The Internet Archive has a preservation copy of this work in our general collections.
The file type is `application/pdf`

.

## Filters

##
###
Environment Assumptions for Synthesis
[article]

2008
*
arXiv
*
pre-print

The synthesis problem asks to construct a reactive finite-state system from an ω-regular specification. Initial specifications are often unrealizable, which means that there is no system that implements the specification. A common reason for unrealizability is that assumptions on the environment of the system are incomplete. We study the problem of correcting an unrealizable specification ϕ by computing an environment assumption ψ such that the new specification ψ→ϕ is realizable. Our aim is to

arXiv:0805.4167v1
fatcat:ihtnqw3p6neg5cr2pbh7fc65li
## more »

... construct an assumption ψ that constrains only the environment and is as weak as possible. We present a two-step algorithm for computing assumptions. The algorithm operates on the game graph that is used to answer the realizability question. First, we compute a safety assumption that removes a minimal set of environment edges from the graph. Second, we compute a liveness assumption that puts fairness conditions on some of the remaining environment edges. We show that the problem of finding a minimal set of fair edges is computationally hard, and we use probabilistic games to compute a locally minimal fairness assumption.##
###
GIST: A Solver for Probabilistic Games
[article]

2010
*
arXiv
*
pre-print

Gist is a tool that (a) solves the qualitative analysis problem of turn-based probabilistic games with ω-regular objectives; and (b) synthesizes reasonable environment assumptions for synthesis of unrealizable specifications. Our tool provides the first and efficient implementations of several reduction-based techniques to solve turn-based probabilistic games, and uses the analysis of turn-based probabilistic games for synthesizing environment assumptions for unrealizable specifications.

arXiv:1004.2367v1
fatcat:2typwnm52fairfz7v2qmn5zhgq
##
###
Finding and Fixing Faults
[chapter]

2005
*
Lecture Notes in Computer Science
*

Knowing that a program has a bug is good, knowing its location is better, but a fix is best. We present a method to automatically locate and correct faults in a finite state system, either at the gate level or at the source level. We assume that the specification is given in Linear Temporal Logic, and state the correction problem as a game, in which the protagonist selects a faulty component and suggests alternative behavior. The basic approach is complete but as complex as synthesis. It also

doi:10.1007/11560548_6
fatcat:xq2iutykkvffxdrhmx37fcwzxy
## more »

... ffers from problems of readability: the correction may add state and logic to the system. We present two heuristics. The first avoids the doubly exponential blowup associated with synthesis by using nondeterministic automata. The second heuristic finds a memoryless strategy, which we show is an NP-complete problem. A memoryless strategy corresponds to a simple, local correction that does not add any state. The drawback of the two heuristics is that they are not complete unless the specification is an invariant. Our approach is general: the user can define what constitutes a component, and the suggested correction can be an arbitrary combinational function of the current state and the inputs. We show experimental results supporting the applicability of our approach.##
###
Program Repair without Regret
[chapter]

2013
*
Lecture Notes in Computer Science
*

We present a new and flexible approach to repair reactive programs with respect to a specification. The specification is given in linear-temporal logic. Like in previous approaches, we aim for a repaired program that satisfies the specification and is syntactically close to the faulty program. The novelty of our approach is that it produces a program that is also semantically close to the original program by enforcing that a subset of the original traces is preserved. Intuitively, the faulty

doi:10.1007/978-3-642-39799-8_64
fatcat:ypv2ijzxbvfq7deeixvq6j5oxe
## more »

... gram is considered to be a part of the specification, which enables us to synthesize meaningful repairs, even for incomplete specifications. Our approach is based on synthesizing a program with a set of behaviors that stay within a lower and an upper bound. We provide an algorithm to decide if a program is repairable with respect to our new notion, and synthesize a repair if one exists. We analyze several ways to choose the set of traces to leave intact and show the boundaries they impose on repairability. We also discuss alternative notions based on reward models to obtain repair systems that behave similar to the original system. We have evaluated the approach on several examples.##
###
Model checking transactional memories

