# Lecture Notes in Computer Science

4346

Commenced Publication in 1973
Founding and Former Series Editors:
Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen

## **Editorial Board**

David Hutchison

Lancaster University, UK

Takeo Kanade

Carnegie Mellon University, Pittsburgh, PA, USA

Josef Kittler

University of Surrey, Guildford, UK

Jon M. Kleinberg

Cornell University, Ithaca, NY, USA

Friedemann Mattern

ETH Zurich, Switzerland

John C. Mitchell

Stanford University, CA, USA

Moni Naor

Weizmann Institute of Science, Rehovot, Israel

Oscar Nierstrasz

University of Bern, Switzerland

C. Pandu Rangan

Indian Institute of Technology, Madras, India

Bernhard Steffen

University of Dortmund, Germany

Madhu Sudan

Massachusetts Institute of Technology, MA, USA

Demetri Terzopoulos

University of California, Los Angeles, CA, USA

Doug Tygar

University of California, Berkeley, CA, USA

Moshe Y. Vardi

Rice University, Houston, TX, USA

Gerhard Weikum

Max-Planck Institute of Computer Science, Saarbruecken, Germany

Luboš Brim Boudewijn Haverkort Martin Leucker Jaco van de Pol (Eds.)

# Formal Methods: Applications and Technology

11th International Workshop, FMICS 2006 and 5th International Workshop, PDMC 2006 Bonn, Germany, August 26-27, and August 31, 2006 Revised Selected Papers



#### Volume Editors

Luboš Brim Masaryk University Botanicka 68a, 602 00 Brno, Czech Republic E-mail: brim@fi.muni.cz

Boudewijn Haverkort University of Twente

P.O. Box 217, 7500AE Enschede, The Netherlands

E-mail: brh@cs.utwente.nl

Martin Leucker Technische Universität München Boltzmannstr. 3, 85748 Garching, Germany E-mail: leucker@in.tum.de

Jaco van de Pol Centrum voor Wiskunde en Informatica, SEN 2 P.O. Box 94079, 1090 GB Amsterdam, The Netherlands E-mail: Jaco van de Pol@cwi.nl

E main succession of Commi

Library of Congress Control Number: 2007921124

CR Subject Classification (1998): D.2.4, D.2, D.3, C.3, F.3

LNCS Sublibrary: SL 2 – Programming and Software Engineering

ISSN 0302-9743

ISBN-10 3-540-70951-7 Springer Berlin Heidelberg New York ISBN-13 978-3-540-70951-0 Springer Berlin Heidelberg New York

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law.

Springer is a part of Springer Science+Business Media

springer.com

© Springer-Verlag Berlin Heidelberg 2007 Printed in Germany

Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper SPIN: 12021901 06/3142 5 4 3 2 1 0

# **Preface**

These are the joint final proceedings of the 11th International Workshop on Formal Methods for Industrial Critical Systems (FMICS 2006) and the fifth International Workshop on Parallel and Distributed Methods in Verification (PDMC 2006). Both workshops were organized as satellite events of CONCUR 2006, the 17th International Conference on Concurrency Theory that was organized in Bonn, August 2006.

The FMICS workshop continued successfully the aim of the FMICS working group – to promote the use of formal methods for industrial applications, by supporting research in this area and its application in industry. The emphasis in these workshops is on the exchange of ideas between researchers and practitioners, in both industry and academia.

This year the Program Committee received a record number of submissions. The 16 accepted regular contributions and 2 accepted tool papers, selected out of a total of 47 submissions, cover formal methodologies for handling large state spaces, model-based testing, formal description and analysis techniques as well as a range of applications and case studies.

The workshop program included two invited talks, by Anna Slobodova from Intel on "Challenges for Formal Verification in an Industrial Setting" and by Edward A. Lee from the University of California at Berkeley on "Making Concurrency Mainstream." The former full paper can be found in this volume.

Following the tradition of previous workshops, the European Association of Software Science and Technology (EASST) supported a best paper award. This award was granted to Michael Weber and Moritz Hammer for their excellent paper "'To Store or Not To Store' Reloaded: Reclaiming Memory on Demand."

The primary goal of the PDMC workshop series is to present and discuss recent developments in the young area of parallel and distributed methods in verification. Several verification techniques, ranging over model checking, equivalence checking, theorem proving, constraint solving and dependability analysis are addressed by the PDMC community. Verification problems are usually very demanding tasks, especially because the systems that we build and want to verify become increasingly complex.

On the other hand, parallel and distributed computing machinery is widely available. Algorithms and tools must be developed to use this hardware optimally for our verification tasks. Traditionally, we studied algorithms for homogeneous situations, such as parallel shared-memory computers and distributed clusters of PCs. Currently, the emphasis is shifting towards heterogeneous GRIDs. But even modern desktop PCs are quite heterogeneous, consisting of multiple core processors, various memory devices and cache levels, all with their own performance characteristics.

#### VI Preface

This year's PDMC had nine submissions; six papers were selected for presentation, and four papers were accepted for publication in this volume. In addition, Luboš Brim from Masaryk University, Brno, gave an invited lecture on "Distributed Verification: Exploring the Power of Raw Computing Power." The full paper can also be found in this volume.

We would like to thank all authors for their submissions. We would also like to thank the members of both Program Committees, and the additional referees, for their timely reviewing and lively participation in the subsequent discussion—the quality of the contributions in this volume are also due to their efforts and expertise.

