## Section: New Results

### Model-based Verification

We have investigated extensions of regular model-checking to new classes of rewrite relations on trees. We have studied specification and proof of modular imperative programs.

#### Safety Verification Techniques with Regular Fixpoint Computations

Participants : Roméo Courbis, Pierre-Cyrille Héam, Olga Kouchnarenko.

Term rewriting systems are now commonly used as a modelling language for programs or systems. On those rewriting based models, reachability analysis, i.e. proving or disproving that a given term is reachable from a set of input terms, provides an efficient verification technique. Many recent works have shown the relevance of regular approximation techniques to tackle in practice undecidable reachability problems.

We propose in [56] , to exploit rewriting approximations developped in [71] for analysing properties of CCS specifications (without renaming). The approach has been implemented and used to verify properties of the Alternating Bit Protocol and of hardware components specifications expressed as CCS processes.

#### Random Generation of Tree Automata

Participants : Pierre-Cyrille Héam, Vincent Hugot, Olga Kouchnarenko.

Developing new algorithms and heuristics raises crucial evaluation issues, as improved worst-case complexity upper-bounds do not always transcribe into clear practical gains. A suite for software performance evaluation can usually gather three types of entries: benchmarks, hard instance and random inputs, that deliver average complexity estimations, for which the catch resides in obtaining a meaningful random distribution (for instance a uniform random distribution).

We presented in [73] a general rejection algorithm that uniformly generates sequential letter-to-letter transducers up to the isomorphism. We tailor this general scheme to randomly generate deterministic tree walking automata and deterministic top-down tree automata. In [21] we extend this approach by providing a new generation feature to fix both the number of states and the number of transitions. The generation is still uniform, up to isomorphism, and can be performed in polynomial time. In [54] we investigate how to generate non-deterministic tree automata with constraints in order to evaluate the performance of algorithms for the emptiness problem. Moreover, we have continued the development of an easy-to-use prototype dedicated to the random generation of recursive data structure for testing [72] .

#### Tree Automata with Constraints

Participants : Pierre-Cyrille Héam, Vincent Hugot, Olga Kouchnarenko.

Tree automata with constraints are widely used to tackle data base algorithmic problems, particularly to analyse queries over XML documents. The model of Tree Automata with Global Constraints (TAGED) is a model introduced in 2009 for these purposes. The membership problem for TAGED is known to be NP-complete. In [43] an efficient SAT-based approach for this problem is proposed, with very encouraging experimentations.

We are currently working on developing efficient algorithms for the emptiness problem for positive TAGED. In order to evaluate their performances, we have developed in [54] a random generator of hard instances for this problem.

#### Model-Checking Optimistic Replication Algorithms

Participant : Abdessamad Imine.

We work with Hanifa Boucheneb (Professor at Ecole Polytechnique de Montréal, Canada) on automatic verification of optimistic replication algorithms supporting collaborative edition. In this work, we propose a symbolic model-checking technique to verify that an Operational Transformation (OT) algorithm ensures replicas convergence [32] . The shared objects are abstracted and their update operations are handled symbolically using difference bound matrices (DBMs) and neither the shared object size nor the update operations parameter sizes are fixed. Our approach provides symbolic counterexamples in case the convergence property is not satisfied. However, we cannot prove automatically that an OT algorithm ensures convergence for an arbitrary number of sites and operations.

#### Towards Regular Model-Checking for Pictures

Participant : Alain Giorgetti.

We have participated to the ANR `Smart Surface' project whose aim is the realization of an active surface to automatically position and convey micro-items. This new application has motivated us to study regular model-checking (RMC) for pictures.

Let us recall that the RMC paradigm consists in representing infinite sets of configurations of a system by recognizable languages, and developing meta-transitions which can compute infinite sets of successors in one step. Unfortunately, a necessary property for RMC is missing in the class of recognizable 2D languages, namely decidability of the inclusion problem. This led us to seek sufficient conditions to decide inclusion. We have studied [53] the notion of simulation over the class of two-dimensional On-line Tessellation Automata (2OTA). This class of automata accepts the class of recognizable 2D languages, considered as the natural extension of classical regular word languages to the 2D case. We have proved that simulation over 2OTA implies language inclusion. Even if the existence of a simulation relation between two 2OTA is shown to be an NP-complete problem, this is a useful result since the inclusion problem is undecidable in general in this class of languages. Then we have proved the existence of a unique maximal autosimulation relation in a given 2OTA and the existence of a unique minimal 2OTA which is simulation equivalent to this given 2OTA, both computable in polynomial time.