1. 
Title: 
Verification of a Generic Consensus Protocol
with PROMELA/SPINan Exercise in Specification and Verification 

Author: 
Jiang Liu 

Abstract: 
In this study, a generic consensus protocol proposed by Mostefaoui and
Raynal is verified with PROMELA/SPIN  a popular specification and model
checking suite. The correctness of the model and the protocol are
summarized in six properties, which are expressed in either Linear Temporal Logic
formulae or assert conditions. Due to the shortage of the computational
resources, the verification is partially completed without finding any
error. The PROMELA language is found to be expressive and well suited for specifying
asynchronous systems; the SPIN model checker appears more capable in finding
an error than in fully verifying a system.


Report: 
postscript (675 kB)
compressed postscript (??kB) 

2. 
Title: 
AutomataTheoretic Model Checking and
Situation Calculus 

Author: 
Yilan Gu 

Abstract: 
In this paper we study the relationship between one kind of approach of
modelchecking  automatatheoretic approach  and one kind of powerful
description language  situation calculus which can be used to model dynamic
systems. By developing basic action theory for any given Buchi automaton,
we merge automatatheoretic approach into situation calculus and GOLOG.
We also make a few observations of the benefot and reason for doing so.


Report: 
postscript (204 kB)
compressed postscript (??kB) 

3. 
Title: 
Modeling and Verifying
a Price Model for Congestion Control in Computer Networks Using PROMELA/SPIN 

Authors: 
Clement Yuen and Wei Tjioe 

Abstract: 
Congestion control is an important research area in computer networks.
Using PROMELA/SPIN, we verified that priority pricing schemes can be used
to effectively control network congestion. This is realized through simulation/verification
of the propositions that the use of priority pricing (i) results in an
equilibrium state in packet allocation, and (ii) effectively controls congestion
level through dynamic adjustment of prices. We also extended these propositions
in order to verify the convergence property of such an equilibrium. This
particular result would be difficult to verify with existing network simulation
tools.


Report: 
postscript (642 kB)
compressed postscript (??kB) 

4. 
Title: 
Test Generation Using Model Checking 

Author: 
Hung Tran 

Abstract: 
Testing in the software industry is, in general, an ad hoc task.
There are guidelines to follow but in most cases they do not cover sufficient
portions of the software product. Recent work has been done to automatically
generate test cases such that designers are no longer responsible for desining
the test cases but ensuring that the specification of the software is valid.
These formal specifications are then used as inputs into the automatic
test generation tool. The results of the tool would be a set of test
cases that do a better job at covering the range of tesets than current
nonautomated methodologies. In this paper we survey a few such techniques
that use model checking technologys as the test generation engine.
There are two areas of interest we intend to cover. First is the
actual test generation. We discuss a couple techniques that alter
the specification to force the model checker to output counterexamples
that are then used as test cases for the software application. Second
we examine a few methods that attack automated generation from a state
space perspective/ The specifications that are designed for practical
industrial products typically contain far too many states for the model
checker to verify to completion. These methods attempt to reduce
the state space while maintaining sufficient details that make test generation
still possible.


Report: 
PDF (191 kB)
compressed postscript (??kB) 

5. 
Title: 
MultiValued Symbolic LTL Model Checker 

Author: 
Wendy Liu 

Abstract: 
In the classical logic framework, studies of symbolic LTL (Linear Temporal
Logic} model checking has been done. This naturally leads to the extension
of model checking to multivalued temporal logics. In this paper,
we will first review the approach used by classical symbolic LTL model
checker and the basic syntax and semantics of multivalued logics, then
explore the multivalued LTL model checking using similar approach. The
resulting algorithm can be applied to any multivalued logic whose
truth values form a quasiboolean lattice. We assume that readers are familiar
with symbolic model checking.


Report: 
postscript (181 kB)
compressed postscript (??kB) 

6. 
Title: 
A Survey of Graphbased Algorithms
in Software Model Checking> 

Author: 
Arie Gurfinkel 

Abstract: 
In this paper we survey different graphbased algorithms that can be used
to solve the automatatheoretic modelchecking problem. We concentrate
on existing depthfirst search algorithms to locate stronglyconnected
components, and describe different optimization and approximation techniques
that can be utilized in conjunction with them. We also suggesthow a breadthfirst
search can be used as a replacement to depthfirst search in order to minimize
the length of the error trace.


Report: 
postscript (192 kB)
compressed postscript (??kB) 

7. 
Title: 
Specification and Verification of
the Elevator Case Study Using SCR 

Author: 
Kenneth Cheung 

Abstract: 
Model checking analysis can improve the correctness of tabular software
specification. SoftwareSpecification defines what the system does.
This documentation used in each stage of software engineering. The
design of the software will base on what software specification state.
Code development and test evaluate according to the software specifiation.
These usages show the importance of software specification. The correctness
of the specification can affect the quality of the software directly.
Formal method has been introduced to improve the correctness of the software
specification. But, the requirement of most of the formal method
technique requires mathematical training or theorem proving skills becomes
thebarrier towards practical use. Tabular motation is introduced
to break this barrier. It tries to abstract the property of what
the system does rather than formalize all the information. This notation
requires less mathematical training or theorem proving skills, but the
power of formality decrease. SCR (Software Cost Reductin) is a tabular
notation, which have a tool call SCRTool. This tool has a feature
called verifier, which allow the tabular specification convert to formal
specification for spin to check safety critical and libeness property.
Thus, the power of formality maintained and practival usability increased.
In this prject, a case study for a twofloor elebator is used to try out
this feature.


Report: 
PDF (3.3 MB)
compressed postscript (??kB) 
