Formal Aspects of Computing最新文献

{"title":"ω-Regular Energy Problems","authors":"S. Dziadek, Ulrich Fahrenberg, Philipp Schlehuber","doi":"10.1145/3678265","DOIUrl":"https://doi.org/10.1145/3678265","url":null,"abstract":"We show how to efficiently solve problems involving a quantitative measure, here called energy, as well as a qualitative acceptance condition, expressed as a Büchi or Parity objective, in finite weighted automata and in one-clock weighted timed automata. Solving the former problem and extracting the corresponding witness is our main contribution and is handled by a modified version of the Bellman-Ford algorithm interleaved with Couvreur’s algorithm. The latter problem is handled via a reduction to the former relying on the corner-point abstraction. All our algorithms are freely available and implemented in a tool based on the open-source platforms TChecker and Spot.","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.4,"publicationDate":"2024-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141828007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Calculus for the Specification, Design, and Verification of Distributed Concurrent Systems","authors":"Manfred Broy","doi":"10.1145/3672085","DOIUrl":"https://doi.org/10.1145/3672085","url":null,"abstract":"<p>A calculus for the specification and verification of distributed concurrent interactive real time systems is introduced. Systems are specified by their interface behavior formalized by interface predicates and interface assertions. System designs in terms of architectures of distributed networks of interactive systems are constructed by concurrent composition of subsystems. The specification of system designs is calculated from the specifications of their subsystems. Verification is done by proof rules which are based on the concepts of causality and realizability justified by the operational model in terms of generalized Moore machines, Moore machines not restricted to finite state spaces. The calculus supports interface specification and reasoning both about untimed as well as timed distributed concurrent systems. This includes the design of cyber-physical systems. Real-time is used, in particular, to specify time sensitive behavior and to prove properties related to causality and realizability, properties which hold for all Moore machines. On this basis, a calculus is worked out and illustrated by small examples. The calculus is shown to be sound and relatively complete.</p>","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141503315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Does Every Computer Scientist Need to Know Formal Methods?","authors":"Manfred Broy, Achim Brucker, Alessandro Fantechi, Mario Gleirscher, Klaus Havelund, M. Kuppe, Alexandra Mendes, André Platzer, Jan Ringert, Allison Sullivan","doi":"10.1145/3670795","DOIUrl":"https://doi.org/10.1145/3670795","url":null,"abstract":"We focus on the integration of Formal Methods as mandatory theme in any Computer Science University curriculum. In particular, when considering the ACM Curriculum for Computer Science, the inclusion of Formal Methods as a mandatory Knowledge Area needs arguing for why and how does every computer science graduate benefit from such knowledge. We do not agree with the sentence “While there is a belief that formal methods are important and they are growing in importance, we cannot state that every computer science graduate will need to use formal methods in their career.” We argue that formal methods are and have to be an integral part of every computer science curriculum. Just as not all graduates will need to know how to work with databases either, it is still important for students to have a basic understanding of how data is stored and managed efficiently. The same way, students have to understand why and how methods work, what their formal background is, and how they are justified. No engineer should be ignorant of the foundations of their subject and the formal methods based on these. In this paper, we aim to highlight why every computer scientist needs to be familiar with formal methods. We argue that education in formal methods plays a key role by shaping students' programming mindset, fostering an appreciation for underlying principles, and encouraging the practice of thoughtful program design and justification, rather than simply writing programs without reflection and deeper understanding. Since integrating formal methods into the computer science curriculum is not a straightforward process, we explore the additional question: what are the trade-offs between one dedicated knowledge area of formal methods in a computer science curriculum versus having formal methods scattered across all knowledge areas? Solving problems while designing software and software-intensive systems demands an understanding of what is required, followed by a specification and formalizing a solution in a programming language. How to do this systematically and correctly on solid grounds is exactly the supported by Formal Methods.","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141361913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Specification and Verification of Multi-clock Systems using a Temporal Logic with Clock Constraints","authors":"Yuanrui Zhang, Frederic Mallet, Min Zhang, Zhiming Liu","doi":"10.1145/3670794","DOIUrl":"https://doi.org/10.1145/3670794","url":null,"abstract":"The polychronous or multi-clock paradigm is adequate to model large distributed systems where achieving a full timed synchronization is not only very costly, but also often not necessary. It concerns systems made of a set of components with loose synchronization constraints. We study an approach where those components are orchestrated using logical clocks, made popular by L. Lamport and synchronous languages. The temporal and causal specification of those systems is built by defining a set of clock relations that would constrain the instant when clocks can tick or must not tick, thus defining families of valid schedules. In this paper, we propose a specification language, called LTLc /CCSL, for