Reachability Properties Research Articles

Para^2: parameterized path reduction, acceleration, and SMT for reachability in threshold-guarded distributed algorithms

Automatic verification of threshold-based fault-tolerant distributed algorithms (FTDA) is challenging: FTDAs have multiple parameters that are restricted by arithmetic conditions, the number of processes and faults is parameterized, and the algorithm code is parameterized due to conditions counting the number of received messages. Recently, we introduced a technique that first applies data and counter abstraction and then runs bounded model checking (BMC). Given an FTDA, our technique computes an upper bound on the diameter of the system. This makes BMC complete for reachability properties: it always finds a counterexample, if there is an actual error. To verify state-of-the-art FTDAs, further improvement is needed. In contrast to encoding bounded executions of a counter system over an abstract finite domain in SAT, in this paper, we encode bounded executions over integer counters in SMT. In addition, we introduce a new form of reduction that exploits acceleration and the structure of the FTDAs. This aggressively prunes the execution space to be explored by the solver. In this way, we verified safety of seven FTDAs that were out of reach before.

Reduction of Qualitative Models of Biological Networks for Transient Dynamics Analysis.

Qualitative models of dynamics of signalling pathways and gene regulatory networks allow for the capturing of temporal properties of biological networks while requiring few parameters. However, these discrete models typically suffer from the so-called state space explosion problem which makes the formal assessment of their potential behaviors very challenging. In this paper, we describe a method to reduce a qualitative model for enhancing the tractability of analysis of transient reachability properties. The reduction does not change the dimension of the model, but instead limits its degree of freedom, therefore reducing the set of states and transitions to consider. We rely on a transition-centered specification of qualitative models by the mean of automata networks. Our framework encompasses the usual asynchronous Boolean and multi-valued network, as well as 1-bounded Petri nets. Applied to different large-scale biological networks from the litterature, we show that the reduction can lead to a drastic improvement for the scalability of verification methods.

Generalized primitivity of labeled digraphs

We study reachability properties of digraphs whose edges are labeled by elements of a semigroup. We introduce a notion of primitivity for such digraphs, which allows us to unify a variety of recent results on the combinatorial structure of semigroups of nonnegative square matrices. We make use of Stallings foldings, a key procedure in combinatorial group theory, to design an almost-linear time algorithm for checking primitivity in an important case of allowable digraphs improving the previously known algorithm. We also present computational complexity results related to computation of the exponent.

Identification of bifurcation transitions in biological regulatory networks using Answer-Set Programming

BackgroundNumerous cellular differentiation processes can be captured using discrete qualitative models of biological regulatory networks. These models describe the temporal evolution of the state of the network subject to different competing transitions, potentially leading the system to different attractors. This paper focusses on the formal identification of states and transitions that are crucial for preserving or pre-empting the reachability of a given behaviour.MethodsIn the context of non-deterministic automata networks, we propose a static identification of so-called bifurcations, i.e., transitions after which a given goal is no longer reachable. Such transitions are naturally good candidates for controlling the occurrence of the goal, notably by modulating their propensity. Our method combines Answer-Set Programming with static analysis of reachability properties to provide an under-approximation of all the existing bifurcations.ResultsWe illustrate our discrete bifurcation analysis on several models of biological systems, for which we identify transitions which impact the reachability of given long-term behaviour. In particular, we apply our implementation on a regulatory network among hundreds of biological species, supporting the scalability of our approach.ConclusionsOur method allows a formal and scalable identification of transitions which are responsible for the lost of capability to reach a given state. It can be applied to any asynchronous automata networks, which encompass Boolean and multi-valued models. An implementation is provided as part of the Pint software, available at http://loicpauleve.name/pint.

