Xu Ke,Wang YueXuan,Wu Cheng

DOI: https://doi.org/10.1007/s11432-007-0006-9

2007-01-01

Science in China Series F Information Sciences

Abstract:Ensuring the correctness and reliability of large-scale resource sharing and complex job processing is an important task for grid applications. From a formal method perspective, a grid service chain model based on state Pi calculus is proposed in this work as the theoretical foundation for the service composition and collaboration in grid. Following the idea of the Web Service Resource Framework (WSRF), state Pi calculus enables the life-cycle management of system states by associating the actions in the original Pi calculus with system states. Moreover, model checking technique is exploited for the design-time and run-time logical verification of grid service chain models. A grid application scenario of the dynamic analysis of material deformation structure is also provided to show the effectiveness of the proposed work.

Rubén Rubio,Narciso Martí-Oliet,Isabel Pita,Alberto Verdejo

DOI: https://doi.org/10.1016/j.jlamp.2021.100700

2024-01-15

Abstract:Rewriting logic and its implementation Maude are a natural and expressive framework for the specification of concurrent systems and logics. Its nondeterministic local transformations are described by rewriting rules, which can be controlled at a higher level using a builtin strategy language added to Maude~3. This specification resource would not be of much interest without tools to analyze their models, so in a previous work, we extended the Maude LTL model checker to verify strategy-controlled systems. In this paper, CTL* and $\mu$-calculus are added to the repertoire of supported logics, after discussing which adaptations are needed for branching-time properties. The new extension relies on some external model checkers that are exposed the Maude models through general and efficient connections, profitable for future extensions and further applications. The performance of these model checkers is compared.

Logic in Computer Science

Rubén Rubio,Narciso Martí-Oliet,Isabel Pita,Alberto Verdejo

DOI: https://doi.org/10.1007/s10515-021-00307-9

2024-01-15

Abstract:Rewriting logic and its implementation Maude are an expressive framework for the formal specification and verification of software and other kinds of systems. Concurrency is naturally represented by nondeterministic local transformations produced by the application of rewriting rules over algebraic terms in an equational theory. Some aspects of the global behavior of the systems or additional constraints sometimes require restricting this nondeterminism. Rewriting strategies are used as a higher-level and modular resource to cleanly capture these requirements, which can be easily expressed in Maude with an integrated strategy language. However, strategy-aware specifications cannot be verified with the builtin LTL model checker, making strategies less useful and attractive.

Logic in Computer Science

zhibin yang,kai hu,yongwang zhao,dianfu ma,jeanpaul bodeveix

DOI: https://doi.org/10.13328/j.cnki.jos.004776

2015-01-01

Abstract:This paper presents a formal verification method for AADL (architecture analysis and design language) models by TASM (timed abstract state machine) translation. The abstract syntax of the chosen subset of AADL and of TASM are given. The translation rules are defined clearly by the semantic functions expressed in a ML-like language. Furthermore, the translation is implemented in the model transformation tool AADL2TASM, which provides model checking and simulation for AADL models. Finally, a case study of space GNC (guidance, navigation and control) system is provided.

Daniela Lepri,Peter Csaba Ölveczky,Erika Ábrahám

DOI: https://doi.org/10.4204/EPTCS.36.7

2010-09-22

Abstract:This paper presents a transformational approach for model checking two important classes of metric temporal logic (MTL) properties, namely, bounded response and minimum separation, for nonhierarchical object-oriented Real-Time Maude specifications. We prove the correctness of our model checking algorithms, which terminate under reasonable non-Zeno-ness assumptions when the reachable state space is finite. These new model checking features have been integrated into Real-Time Maude, and are used to analyze a network of medical devices and a 4-way traffic intersection system.

Logic in Computer Science

Taolue Chen,Tingting Han,Jian Lu

DOI: https://doi.org/10.1201/9780429076893-8

2005-01-01

Abstract:Computation with mobility becomes a novel distributed computation paradigm with the development of network technology. The calculus of Mobile Ambient (MA) is a widely studied formal mechanism for describing both mobile computing and mobile computation. This paper deals with the algebra theory of a variant of this calculus, the Robust Mobile Ambient (ROAM). Hitherto, for ROAM, the criterion of process equivalence is contextual equivalence. whose main disadvantage lies in that the proof and verification for process equivalence are usually very hard. To remedy this deficiency to some extend, we provide a new labelled transition system, and based on it, a bisimulation relation is introduced as the criterion of behavior equivalence. We justify the soundness of definition by showing that it is a congruence relation and to illustrate the advantage of the new behavior equivalence relation, this paper also gives concise proofs for some important process equivalence laws studied in literature.