The organizers wish to thank CONCUR for hosting the FMICS and PDMC 2006 workshops and taking care of many administrative aspects, and ERCIM for its financial support of FMICS. Additionally, the organizers would like to thank the EASST (European Association of Software Science and Technology), the Faculty of Informatics, Masaryk University Brno and the Technical University Munich, the CWI (Center of Mathematics and Computer Science, Amsterdam) and the University of Twente for supporting these events.

December 2006

Luboš Brim Boudewijn R. Haverkort Martin Leucker Jaco van de Pol

# Organization

## **FMICS**

# **Program Chairs**

Luboš Brim Masaryk University Brno, Czech Republic Martin Leucker Technical University of Munich, Germany

## **Program Committee**

Rance Cleaveland University of Maryland, USA

Wan Fokkink Vrije Universiteit Amsterdam and CWI, The

Netherlands

Stefania Gnesi ISTI-CNR, Italy Susanne Graf VERIMAG, France

David Harel Weizmann Institute of Science, Israel

Klaus Havelund Kestrel Technology, USA Thomas A. Henzinger EPFL, Switzerland

Leszek Holenderski Philips Research, The Netherlands Stefan Kowalewski RWTH Aachen University, Germany Marta Kwiatkowska University of Birmingham, UK Salvatore La Torre Universitá degli Studi di Salerno, Italy

Tiziana Margaria University of Göttingen, Germany

Radu Mateescu INRIA Rhône-Alpes and ENS Lyon, France

Doron Peled University of Warwick, UK Ernesto Pimentel University of Malaga, Spain

Andreas Podelski Max-Planck-Institut für Informatik, Germany

Don Sannella University of Edinburgh, UK

Joseph Sifakis VERIMAG, France

### **PDMC**

# **Program Chairs**

Boudewijn Haverkort University of Twente, The Netherlands Jaco van de Pol CWI Amsterdam, The Netherlands

#### Program Committee

Gerd Behrmann Aalborg University, Denmark

Ivana Černá Masaryk University Brno, Czech Republic Gianfranco Ciardo University of California at Riverside, USA

Joerg Denzinger University of Calgary, Canada

#### VIII Organization

M. V. Cengarle

Hubert Garavel INRIA Rhône-Alpes, France Orna Grumberg Technion, Haifa, Israel

William Knottenbelt Imperial College, London, UK Marta Kwiatkowska University of Birmingham, UK

Martin Leucker Technical University of Munich, Germany

# Referees (FMICS and PDMC)

C. Joubert

I. Černá C. Artho M. Kuntz D. Parker Y. Atir F. Ciesinski F. Lang G. Parlato R. Atkey M. Faella. P. Lopez G. Salaün J. Barnat A. Fantechi K. MacKenzie W. Serwe M. ter Beek M. Felici P. Maier F. Sorrentino M. van der Bijl A. J. Fernandez S. Maoz J. Tenzer B. Bollig M. Fruth F. Mazzanti A. Venet A. Wijs L. Bozzelli N. Geisweiller R. Merom A. Bucchiarone A. Goldberg A. Murano T. Willemse D. Calvanese A. Idani G. Norman V. Wolf

M. Parente

# Table of Contents

| Invited Contributions                                                                                                  |     |
|------------------------------------------------------------------------------------------------------------------------|-----|
| Challenges for Formal Verification in Industrial Setting                                                               | 1   |
| Distributed Verification: Exploring the Power of Raw Computing Power                                                   | 23  |
| FMICS                                                                                                                  |     |
| An Easy-to-Use, Efficient Tool-Chain to Analyze the Availability of Telecommunication Equipment                        | 35  |
| "To Store or Not To Store" Reloaded: Reclaiming Memory on Demand                                                       | 51  |
| Discovering Symmetries                                                                                                 | 67  |
| On Combining Partial Order Reduction with Fairness Assumptions  Luboš Brim, Ivana Černá, Pavel Moravec, and Jiří Šimša | 84  |
| Test Coverage for Loose Timing Annotations                                                                             | 100 |
| Model-Based Testing of a WAP Gateway: An Industrial Case-Study $\dots$ $Anders\ Hessel\ and\ Paul\ Pettersson$         | 116 |
| Heuristics for <b>ioco</b> -Based Test-Based Modelling                                                                 | 132 |
| Verifying VHDL Designs with Multiple Clocks in SMV                                                                     | 148 |
| Verified Design of an Automated Parking Garage                                                                         | 165 |
| Evaluating Quality of Service for Service Level Agreements                                                             | 181 |

| Simulation-Based Performance Analysis of a Medical Image-Processing Architecture                   | 195 |
|----------------------------------------------------------------------------------------------------|-----|
| Blasting Linux Code                                                                                | 211 |
| A Finite State Modeling of AFDX Frame Management Using Spin Indranil Saha and Suman Roy            | 227 |
| UML 2.0 State Machines: Complete Formal Semantics Via Core State Machines                          | 244 |
| Automated Incremental Synthesis of Timed Automata                                                  | 261 |
| SAT-Based Verification of LTL Formulas                                                             | 277 |
| jmle: A Tool for Executing JML Specifications Via Constraint Programming  Ben Krause and Tim Wahls | 293 |
| Goanna—A Static Model Checker                                                                      | 297 |
| PDMC                                                                                               |     |
| Parallel SAT Solving in Bounded Model Checking                                                     | 301 |
| Parallel Algorithms for Finding SCCs in Implicitly Given Graphs<br>Jiří Barnat and Pavel Moravec   | 316 |
| Can Saturation Be Parallelised? – On the Parallelisation of a Symbolic State-Space Generator       | 331 |
| Distributed Colored Petri Net Model-Checking with Cyclades                                         | 347 |
| Author Index                                                                                       | 363 |