Decomposing the model-checking of mobile robotics actions on a grid

Mobile automated systems, such as robots or machinery for precision agriculture, may be designed to perform actions that vary in space according to information from sensors or to a mission map. To be reliable, the design process of such systems should involve the combined verification of spatial and dynamic properties. We consider here CTL model-checking of a mobile robot’s behavior, using the UppAal Timed Automata verifier. We consider reachability properties including path finding. Space is modeled as a 2D grid and the mobile robot path is unknown a priori. In this case, the exhaustive state space exploration of model-checking leads to the generation of many possible movements. This exposes such model-checking to combinatorial issues depending on the grid size and the complexity of system dynamics. In this paper, we propose a decomposition methodology reducing the memory requirements for the verification task. The decomposition is twofold. The grid is decomposed in sub-grids and the model-checking query on the whole grid is decomposed in a set of queries on the sub-grids. A set of test cases and check the validity of the decomposition concept. The decomposition methodology is compared to a simpler method that verifies the reachability property without proceeding to decomposition.

Online Abstractions for Interconnected Multi-Agent Control Systems

In this paper, we aim at the development of an online abstraction framework for multi-agent systems under coupled constraints. The motion capabilities of each agent are abstracted through a finite state transition system in order to capture reachability properties of the coupled multi-agent system over a finite time horizon in a decentralized manner. In the first part of this work, we define online abstractions by discretizing an over approximation of the agents’ reachable sets over the horizon. Then, sufficient conditions relating the discretization and the agents’ dynamics are provided, in order to quantify the agents’ transition possibilities.

Controller synthesis for dynamic hierarchical real-time plants using timed automata

We use timed I/O automata based timed games to synthesize task-level reconfiguration services for cost-effective fault tolerance in a case study. The case study shows that state-space explosion is a severe problem for timed games. By applying suitable abstractions, we dramatically improve the scalability. However, timed I/O automata do not facilitate algorithmic abstraction generation techniques. The case study motivates the development of timed process automata to improve modeling and analysis for controller synthesis of time-critical plants which can be hierarchical and dynamic. The model offers two essential features for industrial systems: (i) compositional modeling with reusable designs for different contexts, and (ii) state-space reduction technique. Timed process automata model dynamic networks of continuous-time communicating plant processes which can activate other plant processes. We show how to establish safety and reachability properties of timed process automata by reduction to solving timed games. To mitigate the state-space explosion problem, an algorithmic state-space reduction technique using compositional reasoning and aggressive abstractions is also proposed. In this article, we demonstrate the theoretical framework of timed process automata and the effectiveness of the proposed state-space reduction technique by extending the case study.

Quantitative model checking of linear-time properties based on generalized possibility measures

Model checking of linear-time properties based on possibility measures was studied in previous work (Li and Li (2013)). However, the linear-time properties considered in the previous work was qualitative and was based on Boolean logic, the linear-time properties containing possibility information (we call it fuzzy linear-time properties here, which is based on fuzzy logic) of system could not be represented and tackled using the previous methods. We shall study quantitative model checking of fuzzy linear-time properties based on generalized possibility measures in the paper. Both the model of the system, as well as the properties the system needs to adhere to, are described using possibility information to identify the uncertainty in the model/properties. The systems are modeled by generalized possibilistic Kripke structures (GPKS, in short), and the properties are described by fuzzy linear-time properties. Concretely, fuzzy linear-time properties about reachability, always reachability, constrain reachability, repeated reachability and persistence in GPKSs are introduced and studied. Fuzzy regular safety properties and fuzzy ω-regular properties in GPKSs are introduced, the verification of fuzzy regular safety properties and fuzzy ω-regular properties using fuzzy finite automata are thoroughly studied. It has been shown that the verification of fuzzy regular safety properties and fuzzy ω-regular properties in a finite GPKS can be transformed into the verification of (always) reachability properties and repeated reachability (persistence) properties in the product GPKS introduced in this paper. Several examples are given to illustrate the methods presented in the paper.

