[{"publist_id":"319","date_updated":"2022-02-14T14:35:11Z","oa":1,"page":"1 - 137","article_processing_charge":"No","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","oa_version":"None","_id":"4409","extern":"1","type":"dissertation","publication_status":"published","citation":{"ama":"Prabhu V. Games for the verification of timed systems. 2008:1-137.","mla":"Prabhu, Vinayak. Games for the Verification of Timed Systems. University of California, Berkeley, 2008, pp. 1–137.","short":"V. Prabhu, Games for the Verification of Timed Systems, University of California, Berkeley, 2008.","ista":"Prabhu V. 2008. Games for the verification of timed systems. University of California, Berkeley.","ieee":"V. Prabhu, “Games for the verification of timed systems,” University of California, Berkeley, 2008.","apa":"Prabhu, V. (2008). Games for the verification of timed systems. University of California, Berkeley.","chicago":"Prabhu, Vinayak. “Games for the Verification of Timed Systems.” University of California, Berkeley, 2008."},"day":"01","author":[{"first_name":"Vinayak","last_name":"Prabhu","full_name":"Prabhu, Vinayak"}],"status":"public","supervisor":[{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","last_name":"Henzinger","full_name":"Henzinger, Thomas A","orcid":"0000-0002-2985-7724","first_name":"Thomas A"},{"first_name":"John","last_name":"Steel","full_name":"Steel, John"},{"full_name":"Varaiya, Pravin","last_name":"Varaiya","first_name":"Pravin"}],"abstract":[{"text":"Models of timed systems must incorporate not only the sequence of system events, but the timings of these events as well to capture the real-time aspects of physical systems. Timed automata are models of real-time systems in which states consist of discrete locations and values for real-time clocks. The presence of real-time clocks leads to an uncountable state space. This thesis studies verification problems on timed automata in a game theoretic framework.\r\n\r\nFor untimed systems, two systems are close if every sequence of events of one system is also observable in the second system. For timed systems, the difference in timings of the two corresponding sequences is also of importance. We propose the notion of bisimulation distance which quantifies timing differences; if the bisimulation distance between two systems is epsilon, then (a) every sequence of events of one system has a corresponding matching sequence in the other, and (b) the timings of matching events in between the two corresponding traces do not differ by more than epsilon. We show that we can compute the bisimulation distance between two timed automata to within any desired degree of accuracy. We also show that the timed verification logic TCTL is robust with respect to our notion of quantitative bisimilarity, in particular, if a system satisfies a formula, then every close system satisfies a close formula.\r\n\r\nTimed games are used for distinguishing between the actions of several agents, typically a controller and an environment. The controller must achieve its objective against all possible choices of the environment. The modeling of the passage of time leads to the presence of zeno executions, and corresponding unrealizable strategies of the controller which may achieve objectives by blocking time. We disallow such unreasonable strategies by restricting all agents to use only receptive strategies --strategies which while not being required to ensure time divergence by any agent, are such that no agent is responsible for blocking time. Time divergence is guaranteed when all players use receptive strategies. We show that timed automaton games with receptive strategies can be solved by a reduction to finite state turn based game graphs. We define the logic timed alternating-time temporal logic for verification of timed automaton games and show that the logic can be model checked in EXPTIME. We also show that the minimum time required by an agent to reach a desired location, and the maximum time an agent can stay safe within a set of locations, against all possible actions of its adversaries are both computable.\r\n\r\nWe next study the memory requirements of winning strategies for timed automaton games. We prove that finite memory strategies suffice for safety objectives, and that winning strategies for reachability objectives may require infinite memory in general. We introduce randomized strategies in which an agent can propose a probabilistic distribution of moves and show that finite memory randomized strategies suffice for all omega-regular objectives. We also show that while randomization helps in simplifying winning strategies, and thus allows the construction of simpler controllers, it does not help a player in winning at more states, and thus does not allow the construction of more powerful controllers.