#modelchecking — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #modelchecking, aggregated by home.social.
-
#Quint, a language built on top of #TLA+ to make formal specifications more accessible.
Crazy that #LLM coding will make formal verification mainstream in the next 2 - 3 years.
#FormalVerification #TLAPlus #Testing #ModelChecking #Concurrency #Prediction
-
#Quint, a language built on top of #TLA+ to make formal specifications more accessible.
Crazy that #LLM coding will make formal verification mainstream in the next 2 - 3 years.
#FormalVerification #TLAPlus #Testing #ModelChecking #Concurrency #Prediction
-
#Quint, a language built on top of #TLA+ to make formal specifications more accessible.
Crazy that #LLM coding will make formal verification mainstream in the next 2 - 3 years.
#FormalVerification #TLAPlus #Testing #ModelChecking #Concurrency #Prediction
-
#Quint, a language built on top of #TLA+ to make formal specifications more accessible.
Crazy that #LLM coding will make formal verification mainstream in the next 2 - 3 years.
#FormalVerification #TLAPlus #Testing #ModelChecking #Concurrency #Prediction
-
#Quint, a language built on top of #TLA+ to make formal specifications more accessible.
Crazy that #LLM coding will make formal verification mainstream in the next 2 - 3 years.
#FormalVerification #TLAPlus #Testing #ModelChecking #Concurrency #Prediction
-
BSDCan https://www.bsdcan.org/2026/ Talk Saturday 2026-06-20: 09:45 - 10:35 DMS 1110
Model Checking in BSD Userland and Kernel
Justin Handville
https://www.bsdcan.org/2026/timetable/timetable-Model-Checking-in.html
To register https://www.bsdcan.org/2026/registration.html @bsdcan #freebsd #modelchecking -
I cannot get enough of our shared Vulgar Technobabble that we #ComputerScientists speak. Even #ACM #TuringAward winning blokes speak this way.🤣
Interviewer—What is a good way to understand what #ModelChecking is and what it does?
#AllenEmerson—[staring intently at his toes] Well, uh, in "layman's terms", model checking is an algorithmic method of verifying correctness of nominally finite state systems, uh, against a specification that's typically given in temporal logic. Uh, if the model checker, the model checking tool that's been implemented, uh, returns "yes", then the system is correct. If it, uh, returns "no", the specification is violated, and a counterexample is produced.
Sure, we get it; it is but #SoftwareVerification in so many words. But does a "layman" get it?
-
I cannot get enough of our shared Vulgar Technobabble that we #ComputerScientists speak. Even #ACM #TuringAward winning blokes speak this way.🤣
Interviewer—What is a good way to understand what #ModelChecking is and what it does?
#AllenEmerson—[staring intently at his toes] Well, uh, in "layman's terms", model checking is an algorithmic method of verifying correctness of nominally finite state systems, uh, against a specification that's typically given in temporal logic. Uh, if the model checker, the model checking tool that's been implemented, uh, returns "yes", then the system is correct. If it, uh, returns "no", the specification is violated, and a counterexample is produced.
Sure, we get it; it is but #SoftwareVerification in so many words. But does a "layman" get it?
-
I cannot get enough of our shared Vulgar Technobabble that we #ComputerScientists speak. Even #ACM #TuringAward winning blokes speak this way.🤣
Interviewer—What is a good way to understand what #ModelChecking is and what it does?
#AllenEmerson—[staring intently at his toes] Well, uh, in "layman's terms", model checking is an algorithmic method of verifying correctness of nominally finite state systems, uh, against a specification that's typically given in temporal logic. Uh, if the model checker, the model checking tool that's been implemented, uh, returns "yes", then the system is correct. If it, uh, returns "no", the specification is violated, and a counterexample is produced.
Sure, we get it; it is but #SoftwareVerification in so many words. But does a "layman" get it?
-
I cannot get enough of our shared Vulgar Technobabble that we #ComputerScientists speak. Even #ACM #TuringAward winning blokes speak this way.🤣
Interviewer—What is a good way to understand what #ModelChecking is and what it does?
