Computer Science by Mark Timmer
Theoretical Computer Science, 413, 2012
This paper presents a novel linear process-algebraic format for probabilistic automata. The key i... more This paper presents a novel linear process-algebraic format for probabilistic automata. The key ingredient is a symbolic transformation of probabilistic process algebra terms that incorporate data into this linear format while preserving strong probabilistic bisimulation. This generalises similar techniques for traditional process algebras with data, and - more importantly - treats data and data-dependent probabilistic choice in a fully symbolic manner, leading to the symbolic analysis of parameterised probabilistic systems. We discuss several reduction techniques that can easily be applied to our models. A validation of our approach on two benchmark leader election protocols shows reductions of more than an order of magnitude.
Proceedings of the 7th Workshop on Model-Based Testing, 2012
The notion of quiescence - the absence of outputs - is vital in both behavioural modelling and te... more The notion of quiescence - the absence of outputs - is vital in both behavioural modelling and testing theory. Although the need for quiescence was already recognised in the 90s, it has only been treated as a second-class citizen thus far. This paper moves quiescence into the foreground and introduces the notion of quiescent transition systems (QTSs): an extension of regular input-output transition systems (IOTSs) in which quiescence is represented explicitly, via quiescent transitions. Four carefully crafted rules on the use of quiescent transitions ensure that our QTSs naturally capture quiescent behaviour.
We present the building blocks for a comprehensive theory on QTSs supporting parallel composition, action hiding and determinisation. In particular, we prove that these operations preserve all the aforementioned rules. Additionally, we provide a way to transform existing IOTSs into QTSs, allowing even IOTSs as input that already contain some quiescent transitions. As an important application, we show how our QTS framework simplifies the fundamental model-based testing theory formalised around ioco.
Proceedings of the 23rd International Conference on Concurrency Theory, 2012
This paper introduces a framework for the efficient modelling and generation of Markov automata. ... more This paper introduces a framework for the efficient modelling and generation of Markov automata. It consists of (1) the data-rich process-algebraic language MAPA, allowing concise modelling of systems with nondeterminism, probability and Markovian timing; (2) a restricted form of the language, the MLPPE, enabling easy state space generation and parallel composition; and (3) several syntactic reduction techniques on the MLPPE format, for generating equivalent but smaller models.
Technically, the framework relies on an encoding of MAPA into the existing prCRL language for probabilistic automata. First, we identify a class of transformations on prCRL that can be lifted to the Markovian realm using our encoding. Then, we employ this result to reuse prCRL's linearisation procedure to transform any MAPA specification to an equivalent MLPPE, and to lift three prCRL reduction techniques to MAPA. Additionally, we define two novel reduction techniques for MLPPEs. All our techniques treat data as well as Markovian and interactive behaviour in a fully symbolic manner, working on specifications instead of models and thus reducing state spaces prior to their construction. The framework has been implemented in our tool SCOOP, and a case study on polling systems and mutual exclusion protocols shows its practical applicability.
Proceedings of the 8th International Conference on Quantitative Evaluation of SysTems, 2011
This paper presents SCOOP: a tool that symbolically optimises process-algebraic specifications of... more This paper presents SCOOP: a tool that symbolically optimises process-algebraic specifications of probabilistic processes. It takes specifications in the prCRL language (combining data and probabilities), which are linearised first to an intermediate format: the LPPE. On this format, optimisations such as dead-variable reduction and confluence reduction are applied automatically by SCOOP. That way, drastic state space reductions are achieved while never having to generate the complete state space, as data variables are unfolded only locally. The optimised state spaces are ready to be analysed by for instance CADP or PRISM.
Software and Systems Safety: Specification and Verification. NATO Science for Peace and Security Series D: Information and Communication Security 30, 2011
This paper provides a comprehensive introduction to a framework for formal testing using labelled... more This paper provides a comprehensive introduction to a framework for formal testing using labelled transition systems, based on an extension and reformulation of the ioco theory introduced by Tretmans. We introduce the underlying models needed to specify the requirements, and formalise the notion of test cases. We discuss conformance, and in particular the conformance relation ioco. For this relation we prove several interesting properties, and we provide algorithms to derive test cases (either in batches, or on the fly).