\r\n\r\nFinally we study robust winning strategies in timed games. In a physical system, a controller may propose an action together with a time delay, but the action cannot be assumed to be executed at the exact proposed time delay. We present robust strategies which incorporate such jitters and show that the set of states from which an agent can win robustly is computable.","lang":"eng"}],"main_file_link":[{"url":"https://www2.eecs.berkeley.edu/Pubs/TechRpts/2008/EECS-2008-97.html","open_access":"1"}],"degree_awarded":"PhD","date_created":"2018-12-11T12:08:42Z","date_published":"2008-09-01T00:00:00Z","month":"09","year":"2008","language":[{"iso":"eng"}],"publisher":"University of California, Berkeley","title":"Games for the verification of timed systems"},{"year":"2008","month":"01","date_published":"2008-01-01T00:00:00Z","publisher":"University of California, Berkeley","title":"Compositionality in deterministic real-time embedded systems","language":[{"iso":"eng"}],"degree_awarded":"PhD","date_created":"2018-12-11T12:08:44Z","publication_status":"published","day":"01","citation":{"mla":"Matic, Slobodan. Compositionality in Deterministic Real-Time Embedded Systems. University of California, Berkeley, 2008, pp. 1–148.","ama":"Matic S. Compositionality in deterministic real-time embedded systems. 2008:1-148.","short":"S. Matic, Compositionality in Deterministic Real-Time Embedded Systems, University of California, Berkeley, 2008.","ista":"Matic S. 2008. Compositionality in deterministic real-time embedded systems. University of California, Berkeley.","apa":"Matic, S. (2008). Compositionality in deterministic real-time embedded systems. University of California, Berkeley.","ieee":"S. Matic, “Compositionality in deterministic real-time embedded systems,” University of California, Berkeley, 2008.","chicago":"Matic, Slobodan. “Compositionality in Deterministic Real-Time Embedded Systems.” University of California, Berkeley, 2008."},"type":"dissertation","abstract":[{"lang":"eng","text":"Many computing applications, especially those in safety critical embedded systems, require highly predictable timing properties. However, time is often not present in the prevailing computing and networking abstractions. In fact, most advances in computer architecture, software, and networking favor average-case performance over timing predictability. This thesis studies several methods for the design of concurrent and/or distributed embedded systems with precise timing guarantees. The focus is on flexible and compositional methods for programming and verification of the timing properties. The presented methods together with related formalisms cover two levels of design: (1) Programming language/model level. We propose the distributed variant of Giotto, a coordination programming language with an explicit temporal semantics—the logical execution time (LET) semantics. The LET of a task is an interval of time that specifies the time instants at which task inputs and outputs become available (task release and termination instants). The LET of a task is always non-zero. This allows us to communicate values across the network without changing the timing information of the task, and without introducing nondeterminism. We show how this methodology supports distributed code generation for distributed real-time systems. The method gives up some performance in favor of composability and predictability. We characterize the tradeoff by comparing the LET semantics with the semantics used in Simulink. (2) Abstract task graph level. We study interface-based design and verification of applications represented with task graphs. We consider task sequence graphs with general event models, and cyclic graphs with periodic event models with jitter and phase. Here an interface of a component exposes time and resource constraints of the component. Together with interfaces we formally define interface composition operations and the refinement relation. For efficient and flexible composability checking two properties are important: incremental design and independent refinement. According to the incremental design property the composition of interfaces can be performed in any order, even if interfaces for some components are not known. The refinement relation is defined such that in a design we can always substitute a refined interface for an abstract one. We show that the framework supports independent refinement, i.e., the refinement relation is preserved under composition operations."}],"status":"public","author":[{"first_name":"Slobodan","last_name":"Matic","full_name":"Matic, Slobodan"}],"supervisor":[{"last_name":"Henzinger","full_name":"Henzinger, Thomas A","orcid":"0000-0002-2985-7724","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Lee, Edward","last_name":"Lee","first_name":"Edward"},{"first_name":"Raja","full_name":"Sengupta, Raja","last_name":"Sengupta"}],"publist_id":"316","date_updated":"2022-02-14T14:08:50Z","page":"1 - 148","article_processing_charge":"No","_id":"4415","extern":"1","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","acknowledgement":"978-0-549-83480-9","oa_version":"None"},{"quality_controlled":0,"acknowledgement":"This research was supported by the Swiss NSF.","extern":1,"_id":"4452","page":"333 - 342","volume":5330,"date_updated":"2021-01-12T07:57:04Z","publist_id":"277","author":[{"last_name":"Henzinger","full_name":"Thomas Henzinger","orcid":"0000−0002−2985−7724","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"},{"first_name":"Thibaud","last_name":"Hottelier","full_name":"Hottelier, Thibaud"},{"first_name":"Laura","full_name":"Kovács, Laura","last_name":"Kovács"}],"status":"public","intvolume":" 5330","abstract":[{"text":"We describe Valigator, a software tool for imperative program verification that efficiently combines symbolic computation and automated reasoning in a uniform framework. The system offers support for automatically generating and proving verification conditions