specifying temporal properties of multi-clock systems. While traditional temporal logics (LTL, MTL, CTL*), whether linear or branching, rely on a global step, our language, LTLc /CCSL, builds a partial order on logical clocks, thus allowing both a hierarchical approach based on refinement of clock hierarchies, and compositionality as what happens in one clock domain may remain largely independent of what may happen in other domains. This good property helps preserve the properties without requiring to perform the proofs again. An LTLc /CCSL specification consists of a clock temporal logic LTLc, accompanied with a clock calculus called CCSL for specifying clock relations. We build the syntax and semantics of LTLc and link its semantics with CCSL. After that we mainly focus on the verification aspect of LTLc /CCSL specifications using model checking technique. We show how LTLc /CCSL can be used for specifying multi-clock systems with an example.","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141368042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SMT based parameter identifiable combination detection for non-linear continuous and hybrid dynamics","authors":"Devleena Ghosh, C. Mandal","doi":"10.1145/3665920","DOIUrl":"https://doi.org/10.1145/3665920","url":null,"abstract":"Parameter identifiability is an important aspect of parameter estimation of dynamic system modelling. Several methods exist to determine identifiability of parameter sets using the model definition and analysis of experimental data. There is also the possibility of some parameters being independently unidentifiable but forming identifiable parameter combinations. These identifiable parameter combinations are useful in model reparameterisation to estimate parameters experimentally. Multiple numerical and algebraic methods exist to detect identifiable parameter combinations of dynamic system models represented as ordinary differential equations (ODE). Local identifiability analysis of hybrid system models are available in the literature. However, methods for structural identifiability analysis and identifiable combination detection for hybrid systems are not explored. Here, we have developed a parameter identifiable combination detection method for non-linear hybrid systems along with ODE systems using an SMT based parameter space exploration method. For higher dimensional systems and larger parameter space, SMT based approaches may easily become computationally intractable. This problem has been mitigated to a large extent by heuristically limiting the parameter space to be explored, using Gaussian process regression and gradient based approaches. The developed method has been demonstrated for some simple hybrid models, biochemical models of ODE systems and non-linear hybrid systems.","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141375769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Trace Semantics for C++11 Memory Model","authors":"Lili Xiao, Huibiao Zhu, Sini Chen, Mengda He, Shengchao Qin","doi":"10.1145/3670696","DOIUrl":"https://doi.org/10.1145/3670696","url":null,"abstract":"<p>The C and C++ languages introduced the relaxed-memory concurrency into the language specification for efficiency purposes in 2011. </p><p>Trace semantics can provide the mathematical foundation for the proposed C++11 memory model, and there is a lack of investigation of trace semantics for C++11. </p><p>The Promising Semantics (PS) of Kang et al. provides the standard SC-style operational semantics for the C++11 concurrency model, where “SC” refers to “Sequential Consistency”. Inspired by PS, in this paper we first investigate the trace semantics for the relaxed read and write accesses under C++11, acting in the denotational semantics style. In our semantic model, a trace is in the form of a sequence of snapshots, and the snapshots record the modification in the relevant global or local variables, and the thread view. Moreover, the trace semantics for the release/acquire accesses under C++11 is also explored, based on the separated thread views and newly added message views. </p><p>When considering this trace model, different accesses bring in their unique snapshots, and make distinguished effects on the production of the sequences. </p><p>For any given program, the proposed trace semantics in this paper produces all the valid traces directly. Further, our trace semantics, together with that for TSO and MCA ARMv8, has the possibility to be the foundation of the meta model of the trace semantics for weak memory models.</p>","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141259170","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SecCT: Secure and scalable count query models on encrypted genomic data","authors":"Yanguo Peng, Rongqiao Liu, Jingjing Guo, Xiyue Gao, Luyuan Huang, Yaofeng Tu","doi":"10.1145/3670697","DOIUrl":"https://doi.org/10.1145/3670697","url":null,"abstract":"<p>Recently, due to the continued reduction in DNA sequencing cost, large-scale genetic samples are being gathered for accelerating predispositions to specific diseases, tailoring treatment of efficient drugs and therapies, etc. Massive genetic samples are encrypted-and-then-delegated to a public cloud to both save investment and maintenance costs and prevent the potential leakage of sensitive information. However, such a manner compromises the serviceability of a public cloud, since encryption inevitably breaks the semantic information of genetic samples. Secure count query of single-nucleotide polymorphisms (SNPs), as a kernel component for GWASs and related genomic analysis, is attracting much more attention. </p><p>Existing methods lack provable security, suffer low efficiency caused by multiple interactions with the cloud, etc. In this paper, a secure virtual CT-Tree (secure vCT-Tree) is carefully constructed to confuse the tree structure by introducing a hash function and a Paillier system. Furthermore, by delegating the secure vCT-Tree to the cloud, concrete models (i.e., SecCT and SecCT+) are presented to resolve secure count query problems on-the-fly. SecCT+ is a solution based on trusted execution environment while SecCT is a pure software solution. Both models advance the provable security of genetic research and are proven to be secure under the adaptive chosen keyword (query) attack (IND-CKA2) model. Furthermore, massive experiments are evaluated on realistic data to show the superiority of SecCT and SecCT+.