The course  System Validation uses the following reading materials :

Modelling and Analysis of Communicating Systems , J.F.Groote and M.R. Mousavi, Eindhoven University of Technology, Eindhoven, 2012.
Modelling Distributed Systems , W. Fokkink, Eindhoven University of Technology, Eindhoven, 2011.
Reactive Systems , L. Aceto, Cambridge, 2007.

## Modelling and Analysis of Communicating Systems

Reference: J. F. Groote & M. R. Mousavi (2012), Modelling and Analysis of Communicating Systems.

You can find the first 5 chapters here.

## Modelling Distributed Systems

Reference: Jan Friso Groote & Michel Reniers (2011), Modelling and Analysis of Communicating Systems. Eindhoven University of Technology.

A distributed system is driven by separate components that are being executed in parallel. In today’s world of wireless and mobile networking, protocols for distributed systems form a major aspect of system design. Verifying the correctness of such protocols is usually a formidable task, as even simple behaviours become wildly complicated when they are executed in parallel. In order to study distributed systems in detail, it is imperative that they are dissected into their concurrent components.

Process algebra focuses on the specification and manipulation of process terms as induced by a collection of operator symbols. Process algebras such as CCS [24, 84, 86], CSP [67, 68, 95] and ACP [11, 5, 43] have proven to be nice basic languages for the description of elementary parallel systems and they are well equipped for the study of behavioural properties of distributed systems. Fundamental to process algebra is a parallel operator, to break down systems into their concurrent components. Most process algebras contain basic operators to build nite processes, communication operators to express concurrency, and some notion of recursion to capture in nite behaviour. Moreover, a special hiding operator allows one to abstract away from internal computations. In process algebras, each operator in the languageis given meaning through a characterising set of equations called axioms. If two process termscan be equated by means of the axioms, then they constitute equivalent processes. Thus the axioms form an elementary basis for equational reasoning about processes. System behaviour generally consists of a mix of processes and data. Processes are the control mechanisms for the manipulation of data. While processes are dynamic and active, data are static and passive. In algebraic speci cation, each data type is de ned by declaring a collection of function symbols, from which one can build data terms, together with a set of axioms, saying which data terms are equal. Algebraic speci cation allows one to give relatively simple and precise de nitions of abstract data types. A major advantage of this approach is that it is easily explained and formally de ned, and that it constitutes a uniform framework for de ning general data types. Moreover, all properties of a data type must be explicitly denoted, and henceforth it is clear which assumptions can be used when proving properties about data or processes. Term rewriting  provides a straightforward method for implementing algebraic speci cations of abstract data types. Concluding, as long as one is interested in clear and precise speci cations, and not in optimised implementations, algebraic speci cation is the best available method. However, one should be aware that it does not allow one to use high-level constructs for compact speci cation of complex data types, nor optimisations supporting fast computation (such as decimal representations of natural numbers). Process algebras tend to lack the ability to handle data. In case data becomes part of a process theory, one often has to resort to in nite sets of axioms where variables are indexed with data values. In order to make data a rst class citizen in the study of processes, the language micro CRL has been developed,1 denoted CRL (or mCRL, if Greek letters are unavailable). Basically, CRL is based on the process algebra ACP, extended with equational abstract data types. In order to intertwine processes with data, actions and recursion variables can be parametrised with data types.

## An overview of the book

This text is set up as follows. Chapter 2 gives an introduction into the algebraic speci cation of abstract data types. Chapter 3 provides an overview of process algebra, and explains the basics of the speci cation language CRL. In Chapter 5 it is explained how one can abstract away from the internal computation steps of a process. Chapter 6 contains a number of CRL speci cations of protocols from the literature, together with extensive explanations to guide the reader through these speci cations. In Chapter 8 a number of standard process algebraic techniques are described that can be used in the veri cation of CRL speci cations. In Chapter 10, these techniques are applied in the veri cation of the tree identify protocol and a sliding window protocol. Chapter 7 describes algorithms on graphs. In Chapter 9, techniques are presented to analyse and adapt CRL speci cations on a symbolic level. Chapter 11 gives an overview and some applications of an extension of the language CRL with time. Finally, Chapter 12 contains a short overview of the CRL toolset.

## Reactive Systems

Reference: Luca Aceto & Anna Ingólfsdóttir (2007), Reactive Systems. Cambridge University Press. ISBN 978-0521875462

Formal methods is the term used to describe the specification and verification of software and software systems using mathematical logic. Various methodologies have been developed and incorporated into software tools. An important subclass is distributed systems. There are many books that look at particular methodologies for such systems, e.g. CSP, process algebra. This book offers a more balanced introduction for graduate students that describes the various approaches, their strengths and weaknesses, and when they are best used. Milner’s CCS and its operational semantics are introduced, together with notions of behavioral equivalence based on bisimulation techniques and with variants of Hennessy-Milner modal logics. Later in the book, the presented theories are extended to take timing issues into account. The book has arisen from various courses taught in Iceland and Denmark and is designed to give students a broad introduction to the area, with exercises throughout.

## Preface

Part I. A Classic Theory of Reactive Systems: 1. Introduction; 2. The language CCS; 3. Behavioural equivalences; 4. Theory of fixed points and bisimulation equivalence; 5. Hennessy-Milner logic; 6. Hennessy-Milner logic with recursive definitions; 7. Modelling and analysis of mutual exclusion algorithms; Part II. A Theory of Real-Time Systems: 8. Introduction; 9. CCS with time delays; 10. Timed automata; 11. Timed behavioural equivalences; 12. Hennessy-Milner logic with time; 13. Modelling and analysis of Fischer’s algorithm; Appendix; Bibliography; Index. 