and, most importantly, for automatically inferring loop invariants and bound assertions by means of symbolic summation, Gröbner basis computation, and quantifier elimination. We present general principles of the implementation and illustrate them on examples.","lang":"eng"}],"type":"conference","citation":{"apa":"Henzinger, T. A., Hottelier, T., & Kovács, L. (2008). Valigator: A verification tool with bound and invariant generation (Vol. 5330, pp. 333–342). Presented at the LPAR: Logic for Programming, Artificial Intelligence, and Reasoning, Springer. https://doi.org/10.1007/978-3-540-89439-1_24","ieee":"T. A. Henzinger, T. Hottelier, and L. Kovács, “Valigator: A verification tool with bound and invariant generation,” presented at the LPAR: Logic for Programming, Artificial Intelligence, and Reasoning, 2008, vol. 5330, pp. 333–342.","chicago":"Henzinger, Thomas A, Thibaud Hottelier, and Laura Kovács. “Valigator: A Verification Tool with Bound and Invariant Generation,” 5330:333–42. Springer, 2008. https://doi.org/10.1007/978-3-540-89439-1_24.","ama":"Henzinger TA, Hottelier T, Kovács L. Valigator: A verification tool with bound and invariant generation. In: Vol 5330. Springer; 2008:333-342. doi:10.1007/978-3-540-89439-1_24","mla":"Henzinger, Thomas A., et al. Valigator: A Verification Tool with Bound and Invariant Generation. Vol. 5330, Springer, 2008, pp. 333–42, doi:10.1007/978-3-540-89439-1_24.","short":"T.A. Henzinger, T. Hottelier, L. Kovács, in:, Springer, 2008, pp. 333–342.","ista":"Henzinger TA, Hottelier T, Kovács L. 2008. Valigator: A verification tool with bound and invariant generation. LPAR: Logic for Programming, Artificial Intelligence, and Reasoning, LNCS, vol. 5330, 333–342."},"day":"13","publication_status":"published","date_created":"2018-12-11T12:08:55Z","conference":{"name":"LPAR: Logic for Programming, Artificial Intelligence, and Reasoning"},"main_file_link":[{"url":"http://pub.ist.ac.at/%7Etah/Publications/valigator.pdf","open_access":"0"}],"alternative_title":["LNCS"],"title":"Valigator: A verification tool with bound and invariant generation","publisher":"Springer","date_published":"2008-11-13T00:00:00Z","doi":"10.1007/978-3-540-89439-1_24","month":"11","year":"2008"},{"main_file_link":[{"url":"http://pub.ist.ac.at/%7Etah/Publications/two_challenges_in_embedded_systems_design.pdf","open_access":"0"}],"date_created":"2018-12-11T12:09:13Z","doi":"10.1098/rsta.2008.0141","month":"07","year":"2008","date_published":"2008-07-31T00:00:00Z","title":"Two challenges in embedded systems design: Predictability and robustness","publisher":"Royal Society of London","publication":"Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences","issue":"1881","page":"3727 - 3736","publist_id":"219","volume":366,"date_updated":"2021-01-12T07:59:19Z","extern":1,"_id":"4509","quality_controlled":0,"citation":{"ista":"Henzinger TA. 2008. Two challenges in embedded systems design: Predictability and robustness. Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences. 366(1881), 3727–3736.","short":"T.A. Henzinger, Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences 366 (2008) 3727–3736.","ama":"Henzinger TA. Two challenges in embedded systems design: Predictability and robustness. Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences. 2008;366(1881):3727-3736. doi:10.1098/rsta.2008.0141","mla":"Henzinger, Thomas A. “Two Challenges in Embedded Systems Design: Predictability and Robustness.” Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences, vol. 366, no. 1881, Royal Society of London, 2008, pp. 3727–36, doi:10.1098/rsta.2008.0141.","chicago":"Henzinger, Thomas A. “Two Challenges in Embedded Systems Design: Predictability and Robustness.” Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences. Royal Society of London, 2008. https://doi.org/10.1098/rsta.2008.0141.","ieee":"T. A. Henzinger, “Two challenges in embedded systems design: Predictability and robustness,” Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences, vol. 366, no. 1881. Royal Society of London, pp. 3727–3736, 2008.","apa":"Henzinger, T. A. (2008). Two challenges in embedded systems design: Predictability and robustness. Philosophical Transactions of the Royal Society A Mathematical Physical and Engineering Sciences. Royal Society of London. https://doi.org/10.1098/rsta.2008.0141"},"day":"31","publication_status":"published","type":"journal_article","intvolume":" 366","abstract":[{"text":"I discuss two main challenges in embedded systems design: the challenge to build predictable systems, and that to build robust systems. I suggest how predictability can be formalized as a form of determinism, and robustness as a form of continuity.","lang":"eng"}],"status":"public","author":[{"orcid":"0000−0002−2985−7724","last_name":"Henzinger","full_name":"Thomas Henzinger","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"}]},{"month":"01","year":"2008","doi":"10.1145/1328438.1328459","date_published":"2008-01-01T00:00:00Z","title":"Proving non-termination","publisher":"ACM","main_file_link":[{"url":"http://pub.ist.ac.at/%7Etah/Publications/proving_non-termination.pdf","open_access":"0"}],"conference":{"name":"POPL: Principles of Programming Languages"},"date_created":"2018-12-11T12:09:17Z","day":"01","citation":{"ieee":"A. Gupta, T. A. Henzinger, R. Majumdar, A. Rybalchenko, and R. Xu, “Proving non-termination,” presented at the