</p>","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141259318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On Formal Methods Thinking in Computer Science Education","authors":"Brijesh Dongol, Catherine Dubois, Stefan Hallerstede, Eric Hehner, Carroll Morgan, Peter Müller, Leila Ribeiro, Alexandra Silva, Graeme Smith, Erik de Vink","doi":"10.1145/3670419","DOIUrl":"https://doi.org/10.1145/3670419","url":null,"abstract":"<p>Formal Methods (FM) radically improve the quality of the code artefacts they help to produce. They are simple, probably accessible to first-year undergraduate students and certainly to second-year students and beyond. Nevertheless, in many cases, they are not part of a general recommendation for course curricula, i.e., they are not taught — and yet they are valuable. </p><p>One reason for this is that teaching “Formal Methods” is often confused with teaching logic and theory. This paper advocates what we call <i>FM thinking</i>: the application of <underline>ideas</underline> from <i>Formal</i> Methods applied in informal, lightweight, practical and accessible ways. And we will argue here that <i>FM thinking</i> should be part of the recommended curriculum for every Computer Science student. For even students who train only in that “thinking” will become much better programmers. But there will be others who, exposed to those ideas, will be ideally positioned to go further into the more theoretical background: why the techniques work; how they can be automated; and how new ones can be developed. Those students would follow subsequently a specialised, more theoretical stream, including topics such as semantics, logics, verification and proof-automation techniques.</p>","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141194465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"FuSeBMC v4: Improving code coverage with smart seeds via BMC, fuzzing and static analysis","authors":"Kaled Alshmrany, Mohannad Aldughaim, Ahmed Bhayat, Lucas Cordeiro","doi":"10.1145/3665337","DOIUrl":"https://doi.org/10.1145/3665337","url":null,"abstract":"<p>Bounded model checking (BMC) and fuzzing techniques are among the most effective methods for detecting errors and security vulnerabilities in software. However, there are still shortcomings in detecting these errors due to the inability of existent methods to cover large areas in target code. We propose <i>FuSeBMC</i> v4, a test generator that synthesizes seeds with useful properties, that we refer to as <i>smart seeds</i>, to improve the performance of its hybrid fuzzer thereby achieving high C program coverage. <i>FuSeBMC</i> works by first analyzing and incrementally injecting goal labels into the given C program to guide BMC and Evolutionary Fuzzing engines. After that, the engines are employed for an initial period to produce the so–called smart seeds. Finally, the engines are run again, with these smart seeds as starting seeds, in an attempt to achieve maximum code coverage / find bugs. During seed generation and normal running, the <i>Tracer</i> subsystem aids coordination between the engines. This subsystem conducts additional coverage analysis and updates a shared memory with information on goals covered so far. Furthermore, the <i>Tracer</i> evaluates test-cases dynamically to convert cases into seeds for subsequent test fuzzing. Thus, the BMC engine can provide the seed that allows the fuzzing engine to bypass complex mathematical guards (e.g., input validation). As a result, we received three awards for participation in the fourth international competition in software testing (Test-Comp 2022), outperforming all state-of-the-art tools in every category, including the coverage category.</p>","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141152999","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Using Multi-dimensional Quorums for Optimal Resilience in Multi-resource Blockchains","authors":"Yucheng Sun, Ruomu Hou, Haifeng Yu","doi":"10.1145/3665338","DOIUrl":"https://doi.org/10.1145/3665338","url":null,"abstract":"<p>Permissionless blockchains commonly use resource challenges to defend against sybil attacks. For example, popular resource challenge designs include Proof-of-Work and Proof-of-Stake. It is well-known that simultaneously exploiting multiple resources can help make a permissionless blockchain more robust. For example, combining PoW and PoS can help to keep a blockchain secure, even when the attacker controls more than 50% of the computational power in the system. </p><p>While there have been existing efforts for combining multiple resources in blockchains, they only provide partial solutions. Specifically, it is currently still unclear <i>how to combine PoW and PoS, or multiple resources in general, to achieve optimal resilience</i>. Here by <i>optimal resilience</i>, we mean that the blockchain can tolerate every <i>security region</i>, unless that security region is proven to be impossible to tolerate. Existing designs are not able to achieve such optimal resilience. </p><p>As our central contribution, this work proposes the novel design and formal security analysis of a blockchain protocol that combines PoS and PoW, which can be further generalized to multiple resources. Our blockchain is the <i>very first</i> blockchain that can achieve <i>optimal resilience</i>. Our design also overcomes a common tricky issue of PoW difficulty adjustment in previous designs. We have further implemented a research prototype of our blockchain design, and experimentally demonstrated its good end-to-end performance.</p>","PeriodicalId":50432,"journal":{"name":"Formal Aspects of Computing","volume":null,"pages":null},"PeriodicalIF":1.0,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141063912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}