#AllenEmerson—[staring intently at his toes] Well, uh, in "layman's terms", model checking is an algorithmic method of verifying correctness of nominally finite state systems, uh, against a specification that's typically given in temporal logic. Uh, if the model checker, the model checking tool that's been implemented, uh, returns "yes", then the system is correct. If it, uh, returns "no", the specification is violated, and a counterexample is produced.
Sure, we get it; it is but #SoftwareVerification in so many words. But does a "layman" get it?
-
I cannot get enough of our shared Vulgar Technobabble that we #ComputerScientists speak. Even #ACM #TuringAward winning blokes speak this way.🤣
Interviewer—What is a good way to understand what #ModelChecking is and what it does?
#AllenEmerson—[staring intently at his toes] Well, uh, in "layman's terms", model checking is an algorithmic method of verifying correctness of nominally finite state systems, uh, against a specification that's typically given in temporal logic. Uh, if the model checker, the model checking tool that's been implemented, uh, returns "yes", then the system is correct. If it, uh, returns "no", the specification is violated, and a counterexample is produced.
Sure, we get it; it is but #SoftwareVerification in so many words. But does a "layman" get it?
-
ESBMC - An Efficient SMT-based Bounded Model Checker
https://ssvlab.github.io/esbmc/
"ESBMC is an open-source, [...], context-bounded model checker based on satisfiability modulo theories for verifying single- and multi-threaded C/C++ programs. It does not require the user to annotate the programs with pre- or postconditions, but allows the user to state additional properties using assert-statements, that are then checked as well."
1/3
-
Understandable & predictable performance has its benefits!
-
The inner magic behind the Z3 theorem prover - Microsoft Research (October 2019):
https://www.microsoft.com/en-us/research/blog/the-inner-magic-behind-the-z3-theorem-prover/
-
Well, I am stuck and stuck hard on #Ivy. Here's my first toy example: https://gist.github.com/mgritter/17b455a33222e22d2b9627db36c0eaff
I want a system where I provide a left number, then a right number, then update a running sum with the absolute value of their difference.
What I get when I try to state that the sum should be increasing is nonsense models of the numbers like
0:num + 0 = 0
0:num + 1 = 0
1:num + 0 = 0
1:num + 1 = 0Which is a possible model of the + function, I get it! But I cannot convince Ivy to exclude that model. (I think the model of < may be wrong too, but for some reason it's not including that.)
@redmp any thoughts on what I'm doing wrong?
-
Okay, I no longer hate all large language models 😉
If I understand correctly here they trained an LLM to not try to solve epistemic logic puzzles by itself, but to translate the problem to the input format of my model checker SMCDEL and then ask that 😎 https://arxiv.org/abs/2404.15515
-
A Practical Approach for Model Checking C/C++11 code, http://plrg.eecs.uci.edu/publications/toplas16.pdf.
-
We have an exciting opportunity for a PostDoc
to work applying formal methods to enterprise systems: We will develop
techniques to detect faults and vulnerabilities in complex business-process-driven systems, contributing to
protecting critical workflows such as manufacturing, or logistics.Apply until the 18th April 2024:
https://jobs.exeter.ac.uk/hrpr_webrecruitment/wrd/run/etrec179gf.open?WVID=171839ediw&LANG=USA&VACANCY_ID=386422ijTy#Fedihire #Job #BPMN #BPL #FormalMethods #AcademicChatter #Security #ITP #Z3 #postdoc #unijobs
#ModelChecking #EnterpriseSecurity -
Related to the curl vulnerability, does anyone have any current favorite tools for doing things like designing state machines or behavior trees such that the model is amenable to checking and ready to go through some code generation so that it can be consumed by a general purpose PL? #ModelChecking https://mastodon.social/@bagder/111214879350843575
-
I am listening to the @ttforall podcast with Jimmy Koppel on which parts of CS theory all software engineers should learn about (see also his blog post from 2021 on why programmers should(n't) learn theory). Now I'm curious to learn which parts of "theory" you think are the most useful for a software engineer.