POPL: Principles of Programming Languages, 2008, pp. 147–158.","apa":"Gupta, A., Henzinger, T. A., Majumdar, R., Rybalchenko, A., & Xu, R. (2008). Proving non-termination (pp. 147–158). Presented at the POPL: Principles of Programming Languages, ACM. https://doi.org/10.1145/1328438.1328459","chicago":"Gupta, Ashutosh, Thomas A Henzinger, Ritankar Majumdar, Andrey Rybalchenko, and Ru Xu. “Proving Non-Termination,” 147–58. ACM, 2008. https://doi.org/10.1145/1328438.1328459.","ama":"Gupta A, Henzinger TA, Majumdar R, Rybalchenko A, Xu R. Proving non-termination. In: ACM; 2008:147-158. doi:10.1145/1328438.1328459","mla":"Gupta, Ashutosh, et al. Proving Non-Termination. ACM, 2008, pp. 147–58, doi:10.1145/1328438.1328459.","ista":"Gupta A, Henzinger TA, Majumdar R, Rybalchenko A, Xu R. 2008. Proving non-termination. POPL: Principles of Programming Languages, 147–158.","short":"A. Gupta, T.A. Henzinger, R. Majumdar, A. Rybalchenko, R. Xu, in:, ACM, 2008, pp. 147–158."},"publication_status":"published","type":"conference","abstract":[{"text":"The search for proof and the search for counterexamples (bugs) are complementary activities that need to be pursued concurrently in order to maximize the practical success rate of verification tools.While this is well-understood in safety verification, the current focus of liveness verification has been almost exclusively on the search for termination proofs. A counterexample to termination is an infinite programexecution. In this paper, we propose a method to search for such counterexamples. The search proceeds in two phases. We first dynamically enumerate lasso-shaped candidate paths for counterexamples, and then statically prove their feasibility. We illustrate the utility of our nontermination prover, called TNT, on several nontrivial examples, some of which require bit-level reasoning about integer representations.","lang":"eng"}],"author":[{"first_name":"Ashutosh","last_name":"Gupta","full_name":"Ashutosh Gupta","id":"335E5684-F248-11E8-B48F-1D18A9856A87"},{"first_name":"Thomas A","full_name":"Thomas Henzinger","last_name":"Henzinger","orcid":"0000−0002−2985−7724","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"},{"first_name":"Ritankar","last_name":"Majumdar","full_name":"Majumdar, Ritankar S"},{"last_name":"Rybalchenko","full_name":"Rybalchenko, Andrey","first_name":"Andrey"},{"first_name":"Ru","full_name":"Xu, Ru-Gang","last_name":"Xu"}],"status":"public","page":"147 - 158","publist_id":"208","date_updated":"2021-01-12T07:59:25Z","extern":1,"_id":"4521","quality_controlled":0},{"citation":{"ista":"Ghosal A. 2008. A hierarchical coordination language for reliable real-time tasks. University of California, Berkeley.","short":"A. Ghosal, A Hierarchical Coordination Language for Reliable Real-Time Tasks, University of California, Berkeley, 2008.","ama":"Ghosal A. A hierarchical coordination language for reliable real-time tasks. 2008:1-210.","mla":"Ghosal, Arkadeb. A Hierarchical Coordination Language for Reliable Real-Time Tasks. University of California, Berkeley, 2008, pp. 1–210.","chicago":"Ghosal, Arkadeb. “A Hierarchical Coordination Language for Reliable Real-Time Tasks.” University of California, Berkeley, 2008.","apa":"Ghosal, A. (2008). A hierarchical coordination language for reliable real-time tasks. University of California, Berkeley.","ieee":"A. Ghosal, “A hierarchical coordination language for reliable real-time tasks,” University of California, Berkeley, 2008."},"day":"31","publication_status":"published","type":"dissertation","abstract":[{"lang":"eng","text":"Complex requirements, time-to-market pressure and regulatory constraints have made the designing of embedded systems extremely challenging. This is evident by the increase in effort and expenditure for design of safety-driven real-time control-dominated applications like automotive and avionic controllers. Design processes are often challenged by lack of proper programming tools for specifying and verifying critical requirements (e.g. timing and reliability) of such applications. Platform based design, an approach for designing embedded systems, addresses the above concerns by separating requirement from architecture. The requirement specifies the intended behavior of an application while the architecture specifies the guarantees (e.g. execution speed, failure rate etc). An implementation, a mapping of the requirement on the architecture, is then analyzed for correctness. The orthogonalization of concerns makes the specification and analyses simpler. An effective use of such design methodology has been proposed in Logical Execution Time (LET) model of real-time tasks. The model separates the timing requirements (specified by release and termination instances of a task) from the architecture guarantees (specified by worst-case execution time of the task).