Universal Guards, Relativization of Quantifiers, and Failure Models in Model Checking Modulo Theories

Alberti, Francesco; Ghilardi, Silvio; Pagani, Elena; Ranise, Silvio; Rossi, Gian Paolo

doi:10.3233/sat190087

Cited by 18 publications

(35 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Later, many different works addressing various classes of infinite-state systems and/or parameterised topologies have been published, using combinations of approaches, often including predicate abstraction and SMT satisfiability (e.g. [1,16,20,21,25]). With respect to these, we use symbolic representations not only to get a finite representation of infinite spaces, but also to express the (data-sensitive) synchronisations with the environment, making our models suitable for compositional verification.…”

Section: Related Workmentioning

confidence: 99%

Verification of Concurrent Design Patterns with Data

Bliudze

Henrio

Madelaine

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We provide a solution for the design of safe concurrent systems by compositional application of verified design patterns-called architectures-to a small set of functional components. To this end, we extend the theory of architectures developed previously for the BIP framework with the elements necessary for handling data: definition and operations on data domains, syntax and semantics of composition operators involving data transfer. We provide a set of conditions under which composition of architectures preserves their characteristic safety properties. To verify that individual architectures do enforce their associated properties, we provide an encoding into open pNets, an intermediate model that supports SMT-based verification. The approach is illustrated by a case study based on a previously developed BIP model of a nanosatellite on-board software.

show abstract

Section: Related Workmentioning

confidence: 99%

Verification of Concurrent Design Patterns with Data

Bliudze

Henrio

Madelaine

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…The minimal requirement for the mechanization of this procedure is the decidability of the satisfiability modulo T n RBAC of formulae of the form (7). That this is indeed the case can be seen by a reduction to the satisfiability problem of formulae in the Bernays-Shönfinkel-Ramsey (BSR) class [25], which is wellknown to be decidable.…”

Section: Symbolic Reachability Of Arbac Policiesmentioning

confidence: 99%

“…The reduction consists of the following two observations. First, it is possible to re-write any instance of (7) to an equivalent BSR formula as follows. We start considering the case n = 0; by definition, (7) is I(ua 0 ) ∧ G(ua 0 ).…”

Section: Symbolic Reachability Of Arbac Policiesmentioning

confidence: 99%

“…First, it is possible to re-write any instance of (7) to an equivalent BSR formula as follows. We start considering the case n = 0; by definition, (7) is I(ua 0 ) ∧ G(ua 0 ). By assumption, I is of the form ∀x 1 .ϕ 1 (ua, x 1 ) and G is of the form ∃x 2 .ϕ 2 (ua, x 2 ) for quantifier-free formulae ϕ 1 and ϕ 2 .…”

Section: Symbolic Reachability Of Arbac Policiesmentioning

confidence: 99%

See 1 more Smart Citation

Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving1

Armando

Ranise

2012

JCS

Self Cite

View full text Add to dashboard Cite

Administrative Role Based Access Control (ARBAC) is one of the most widespread framework for the management of access-control policies. Several automated analysis techniques have been proposed to help maintaining desirable security properties of ARBAC policies. One of the main limitation of available analysis techniques is that the set of users is bounded. In this paper, we propose a symbolic framework to overcome this limitation. We design an automated analysis technique that can handle both a bounded and an unbounded number of users by adapting recent methods for the symbolic model checking of infinite state systems that use first-order logic and SMT solving techniques. An extensive experimental evaluation confirms the scalability of the proposed technique.

show abstract

“…[6,7]). The approach has been reformulated in [16,17] within the declarative context of array-based systems [34] in order to apply it to the verification of reliable broadcast algorithms [39] in a fault-tolerant environment. The declarative reformulation makes clear that monotonic abstraction can be viewed operationally as a purely symbolic manipulation applying quantifier instantiation in order to overapproximate sets of states represented via ∃ * ∀-formulae.…”

Section: Introductionmentioning

confidence: 99%

Monotonic Abstraction Techniques: from Parametric to Software Model Checking

Alberti

Ghilardi

Sharygina

2014

Electron. Proc. Theor. Comput. Sci.

Self Cite

View full text Add to dashboard Cite

Monotonic abstraction is a technique introduced in model checking parameterized distributed systems in order to cope with transitions containing global conditions within guards. The technique has been re-interpreted in a declarative setting in previous papers of ours and applied to the verification of fault tolerant systems under the so-called 'stopping failures' model. The declarative reinterpretation consists in logical techniques (quantifier relativizations and, especially, quantifier instantiations) making sense in a broader context. In fact, we recently showed that such techniques can over-approximate array accelerations, so that they can be employed as a meaningful (and practically effective) component of CEGAR loops in software model checking too. 1 c 1 to c 2 . More precisely, the abstraction kills (deletes) all the processes inside the configuration which violate the universal condition. Since the abstract transition relation is an over-approximation of the original one, proving a safety property in the abstract system implies that the property also holds in the original system." Array-Based SystemsArray-based systems were first introduced in [34]: the underlying idea is that of specifying systems of various nature using array theories like those studied in [24,25] and implemented in common SMTsolvers. Array theories are multi-sorted and very flexible; typically one has three sorts: for indexes, elements and arrays. To specify a distributed system, one can use the index sort to model processes and

show abstract

Universal Guards, Relativization of Quantifiers, and Failure Models in Model Checking Modulo Theories

Cited by 18 publications

References 20 publications

Verification of Concurrent Design Patterns with Data

Verification of Concurrent Design Patterns with Data

Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving1

Monotonic Abstraction Techniques: from Parametric to Software Model Checking

Contact Info

Product

Resources

About