Section: New Results

Model-based Verification

We have investigated extensions of regular model-checking to new classes of rewrite relations on trees. We have studied specification and proof of modular imperative programs.

Safety Verification Techniques with Regular Fixpoint Computations

Participants : Roméo Courbis, Pierre-Cyrille Héam, Olga Kouchnarenko.

Term rewriting systems are now commonly used as a modelling language for programs or systems. On those rewriting based models, reachability analysis, i.e. proving or disproving that a given term is reachable from a set of input terms, provides an efficient verification technique. Many recent works have shown the relevance of regular approximation techniques to tackle in practice undecidable reachability problems.

We propose in [42] to exploit rewriting approximations developped in  [87] for analysing properties of CCS specifications (without renaming). The approach has been implemented and used to verify properties of the Alternating Bit Protocol and of hardware components specifications expressed as CCS processes.

Rewriting-based Mathematical Model Transformations

Participant : Alain Giorgetti.

We have initiated a collaboration with the Department “Temps-Fréquence” of the FEMTO-ST institute (Franche-Comté Electronique Mécanique Thermique et Optique - Sciences et Technologies, CNRS UMR 6174) on the formalization of multiscale methods for MEMS arrays. Multiscale methods provide a solution for the simulation of large MEMS arrays, by approximating their mathematical model. The resulting approximated model can be rigorously derived from the exact one through a sequence of formal transformations that differs for each case. A great challenge is to generalize these formal computations and to automate them, at least in part. This exploratory research has been supported in 2011 by the University of Franche-Comté with a BQR (Research Quality Bonus) of 5000 euros, and by the CASSIS project with a 6 months post-doctoral position. A first contribution is the design of a rule-based transformation language and its implementation as a Maple package [72] . A second contribution is the specification of lazy rewriting modulo associativity and commutativity [29] .

For a more scalable treatment of linearity we plan in a near future to detect the scalar nature of mathematical terms by assigning a type to each expression and then to develop a type-checker. We also plan to guide computation by goals, i.e. to adapt reachability analysis to mathematical models.

Algorithms for Tree Walking Automata

Participants : Pierre-Cyrille Héam, Vincent Hugot, Olga Kouchnarenko.

Tree walking automata are widely used to tackle data base algorithmic problems, particularly to analyse queries over XML documents. The emptiness problem for tree walking automata is known to be EXPTIME-complete. The general algorithm to solve this problem consists in transforming the tree walking automaton into a classical top-down tree automaton. The best known algorithm in the literature works in time $O\left(s{2}^{n^2}\right)$ where $n$ is the number of states of the tree walking automaton, and $s$ is the size of the alphabet. In [52] we proposed a new algorithm based on an overloop concept and working in time $O\left(2^{n^2}\right)$. Then we improved our approach for deterministic tree walking automata to have in this case a $O\left(2^{nlogn}\right)$ time complexity. Finally, we also proposed a polynomial-time approximation based semi-algorithm for the emptiness problem, providing very promising experimentations.

Verification of Linear Temporal Patterns over Finite and Infinite Traces

Participants : Pierre-Cyrille Héam, Vincent Hugot, Olga Kouchnarenko.

In the regular model-checking framework, reachability analysis can be guided by temporal logic properties, for instance to achieve the counter example guided abstraction refinement (CEGAR) objectives. A way to perform this analysis is to translate a temporal logic formula expressed on maximal rewriting words into a “rewrite proposition” – a propositional formula whose atoms are language comparisons, and then to generate semi-decision procedures based on (approximations of) the rewrite proposition. In [73] we investigated suitable semantics for LTL on maximal rewriting words and their influence on the feasibility of a translation, and we proposed a general scheme providing exact results on a fragment of LTL corresponding mainly to safety formulæ, and approximations on a larger fragment.

We study in collaboration with A. Lanoix (LINA, Nantes) infinite state models of component-based systems supporting dynamic reconfigurations. To validate such complex systems, there is a need to check model consistency and also to ensure that dynamic reconfigurations satisfy integrity constraints, invariants, and also temporal constraints over reconfiguration sequences. In [55] , we proposed to check the model consistency through reconfigurations by combining proof and bounded model-checking techniques. Furthermore, in [46] we proposed to specify dynamic reconfigurations by using more complex architectural constraints and linear temporal logic patterns. As component-based systems evolve at runtime, there is a need to evaluate these properties at runtime, even if only a partial information is expected. For this purpose we introduced a new four-valued logic with potential true and potential false values; they are chosen whenever an observed behaviour has not yet led to a violation or acceptance of the property under consideration. We then implemented the runtime verification of linear temporal patterns by reusing the FPath and FScript tools  [83] .

Lower Bounds for Computing the pro-Group Closure of a Regular language

Participant : Pierre-Cyrille Héam.

The profinite topology is used in rational languages classification. In particular, several important decidability problems, related to the Malcev product, reduce to the computation of the closure of a rational language in the profinite topology. It is known that given a rational language by a deterministic automaton, computing a deterministic automaton accepting its profinite closure can be done with an exponential upper bound. We prove in [23] that this upper bound is also a worst case lower bound if the alphabet contains at least three letters.