Rubén Rubio,Narciso Martí-Oliet,Isabel Pita,Alberto Verdejo

DOI: https://doi.org/10.1016/j.jlamp.2021.100727

2024-01-15

Abstract:Membrane systems are a biologically-inspired computational model based on the structure of biological cells and the way chemicals interact and traverse their membranes. Although their dynamics are described by rules, encoding membrane systems into rewriting logic is not straightforward due to its complex control mechanisms. Multiple alternatives have been proposed in the literature and implemented in the Maude specification language. The recent release of the Maude strategy language and its associated strategy-aware model checker allow specifying these systems more easily, so that they become executable and verifiable for free. An easily-extensible interactive environment transforms membrane specifications into rewrite theories controlled by appropriate strategies, and allows simulating and verifying membrane computations by means of them.

Logic in Computer Science

Li Zhang,Fei Xu,Zhiwei Yu

DOI: https://doi.org/10.1109/tase.2007.7

2007-01-01

Abstract:Awareness of the need for process orientation in IT support field has been increasing these decades, which made the formalization and verification of workflow become more and more significant. Among various formal methods, calculus, a branch of process algebra, proved to be most capable in modeling mobility and interaction, therefore is considered as a good choice of workflow formalizing and verifying. In this paper, a pi-calculus-based workflow verification method is introduced, by which three kinds of structure conflicts (deadlock, lack of synchronization and cycle without exit) can be detected. Verification algorithm based on reduction and replacement rules is also provided, according to which complex workflow model with both cyclic and overlapping structures can be verified with acceptable complexity.

Weigang Ma,Xinhong Hei

DOI: https://doi.org/10.2991/iccasm.2012.212

2012-01-01

Abstract:A verification methodology is presented for railway interlocking system which is regarded as a safety-critical system.The methodology utilizes UML to model the function requirement and LTL to verify the safety requirements of the specification.The device specifications of railway interlocking system are modeled with UML, then translate into FSM.The safety specification is translated LTL and analyzed with NuSMV.We try to show the feasibility of improving the reliability and reducing revalidation efforts when designing and developing a decentralized railway signaling system.

Weigang Ma,Xinhong Hei

DOI: https://doi.org/10.1109/ICCASM.2010.5620084

2010-01-01

Abstract:A modeling and verification methodology is presented for railway interlocking system which is regarded as a safety-critical system. The methodology utilizes UML (Unified Modeling Language) to model the function requirement and FSM (Finite State Machine) to verify the safety requirements of the specification. The device specifications of railway interlocking system are modeled with UML, and dynamic behaviors of the device and whole system are modeled with FSM, the safety specification is translated LTL (Linear Temporal Logic) and analyzed with NuSMV. We try to show the feasibility of improving the reliability and reducing revalidation efforts when designing and developing a decentralized railway signaling system.

Taolue Chen,Tingting Han,Jian Lu

DOI: https://doi.org/10.1016/s1571-0661(05)80085-4

2003-01-01

Electronic Notes in Theoretical Computer Science

Abstract:Computation with mobility becomes a novel distributed computation paradigm with the development of network technology. The calculus of Mobile Ambient is a widely studied formal mechanism for describing both mobile computing and mobile computation. To improve this process calculus, Robust Mobile Ambient is introduced by providing co-actions. This paper deals with the modal logic for finite fragment of this calculus without communication primitives. In details, we compare standard behavioral equivalence with the equivalence induced by the logic (=L) and with the structural congruence. As a result, we prove the intensionality of the logic and at the same time, an axiomatization for = L is given.

Muhammad Syifa'ul Mufid,Andrea Micheli,Alessandro Abate,Alessandro Cimatti

2023-08-21

Abstract:Max-Plus Linear (MPL) systems are an algebraic formalism with practical applications in transportation networks, manufacturing and biological systems. In this paper, we investigate the problem of automatically analyzing the properties of MPL, taking into account both structural properties such as transient and cyclicity, and the open problem of user-defined temporal properties. We propose Time-Difference LTL (TDLTL), a logic that encompasses the delays between the discrete time events governed by an MPL system, and characterize the problem of model checking TDLTL over MPL. We first consider a framework based on the verification of infinite-state transition systems, and propose an approach based on an encoding into model checking. Then, we leverage the specific features of MPL systems to devise a highly optimized, combinational approach based on Satisfiability Modulo Theory (SMT). We experimentally evaluate the features of the proposed approaches on a large set of benchmarks. The results show that the proposed approach substantially outperforms the state of the art competitors in expressiveness and effectiveness, and demonstrate the superiority of the combinational approach over the reduction to model checking.

