Béatrice Bérard scite author profile

Mobile robot networks emerged in the past few years as a promising distributed computing model. Existing work in the literature typically ensures the correctness of mobile robot protocols via ad hoc handwritten proofs, which, in the case of asynchronous execution models, are both cumbersome and error-prone.In this paper, we propose the first formal model and general verification (by model-checking) methodology for mobile robot protocols operating in a discrete space (that is, the set of possible robot positions is finite). Our contribution is threefold. First, we formally model using synchronized automata a network of mobile robots operating under various synchrony (or asynchrony) assumptions. Then, we use this formal model as input model for the DiVinE model-checker and prove the equivalence of the two models. Third, we verify using DiVinE two known protocols for variants of the ring exploration in an asynchronous setting (exploration with stop and perpetual exclusive exploration).The exploration with stop we verify was manually proved correct only when the number of robots is k > 17, and n (the ring size) and k are co-prime. As the necessity of this bound was not proved in the original paper, our methodology demonstrates that for several instances of k and n not covered in the original paper, the algorithm remains correct. In the case of the perpetual exclusive exploration protocol, our methodology exhibits a counter-example in the completely asynchronous setting where safety is violated, which is used to correct the original protocol.

show abstract

Comparison of Different Semantics for Time Petri Nets

Bérard¹,

Cassez²,

Haddad³

et al. 2005

View full text Add to dashboard Cite

In this paper we study the model of Time Petri Nets (TPNs) where a time interval is associated with the firing of a transition, but we extend it by considering general intervals rather than closed ones. A key feature of timed models is the memory policy, i.e. which timing informations are kept when a transition is fired. The original model selects an intermediate semantics where the transitions disabled after consuming the tokens, as well as the firing transition, are reinitialised. However this semantics is not appropriate for some applications. So we consider here two alternative semantics: the atomic and the persistent atomic ones. First we present relevant patterns of discrete event systems which show the interest of these semantics. Then we compare the expressiveness of the three semantics w.r.t. the weak time bisimilarity establishing inclusion results in the general case. Furthermore we show that some inclusions are strict with unrestricted intervals even when nets are bounded. Then we focus on bounded TPNs with upper-closed intervals and we prove that the semantics are equivalent. Finally taking into account both the practical and the theoretical issues, we conclude that persistent atomic semantics should be preferred.

show abstract

Comparison of the Expressiveness of Timed Automata and Time Petri Nets

Bérard¹,

Cassez²,

Haddad³

et al. 2005

View full text Add to dashboard Cite

Abstract. In this paper we consider the model of Time Petri Nets (TPN) "à la Merlin" where a time interval is associated with the firing of a transition, but we extend it with open intervals. We also consider Timed Automata (TA) as defined by Alur & Dill. We investigate some questions related to expressiveness for these models : we study the impact of slight variations of semantics for TPN and we compare the expressive power of TA and TPN, with respect to both time language acceptance and weak time bisimilarity. We prove that TA and bounded TPNs (enlarged with strict constraints) are equivalent w.r.t. timed language equivalence, providing an efficient construction of a TPN equivalent to a TA. We then exhibit a TA A such that no TPN (even unbounded) is weakly bisimilar to A. Because of this last result, it is natural to try and identify the (strict) subclass of TA that is equivalent to TPN w.r.t. weak timed bisimilarity. Thus we give some further results: 1) we characterize the subclass TA − of TA that is equivalent to the original model of TPN as defined by Merlin, i.e. restricted to closed intervals, 2) we show that the associated membership problem for TA − is P SP ACE-complete and 3) we prove that the reachability problem for TA − is also P SP ACE-complete.

show abstract

Systems and Software Verification

et al. 2001

View full text Add to dashboard Cite

show abstract

Characterization of the Expressive Power of Silent Transitions in Timed Automata

et al. 1998

View full text Add to dashboard Cite

Quantifying opacity

Bérard¹,

Mullins²,

Sassolas³

2014

Math. Struct. Comp. Sci.

View full text Add to dashboard Cite

Opacity is a general language-theoretic framework in which several security properties of a system can be expressed. Its parameters are a predicate, given as a subset of runs of the system, and an observation function, from the set of runs into a set of observables. The predicate describes secret information in the system and, in the possibilistic setting, it is opaque if its membership cannot be inferred from observation. In this paper, we propose several notions of quantitative opacity for probabilistic systems, where the predicate and the observation function are seen as random variables. Our aim is to measure (i) the probability of opacity leakage relative to these random variables and (ii) the level of uncertainty about membership of the predicate inferred from observation. We show how these measures extend possibilistic opacity, we give algorithms to compute them for regular secrets and observations, and we apply these computations on several classical examples. We finally partially investigate the non-deterministic setting. † Part of this work has been published in the proceedings of Qest'10 (Bérard et al. 2010).

show abstract

Reachability Analysis of (Timed) Petri Nets Using Real Arithmetic

Bérard

Fribourg

1999

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.