\r\n\r\nThis dissertation proposes a coordination language, Hierarchical Timing Language (HTL), that captures the timing and reliability requirements of real-time applications. An implementation of the program on an architecture is then analyzed to check whether desired timing and reliability requirements are met or not. The core framework extends the LET model by accounting for reliability and refinement. The reliability model separates the reliability requirements of tasks from the reliability guarantees of the architecture. The requirement expresses the desired long-term reliability while the architecture provides a short-term reliability guarantee (e.g. failure rate for each iteration). The analysis checks if the short-term guarantee ensures the desired long-term reliability. The refinement model allows replacing a task by another task during program execution. Refinement preserves schedulability and reliability, i.e., if a refined task is schedulable and reliable for an implementation, then the refining task is also schedulable and reliable for the implementation. Refinement helps in concise specification without overloading analysis.\r\n\r\nThe work presents the formal model, the analyses (both with and without refinement), and a compiler for HTL programs. The compiler checks composition and refinement constraints, performs schedulability and reliability analyses, and generates code for implementation of an HTL program on a virtual machine. Three real-time controllers, one each from automatic control, automotive control and avionic control, are used to illustrate the steps in modeling and analyzing HTL programs."}],"supervisor":[{"full_name":"Sangiovanni-Vincentelli, Alberto","last_name":"Sangiovanni-Vincentelli","first_name":"Alberto"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","first_name":"Thomas A","orcid":"0000-0002-2985-7724","full_name":"Henzinger, Thomas A","last_name":"Henzinger"},{"first_name":"Edward","last_name":"Lee","full_name":"Lee, Edward"},{"full_name":"Hedrick, Karl","last_name":"Hedrick","first_name":"Karl"}],"author":[{"first_name":"Arkadeb","full_name":"Ghosal, Arkadeb","last_name":"Ghosal"}],"status":"public","page":"1 - 210","article_processing_charge":"No","publist_id":"199","date_updated":"2021-01-12T07:59:26Z","extern":"1","_id":"4524","oa_version":"None","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","acknowledgement":"978-0-549-83679-7","year":"2008","month":"01","date_published":"2008-01-31T00:00:00Z","title":"A hierarchical coordination language for reliable real-time tasks","publisher":"University of California, Berkeley","language":[{"iso":"eng"}],"date_created":"2018-12-11T12:09:18Z"},{"alternative_title":["LNCS"],"main_file_link":[{"open_access":"0","url":"http://pub.ist.ac.at/%7Etah/Publications/bounded_asynchrony.pdf"}],"conference":{"name":"FMSB: Formal Methods in Systems Biology"},"date_created":"2018-12-11T12:09:19Z","doi":"10.1007/978-3-540-68413-8_2","month":"05","year":"2008","date_published":"2008-05-26T00:00:00Z","title":"Bounded asynchrony: Concurrency for modeling cell-cell interactions","publisher":"Springer","page":"17 - 32","volume":5054,"date_updated":"2021-01-12T07:59:27Z","publist_id":"196","extern":1,"_id":"4527","quality_controlled":0,"acknowledgement":"Supported in part by the Swiss National Science Foundation (grant 205321-111840).","citation":{"ista":"Fisher J, Henzinger TA, Mateescu M, Piterman N. 2008. Bounded asynchrony: Concurrency for modeling cell-cell interactions. FMSB: Formal Methods in Systems Biology, LNCS, vol. 5054, 17–32.","short":"J. Fisher, T.A. Henzinger, M. Mateescu, N. Piterman, in:, Springer, 2008, pp. 17–32.","ama":"Fisher J, Henzinger TA, Mateescu M, Piterman N. Bounded asynchrony: Concurrency for modeling cell-cell interactions. In: Vol 5054. Springer; 2008:17-32. doi:10.1007/978-3-540-68413-8_2","mla":"Fisher, Jasmin, et al. Bounded Asynchrony: Concurrency for Modeling Cell-Cell Interactions. Vol. 5054, Springer, 2008, pp. 17–32, doi:10.1007/978-3-540-68413-8_2.","chicago":"Fisher, Jasmin, Thomas A Henzinger, Maria Mateescu, and Nir Piterman. “Bounded Asynchrony: Concurrency for Modeling Cell-Cell Interactions,” 5054:17–32. Springer, 2008. https://doi.org/10.1007/978-3-540-68413-8_2.","ieee":"J. Fisher, T. A. Henzinger, M. Mateescu, and N. Piterman, “Bounded asynchrony: Concurrency for modeling cell-cell interactions,” presented at the FMSB: Formal Methods in Systems Biology, 2008, vol. 5054, pp. 17–32.","apa":"Fisher, J., Henzinger, T. A., Mateescu, M., & Piterman, N. (2008). Bounded asynchrony: Concurrency for modeling cell-cell interactions (Vol. 5054, pp. 17–32). Presented at the FMSB: Formal Methods in Systems Biology, Springer. https://doi.org/10.1007/978-3-540-68413-8_2"},"day":"26","publication_status":"published","type":"conference","intvolume":" 5054","abstract":[{"text":"We introduce bounded asynchrony, a notion of concurrency tailored to the modeling of biological cell-cell interactions. Bounded asynchrony is the result of a scheduler that bounds the number of steps that one process gets ahead of other processes; this allows the components of a system to move independently while keeping them coupled. Bounded asynchrony accurately reproduces the experimental observations made about certain cell-cell interactions: its constrained nondeterminism captures the variability observed in cells that, although equally potent, assume distinct fates. Real-life cells are not “scheduled”, but we show that distributed real-time behavior can lead to component interactions that are observationally equivalent to bounded asynchrony; this provides a possible mechanistic explanation for the phenomena observed during cell fate specification.