Principles Of Model Checking on:
[Wikipedia]
[Google]
[Amazon]
''Principles of Model Checking'' is a textbook on
The introduction and first chapter outline the field of
Official website
2008 non-fiction books Computer science textbooks
model checking
In computer science, model checking or property checking is a method for checking whether a finite-state model of a system meets a given specification (also known as correctness). This is typically associated with hardware or software system ...
, an area of computer science
Computer science is the study of computation, automation, and information. Computer science spans theoretical disciplines (such as algorithms, theory of computation, information theory, and automation) to practical disciplines (includin ...
that automates the problem of determining if a machine meets specification requirements. It was written by Christel Baier
Christel Baier (born 26 September 1965) is a German theoretical computer science, theoretical computer scientist known for her work in model checking, temporal logic, and automata theory. She is a professor at TU Dresden, where she holds the chai ...
and Joost-Pieter Katoen, and published in 2008 by MIT Press
The MIT Press is a university press affiliated with the Massachusetts Institute of Technology (MIT) in Cambridge, Massachusetts (United States). It was established in 1962.
History
The MIT Press traces its origins back to 1926 when MIT publ ...
.
Synopsis
The introduction and first chapter outline the field of model checking
In computer science, model checking or property checking is a method for checking whether a finite-state model of a system meets a given specification (also known as correctness). This is typically associated with hardware or software system ...
: a model of a machine or process can be analysed to see if desirable properties hold. For instance, a vending machine
A vending machine is an automated machine that provides items such as snacks, beverages, cigarettes, and lottery tickets to consumers after cash, a credit card, or other forms of payment are inserted into the machine or otherwise made. The fir ...
might satisfy the property "the balance can never fall below €0,00". A video game might enforce the rule "if the player has 0 lives then the game ends in a loss". Both the vending machine and video game can be modelled as transition system
In theoretical computer science, a transition system is a concept used in the study of computation. It is used to describe the potential behavior of discrete systems. It consists of states and transitions between states, which may be labeled wit ...
s. Model checking is the process of describing such requirements in mathematical language, and automating proofs that the model satisfies the requirements, or discovery of counterexample
A counterexample is any exception to a generalization. In logic a counterexample disproves the generalization, and does so rigorously in the fields of mathematics and philosophy. For example, the fact that "John Smith is not a lazy student" is ...
s if the model is faulty.
The second chapter focuses on creating an appropriate model for concurrent systems, where multiple parts of an algorithm
In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific problems or to perform a computation. Algorithms are used as specifications for performing ...
(set of instructions) can be carried out simultaneously by different machines or parts of a machine.
Chapters 3 explores types of rules that a transition system may satisfy: linear time properties In model checking, a branch of computer science, linear time properties are used to describe requirements of a model of a computer system. Example properties include "the vending machine does not dispense a drink until money has been entered" (a saf ...
. A safety property, such as "no deadlock
In concurrent computing, deadlock is any situation in which no member of some group of entities can proceed because each waits for another member, including itself, to take action, such as sending a message or, more commonly, releasing a lo ...
states are possible", is of the form "an undesirable outcome can never occur". A liveness property, such as "a shared resource will always eventually be made available to a component that requests it", is of the form "a desirable outcome will eventually happen". Fairness properties such as "a traffic light never stops changing colour" can be used as precondition
In computer programming, a precondition is a condition or predicate that must always be true just prior to the execution of some section of code or before an operation in a formal specification.
If a precondition is violated, the effect of th ...
s i.e. assumptions from which other properties can be deduced.
The fourth chapter is about regular
The term regular can mean normal or in accordance with rules. It may refer to:
People
* Moses Regular (born 1971), America football player
Arts, entertainment, and media Music
* "Regular" (Badfinger song)
* Regular tunings of stringed instrum ...
and ω-regular language properties, and theoretical machines such as Büchi automata that model the languages. It gives model-checking algorithms to verify properties or find counterexamples.
The fifth and sixth chapters explore linear temporal logic In logic, linear temporal logic or linear-time temporal logic (LTL) is a modal temporal logic with modalities referring to time. In LTL, one can encode formulae about the future of paths, e.g., a condition will eventually be true, a condition will ...
(LTL) and computation tree logic (CTL), two classes of formula that express properties. LTL encodes requirements about paths through a system, such as "every Monopoly
A monopoly (from Greek el, μόνος, mónos, single, alone, label=none and el, πωλεῖν, pōleîn, to sell, label=none), as described by Irving Fisher, is a market with the "absence of competition", creating a situation where a speci ...
player passes 'Go' infinitely often"; CTL encodes requirements about states in a system, such as "from any position, all players can eventually land on 'Go'". CTL* formulae, which combine the two grammars, are also defined. Algorithms for model-checking formulae in these logics are given.
The seventh chapter explores formal ways to compare transition systems, such as bisimulation
In theoretical computer science a bisimulation is a binary relation between state transition systems, associating systems that behave in the same way in that one system simulates the other and vice versa.
Intuitively two systems are bisimilar if ...
; the eighth is about partial order reductions that aim to reduce the computation required to verify properties of a model. The ninth and tenth chapters are about extensions to the logics and automata previously considered, including through addition of a clock speed ( timed automata) or probabilities ( probabilistic automata, based on Markov chain
A Markov chain or Markov process is a stochastic model describing a sequence of possible events in which the probability of each event depends only on the state attained in the previous event. Informally, this may be thought of as, "What happen ...
s).
Reception
François Laroussinie, writing in ''The Computer Journal
''The Computer Journal'' is a peer-reviewed scientific journal covering computer science and information systems. Established in 1958, it is one of the oldest computer science research journals. It is published by Oxford University Press on behal ...
'', recommended the book to researchers, lecturers, students and engineers, calling the book "impressive". Laroussinie found the textbook comprehensive and accessibly written, with a good number of examples, exercises and motivating ideas for key concepts. With a "unified framework", the first seven chapters cover classical theory and the last three chapters cover extensions of model checking.
In '' ACM Computing Reviews'', Gabriel Ciobanu believed the textbook could be used in advanced undergraduate or graduate courses, and would be useful to researchers. Ciobanu praised the "clear and intuitive" presentation and said it "should be appreciated for its pedagogical approach to covering basic concepts, deep theoretical results, and advanced topics in model checking research".
In 2014, the book was one of the five most-cited academic texts monitored by the Book Citation Index (BKCI).
References
Further reading
*{{citation, last=Lange, first=Martin, title=none, journal=MathSciNet
MathSciNet is a searchable online bibliographic database created by the American Mathematical Society in 1996. It contains all of the contents of the journal '' Mathematical Reviews'' (MR) since 1940 along with an extensive author database, links ...
, year=2010, mr=2493187
External links
Official website
2008 non-fiction books Computer science textbooks