Please boost this so this also finds an audience beyond the types community!
#SoftwareEngineering #Education #TypeTheory #ProgramVerification #AbstractInterpretation #ProofAssistant #HoareLogic #ModelChecking #SMT #OperationalSemantics #CategoryTheory #DomainTheory
-
I used to work on access control models: specifying them using some formal specification language (like Event-B or #TLA+), and then proving their correctness or finding bugs with deductive #verification and #ModelChecking tools. Very excited to read this overview, I can already see it contains a lot of things I want to know more about
-
Gonna try some TLA+ / PlusCal for a work project again - this time using the command-line, because I found the IDE didn't work well with my desires for automation and version control.
@ParslProject has a task dispatcher and the bit of code which ensures the right number of tasks are on worker nodes always feels quite fragile to me - so I'm going to investigate around that.
-
CW: research review
A. Bajwa et al., "Stack-Aware Hyperproperties"¹
A hyperproperty relates executions of a program and is used to formalize security objectives such as confidentiality, non-interference, privacy, and anonymity. Formally, a hyperproperty is a collection of allowable sets of executions. A program violates a hyperproperty if the set of its executions is not in the collection specified by the hyperproperty. The logic HyperCTL^* has been proposed in the literature to formally specify and verify hyperproperties. The problem of checking whether a finite-state program satisfies a HyperCTL^* formula is known to be decidable. However, the problem turns out to be undecidable for procedural (recursive) programs. Surprisingly, we show that decidability can be restored if we consider restricted classes of hyperproperties, namely those that relate only those executions of a program which have the same call-stack access pattern. We call such hyperproperties, \emph{stack-aware hyperproperties.} Our decision procedure can be used as a proof method for establishing security objectives such as noninference for recursive programs, and also for refuting security objectives such as observational determinism. Further, if the call stack size is observable to the attacker, the decision procedure provides exact verification.
#ResearchPapers #arXiv #Logic #TemporalLogic #ModelChecking
__
¹ https://arxiv.org/abs/2301.11521 -
Mostly, software interfaces are only defined by their signature and without a formal description of the admissible behavior and timing assumptions.
#ComMA provides a family of domain-specific languages that integrate existing techniques from formal behavioral and time modeling and is easily extensible.
#SoftwareEngineering
#Interfaces
#Modelling
#ModelChecking
#CodeGeneration -
I am listening to the @ttforall podcast with Jimmy Koppel on which parts of CS theory all software engineers should learn about (see also his blog post from 2021 on why programmers should(n't) learn theory). Now I'm curious to learn which parts of "theory" you think are the most useful for a software engineer.
Please boost this so this also finds an audience beyond the types community!
#SoftwareEngineering #Education #TypeTheory #ProgramVerification #AbstractInterpretation #ProofAssistant #HoareLogic #ModelChecking #SMT #OperationalSemantics #CategoryTheory #DomainTheory
-
I am listening to the @ttforall podcast with Jimmy Koppel on which parts of CS theory all software engineers should learn about (see also his blog post from 2021 on why programmers should(n't) learn theory). Now I'm curious to learn which parts of "theory" you think are the most useful for a software engineer.
Please boost this so this also finds an audience beyond the types community!
#SoftwareEngineering #Education #TypeTheory #ProgramVerification #AbstractInterpretation #ProofAssistant #HoareLogic #ModelChecking #SMT #OperationalSemantics #CategoryTheory #DomainTheory
-
I am listening to the @ttforall podcast with Jimmy Koppel on which parts of CS theory all software engineers should learn about (see also his blog post from 2021 on why programmers should(n't) learn theory). Now I'm curious to learn which parts of "theory" you think are the most useful for a software engineer.
Please boost this so this also finds an audience beyond the types community!
#SoftwareEngineering #Education #TypeTheory #ProgramVerification #AbstractInterpretation #ProofAssistant #HoareLogic #ModelChecking #SMT #OperationalSemantics #CategoryTheory #DomainTheory
-
I am listening to the @ttforall podcast with Jimmy Koppel on which parts of CS theory all software engineers should learn about (see also his blog post from 2021 on why programmers should(n't) learn theory). Now I'm curious to learn which parts of "theory" you think are the most useful for a software engineer.
