5,626 Hits in 7.1 sec

Finding small counterexamples for abstract rewriting properties

2018 Mathematical Structures in Computer Science  
We give several examples of finite abstract rewrite systems having remarkable properties that are found in this way fully automatically.  ...  In this paper, we develop a technique to find such counterexamples fully automatically, and we describe our tool Carpa that follows this technique.  ...  Acknowledgement We want to thank Bas Joosten for his contribution to Theorem 7.  ... 
doi:10.1017/s0960129518000221 fatcat:gbj6elu7kreo5dunggttvv6m64

Foreword: special issue on term and graph rewriting

2018 Mathematical Structures in Computer Science  
Rewriting techniques constitute a foundational theory of computing science.  ...  They are being investigated for several structures, such as lambda-terms, strings, first-order terms or graphs, and have been successfully used in many areas such as programming languages, automated reasoning  ...  In the paper, Finding small counterexamples Downloaded from  ... 
doi:10.1017/s0960129518000191 fatcat:h4bmulx6wbba7mdjbnkwmhzyti

Induction in CEGAR for Detecting Counterexamples

Chao Wang, Aarti Gupta, Franjo Ivancic
2007 Formal Methods in Computer Aided Design (FMCAD'07)  
Induction has been studied in model checking for proving the validity of safety properties, i.e., showing the absence of counterexamples.  ...  In this paper, we propose the use of induction inside the counterexample guided abstraction and refinement (CEGAR) loop to prove the existence of counterexamples.  ...  However, if a count is set to some small value, standard CEGAR may find a concrete counterexample. In our experiments, a count is set to various values starting with 1, 2, 3, ...  ... 
doi:10.1109/famcad.2007.21 dblp:conf/fmcad/WangGI07 fatcat:jviiphc6enhgjhnn2kwhso26yu


May Thu Aung, Tam Thi Thanh Nguyen, Kazuhiro Ogata
2018 International Journal of Software Engineering and Computer Systems  
If the state machine has a fixed small number of reachable states, model checking is enough. Otherwise, however, it is not.  ...  We should confirm whether the state machine enjoys the guessed properties because such guessed properties may not be true properties of the state machine.  ...  ACKNOWLEDGEMENT We are grateful to the editor to handle our paper and to the anonymous reviewers to carefully read an earlier version of the paper and give us valuable comments to make it possible for  ... 
doi:10.15282/ijsecs.4.2.2018.1.0045 fatcat:awiodapf45devounbu6zynoojq

Combining Theorem Proving with Model Checking through Predicate Abstraction

Sandip Ray, Rob Sumners
2007 IEEE Design & Test of Computers  
This article presents a new approach in which model checking complements theorem proving, reducing the manual effort involved by transferring user attention from defining inductive invariants to proving rewrite  ...  This allows Discover to converge with a small set of state predicates.  ...  guided by counterexamples  ... 
doi:10.1109/mdt.2007.38 fatcat:ephzhmehnjdjfb7c2jz4fzjeje

Testing with model checkers: a survey

Gordon Fraser, Franz Wotawa, Paul E. Ammann
2009 Software testing, verification & reliability  
Normally, these counterexamples are meant to guide an analyst when searching for the root cause of a property violation. They are, however, also very useful as test cases.  ...  Model checkers are formal verification tools, capable of providing counterexamples to violated properties.  ...  ACKNOWLEDGEMENTS Thanks to Paul Black for providing useful suggestions, and to Sanjai Rayadurgam for helpful explanations.  ... 
doi:10.1002/stvr.402 fatcat:d5l5gldrfjcgrkknu4kzfsapnu

Explaining the Effectiveness of Small Refinement Heuristics in Program Verification with CEGAR [chapter]

Tachio Terauchi
2015 Lecture Notes in Computer Science  
In this paper, we investigate the effectiveness of the small refinement heuristic which, for abstraction refinement in CEGAR, uses (the predicates in) a small proof of the given counterexample's spuriousness  ...  Safety property (i.e., reachability) verification is undecidable for Turing-complete programming languages.  ...  We thank the anonymous reviewers for useful comments. This work was supported by MEXT Kakenhi 26330082 and 25280023, and JSPS Core-to-Core Program, A.Advanced Research Networks.  ... 
doi:10.1007/978-3-662-48288-9_8 fatcat:3frpigwafnan5ff7mjlgpdl4ty

Twenty Years Later [chapter]

Jean-Pierre Jouannaud
2005 Lecture Notes in Computer Science  
Back in the late 80s, many of us feared that this would soon be the case, that research in rewrite systems was deepening the gap with everyday's computer science practice, and that we should develop rewrite-based  ...  In return, our field has been renewed by new problems and techniques coming from outside our small community. I am convinced that this will continue, and that new subject areas will join the journey.  ...  It is also related to the need of an abstract investigation of the fundamental properties of term rewriting formats  ... 
doi:10.1007/978-3-540-32033-3_27 fatcat:6xggpx3i7ve7rfewekdb4vfiv4