\nWe use model checking to determine cell fates. The nondeterminism of bounded asynchrony causes state explosion during model checking, but partial-order methods are not directly applicable. We present a new algorithm that reduces the number of states that need to be explored: our optimization takes advantage of the bounded-asynchronous progress and the spatially local interactions of components that model cells. We compare our own communication-based reduction with partial-order reduction (on a restricted form of bounded asynchrony) and experiments illustrate that our algorithm leads to significant savings.","lang":"eng"}],"status":"public","author":[{"last_name":"Fisher","full_name":"Fisher, Jasmin","first_name":"Jasmin"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","last_name":"Henzinger","full_name":"Thomas Henzinger","orcid":"0000−0002−2985−7724","first_name":"Thomas A"},{"id":"3B43276C-F248-11E8-B48F-1D18A9856A87","first_name":"Maria","full_name":"Maria Mateescu","last_name":"Mateescu"},{"first_name":"Nir","full_name":"Piterman, Nir","last_name":"Piterman"}]},{"main_file_link":[{"url":"http://pub.ist.ac.at/%7Etah/Publications/equivalence_of_labeled_markov_chains.pdf","open_access":"0"}],"date_created":"2018-12-11T12:09:20Z","year":"2008","doi":"10.1142/S0129054108005814 ","month":"06","date_published":"2008-06-01T00:00:00Z","title":"Equivalence of labeled Markov chains","publisher":"World Scientific Publishing","publication":"International Journal of Foundations of Computer Science","issue":"3","page":"549 - 563","publist_id":"192","volume":19,"date_updated":"2021-01-12T07:59:30Z","extern":1,"_id":"4532","quality_controlled":0,"day":"01","citation":{"ista":"Doyen L, Henzinger TA, Raskin J. 2008. Equivalence of labeled Markov chains. International Journal of Foundations of Computer Science. 19(3), 549–563.","short":"L. Doyen, T.A. Henzinger, J. Raskin, International Journal of Foundations of Computer Science 19 (2008) 549–563.","ama":"Doyen L, Henzinger TA, Raskin J. Equivalence of labeled Markov chains. International Journal of Foundations of Computer Science. 2008;19(3):549-563. doi:10.1142/S0129054108005814 ","mla":"Doyen, Laurent, et al. “Equivalence of Labeled Markov Chains.” International Journal of Foundations of Computer Science, vol. 19, no. 3, World Scientific Publishing, 2008, pp. 549–63, doi:10.1142/S0129054108005814 .","chicago":"Doyen, Laurent, Thomas A Henzinger, and Jean Raskin. “Equivalence of Labeled Markov Chains.” International Journal of Foundations of Computer Science. World Scientific Publishing, 2008. https://doi.org/10.1142/S0129054108005814 .","apa":"Doyen, L., Henzinger, T. A., & Raskin, J. (2008). Equivalence of labeled Markov chains. International Journal of Foundations of Computer Science. World Scientific Publishing. https://doi.org/10.1142/S0129054108005814 ","ieee":"L. Doyen, T. A. Henzinger, and J. Raskin, “Equivalence of labeled Markov chains,” International Journal of Foundations of Computer Science, vol. 19, no. 3. World Scientific Publishing, pp. 549–563, 2008."},"publication_status":"published","type":"journal_article","intvolume":" 19","abstract":[{"lang":"eng","text":"We consider the equivalence problem for labeled Markov chains (LMCs), where each state is labeled with an observation. Two LMCs are equivalent if every finite sequence of observations has the same probability of occurrence in the two LMCs. We show that equivalence can be decided in polynomial time, using a reduction to the equivalence problem for probabilistic automata, which is known to be solvable in polynomial time. We provide an alternative algorithm to solve the equivalence problem, which is based on a new definition of bisimulation for probabilistic automata. We also extend the technique to decide the equivalence of weighted probabilistic automata."}],"author":[{"full_name":"Doyen, Laurent","last_name":"Doyen","first_name":"Laurent"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","last_name":"Henzinger","full_name":"Thomas Henzinger","orcid":"0000−0002−2985−7724","first_name":"Thomas A"},{"first_name":"Jean","last_name":"Raskin","full_name":"Raskin, Jean-François"}],"status":"public"},{"conference":{"name":"EMSOFT: Embedded Software "},"date_created":"2018-12-11T12:09:21Z","main_file_link":[{"open_access":"0","url":"http://pub.ist.ac.at/%7Etah/Publications/interface_theories_with_component_reuse.pdf"}],"publisher":"ACM","title":"Interface theories with component reuse","month":"10","doi":"10.1145/1450058.1450070","year":"2008","date_published":"2008-10-01T00:00:00Z","_id":"4533","extern":1,"quality_controlled":0,"publist_id":"193","date_updated":"2021-01-12T07:59:30Z","page":"79 - 88","abstract":[{"lang":"eng","text":"Interface theories have been proposed to support incremental design and independent implementability. Incremental design means that the compatibility checking of interfaces can proceed for partial system descriptions, without knowing the interfaces of all components. Independent implementability means that compatible interfaces can be refined separately, maintaining compatibility. We show that these interface theories provide no formal support for component reuse, meaning that the same component cannot be used to implement several different interfaces in a design. We add a new operation to interface theories in order to support such reuse. For example, different interfaces for the same component may refer to different aspects such as functionality, timing, and power consumption. We give both stateless and stateful examples for interface theories with component reuse. To illustrate component reuse in interface-based design, we show how the stateful theory provides a natural framework for specifying and refining PCI bus clients."