Proceedings of the 17th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 2011
This paper presents a novel technique for state space reduction of probabilistic specifications, ... more This paper presents a novel technique for state space reduction of probabilistic specifications, based on a newly developed notion of confluence for probabilistic automata. We prove that this reduction preserves branching probabilistic bisimulation and can be applied on-the-fly. To support the technique, we introduce a method for detecting confluent transitions in the context of a probabilistic process algebra with data, facilitated by an earlier defined linear format. A case study demonstrates that significant reductions can be obtained.
Proceedings of the 10th International Conference on Application of Concurrency to System Design, 2010
This paper presents a novel linear process algebraic format for probabilistic automata. The key i... more This paper presents a novel linear process algebraic format for probabilistic automata. The key ingredient is a symbolic transformation of probabilistic process algebra terms that incorporate data into this linear format while preserving strong probabilistic bisimulation. This generalises similar techniques for traditional process algebras with data, and — more importantly — treats data and data-dependent probabilistic choice in a fully symbolic manner, paving the way to the symbolic analysis of parameterised probabilistic systems.
Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis, 2009
We present a new method for fighting the state space explosion of process algebraic specification... more We present a new method for fighting the state space explosion of process algebraic specifications, by performing static analysis on an intermediate format: linear process equations (LPEs). Our method consists of two steps: (1) we reconstruct the LPE's control flow, detecting control flow parameters that were introduced by linearisation as well as those already encoded in the original specification; (2) we reset parameters found to be irrelevant based on data flow analysis techniques similar to traditional liveness analysis, modified to take into account the parallel nature of the specifications. Our transformation is correct with respect to strong bisimilarity, and never increases the state space. Case studies show that impressive reductions occur in practice, which could not be obtained automatically without reconstructing the control flow.
Proceedings of the 3rd IEEE International Symposium on Theoretical Aspects of Software Engineering, 2009
Testing is inherently incomplete; no test suite will ever be able to test all possible usage scen... more Testing is inherently incomplete; no test suite will ever be able to test all possible usage scenarios of a system. It is therefore vital to assess the implication of a system passing a test suite. This paper quantifies that implication by means of two distinct, but related, measures: the risk quantifies the confidence in a system after it passes a test suite, i.e., the number of faults still expected to be present (weighted by their severity); the actual coverage quantifies the extent to which faults have been shown absent, i.e., the fraction of possible faults that has been covered. We provide evaluation algorithms that calculate these metrics for a given test suite, as well as optimisation algorithms that yield the best test suite for a given optimisation criterion.
Proceedings of the 4th IEEE/IFIP Workshop on End-to-End Monitoring Techniques and Services, 2006
Despite the end of the Internet bubble, operators continue to increase the capacity of their netw... more Despite the end of the Internet bubble, operators continue to increase the capacity of their networks. The question now rises whether these improvements still result in faster
communications, or whether most flows are limited by other aspects. In order to answer this question, actual network traffic needs to be analyzed. Therefore, in this paper methods are proposed to identify the factors that limit the speed of TCP flows. Three main categories will be distinguished: the network, the TCP buffers and the application layer. Our proposed methods have been tested on real traces; in many cases it turned out that the network was not the limiting factor.
Mathematics Teaching by Mark Timmer
Nieuwe Wiskrant, 31 (4), 2012
Zoals ieder jaar konden docenten ook voor de afgelopen Nationale Wiskunde Dagen een voorstel voor... more Zoals ieder jaar konden docenten ook voor de afgelopen Nationale Wiskunde Dagen een voorstel voor een werkgroep indienen. Een van de twee prijswinnende werkgroepen dit jaar was die van Mark Timmer, Gerard Jeurnink en Nellie Verhoef over rijkere inzichten in de analytische meetkunde. Hiertoe werden de mogelijkheden van het gebruik van synthetische meetkunde in deze context benadrukt. Dit artikel beschrijft het onderzoek en de resultaten.