A Light-Weight Approach for Verifying Multi-Threaded Programs with CPAchecker

Verifying multi-threaded programs is becoming more and more important, because of the strong trend to increase the number of processing units per CPU socket. We introduce a new configurable program analysis for verifying multi-threaded programs with a bounded number of threads. We present a simple and yet efficient implementation as component of the existing program-verification framework CPAchecker. While CPAchecker is already competitive on a large benchmark set of sequential verification tasks, our extension enhances the overall applicability of the framework. Our implementation of handling multiple threads is orthogonal to the abstract domain of the data-flow analysis, and thus, can be combined with several existing analyses in CPAchecker, like value analysis, interval analysis, and BDD analysis. The new analysis is modular and can be used, for example, to verify reachability properties as well as to detect deadlocks in the program. This paper includes an evaluation of the benefit of some optimization steps (e.g., changing the iteration order of the reachability algorithm or applying partial-order reduction) as well as the comparison with other state-of-the-art tools for verifying multi-threaded programs.

Rewriting modulo SMT and open system analysis

This paper proposes rewriting modulo SMT, a new technique that combines the power of SMT solving, rewriting modulo theories, and model checking. Rewriting modulo SMT is ideally suited to model and analyze reachability properties of infinite-state open systems, i.e., systems that interact with a nondeterministic environment. Such systems exhibit both internal nondeterminism, which is proper to the system, and external nondeterminism, which is due to the environment. In a reflective formalism, such as rewriting logic, rewriting modulo SMT can be reduced to standard rewriting. Hence, rewriting modulo SMT naturally extends rewriting-based reachability analysis techniques, which are available for closed systems, to open systems. Furthermore, a single state expression with symbolic constraints can now denote an infinite set of concrete states. The proposed technique is illustrated with the formal analysis of: (i) a real-time system that is beyond the scope of timed-automata methods and (ii) automatic detection of reachability violations in a synchronous language developed to support autonomous spacecraft operations.

Route Guidance for Satisfying Temporal Logic Specifications on Aircraft Motion

A new technique for aircraft route guidance subject to linear temporal logic specifications is presented. The proposed approach is based on workspace partitioning, and it relies on the idea of so-called lifted graphs. Briefly, edges in a lifted graph are successions of adjacent edges in the topological graph associated with the workspace partition. Edges of the lifted graph are associated with certain reachability properties of the aircraft model. The main result of this paper is the precise characterization of acceptable routes (namely, sequences of cells) that are guaranteed to be traversable by admissible state trajectories of the aircraft model while satisfying the given linear temporal logic specifications. The proposed approach incorporates nonholonomic kinematic constraints, does not require complete controllability in the presence of workspace constraints, and does not require linearization of the aircraft model. Numerical methods to implement the proposed route-planning algorithm are discussed. The proposed algorithm is illustrated with numerical simulation examples that reflect the practical significance of linear temporal logic specifications in aircraft guidance.

Asymptotic Perturbation Bounds for Probabilistic Model Checking with Empirically Determined Probability Parameters

Probabilistic model checking is a verification technique that has been the focus of intensive research for over a decade. One important issue with probabilistic model checking, which is crucial for its practical significance but is overlooked by the state-of-the-art largely, is the potential discrepancy between a stochastic model and the real-world system it represents when the model is built from statistical data. In the worst case, a tiny but nontrivial change to some model quantities might lead to misleading or even invalid verification results. To address this issue, in this paper, we present a mathematical characterization of the consequences of model perturbations on the verification distance. The formal model that we adopt is a parametric variant of discrete-time Markov chains equipped with a vector norm to measure the perturbation. Our main technical contributions include a closed-form formulation of asymptotic perturbation bounds , and computational methods for two arguably most useful forms of those bounds, namely linear bounds and quadratic bounds . We focus on verification of reachability properties but also address automata-based verification of omega-regular properties. We present the results of a selection of case studies that demonstrate that asymptotic perturbation bounds can accurately estimate maximum variations of verification results induced by model perturbations.

