Scott A. Smolka

CCS expressions finite state processes, and three problems of equivalence

Abstract We examine the computational complexity of testing finite state processes for equivalence in Milners Calculus of Communicating Systems (CCS). The equivalence problems in CCS are presented as refinements of the familiar problem of testing whether two nondeterministic finite automata (NFA) are equivalent, i.e., accept the same language. Three notions of equivalence proposed for CCS are investigated, namely, observational equivalence, strong observational equivalence , and failure equivalence . We show that observational equivalence can be tested in polynomial time. As defined in CCS, observational equivalence is the limit of a sequence of successively finer equivalence relations, ≈ k , where ≈ 1 is nondeterministic finite automaton equivalence. We prove that, for each fixed k , deciding ≈ k is PSPACE-complete. We show that strong observational equivalence can be decided in polynomial time by reducing it to generalized partitioning , a new combinatorial problem of independent interest. Finally, we demonstrate that testing for failure equivalence is PSPACE-complete, even for a very restricted type of process.

Reactive, generative, and stratified models of probabilistic processes

Abstract We introduce three models of probabilistic processes, namely, reactive, generative, and stratified. These models are investigated within the context of PCCS, an extension of Milner′s SCCS in which each summand of a process summation expression is guarded by a probability and the sum of these probabilities is 1. For each model, we present a structural operational semantics of PCCS and a notion of bisimulation equivalence which we prove to be a congruence. We also show that the models form a hierarchy: the reactive model is derivable from the generative model by abstraction from the relative probabilities of different actions, and the generative model is derivable from the stratified model by abstraction from the purely probabilistic branching structure. Moreover, the classical nonprobabilistic model is derivable from each of these models by abstraction from all probabilities.

Efficient Model Checking Using Tabled Resolution

We demonstrate the feasibility of using the XSB tabled logic programming system as a programmable fixed-point engine for implementing efficient local model checkers. In particular, we present XMC, an XSB-based local model checker for a CCS-like value-passing language and the alternation-free fragment of the modal mu-calculus. XMC is written in under 200 lines of XSB code, which constitute a declarative specification of CCS and the modal mu-calculus at the level of semantic equations.

Equivalences, Congruences, and Complete Axiomatizations for Probabilistic Processes

We study several notions of process equivalence—viz. trace, failure, ready, and bisimulation equivalence—in the context of probabilistic labeled transition systems. We show that, unlike nondeterministic transition systems, “maximality” of traces and failures does not increase the distinguishing power of trace and failure equivalence, respectively. Thus, in the probabilistic case, trace and maximal trace equivalence coincide, and failure and ready equivalence coincide.

Composition and behaviors of probabilistic I/O automata

Abstract We augment the I/O automaton model of Lynch and Tuttle with probability, as a step toward the ultimate goal of obtaining a useful tool for specifying and reasoning about asynchronous probabilistic systems. Our new model, called probabilistic I/O automata , preserves the fundamental properties of the I/O automaton model, such as the asymmetric treatment of input and output and the pleasant notion of asynchronous composition. For certain classes of probabilistic I/O automata, we show that probabilistic behavior maps , which are an abstract representation of I/O automaton behavior in terms of a certain expectation operator, are compositional and fully abstract with respect to a natural notion of probabilistic testing.

Monte carlo model checking

We present MC2, what we believe to be the first randomized, Monte Carlo algorithm for temporal-logic model checking. Given a specification S of a finite-state system, an LTL formula ϕ, and parameters e and δ, MC2 takes M = ln (δ) / ln (1 – e) random samples (random walks ending in a cycle, i.e lassos) from the Buchi automaton B=BS ×B¬ϕ. to decide if L(B) = ∅. Let pZ be the expectation of an accepting lasso in B. Should a sample reveal an accepting lasso l, MC2 returns false with l as a witness. Otherwise, it returns true and reports that the probability of finding an accepting lasso through further sampling, under the assumption that pZ ≥ e, is less than δ. It does so in time O(MD) and space O(D), where D is Bs recurrence diameter, using an optimal number of samples M. Our experimental results demonstrate that MC2 is fast, memory-efficient, and scales extremely well.

CCS expressions, finite state processes, and three problems of equivalence

We examine the computational complexity of testing finite state processes for equivalence, in the Calculus of Communicating Systems (CCS). This equivalence problem in CCS is presented as a refinement of the familiar problem of testing whether two nondeterministic finite state automata (n.f.s.a.) accept the same language. Three notions of equivalence, proposed for CCS, are investigated: (1) observation equivalence, (2) congruence, and (3) failure equivalence. We show that observation equivalence (@@@@) can be tested in cubic time and is the limit of a sequence of equivalence notions (@@@@<subscrpt><italic>k</italic></subscrpt>), where, @@@@<subscrpt>1</subscrpt> is the familiar n.f.s.a. equivalence and, for each fixed <italic>k</italic>, @@@@<subscrpt><italic>k</italic></subscrpt> is PSPACE-complete. We provide an <italic>O</italic>(<italic>nlogn</italic>) test for congruence for <italic>n</italic> state processes of bounded fanout, by extending the algorithm that minimizes the states of d.f.s.a.s. Finally, we show that, even for a very restricted type of process, testing for failure equivalence is PSPACE-complete.

Axiomatizing probabilistic processes: ACP with generative probabilities

This paper is concerned with finding complete axiomatizations of probabilistic processes. We examine this problem within the context of the process algebra ACP and obtain as our end-result the axiom system prACP I −- , a probabilistic version of ACP which can be used to reason algebraically about the reliability and performance of concurrent systems. Our goal was to introduce probability into ACP in as simple a fashion as possible. Optimally, ACP should be the homomorphic image of the probabilistic version in which the probabilities are forgotten.

Incremental Model Checking in the Modal Mu-Calculus

We present an incremental algorithm for model checking in the alternation-free fragment of the modal mu-calculus, the first incremental algorithm for model checking of which we are aware. The basis for our algorithm, which we call MCI (for Model Checking Incrementally), is a linear-time algorithm due to Cleaveland and Steffen that performs global (non-incremental) computation of fixed points. MCI takes as input a set δ of change) to the labeled transition system under investigation, where a change constitutes an inserted or deleted transition; with virtually no additional cost, inserted and deleted states can also be accommodated. Like the Cleaveland-Steffen algorithm, MCI requires time linear in the size of the LTS in the worst case, but only time linear in δ in the best case. We give several examples to illustrate MCI in action, and discuss its implementation in the Concurrency Factory, an interactive design environment for concurrent systems.

Model repair for probabilistic systems

We introduce the problem of Model Repair for Probabilistic Systems as follows. Given a probabilistic system M and a probabilistic temporal logic formula φ such that M fails to satisfy φ, the Model Repair problem is to find an M′ that satisfies v and differs from M only in the transition flows of those states in M that are deemed controllable. Moreover, the cost associated with modifying Ms transition flows to obtain M′ should be minimized. Using a new version of parametric probabilistic model checking, we show how the Model Repair problem can be reduced to a nonlinear optimization problem with a minimal-cost objective function, thereby yielding a solution technique. We demonstrate the practical utility of our approach by applying it to a number of significant case studies, including a DTMC reward model of the Zeroconf protocol for assigning IP addresses, and a CTMC model of the highly publicized Kaminsky DNS cache-poisoning attack.