}],"author":[{"full_name":"Doyen, Laurent","last_name":"Doyen","first_name":"Laurent"},{"first_name":"Thomas A","orcid":"0000−0002−2985−7724","last_name":"Henzinger","full_name":"Thomas Henzinger","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"},{"first_name":"Barbara","full_name":"Jobstmann, Barbara","last_name":"Jobstmann"},{"orcid":"0000-0002-9041-0905","last_name":"Petrov","full_name":"Tatjana Petrov","first_name":"Tatjana","id":"3D5811FC-F248-11E8-B48F-1D18A9856A87"}],"status":"public","publication_status":"published","citation":{"short":"L. Doyen, T.A. Henzinger, B. Jobstmann, T. Petrov, in:, ACM, 2008, pp. 79–88.","ista":"Doyen L, Henzinger TA, Jobstmann B, Petrov T. 2008. Interface theories with component reuse. EMSOFT: Embedded Software , 79–88.","mla":"Doyen, Laurent, et al. Interface Theories with Component Reuse. ACM, 2008, pp. 79–88, doi:10.1145/1450058.1450070.","ama":"Doyen L, Henzinger TA, Jobstmann B, Petrov T. Interface theories with component reuse. In: ACM; 2008:79-88. doi:10.1145/1450058.1450070","chicago":"Doyen, Laurent, Thomas A Henzinger, Barbara Jobstmann, and Tatjana Petrov. “Interface Theories with Component Reuse,” 79–88. ACM, 2008. https://doi.org/10.1145/1450058.1450070.","apa":"Doyen, L., Henzinger, T. A., Jobstmann, B., & Petrov, T. (2008). Interface theories with component reuse (pp. 79–88). Presented at the EMSOFT: Embedded Software , ACM. https://doi.org/10.1145/1450058.1450070","ieee":"L. Doyen, T. A. Henzinger, B. Jobstmann, and T. Petrov, “Interface theories with component reuse,” presented at the EMSOFT: Embedded Software , 2008, pp. 79–88."},"day":"01","type":"conference"},{"title":"Reduction of stochastic parity to stochastic mean-payoff games","publisher":"Elsevier","year":"2008","doi":"10.1016/j.ipl.2007.08.035","month":"03","date_published":"2008-03-31T00:00:00Z","date_created":"2018-12-11T12:09:21Z","main_file_link":[{"open_access":"0","url":"http://pub.ist.ac.at/%7Etah/Publications/reduction_of_stochastic_parity_to_stochastic_mean-payoff_games.pdf"}],"intvolume":" 106","abstract":[{"lang":"eng","text":"A stochastic graph game is played by two players on a game graph with probabilistic transitions. We consider stochastic graph games with ω-regular winning conditions specified as parity objectives, and mean-payoff (or limit-average) objectives. These games lie in NP ∩ coNP. We present a polynomial-time Turing reduction of stochastic parity games to stochastic mean-payoff games."}],"status":"public","author":[{"full_name":"Krishnendu Chatterjee","last_name":"Chatterjee","orcid":"0000-0002-4561-241X","first_name":"Krishnendu","id":"2E5DCA20-F248-11E8-B48F-1D18A9856A87"},{"orcid":"0000−0002−2985−7724","last_name":"Henzinger","full_name":"Thomas Henzinger","first_name":"Thomas A","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"}],"citation":{"short":"K. Chatterjee, T.A. Henzinger, Information Processing Letters 106 (2008) 1–7.","ista":"Chatterjee K, Henzinger TA. 2008. Reduction of stochastic parity to stochastic mean-payoff games. Information Processing Letters. 106(1), 1–7.","ama":"Chatterjee K, Henzinger TA. Reduction of stochastic parity to stochastic mean-payoff games. Information Processing Letters. 2008;106(1):1-7. doi:10.1016/j.ipl.2007.08.035","mla":"Chatterjee, Krishnendu, and Thomas A. Henzinger. “Reduction of Stochastic Parity to Stochastic Mean-Payoff Games.” Information Processing Letters, vol. 106, no. 1, Elsevier, 2008, pp. 1–7, doi:10.1016/j.ipl.2007.08.035.","chicago":"Chatterjee, Krishnendu, and Thomas A Henzinger. “Reduction of Stochastic Parity to Stochastic Mean-Payoff Games.” Information Processing Letters. Elsevier, 2008. https://doi.org/10.1016/j.ipl.2007.08.035.","ieee":"K. Chatterjee and T. A. Henzinger, “Reduction of stochastic parity to stochastic mean-payoff games,” Information Processing Letters, vol. 106, no. 1. Elsevier, pp. 1–7, 2008.","apa":"Chatterjee, K., & Henzinger, T. A. (2008). Reduction of stochastic parity to stochastic mean-payoff games. Information Processing Letters. Elsevier. https://doi.org/10.1016/j.ipl.2007.08.035"},"day":"31","publication_status":"published","type":"journal_article","extern":1,"_id":"4534","quality_controlled":0,"publication":"Information Processing Letters","issue":"1","page":"1 - 7","volume":106,"publist_id":"188","date_updated":"2021-01-12T07:59:30Z"},{"conference":{"name":"DATE: Design, Automation and Test in Europe"},"date_created":"2018-12-11T12:09:25Z","main_file_link":[{"url":"http://pub.ist.ac.at/%7Etah/Publications/logical_reliability_of_interacting_real-time_tasks.pdf","open_access":"0"}],"publisher":"IEEE","title":"Logical reliability of interacting real-time tasks","year":"2008","month":"01","doi":"10.1145/1403375.1403595","date_published":"2008-01-01T00:00:00Z","_id":"4546","extern":1,"quality_controlled":0,"date_updated":"2021-01-12T07:59:36Z","publist_id":"171","page":"909 - 914","abstract":[{"text":"We propose the notion of logical reliability for real-time program tasks that interact through periodically updated program variables. We describe a reliability analysis that checks if the given short-term (e.g., single-period) reliability of a program variable update in an implementation is sufficient to meet the logical reliability requirement (of the program