Liveness and Reachability Analysis of BPMN Process Models

Business processes are usually defined by business experts who require intuitive and informal graphical notations such as BPMN (Business Process Management Notation) for documenting and communicating their organization activities and behavior. However, BPMN has not been provided with a formal semantics, which limits the analysis of BPMN models to using solely informal techniques such as simulation. In order to address this limitation and use formal verification, it is necessary to define a certain “mapping” between BPMN and a formal language such as Concurrent Sequential Processes (CSP) and Petri Nets (PN). This paper proposes a method for the verification of BPMN models by defining formal semantics of BPMN in terms of a mapping to Time Petri Nets (TPN), which are equipped with very efficient analytical techniques. After the translation of BPMN models to TPN, verification is done to ensure that some functional properties are satisfied by the model under investigation, namely liveness and reachability properties. The main advantage of our approach over existing ones is that it takes into account the time components in modeling Business process models. An example is used throughout the paper to illustrate the proposed method. ACM CCS (2012) Classification : Applied computing → Enterprise computing → Business process management → Business process modeling *To cite this article: A. Rachdi et al ., Liveness and Reachability Analysis of BPMN Process Models, CIT. Journal of Computing and Information Technology , vol. 24, no. 2, pp. 195–207, 2016.

EMCDM: Efficient model checking by data mining for verification of complex software systems specified through architectural styles

Software architectural style is one of the best concepts to define a family of related architectures and their common properties. Despite the essential role of software architectures in the software engineering practice, the lack of formal description and analysis may hamper the quality of designed models. Hence, using proper formal languages seems necessary for architectural style description. In this case, it is possible to use model checking to verify the designed models automatically. However, the model checking of complex software systems suffers from the state space explosion problem. To handle this problem, data mining techniques may contribute to obtain the required knowledge for intelligent model checking i.e. searching only a portion of the state space. In this paper, to check the model of complex software systems which are designed according to an architectural style, an efficient approach is proposed using data mining techniques. These software systems must be specified through architectural styles and modeled by Graph Transformation Systems (GTS) formally. In the proposed approach, to check a large model based on a specific style intelligently, a specific knowledge is required. Such knowledge is acquired from mining the data of checking a smaller model consistent with the same style. These smaller models can be designed either by the designers or can be automatically generated consistent with the style. The proposed solution can be used to verify the reachability property and to refute the safety and liveness properties. This solution is implemented in GROOVE, a toolset for designing and model checking of graph transformation systems. The experimental results show that our method is faster and more accurate in comparison with the existing techniques in model checking of complex software systems.

Qualitative dynamics semantics for SBGN process description.

BackgroundQualitative dynamics semantics provide a coarse-grain modeling of networks dynamics by abstracting away kinetic parameters. They allow to capture general features of systems dynamics, such as attractors or reachability properties, for which scalable analyses exist. The Systems Biology Graphical Notation Process Description language (SBGN-PD) has become a standard to represent reaction networks. However, no qualitative dynamics semantics taking into account all the main features available in SBGN-PD had been proposed so far.ResultsWe propose two qualitative dynamics semantics for SBGN-PD reaction networks, namely the general semantics and the stories semantics, that we formalize using asynchronous automata networks. While the general semantics extends standard Boolean semantics of reaction networks by taking into account all the main features of SBGN-PD, the stories semantics allows to model several molecules of a network by a unique variable. The obtained qualitative models can be checked against dynamical properties and therefore validated with respect to biological knowledge. We apply our framework to reason on the qualitative dynamics of a large network (more than 200 nodes) modeling the regulation of the cell cycle by RB/E2F.ConclusionThe proposed semantics provide a direct formalization of SBGN-PD networks in dynamical qualitative models that can be further analyzed using standard tools for discrete models. The dynamics in stories semantics have a lower dimension than the general one and prune multiple behaviors (which can be considered as spurious) by enforcing the mutual exclusiveness between the activity of different nodes of a same story. Overall, the qualitative semantics for SBGN-PD allow to capture efficiently important dynamical features of reaction network models and can be exploited to further refine them.Electronic supplementary materialThe online version of this article (doi:10.1186/s12918-016-0285-0) contains supplementary material, which is available to authorized users.

