Optimistic synchronization-based state-space reduction

Formal Methods in System Design (Impact Factor: 0.88). 04/2006; 28(3):263-289. DOI: 10.1007/s10703-006-0003-4
Source: DBLP


Reductions that aggregate fine-grained transitions into coarser transitions can significantly reduce the cost of automated verification, by reducing the size of the state space. We propose a reduction that can exploit common synchronization disciplines, such as the use of mutual exclusion for accesses to shared data structures. Exploiting them using traditional reduction theorems requires checking that the discipline is followed in the original (i.e., unreduced) system. That check can be prohibitively expensive. This paper presents a reduction that instead requires checking whether the discipline is followed in the reduced system. This check may be much cheaper, because the reachable state space is smaller.

Download full-text


Available from: Ernie Cohen,
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Structural model abstraction is a powerful technique for reducing the complexity of a state based enumeration analysis. We present in this paper new efficient ordinary Petri nets reductions. At first, we define "behavioural" reductions (i.e. based on conditions related to the language of the net) which preserve a fundamental property of a net (i.e. liveness) and any LTL formula that does not observe reduced transitions of the net. We substitute these conditions by structural or algebraical ones leading to reductions that can be efficiently checked and applied whereas enlarging the application spectrum of the previous reductions. At last, we illustrate our method on significant and typical examples.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In recent work, Flanagan and Qadeer proposed atomicity declarations as a light-weight mechanism for specifying non-interference properties in concurrent programming languages such as Java, and they provided a type and effect system to verify atomicity properties. While verification of atomicity specifications via a static type system has several advantages (scalability, compositional checking), we show that verification via model-checking also has several advantages (fewer unchecked annotations, greater coverage of Java idioms, stronger verification). In particular, we show that by adapting the Bogor model-checker, we naturally address several properties that are difficult to check with a static type system.
    01/1970: pages 175-190;
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The race condition checker rccjava uses a formal type system to statically identify potential race conditions in concurrent Java programs, but it requires programmer-supplied type annotations. This paper describes a type inference algorithm for rccjava. Due to the interaction of parameterized classes and dependent types, this type inference problem is NP-complete. This complexity result motivates our new approach to type inference, which is via reduction to propositional satisfiability. This paper describes our type inference algorithm and its performance on programs of up to 30,000 lines of code.
    Science of Computer Programming 01/2007; 64(1-64):140-165. DOI:10.1016/j.scico.2006.03.006 · 0.72 Impact Factor
Show more