Comparing Abstraction Refinement Algorithms

Dennis Dams
2003 Electronical Notes in Theoretical Computer Science  
We present a generic algorithm that provides a unifying scheme for the comparison of abstraction refinement algorithms.  ...  We argue that the generic algorithm does not limit the completeness of instances, and show that the proposed generalization of counterexamples is necessary for completeness -thus addressing a shortcoming  ...  Acknowledgement Kedar Namjoshi and the anonymous referees are thanked for their suggestions.  ... 
doi:10.1016/s1571-0661(05)80003-9 fatcat:54trg5hicjbvbmtyurehm4w7ey

Interpolant-Based Transition Relation Approximation [chapter]

Ranjit Jhala, K. L. McMillan
2005 Lecture Notes in Computer Science  
We present an interpolant-based method for strengthening the abstract transition relation in case of such failures.  ...  For this reason, software model checkers typically use a weak approximation of the image. This can result in a failure to prove a property, even given an adequate set of predicates.  ...  Thus it can easily generate refinements not relevant to the property. The interpolation-based method does not use abstract counterexamples.  ... 
doi:10.1007/11513988_6 fatcat:vg7xqj5olfcknfyyqbz53cqmxa

TravMC2: higher-order model checking for alternating parity tree automata

Robin P. Neatherway, C.-H. Luke Ong
2014 Proceedings of the 2014 International SPIN Symposium on Model Checking of Software - SPIN 2014  
HORS are a natural abstract model of functional programs, and HORS model checkers play a similar rôle to checkers of Boolean programs in the imperative setting.  ...  Most research effort so far has focused on checking safety properties specified using trivial tree automata i.e. Büchi tree automata all of whose states are final.  ...  Acknowledgments We would like to thank Koichi Fujima and Naoki Kobayashi for their help benchmarking against the TRECS-APT tool, and Steven Ramsay for helpful discussions.  ... 
doi:10.1145/2632362.2632381 dblp:conf/spin/NeatherwayO14 fatcat:23hdd6axrrbg5ox6qpqqvrqvgi

Computing Over-Approximations with Bounded Model Checking

Daniel Kroening
2006 Electronical Notes in Theoretical Computer Science  
Bounded Model Checking (BMC) searches for counterexamples to a property φ with a bounded length k. If no such counterexample is found, k is increased.  ...  The algorithm uses proof-based abstraction refinement to remove spurious counterexamples.  ...  If the abstract counterexample is used for refinement, the process is known as the Counterexample Guided Abstraction Refinement framework, or CEGAR for short [19, 2, 9, 15, 28] .  ... 
doi:10.1016/j.entcs.2005.07.021 fatcat:miuzjm6fhncg7ffg7ookmbatji

Generalized counterexamples to liveness properties

Gadi Aleksandrowicz, Jason Baumgartner, Alexander Ivrii, Ziv Nevo
2013 2013 Formal Methods in Computer-Aided Design  
While useful in various ways even for safety properties, the length of a generalized liveness counterexample may be exponentially shorter than that of a concrete counterexample, entailing significant potential  ...  We consider generalized counterexamples in the context of liveness property checking.  ...  reasonably-small values of k.  ... 
doi:10.1109/fmcad.2013.6679407 fatcat:htusqfkdxfcgrm6h6bkubuo6m4

Lineage-driven Fault Injection

Peter Alvaro, Joshua Rosen, Joseph M. Hellerstein
2015 Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data - SIGMOD '15  
If fault-tolerance bugs exist for a particular configuration, MOLLY finds them rapidly, in many cases using an order of magnitude fewer executions than random fault injection.  ...  Otherwise, MOLLY certifies that the code is bug-free for that configuration.  ...  Green, Pat Helland, and Ras Bodik for enlightening conversations while we developed MOLLY.  ... 
doi:10.1145/2723372.2723711 dblp:conf/sigmod/AlvaroRH15 fatcat:xp7hcc2nizburf7jitql3xqvly

Implementation of LMNtal Model Checkers: a Metaprogramming Approach.

Yutaro Tsunekawa, Taichi Tomioka, Kazunori Ueda
2018 Journal of Object Technology  
In this paper, we design a framework for implementing extendable model checkers. First, we define first-class rewrite rules to extend a modeling language.  ...  LMNtal is a modeling language based on hierarchical graph rewriting, and its implementation SLIM features state space search and an LTL model checker.  ...  The authors would like to thank anonymous reviewers for their useful comments and pointers to the literature.  ... 
doi:10.5381/jot.2018.17.1.a1 fatcat:ww5em4udwzfoplhbvbzyml6dse
« Previous Showing results 1 — 15 out of 5,626 results