Nieuw Archief voor Wiskunde, 5/13 (3), 2012
Elsewhere in this issue Ferdinand Verhulst described the discussion of the interaction of analysi... more Elsewhere in this issue Ferdinand Verhulst described the discussion of the interaction of analysis and geometry in the 19th century. In modern times such discussions come up again and again. As of 2014, synthetic geometry will not be part of the Dutch `vwo - mathematics B' programme any more. Instead, the focus will be more on analytic geometry. Mark Timmer and Nellie Verhoef explored possibilities to connect the two disciplines in order to have students look at analytical exercises from a more synthetic point of view.
Euclides, 86 (6), 2011
Dit artikel beschrijft het ontwerp van een introducerende les over goniometrie voor het middelbaa... more Dit artikel beschrijft het ontwerp van een introducerende les over goniometrie voor het middelbaar onderwijs, waarbij de focus lag op de overstap van de sinus in een rechthoekige driehoek naar de sinus als functie. Aan de orde komen de motivatie voor het maken van een ontwerp van deze les, de lesdoelen en het lesontwerp, en de bevindingen bij de daadwerkelijke uitvoering ervan. Wellicht kan dit (beginnende) docenten ondersteunen in hun eigen lessen over dit onderwerp. In deze les wordt immers expliciet en uitgebreid stilgestaan bij de relatie tussen het meetkundig en analytisch begrip van de sinus, wat naar ons idee een belangrijk onderdeel van de begripsvorming is en weinig aandacht krijgt in de gebruikelijke lesmethoden. Wij hopen collega's met ons lesontwerp te stimuleren en ondersteunen om ook eens wat van het boek af te wijken en leerlingen een dieper inzicht te verschaffen in de goniometrische functies.
Nieuwe Wiskrant, 30 (4), 2011
Google, Twitter, en Facebook doorzoeken in een mum van tijd miljarden tekstdocumenten: google je ... more Google, Twitter, en Facebook doorzoeken in een mum van tijd miljarden tekstdocumenten: google je "wiskunde", dan krijg je zo’n 4 miljoen resultaten binnen 0,1 seconde. Hoe doen applicaties als Google, Twitter en Facebook dit? Binnen de Informatica zijn een aantal slimme methoden (ook wel algoritmen genoemd) ontwikkeld om snel te zoeken in tekstbestanden. Deze methoden zijn gebaseerd op zogenaamde eindige automaten: een speciaal soort grafen waarvan de pijlen gelabeld zijn met letters van het te zoeken woord. Dit artikel doet verslag van een tweetal gastlessen in het middelbaar onderwijs omtrent deze zoekmethoden.
Technical Reports by Mark Timmer
Technical Report TR-CTIT-12-05, Centre for Telematics and Information Technology, 2012
The notion of quiescence - the absence of outputs - is vital in both behavioural modelling and te... more The notion of quiescence - the absence of outputs - is vital in both behavioural modelling and testing theory. Although the need for quiescence was already recognised in the 90s, it has only been treated as a second-class citizen thus far. This paper moves quiescence into the foreground and introduces the notion of quiescent transition systems (QTSs): an extension of regular input-output transition systems (IOTSs) in which quiescence is represented explicitly, via quiescent transitions. Four carefully crafted rules on the use of quiescent transitions ensure that our QTSs naturally capture quiescent behaviour.
We present the building blocks for a comprehensive theory on QTSs supporting parallel composition, action hiding and determinisation. In particular, we prove that these operations preserve all the aforementioned rules. Additionally, we provide a way to transform existing IOTSs into QTSs, allowing even IOTSs as input that already contain some quiescent transitions. As an important application, we show how our QTS framework simplifies the fundamental model-based testing theory formalised around ioco.
Technical Report TR-CTIT-12-16, Centre for Telematics and Information Technology, 2012
This paper introduces a framework for the efficient modelling and generation of Markov automata. ... more This paper introduces a framework for the efficient modelling and generation of Markov automata. It consists of (1) the data-rich process-algebraic language MAPA, allowing concise modelling of systems with nondeterminism, probability and Markovian timing; (2) a restricted form of the language, the MLPPE, enabling easy state space generation and parallel composition; and (3) several syntactic reduction techniques on the MLPPE format, for generating equivalent but smaller models.