2008
*
SIGPLAN notices
*

Model checking software transactional memories (STMs) is difficult because of the unbounded number, length, and delay of concurrent transactions and the unbounded size of the memory. We show that, under certain conditions, the verification problem can be reduced to a finite-state problem and we illustrate the use of the method by proving the correctness of several STMs, including two-phase locking, DSTM, TL2, and optimistic concurrency control. The safety properties we consider include strict

doi:10.1145/1379022.1375626
fatcat:eop7rmko3jgv7dw6xpqwibo6lm
## more »

... rializability and abort consistency; the liveness properties include obstruction freedom, livelock freedom, and wait freedom. Our main contribution lies in the structure of the proofs, which are largely automated and not restricted to the STMs mentioned above. In a first step we show that every STM that enjoys certain symmetry properties either violates a safety or liveness requirement on some program with 2 threads and 2 shared variables, or satisfies the requirement on all programs. In the second step we use a model checker to prove the requirement for the STM applied to a most general program with 2 threads and 2 variables. In the safety case, the model checker constructs a simulation relation between two carefully constructed finite-state transition systems, one representing the given STM applied to a most general program, and the other representing a most liberal STM applied to the same program. In the liveness case, the model checker analyzes fairness conditions on the given STM transition system.##
###
Optimizations for LTL Synthesis

2006
*
2006 Formal Methods in Computer Aided Design
*

s
72.78 s
483.38 s
39.26 s
755(83106)
242(3834)
124(444)
20
8,6,2
strong
7(14)
3.21 s
2.98 s
1.24 s
1.13 s
0.82 s
0.73 s
112(1187)
5(10)
2(3)
http://www.ist.tugraz.at/staff/

doi:10.1109/fmcad.2006.22
dblp:conf/fmcad/JobstmannB06
fatcat:v2hswya5wracvjc7t3o5hb6mlu
*jobstmann*...##
###
Environment Assumptions for Synthesis
[chapter]

2008
*
Lecture Notes in Computer Science
*

The synthesis problem asks to construct a reactive finite-state system from an ω-regular specification. Initial specifications are often unrealizable, which means that there is no system that implements the specification. A common reason for unrealizability is that assumptions on the environment of the system are incomplete. We study the problem of correcting an unrealizable specification ϕ by computing an environment assumption ψ such that the new specification ψ → ϕ is realizable. Our aim is

doi:10.1007/978-3-540-85361-9_14
fatcat:wshathssiban3bttmlpsrp3zcy
## more »

... o construct an assumption ψ that constrains only the environment and is as weak as possible. We present a two-step algorithm for computing assumptions. The algorithm operates on the game graph that is used to answer the realizability question. First, we compute a safety assumption that removes a minimal set of environment edges from the graph. Second, we compute a liveness assumption that puts fairness conditions on some of the remaining environment edges. We show that the problem of finding a minimal set of fair edges is computationally hard, and we use probabilistic games to compute a locally minimal fairness assumption.##
###
Program Repair as a Game
[chapter]

2005
*
Lecture Notes in Computer Science
*

We present a conservative method to automatically fix faults in a finite state program by considering the repair problem as a game. The game consists of the product of a modified version of the program and an automaton representing the LTL specification. Every winning finite state strategy for the game corresponds to a repair. The opposite does not hold, but we show conditions under which the existence of a winning strategy is guaranteed. A finite state strategy corresponds to a repair that

doi:10.1007/11513988_23
fatcat:zt2o3jwjungxtc4hv2zszu6m2u
## more »

... variables to the program, which we argue is undesirable. To avoid extra state, we need a memoryless strategy. We show that the problem of finding a memoryless strategy is NP-complete and present a heuristic. We have implemented the approach symbolically and present initial evidence of its usefulness.##
###
Program repair without regret

2015
*
Formal methods in system design
*

We present a new and flexible approach to repair reactive programs with respect to a specification. The specification is given in linear-temporal logic. Like in previous approaches, we aim for a repaired program that satisfies the specification and is syntactically close to the faulty program. The novelty of our approach is that it produces a program that is also semantically close to the original program by enforcing that a subset of the original traces is preserved. Intuitively, the faulty

doi:10.1007/s10703-015-0223-6
fatcat:2osbgjsctjb7lal5b2do3ezqfm
## more »