Please boost this so this also finds an audience beyond the types community!
#SoftwareEngineering #Education #TypeTheory #ProgramVerification #AbstractInterpretation #ProofAssistant #HoareLogic #ModelChecking #SMT #OperationalSemantics #CategoryTheory #DomainTheory
-
CW: research review
A. Bajwa et al., "Stack-Aware Hyperproperties"¹
A hyperproperty relates executions of a program and is used to formalize security objectives such as confidentiality, non-interference, privacy, and anonymity. Formally, a hyperproperty is a collection of allowable sets of executions. A program violates a hyperproperty if the set of its executions is not in the collection specified by the hyperproperty. The logic HyperCTL^* has been proposed in the literature to formally specify and verify hyperproperties. The problem of checking whether a finite-state program satisfies a HyperCTL^* formula is known to be decidable. However, the problem turns out to be undecidable for procedural (recursive) programs. Surprisingly, we show that decidability can be restored if we consider restricted classes of hyperproperties, namely those that relate only those executions of a program which have the same call-stack access pattern. We call such hyperproperties, \emph{stack-aware hyperproperties.} Our decision procedure can be used as a proof method for establishing security objectives such as noninference for recursive programs, and also for refuting security objectives such as observational determinism. Further, if the call stack size is observable to the attacker, the decision procedure provides exact verification.
#ResearchPapers #arXiv #Logic #TemporalLogic #ModelChecking
__
¹ https://arxiv.org/abs/2301.11521 -
CW: research review
A. Bajwa et al., "Stack-Aware Hyperproperties"¹
A hyperproperty relates executions of a program and is used to formalize security objectives such as confidentiality, non-interference, privacy, and anonymity. Formally, a hyperproperty is a collection of allowable sets of executions. A program violates a hyperproperty if the set of its executions is not in the collection specified by the hyperproperty. The logic HyperCTL^* has been proposed in the literature to formally specify and verify hyperproperties. The problem of checking whether a finite-state program satisfies a HyperCTL^* formula is known to be decidable. However, the problem turns out to be undecidable for procedural (recursive) programs. Surprisingly, we show that decidability can be restored if we consider restricted classes of hyperproperties, namely those that relate only those executions of a program which have the same call-stack access pattern. We call such hyperproperties, \emph{stack-aware hyperproperties.} Our decision procedure can be used as a proof method for establishing security objectives such as noninference for recursive programs, and also for refuting security objectives such as observational determinism. Further, if the call stack size is observable to the attacker, the decision procedure provides exact verification.
#ResearchPapers #arXiv #Logic #TemporalLogic #ModelChecking
__
¹ https://arxiv.org/abs/2301.11521 -
CW: research review
A. Bajwa et al., "Stack-Aware Hyperproperties"¹
A hyperproperty relates executions of a program and is used to formalize security objectives such as confidentiality, non-interference, privacy, and anonymity. Formally, a hyperproperty is a collection of allowable sets of executions. A program violates a hyperproperty if the set of its executions is not in the collection specified by the hyperproperty. The logic HyperCTL^* has been proposed in the literature to formally specify and verify hyperproperties. The problem of checking whether a finite-state program satisfies a HyperCTL^* formula is known to be decidable. However, the problem turns out to be undecidable for procedural (recursive) programs. Surprisingly, we show that decidability can be restored if we consider restricted classes of hyperproperties, namely those that relate only those executions of a program which have the same call-stack access pattern. We call such hyperproperties, \emph{stack-aware hyperproperties.} Our decision procedure can be used as a proof method for establishing security objectives such as noninference for recursive programs, and also for refuting security objectives such as observational determinism. Further, if the call stack size is observable to the attacker, the decision procedure provides exact verification.
#ResearchPapers #arXiv #Logic #TemporalLogic #ModelChecking
__
¹ https://arxiv.org/abs/2301.11521