Formal Languages and Automata Theory

Kazuhiro Inaba,Soichiro Hidaka,Zhenjiang Hu,Hiroyuki Kato,Keisuke Nakano

DOI: https://doi.org/10.1145/2003476.2003482

2011-01-01

Abstract:This paper presents a new approach to solving the problem of verification of graph transformation, by proposing a new static verification algorithm for the Core UnCAL, the query algebra for graph-structured databases proposed by Bunemann et al. Given a graph transformation annotated with schema information, our algorithm statically verifies that any graph satisfying the input schema is converted by the transformation to a graph satisfying the output schema. We tackle the problem by first reformulating the semantics of UnCAL into monadic second-order logic (MSO). The logic-based foundation allows to express the schema satisfaction of transformations as the validity of MSO formulas over graph structures. Then by exploiting the two established properties of UnCAL called bisimulation-genericity and compactness, we reduce the problem to the validity of MSO over trees, which has a sound and complete decision procedure. The algorithm has been efficiently implemented; all the graph transformations in this paper and the system web page can be verified within several seconds.

Xiaopu Huang,Qingqing Sun,Jiangwei Li,Tian Zhang

DOI: https://doi.org/10.1007/978-3-642-35795-4_62

2012-01-01

Abstract:State Machine Diagram (SMD) is one of the SysML behavior diagrams, but it is a kind of semi-formal model language. As a consequence, models can not be verified conveniently and efficiently, especially in real-time embedded system (RTES) field as there are no descriptions of time and probability in SMD. To address these problems, we extend SMD with time and probability elements extracted from MARTE and propose a transformation algorithm based on MDE. With the algorithm, we transform the extended SMD to timed automata (TA) and then analyze and verify the transformation result using existing tools. So at the very beginning of system design, errors and deficiencies can be found. At last, we construct an instance to illustrate the validity of our approach.

Yue Cao,Yusheng Liu,Xujia Qin

DOI: https://doi.org/10.1016/j.aei.2023.102201

IF: 8.8

2023-01-01

Advanced Engineering Informatics

Abstract:Model-based systems engineering (MBSE) has been adopted as a mainstream design methodology for complex mechatronic systems. According to this paradigm, structured models, typically represented in SysML are used to describe the system of interest from various aspects. Among these models, the system behavior model is fundamental for the subsequent design and hence should be verified against system functions in the early design stage. However, due to the lack of formal semantics of the involved SysML models and software-physical hybrid characteristics of the mechatronic systems, it is not a trivial task to apply existing formal verification methods to solve this problem. In this study, a novel approach relying on hybrid functional semantics is proposed. First, this verification problem is formally defined based on an in-depth analysis of the architectures and traceability between the involved SysML models. Then, a graphical modeling language to represent the hybrid functional semantics in SysML is defined so that the function and behavior models can be enhanced and explicitly correlated by the formal semantics. Finally, based on the semantically enhanced models, the model verification problem is formally re-defined as a semantics verification problem and further divided into two sub-problems, i.e., continuous and discrete semantics verification problems, which are automatically solved by leveraging existing verification techniques including functional-effect compatibility check and symbolic model checking. A mobile robot is illustrated to show the effectiveness of the proposed approach.

Ulrich Berger,Phillip James,Andrew Lawrence,Markus Roggenbach,Monika Seisenberger

DOI: https://doi.org/10.1016/j.scico.2017.10.011

IF: 1.039

2018-03-01

Science of Computer Programming

Abstract:The European Rail Traffic Management System (ERTMS) is a state-of-the-art train control system designed as a standard for railways across Europe. It generalises traditional discrete interlocking systems to a world in which trains hold on-board equipment for signalling, and trains and interlockings communicate via radio block processors. The ERTMS aims at improving performance and capacity of rail traffic systems without compromising their safety. The ERTMS system is of hybrid nature, in contrast to classical railway signalling systems which deal with discrete data only. Consequently, the switch to ERTMS poses a number of research questions to the formal methods community, most prominently: How can safety be guaranteed? In this paper we present the first formal modelling of ERTMS comprising all subsystems participating in its control cycle. We capture what safety means in physical and in logical terms, and we demonstrate that it is feasible to prove safety of ERTMS systems utilising Real-Time Maude model-checking by considering a number of bi-directional track layouts. ERTMS is currently being installed in many countries. It will be the main train control standard for the foreseeable future. The concepts presented in this paper offer applicable methods supporting the design of dependable ERTMS systems. We demonstrate model-checking to be a viable option in the analysis of large and complex real-time systems. Furthermore, we establish Real-Time Maude as a modelling and verification tool applicable to the railway domain. The approach given in this paper is a rigorous one. In order to avoid modelling errors, we follow a systematic approach: First, as a requirement specification, we identify the event-response structures present in the ERTMS. Then, we model these structures in Real-Time Maude in a traceable way, i.e., specification text in Real-Time Maude can be directly mapped to requirements. We explore our models by checking if they have the desired behaviour, and apply systematic model-exploration through error injection – both these steps are carried out using the formal method Real-Time Maude. Finally, we analyse ERTMS by model-checking, thus applying a formal method to the railway domain, and we mathematically prove that our analysis of ERTMS by model-checking is complete, i.e., that it guarantees safety at all times.