Technically, the framework relies on an encoding of MAPA into the existing prCRL language for probabilistic automata. First, we identify a class of transformations on prCRL that can be lifted to the Markovian realm using our encoding. Then, we employ this result to reuse prCRL's linearisation procedure to transform any MAPA specification to an equivalent MLPPE, and to lift three prCRL reduction techniques to MAPA. Additionally, we define two novel reduction techniques for MLPPEs. All our techniques treat data as well as Markovian and interactive behaviour in a fully symbolic manner, working on specifications instead of models and thus reducing state spaces prior to their construction. The framework has been implemented in our tool SCOOP, and a case study on polling systems and mutual exclusion protocols shows its practical applicability.
Technical Report TR-CTIT-10-11, Centre for Telematics and Information Technology, 2010
This paper presents a novel linear process-algebraic format for probabilistic automata. The key i... more This paper presents a novel linear process-algebraic format for probabilistic automata. The key ingredient is a symbolic transformation of probabilistic process algebra terms that incorporate data into this linear format while preserving strong probabilistic bisimulation. This generalises similar techniques for traditional process algebras with data, and - more importantly - treats data and data-dependent probabilistic choice in a fully symbolic manner, paving the way to the symbolic analysis of parameterised probabilistic systems.
Technical Report 1011.2314, ArXiv e-prints, 2010
This paper presents a novel technique for state space reduction of probabilistic specifications, ... more This paper presents a novel technique for state space reduction of probabilistic specifications, based on a newly developed notion of confluence for probabilistic automata. We prove that this reduction preserves branching probabilistic bisimulation and can be applied on-the-fly. To support the technique, we introduce a method for detecting confluent transitions in the context of a probabilistic process algebra with data, facilitated by an earlier defined linear format. A case study demonstrates that significant reductions can be obtained.
Technical Report TR-CTIT-09-24, Centre for Telematics and Information Technology, 2009
We present a new method for fighting the state space explosion of process algebraic specification... more We present a new method for fighting the state space explosion of process algebraic specifications, by performing static analysis on an intermediate format: linear process equations (LPEs). Our method consists of two steps: (1) we reconstruct the LPE's control flow, detecting control flow parameters that were introduced by linearisation as well as those already encoded in the original specification; (2) we reset parameters found to be irrelevant based on data flow analysis techniques similar to traditional liveness analysis, modified to take into account the parallel nature of the specifications. Our transformation is correct with respect to strong bisimilarity, and never increases the state space. Case studies show that impressive reductions occur in practice, which could not be obtained automatically without reconstructing the control flow.
Technical Report TR-CTIT-09-17, Centre for Telematics and Information Technology, 2009
Testing is inherently incomplete; no test suite will ever be able to test all possible usage scen... more Testing is inherently incomplete; no test suite will ever be able to test all possible usage scenarios of a system. It is therefore vital to assess the implication of a system passing a test suite. This paper quantifies that implication by means of two distinct, but related, measures: the risk quantifies the confidence in a system after it passes a test suite, i.e., the number of faults still expected to be present (weighted by their severity); the actual coverage quantifies the extent to which faults have been shown absent, i.e., the fraction of possible faults that has been covered. We provide evaluation algorithms that calculate these metrics for a given test suite, as well as optimisation algorithms that yield the best test suite for a given optimisation criterion.
Uploads
Computer Science by Mark Timmer
We present the building blocks for a comprehensive theory on QTSs supporting parallel composition, action hiding and determinisation. In particular, we prove that these operations preserve all the aforementioned rules. Additionally, we provide a way to transform existing IOTSs into QTSs, allowing even IOTSs as input that already contain some quiescent transitions. As an important application, we show how our QTS framework simplifies the fundamental model-based testing theory formalised around ioco.
Technically, the framework relies on an encoding of MAPA into the existing prCRL language for probabilistic automata. First, we identify a class of transformations on prCRL that can be lifted to the Markovian realm using our encoding. Then, we employ this result to reuse prCRL's linearisation procedure to transform any MAPA specification to an equivalent MLPPE, and to lift three prCRL reduction techniques to MAPA. Additionally, we define two novel reduction techniques for MLPPEs. All our techniques treat data as well as Markovian and interactive behaviour in a fully symbolic manner, working on specifications instead of models and thus reducing state spaces prior to their construction. The framework has been implemented in our tool SCOOP, and a case study on polling systems and mutual exclusion protocols shows its practical applicability.
communications, or whether most flows are limited by other aspects. In order to answer this question, actual network traffic needs to be analyzed. Therefore, in this paper methods are proposed to identify the factors that limit the speed of TCP flows. Three main categories will be distinguished: the network, the TCP buffers and the application layer. Our proposed methods have been tested on real traces; in many cases it turned out that the network was not the limiting factor.