variable) in the long run. We then present a notion of design by refinement where a task can be refined by another task that writes to program variables with less logical reliability. The resulting analysis can be combined with an incremental schedulability analysis for interacting real-time tasks proposed earlier for the Hierarchical Timing Language (HTL), a coordination language for distributed real-time systems. We implemented a logical-reliability-enhanced prototype of the compiler and runtime infrastructure for HTL.","lang":"eng"}],"author":[{"first_name":"Krishnendu","full_name":"Krishnendu Chatterjee","last_name":"Chatterjee","orcid":"0000-0002-4561-241X","id":"2E5DCA20-F248-11E8-B48F-1D18A9856A87"},{"last_name":"Ghosal","full_name":"Ghosal, Arkadeb","first_name":"Arkadeb"},{"id":"40876CD8-F248-11E8-B48F-1D18A9856A87","first_name":"Thomas A","full_name":"Thomas Henzinger","last_name":"Henzinger","orcid":"0000−0002−2985−7724"},{"first_name":"Daniel","full_name":"Iercan, Daniel","last_name":"Iercan"},{"first_name":"Christoph","full_name":"Kirsch, Christoph M","last_name":"Kirsch"},{"first_name":"Claudio","last_name":"Pinello","full_name":"Pinello, Claudio"},{"full_name":"Sangiovanni-Vincentelli, Alberto","last_name":"Sangiovanni Vincentelli","first_name":"Alberto"}],"status":"public","publication_status":"published","day":"01","citation":{"apa":"Chatterjee, K., Ghosal, A., Henzinger, T. A., Iercan, D., Kirsch, C., Pinello, C., & Sangiovanni Vincentelli, A. (2008). Logical reliability of interacting real-time tasks (pp. 909–914). Presented at the DATE: Design, Automation and Test in Europe, IEEE. https://doi.org/10.1145/1403375.1403595","ieee":"K. Chatterjee et al., “Logical reliability of interacting real-time tasks,” presented at the DATE: Design, Automation and Test in Europe, 2008, pp. 909–914.","chicago":"Chatterjee, Krishnendu, Arkadeb Ghosal, Thomas A Henzinger, Daniel Iercan, Christoph Kirsch, Claudio Pinello, and Alberto Sangiovanni Vincentelli. “Logical Reliability of Interacting Real-Time Tasks,” 909–14. IEEE, 2008. https://doi.org/10.1145/1403375.1403595.","mla":"Chatterjee, Krishnendu, et al. Logical Reliability of Interacting Real-Time Tasks. IEEE, 2008, pp. 909–14, doi:10.1145/1403375.1403595.","ama":"Chatterjee K, Ghosal A, Henzinger TA, et al. Logical reliability of interacting real-time tasks. In: IEEE; 2008:909-914. doi:10.1145/1403375.1403595","short":"K. Chatterjee, A. Ghosal, T.A. Henzinger, D. Iercan, C. Kirsch, C. Pinello, A. Sangiovanni Vincentelli, in:, IEEE, 2008, pp. 909–914.","ista":"Chatterjee K, Ghosal A, Henzinger TA, Iercan D, Kirsch C, Pinello C, Sangiovanni Vincentelli A. 2008. Logical reliability of interacting real-time tasks. DATE: Design, Automation and Test in Europe, 909–914."},"type":"conference"},{"type":"journal_article","publication_status":"published","day":"01","citation":{"apa":"Chatterjee, K., Majumdar, R., & Henzinger, T. A. (2008). Stochastic limit-average games are in EXPTIME. International Journal of Game Theory. Springer. https://doi.org/10.1007/s00182-007-0110-5","ieee":"K. Chatterjee, R. Majumdar, and T. A. Henzinger, “Stochastic limit-average games are in EXPTIME,” International Journal of Game Theory, vol. 37, no. 2. Springer, pp. 219–234, 2008.","chicago":"Chatterjee, Krishnendu, Ritankar Majumdar, and Thomas A Henzinger. “Stochastic Limit-Average Games Are in EXPTIME.” International Journal of Game Theory. Springer, 2008. https://doi.org/10.1007/s00182-007-0110-5.","mla":"Chatterjee, Krishnendu, et al. “Stochastic Limit-Average Games Are in EXPTIME.” International Journal of Game Theory, vol. 37, no. 2, Springer, 2008, pp. 219–34, doi:10.1007/s00182-007-0110-5.","ama":"Chatterjee K, Majumdar R, Henzinger TA. Stochastic limit-average games are in EXPTIME. International Journal of Game Theory. 2008;37(2):219-234. doi:10.1007/s00182-007-0110-5","short":"K. Chatterjee, R. Majumdar, T.A. Henzinger, International Journal of Game Theory 37 (2008) 219–234.","ista":"Chatterjee K, Majumdar R, Henzinger TA. 2008. Stochastic limit-average games are in EXPTIME. International Journal of Game Theory. 37(2), 219–234."},"author":[{"first_name":"Krishnendu","orcid":"0000-0002-4561-241X","full_name":"Krishnendu Chatterjee","last_name":"Chatterjee","id":"2E5DCA20-F248-11E8-B48F-1D18A9856A87"},{"full_name":"Majumdar, Ritankar S","last_name":"Majumdar","first_name":"Ritankar"},{"first_name":"Thomas A","orcid":"0000−0002−2985−7724","last_name":"Henzinger","full_name":"Thomas Henzinger","id":"40876CD8-F248-11E8-B48F-1D18A9856A87"}],"status":"public","intvolume":" 37","abstract":[{"lang":"eng","text":"The value of a finite-state two-player zero-sum stochastic game with limit-average payoff can be approximated to within ε in time exponential in a polynomial in the size of the game times polynomial in logarithmic in 1/ε, for all ε > 0."}],"volume":37,"publist_id":"168","date_updated":"2021-01-12T07:59:37Z","page":"219 - 234","issue":"2","publication":"International Journal of Game Theory","quality_controlled":0,"_id":"4548","extern":1,"date_published":"2008-01-01T00:00:00Z","month":"01","doi":"10.1007/s00182-007-0110-5","year":"2008","publisher":"Springer","title":"Stochastic limit-average games are in EXPTIME","main_file_link":[{"url":"http://pub.ist.ac.at/%7Etah/Publications/stochastic_limit-average_games_are_in_exptime.pdf","open_access":"0"}],"date_created":"2018-12-11T12:09:25Z"}]