computer science, software engineering

Yinling Liu,Jean-Michel Bruel

DOI: https://doi.org/10.1145/3640822

2024-02-05

Formal Aspects of Computing

Abstract:The relationship between states (status of a system) and modes (capabilities of a system) used to describe system requirements is often poorly defined. The unclear relationship could make systems of interest out of control because of the out of boundaries of the systems caused by the newly added modes. Formally modeling and verifying requirements can clarify the relationship, making the system safer. To this end, an innovative approach to analyzing requirements is proposed. The MoSt language (a Domain Specific Language implemented on the Xtext framework) is firstly designed for requirements modeling and a model validator is realized to check requirements statically. A code generator is then provided to realize the automatic model transformation from the MoSt model to a NuSMV model, laying the foundation for the dynamic checks of requirements through symbolic model checking. Next, a NuSMV runner is designed to connect the NuSMV with the validator to automate the whole dynamic checks. The grammar, the model validator, the code generator, and the NuSMV runner are finally integrated into a publicly available Eclipse-based tool. Two case studies have been employed to illustrate the feasibility of our approach. For each case study, we injected 14 errors. The results show that the static and dynamic checks can successfully detect all the errors.

computer science, software engineering

Yongwang Zhao,Dianfu Ma,Jing Li,Zhuqing Li

DOI: https://doi.org/10.1109/EASe.2011.13

2011-01-01

Abstract:Increasingly, software needs to dynamically adapt its structure and behavior at runtime in response to changing conditions in the supporting computing, network infrastructure, and in the surrounding physical environments. By high complexity, adaptive programs are generally difficult to specify, verify, and validate. Assurance of high dependability of these programs is a great challenge. Efficiently and precisely specifying requirements and flexible model checking for adaptation are the key issues for developing dependably adaptive software. This paper introduces a formal model for adaptive programs which have different behavioral modes. We consider that adaptive programs have two behavioral level, functional behavior and adaptation. State machine is used to describe functional behavior in different modes and mode automata is proposed for adaptations. Specifications of adaptive programs are classified into three categories, local, adaptation and global properties from their different scope of dynamic adaptation. To specify and verify specifications on our model, We propose the Mode-extended Linear Temporal Logic (mLTL) and its model checking approach. mLTL extends Linear Temporal Logic (LTL) by adding mode related element and enables describing properties on different modes. Our formal model and mLTL formulae are translated to SMV language and verified in NuSMV model checker.

Liang Aili,Zhu Jiaqi,Wang Hanpin,Qu Wanling

2008-01-01

Journal of Computer Research and Development

Abstract:Based on the logic CTL*[DC] proposed by Pandya, we extend its syntax and semantics, and restrict the length of the path, to define a new logic CTL*[k-QDDC], which can be applied to describe and verify real-time systems. We propose a basic algorithm verifying directly whether a formula of logic CTL*[k-QDDC] is true for a state in Kripke structure. We also show that under some assumptions, the verification of a logical operator of CTL*[k-QDDC] is NP-complete, which suggests that the whole verification problem is at least NP-hard.

Canh Minh Do,Kazuhiro Ogata

DOI: https://doi.org/10.7717/peerj-cs.2098

2024-06-21

PeerJ Computer Science

Abstract:This article presents a symbolic approach to model checking quantum circuits using a set of laws from quantum mechanics and basic matrix operations with Dirac notation. We use Maude, a high-level specification/programming language based on rewriting logic, to implement our symbolic approach. As case studies, we use the approach to formally specify several quantum communication protocols in the early work of quantum communication and formally verify their correctness: Superdense Coding, Quantum Teleportation, Quantum Secret Sharing, Entanglement Swapping, Quantum Gate Teleportation, Two Mirror-image Teleportation, and Quantum Network Coding. We demonstrate that our approach/implementation can be a first step toward a general framework to formally specify and verify quantum circuits in Maude. The proposed way to formally specify a quantum circuit makes it possible to describe the quantum circuit in Maude such that the formal specification can be regarded as a series of quantum gate/measurement applications. Once a quantum circuit has been formally specified in the proposed way together with an initial state and a desired property expressed in linear temporal logic (LTL), the proposed model checking technique utilizes a built-in Maude LTL model checker to automatically conduct formal verification that the quantum circuit enjoys the property starting from the initial state.

computer science, information systems, artificial intelligence, theory & methods