Mathematics Teaching by Mark Timmer
Technical Reports by Mark Timmer
We present the building blocks for a comprehensive theory on QTSs supporting parallel composition, action hiding and determinisation. In particular, we prove that these operations preserve all the aforementioned rules. Additionally, we provide a way to transform existing IOTSs into QTSs, allowing even IOTSs as input that already contain some quiescent transitions. As an important application, we show how our QTS framework simplifies the fundamental model-based testing theory formalised around ioco.
Technically, the framework relies on an encoding of MAPA into the existing prCRL language for probabilistic automata. First, we identify a class of transformations on prCRL that can be lifted to the Markovian realm using our encoding. Then, we employ this result to reuse prCRL's linearisation procedure to transform any MAPA specification to an equivalent MLPPE, and to lift three prCRL reduction techniques to MAPA. Additionally, we define two novel reduction techniques for MLPPEs. All our techniques treat data as well as Markovian and interactive behaviour in a fully symbolic manner, working on specifications instead of models and thus reducing state spaces prior to their construction. The framework has been implemented in our tool SCOOP, and a case study on polling systems and mutual exclusion protocols shows its practical applicability.
We present the building blocks for a comprehensive theory on QTSs supporting parallel composition, action hiding and determinisation. In particular, we prove that these operations preserve all the aforementioned rules. Additionally, we provide a way to transform existing IOTSs into QTSs, allowing even IOTSs as input that already contain some quiescent transitions. As an important application, we show how our QTS framework simplifies the fundamental model-based testing theory formalised around ioco.
Technically, the framework relies on an encoding of MAPA into the existing prCRL language for probabilistic automata. First, we identify a class of transformations on prCRL that can be lifted to the Markovian realm using our encoding. Then, we employ this result to reuse prCRL's linearisation procedure to transform any MAPA specification to an equivalent MLPPE, and to lift three prCRL reduction techniques to MAPA. Additionally, we define two novel reduction techniques for MLPPEs. All our techniques treat data as well as Markovian and interactive behaviour in a fully symbolic manner, working on specifications instead of models and thus reducing state spaces prior to their construction. The framework has been implemented in our tool SCOOP, and a case study on polling systems and mutual exclusion protocols shows its practical applicability.
communications, or whether most flows are limited by other aspects. In order to answer this question, actual network traffic needs to be analyzed. Therefore, in this paper methods are proposed to identify the factors that limit the speed of TCP flows. Three main categories will be distinguished: the network, the TCP buffers and the application layer. Our proposed methods have been tested on real traces; in many cases it turned out that the network was not the limiting factor.
We present the building blocks for a comprehensive theory on QTSs supporting parallel composition, action hiding and determinisation. In particular, we prove that these operations preserve all the aforementioned rules. Additionally, we provide a way to transform existing IOTSs into QTSs, allowing even IOTSs as input that already contain some quiescent transitions. As an important application, we show how our QTS framework simplifies the fundamental model-based testing theory formalised around ioco.
Technically, the framework relies on an encoding of MAPA into the existing prCRL language for probabilistic automata. First, we identify a class of transformations on prCRL that can be lifted to the Markovian realm using our encoding. Then, we employ this result to reuse prCRL's linearisation procedure to transform any MAPA specification to an equivalent MLPPE, and to lift three prCRL reduction techniques to MAPA. Additionally, we define two novel reduction techniques for MLPPEs. All our techniques treat data as well as Markovian and interactive behaviour in a fully symbolic manner, working on specifications instead of models and thus reducing state spaces prior to their construction. The framework has been implemented in our tool SCOOP, and a case study on polling systems and mutual exclusion protocols shows its practical applicability.