Lilia Georgieva

Learn More
This paper investigates the use of hyperresolution as a decision procedure and model builder for guarded formulae. In general hyperresolution is not a decision procedure for the entire guarded fragment. However we show that there are natural fragments which can be decided by hyperresolution. In particular, we prove decidabil-ity of hyperresolution with or(More)
Verification of programs requires reasoning about sets of program states. In case of programs manipulating pointers, program states are pointer graphs. Verification of such programs involves reasoning about unbounded sets of graphs. Three-valued shape analysis (Sagiv et. al.) is an approach based on explicit manipulation of 3-valued shape graphs, which(More)
The guarded fragment and its extensions and subfragments are often considered as a framework for investigating the properties of description logics. There are also other, some less well-known, decidable fragments of first-order logic which all have in common that they generalise the standard translation of ALC to first-order logic. We provide a short survey(More)
In this paper we define a new clausal class, called BU , which can be decided by hyperresolution with splitting. We also consider the model generation problem for BU and show that hyperresolution plus splitting can also be used as a Herbrand model generation procedure for BU and, furthermore, that the addition of a local minimality test allows us to(More)
This paper describes a number of hyperresolution-based decision procedures for a subfragment of the guarded fragment. We first present a polynomial space decision procedure of optimal worst-case space and time complexity for the fragment under consideration. We then consider minimal model generation procedures which construct all and only minimal Herbrand(More)
We propose a bounded model checking procedure for programs manipulating dynamically allocated pointer structures. Our procedure checks whether a program execution of length n ends in an error (e. g., a NULL dereference) by testing if the weakest precondition of the error condition together with the initial condition of the program (e. g., program variable x(More)
The guarded fragment [1] and its extensions and subfragments have often been considered as a framework for investigating the properties of description logics [8, 18]. But there are other decidable fragments which all have in common that they generalise the standard translation of ALC to first-order logic. We provide a short survey of some of these fragments(More)
• Devil's Advocate: " Program testing can be used to show the presence of defects, but never their absence! " Dijkstra " We can never be certain that a testing system is correct. " Manna • In Defence of Testing: – Testing is the process of showing the presence of defects. – There is no absolute notion of " correctness ". – Testing remains the most cost(More)
We investigate description logics as a framework for symbolic shape analysis. We propose a predicate abstraction based shape analysis, parameterized by a DL to represent the abstraction predicates. Depending on the chosen logic, sharing, reachability and separation in pointer data structures are expressible. Our work follows the trend in symbolic shape(More)
This paper proposes a modelling and verification approach for data transmission over a multichannel wireless local area network (WLAN). The approach uses typed first-order logic as a specification language. We analyse a system which transmits data securely in the presence of the classic Man in The Middle (MitM) attack using Alloy. We develop a methodology(More)