both the source and the target domain models have been formally defined and these definitions are used for the definition of the transformation rules. Based on this a prototype model transformer was developed using Java. The transformer was used with various safety applications to check the efficiency of the transformation process. A laboratory system is presented as a case study to highlight the proposed approach.     

Formal verification of components assembly based on SysML and interface automata

We propose an approach which combines component SysML models and interface automata in order to assemble components and to verify formally their interoperability. So we propose to verify formally the assembly of components specified with the expressive and semi-formal modeling language, SysML. We specify component-based system architecture with SysML Block Definition Diagram, and the composition links between components with Internal Block Diagrams. Component’s protocols are specified with sequence diagrams, they are necessary to exploit interface automata formalism. Interface automata is a common Input Output (I/O) automata-based formalism intended to specify the signature and the protocol level of the component interfaces. We propose formal specifications for SysML semi-formal models in order to exploit interface automata approach. We also improve the interface automata approach by considering system architecture, specified with SysML, in the verification of components composition.     

Automatic program verification I: A logical basis and its implementation

Summary Defining the semantics of programming languages by axioms and rules of inference yields a deduction system within which proofs may be given that programs satisfy specifications. The deduction system herein is shown to be consistent and also deduction complete with respect to Hoare's system. A subgoaler for the deduction system is described whose input is a significant subset of Pascal programs plus inductive assertions. The output is a set of verification conditions or lemmas to be proved. Several non-trivial arithmetic and sorting programs have been shown to satisfy specifications by using an interactive theorem prover to automatically generate proofs of the verification conditions. Additional components for a more powerful verification system are under construction.This research is supported by the Advanced Research Projects Agency under Contracts SD-183 and DAHC 15-72-C-0308, and by the National Aeronautics and Space Administration under Contract NSR 05-020-500.     

On the implementation of frontier-to-root tree automata inrecursive neural networks

We explore the node complexity of recursive neural network implementations of frontier-to-root tree automata (FRA). Specifically, we show that an FRAO (Mealy version) with m states, l input-output labels, and maximum rank N can be implemented by a recursive neural network with O( radical(log l+log m)lm(N)/log l+N log m) units and four computational layers, i.e., without counting the input layer. A lower bound is derived which is tight when no restrictions are placed on the number of layers. Moreover, we present a construction with three computational layers having node complexity of O((log l+log m) radicallm (N)) and O((log l+log m)lm(N)) connections. A construction with two computational layers is given that implements any given FRAO with a node complexity of O(lm(N)) and O((log l+log m)lm(N)) connections. As a corollary we also get a new upper bound for the implementation of finite-state automata into recurrent neural networks with three computational layers.     

Verifying a logic-synthesis algorithm and implementation: a casestudy in software verification

We describe the verification of a logic synthesis tool with the Nuprl proof development system. The logic synthesis tool, Pbs, implements the weak division algorithm. Pbs consists of approximately 1000 lines of code implemented in a functional subset of Standard ML. It is a proven and usable implementation and is an integral part of the Bedroc high level synthesis system. The program was verified by embedding the subset of Standard ML in Nuprl and then verifying the correctness of the implementation of Pbs in the Nuprl logic. The proof required approximately 500 theorems. In the process of verifying Pbs we developed a consistent approach for using a proof development system to reason about functional programs. The approach hides implementation details and uses higher order theorems to structure proofs and aid in abstract reasoning. Our approach is quite general, should be applicable to any higher order proof system, and can aid in the future verification of large software implementations     

Explicit routing schemes for implementation of cellular automata on processor arrays

Massively parallel processor array (MPPA) architectures are becoming widely available computing platforms. Because of formal similarities, they are good candidates for implementing cellular automata (CA). An essential difference still remains regarding the freedom in communications. In MPPA there is a fixed on-chip network interconnection topology but every CA has its own definition of neighbourhood. While a cell in a CA can be considered as directly connected to its neighbours, these connections correspond to paths in the network of the MPPA. The communications need to be routed and scheduled to reach their proper destination. In previous work we introduced a formal data-flow process network model named KRG (for K-periodically Routed Graph). Its main feature is to allow regular switching directives. In the present paper we will use it to represent the proper local sequences of routing directives that will efficiently propagate values from cells to cells so as to implement the required CA neighbourhood. We present the neighbourhood broadcasting algorithm that computes these routing directives. One should note here that the problem is made more complex as data traffic between distinct source and target cells must be merged, while multicast may save a tremendous amount of communications when values are required in multiple locations. We demonstrate the expressive power of our formalism on the case of a 2D CA where the neighbourhood consists of all cells at Moore distance at most n. Further potential applications of our framework are hinted.     

基于Web应用的SCXML到自动机的转换

为了对Web应用进行验证,保证Web应用的可靠性和质量,提出了将Web应用的SCXML描述提取出通用状态机的算法.在对Web服务应用的语言SCXML的各构成要素进行深入分析的基础上,该算法实现了将SCXML描述转化为相应的自动机,为对Web应用进行模型检查打下基础.对Web应用游戏系统的SCXML文件转换得到了对应的自动机实例,实验结果表明了该算法的正确性和有效性.     

一种使用TCAPTCHA框架的验证码实现方法

对验证码识别技术进行介绍,例示了使用JCAPTCHA开源框架实现验证码的方法,并基于该框架设计完成了一个验证码构件,构件将验证码的实现方法进行封装.验证码构件可以方便地集成到Java EE项目中,实践证明,该构件的确能让验证码开发工作变得更为简单有效.