Mary Weisskopf - Academia.edu (original) (raw)

Papers by Mary Weisskopf

Research paper thumbnail of The effect of uncontrolled concurrency on model checking

Concurrency and Computation: Practice and Experience, 2008

Correctness of concurrent software is usually checked by techniques such as peer code reviews or ... more Correctness of concurrent software is usually checked by techniques such as peer code reviews or code walkthroughs and testing. These techniques, however, are subject to human error, and thus do not achieve an in-depth verification of correctness. Model-checking techniques, which can systematically identify and verify every state that a system can enter, are a powerful alternative method for verifying concurrent systems. However, the usefulness of model checking is limited because the number of states for concurrent models grows exponentially with the number of processes in the system. This is often referred to as the 'state explosion problem.' Some processes are a central part of the software operation and must be included in the model. However, we have found that some exponential complexity results due to uncontrolled concurrency introduced by the programmer rather than due to the intrinsic characteristics of the software being modeled. We have performed tests on multimedia synchronization to show the effect of abstraction as well as uncontrolled concurrency using the Promela/SPIN model checker. We begin with a sequential model not expected to have exponential complexity but that results in exponential complexity. In this paper, we provide alternative designs and explain how uncontrolled concurrency can be removed from the code. synchronization and reliable communication protocols, and in these systems interaction among software/hardware modules should be coordinated to avoid unexpected failures. The verification of software and concurrent systems has been widely studied in . Also, verification methods used in different parts of the world have been surveyed . Several verification tools have been developed for verification of systems implemented in popular languages like Java . Some of the verification methods that are employed are code inspections/walkthroughs, pair programming, automated static analysis tools, coverage, capture/playback, model checking, and development testing tools . We are interested in model-checking verification since model checking is more rigorous than most other verification techniques because it can check all possible states a model can enter. There are usually three steps in model-checking verification: modeling, programming in the language of a model checker in order to implement a given model, and verification. Since all three steps are likely to be handled by a single person, we refer to a programmer as a person who models, implements, and verifies the model using a model checker. In this sense, a programmer is able to apply abstraction to the model as well as verify the model.

Research paper thumbnail of The effect of uncontrolled concurrency on model checking

Concurrency and Computation: Practice and Experience, 2008

Correctness of concurrent software is usually checked by techniques such as peer code reviews or ... more Correctness of concurrent software is usually checked by techniques such as peer code reviews or code walkthroughs and testing. These techniques, however, are subject to human error, and thus do not achieve an in-depth verification of correctness. Model-checking techniques, which can systematically identify and verify every state that a system can enter, are a powerful alternative method for verifying concurrent systems. However, the usefulness of model checking is limited because the number of states for concurrent models grows exponentially with the number of processes in the system. This is often referred to as the 'state explosion problem.' Some processes are a central part of the software operation and must be included in the model. However, we have found that some exponential complexity results due to uncontrolled concurrency introduced by the programmer rather than due to the intrinsic characteristics of the software being modeled. We have performed tests on multimedia synchronization to show the effect of abstraction as well as uncontrolled concurrency using the Promela/SPIN model checker. We begin with a sequential model not expected to have exponential complexity but that results in exponential complexity. In this paper, we provide alternative designs and explain how uncontrolled concurrency can be removed from the code. synchronization and reliable communication protocols, and in these systems interaction among software/hardware modules should be coordinated to avoid unexpected failures. The verification of software and concurrent systems has been widely studied in . Also, verification methods used in different parts of the world have been surveyed . Several verification tools have been developed for verification of systems implemented in popular languages like Java . Some of the verification methods that are employed are code inspections/walkthroughs, pair programming, automated static analysis tools, coverage, capture/playback, model checking, and development testing tools . We are interested in model-checking verification since model checking is more rigorous than most other verification techniques because it can check all possible states a model can enter. There are usually three steps in model-checking verification: modeling, programming in the language of a model checker in order to implement a given model, and verification. Since all three steps are likely to be handled by a single person, we refer to a programmer as a person who models, implements, and verifies the model using a model checker. In this sense, a programmer is able to apply abstraction to the model as well as verify the model.