TAGED Approximations for Temporal Properties Model-Checking

Abstract: Abstract. This paper investigates the use of tree automata with global equalities and disequalities (TAGED for short) in reachability analysis over term rewriting systems (TRSs). The reachability problem being in general undecidable on non terminating TRSs, we provide TAGEDbased construction, and then design approximation-based semi-decision procedures to model-check useful temporal patterns on in nite state rewriting graphs. To show that the above TAGED-based construction can be e ectively carried out, comple… Show more

“…For instance, given a rewrite system R, of which X, Y ⊆ R are subsets, and an initial language Π, the LTL property (X ⇒ •Y) signifies that whenever an accessible term is rewritten by some rewrite rule in X, then the resulting term can be rewritten by some rule in Y, and not by any other rule. As shown in [7], that property is satisfied if and only if the following rewrite proposition holds: [R \ Y] X (R * (Π)) = ∅ ∧ X (R * (Π)) ⊆ Y −1 (T(A)), where R * (Π) is the transitive-reflexive forward closure of Π by R, and T(A) is the set of all trees. The point of translating satisfaction in terms of rewrite propositions is that they present a more tractable intermediary form which can itself be translated into automata-based (semi-)decision procedures.…”

“…This technique has been successfully used to prove the security of cryptographic protocols [11] and Java Bytecode programs [3]. When proving security, reachability analysis over sets of terms can be guided by temporal logic properties, like e.g., in [7,6].…”

“…In [7], three specific Linear Temporal Logic (LTL) formulae -chosen for their relevance to model-checking [13], in particular with respect to Java MIDLets, in the framework of the French ANR RAVAJ project -have been translated into what we will call rewrite propositions, with respect to straightforward semantics for LTL on finite words. For instance, given a rewrite system R, of which X, Y ⊆ R are subsets, and an initial language Π, the LTL property (X ⇒ •Y) signifies that whenever an accessible term is rewritten by some rewrite rule in X, then the resulting term can be rewritten by some rule in Y, and not by any other rule.…”

From Linear Temporal Logic Properties to Rewrite Propositions

“…For instance, given a rewrite system R, of which X, Y ⊆ R are subsets, and an initial language Π, the LTL property (X ⇒ •Y) signifies that whenever an accessible term is rewritten by some rewrite rule in X, then the resulting term can be rewritten by some rule in Y, and not by any other rule. As shown in [7], that property is satisfied if and only if the following rewrite proposition holds: [R \ Y] X (R * (Π)) = ∅ ∧ X (R * (Π)) ⊆ Y −1 (T(A)), where R * (Π) is the transitive-reflexive forward closure of Π by R, and T(A) is the set of all trees. The point of translating satisfaction in terms of rewrite propositions is that they present a more tractable intermediary form which can itself be translated into automata-based (semi-)decision procedures.…”

“…This technique has been successfully used to prove the security of cryptographic protocols [11] and Java Bytecode programs [3]. When proving security, reachability analysis over sets of terms can be guided by temporal logic properties, like e.g., in [7,6].…”

“…In [7], three specific Linear Temporal Logic (LTL) formulae -chosen for their relevance to model-checking [13], in particular with respect to Java MIDLets, in the framework of the French ANR RAVAJ project -have been translated into what we will call rewrite propositions, with respect to straightforward semantics for LTL on finite words. For instance, given a rewrite system R, of which X, Y ⊆ R are subsets, and an initial language Π, the LTL property (X ⇒ •Y) signifies that whenever an accessible term is rewritten by some rewrite rule in X, then the resulting term can be rewritten by some rule in Y, and not by any other rule.…”

From Linear Temporal Logic Properties to Rewrite Propositions

“…Tree automata turned out to be a very convenient way for modeling and proving properties on infinite systems like communication protocols [1]- [3], multi-threaded Java byte code programs [4], [5], etc. Moreover, numerous recent works on analysis of structured XML-like documents and on validation of their transformations [6]- [9] exploit tree automata for their encoding.…”

“…Unlike general tree automata, TAGEDs allow expressing constraints useful e.g., for evaluating queries over XML documents. TAGEDs are also useful for security protocol verification [12], and for LTL model-checking of infinite states systems [5]. When processing and analysing XML documents, queries exploit the membership problem for TAGEDs.…”

SAT Solvers for Queries over Tree Automata with Constraints