The use of model checkers to solve discrete optimisation problems is appealing. A model checker can first be used to verify that the model of the problem is correct. Subsequently, the same model can be used to find an optimal solution for the problem. This paper describes how to apply the new Promela primitives of Spin 4.0 to search effectively for the… (More)
SpinJa is a model checker for promela, implemented in Java. SpinJa is designed to behave similarly to Spin, but to be more easily extendible and reusable. Despite the fact that SpinJa uses a lay-ered object-oriented design and is written in Java, SpinJa's performance is reasonable: benchmark experiments have shown that, in exhaustive mode, SpinJa is about… (More)
This paper concerns the transfer of les via a lossy communication channel. It formally speciies this le transfer service in a property-oriented way and investigates|using two diierent techniques|whether a given bounded retransmission protocol conforms to this service. This protocol is based on the well-known alternating bit protocol but allows for a bounded… (More)
This paper concerns the transfer of les via a lossy communication channel. It formally speciies this le transfer service in a property-oriented way and investigates|using two diierent techniques| whether a given bounded retransmission protocol conforms to this service. This protocol is based on the well-known alternating bit protocol but allows for a… (More)
M-health systems are safety critical systems intended for use by the public and are therefore characterized by especially strict requirements relating to safety, security, correctness, reliability, adaptability and user friendliness. This position paper proposes a methodology which realizes the MDA approach by utilizing formal methods to support… (More)
Since the introduction of the rst version of the model checker Spin in 1991, many papers have been written on improvements to the tool and on industrial applications of the tool. Less attention has been given to the pragmatic use of Spin. This paper presents several techniques to optimise both the modelling and veriication activities when using Spin.
This paper discusses validation projects carried out for the Mobile Communication Division of Robert Bosch GmbH. We veriied parts of their Mobile Communication Network (MCNet), a communication system which is to be used in infotainment systems of future cars. The protocols of the MCNet have been modelled in Promela and validated with Spin. Apart from the… (More)
MoonWalker is a software model checker for cil bytecode programs, which is able to detect deadlocks and assertion violations in cil assemblies, better known as Microsoft .NET programs. The design of MoonWalker is inspired by the Java PathFinder (jpf), a model checker for Java programs. The performance of MoonWalker is on par with jpf. This paper presents… (More)