... gram is considered to be a part of the specification, which enables us to synthesize meaningful repairs, even for incomplete specifications. Our approach is based on synthesizing a program with a set of behaviors that stay within a lower and an upper bound. We provide an algorithm to decide if a program is repairable with respect to our new notion, and synthesize a repair if one exists. We analyze several ways to choose the set of traces to leave intact and show the boundaries they impose on repairability. We have evaluated the approach on several examples.##
###
QUASY: Quantitative Synthesis Tool
[chapter]

2011
*
Lecture Notes in Computer Science
*

We present the tool QUASY, a quantitative synthesis tool. QUASY takes qualitative and quantitative specifications and automatically constructs a system that satisfies the qualitative specification and optimizes the quantitative specification, if such a system exists. The user can choose between a system that satisfies and optimizes the specifications (a) under all possible environment behaviors or (b) under the most-likely environment behaviors given as a probability distribution on the

doi:10.1007/978-3-642-19835-9_24
fatcat:d2povpqdevgmdbp7lh2r4n2byq
## more »

... input sequences. QUASY solves these two quantitative synthesis problems by reduction to instances of 2-player games and Markov Decision Processes (MDPs) with quantitative winning objectives. QUASY can also be seen as a game solver for quantitative games. Most notable, it can solve lexicographic mean-payoff games with 2 players, MDPs with mean-payoff objectives, and ergodic MDPs with mean-payoff parity objectives.##
###
Synthesizing efficient systems in probabilistic environments

2015
*
Acta Informatica
*

##
###
Formalisms for Specifying Markovian Population Models
[chapter]

2009
*
Lecture Notes in Computer Science
*

We compare several languages for specifying Markovian population models such as queuing networks and chemical reaction networks. These languages -matrix descriptions, stochastic Petri nets, stochastic process algebras, stoichiometric equations, and guarded command models-all describe continuous-time Markov chains, but they differ according to important properties, such as compositionality, expressiveness and succinctness, executability, ease of use, and the support they provide for checking the

doi:10.1007/978-3-642-04420-5_2
fatcat:gwahkrsonjenfg7l2htzy2elma
## more »

... well-formedness of a model and for analyzing a model.##
###
Synthesizing robust systems

2013
*
Acta Informatica
*

Many specifications include assumptions on the environment. If the environment satisfies the assumptions then a correct system reacts as intended. However, when the environment deviates from its expected behavior, a correct system can behave arbitrarily. We want to synthesize robust systems that degrade gracefully, i.e., a small number of environment failures should induce a small number of system failures. We define ratio games and show that an optimal robust system corresponds to the winning

doi:10.1007/s00236-013-0191-5
fatcat:u67qma3mmzfexl2qiwcs2zzdpi
## more »

... trategy of a ratio game, where the system minimizes the ratio of system errors to environment errors. We show that ratio games can be solved in pseudopolynomial time.##
###
Interface theories with component reuse

2008
*
Proceedings of the 7th ACM international conference on Embedded software - EMSOFT '08
*

Interface theories have been proposed to support incremental design and independent implementability. Incremental design means that the compatibility checking of interfaces can proceed for partial system descriptions, without knowing the interfaces of all components. Independent implementability means that compatible interfaces can be refined separately, maintaining compatibility. We show that these interface theories provide no formal support for component reuse, meaning that the same

doi:10.1145/1450058.1450070
dblp:conf/emsoft/DoyenHJP08
fatcat:gwn7gsvj2vdbjmbkwvu3nxhp2e
## more »

... cannot be used to implement several different interfaces in a design. We add a new operation to interface theories in order to support such reuse. For example, different interfaces for the same component may refer to different aspects such as functionality, timing, and power consumption. We give both stateless and stateful examples for interface theories with component reuse. To illustrate component reuse in interface-based design, we show how the stateful theory provides a natural framework for specifying and refining PCI bus clients.##
###
Synthesizing robust systems

2009
*
2009 Formal Methods in Computer-Aided Design
*

« Previous

*Showing results 1 — 15 out of 78 results*