Temporal logic control for stochastic linear systems using abstraction refinement of probabilistic games

We consider the problem of computing the set of initial states of a dynamical system such that there exists a control strategy to ensure that the trajectories satisfy a temporal logic specification with probability 1 (almost-surely). We focus on discrete-time, stochastic linear dynamics and specifications given as formulas of the Generalized Reactivity(1) fragment of Linear Temporal Logic over linear predicates in the states of the system. We propose a solution based on iterative abstraction-refinement, and turn-based 2-player probabilistic games. While the theoretical guarantee of our algorithm after any finite number of iterations is only a partial solution, we show that if our algorithm terminates, then the result is the set of all satisfying initial states. Moreover, for any (partial) solution our algorithm synthesizes witness control strategies to ensure almost-sure satisfaction of the temporal logic specification. While the proposed algorithm guarantees progress and soundness in every iteration, it is computationally demanding. We offer an alternative, more efficient solution for the reachability properties that decomposes the problem into a series of smaller problems of the same type. All algorithms are demonstrated on an illustrative case study.

Logical Modeling and Dynamical Analysis of Cellular Networks.

The logical (or logic) formalism is increasingly used to model regulatory and signaling networks. Complementing these applications, several groups contributed various methods and tools to support the definition and analysis of logical models. After an introduction to the logical modeling framework and to several of its variants, we review here a number of recent methodological advances to ease the analysis of large and intricate networks. In particular, we survey approaches to determine model attractors and their reachability properties, to assess the dynamical impact of variations of external signals, and to consistently reduce large models. To illustrate these developments, we further consider several published logical models for two important biological processes, namely the differentiation of T helper cells and the control of mammalian cell cycle.

SNR and BER Analysis for Multiple Antenna System Using OFDM

Initially communication was carried out using analogue signal. Due to its various drawbacks, digital communication was introduced which has so many advantages over analogue communication and soon become very popular. Due to its low cost and easily reachable properties, wireless communication has become popular in communication.In the current scenario of modern wireless communication system, multiple input multiple output (MIMO) technique has emerged as one of the most efficient and significant method. This paper presents an analysis of MIMO system that has been introduced in the wireless communication to increase the diversity and to mitigate the effect of the channel fading phenomenon. In order to provide the transmit diversity, Space Time Block Code (STBC) is used in the Multiple input multiple output system. Effort has been made for deriving the Signal to noise ratio (SNR) and Bit error rate (BER) for different combination of the MIMO wireless communication system. SNR and BER have been computed for different combination of transmit antenna. The results of the simulation suggest that the performance of the MIMO system can be improved by increasing the diversity gain.

PTRebeca: Modeling and analysis of distributed and asynchronous systems

Distributed systems exhibit probabilistic and non-deterministic behaviors and may have time constraints. Probabilistic Timed Rebeca (PTRebeca) is introduced as a timed and probabilistic actor-based language for modeling distributed real-time systems with asynchronous message passing. The semantics of PTRebeca is a Timed Markov Decision Process. In this paper, we provide SOS rules for PTRebeca, introduce a new tool-set and describe the corresponding mappings. The tool-set automatically generates a Markov Automaton from a PTRebeca model in the form of the input language of the Interactive Markov Chain Analyzer (IMCA). The IMCA can be used as a back-end model checker for performance analysis of PTRebeca models against expected reachability and probabilistic reachability properties. Comparing to the existing tool-set, proposed in the conference paper, we now have the ability of analyzing significantly larger models, and we also can add different rewards to the model. We show the applicability of our approach and efficiency of our tool by analyzing a Network on Chip architecture as a real-world case study.

On the completeness of bounded model checking for threshold-based distributed algorithms: Reachability

Counter abstraction is a powerful tool for parameterized model checking, if the number of local states of the concurrent processes is relatively small. In recent work, we introduced parametric interval counter abstraction that allowed us to verify the safety and liveness of threshold-based fault-tolerant distributed algorithms (FTDA). Due to state space explosion, applying this technique to distributed algorithms with hundreds of local states is challenging for state-of-the-art model checkers. In this paper, we demonstrate that reachability properties of FTDAs can be verified by bounded model checking. To ensure completeness, we need an upper bound on the distance between states. We show that the diameters of accelerated counter systems of FTDAs, and of their counter abstractions, have a quadratic upper bound in the number of local transitions. Our experiments show that the resulting bounds are sufficiently small to use bounded model checking for parameterized verification of reachability properties of several FTDAs, some of which have not been automatically verified before.