Skip to main content
SpringerLink
Log in

Automated circular assume-guarantee reasoning

  • Original Article
  • Published:
Formal Aspects of Computing

Abstract

Model checking is a successful approach for verifying hardware and software systems. Despite its success, the technique suffers from the state explosion problem which arises due to the large state space of real-life systems. One solution to the state explosion problem is compositional verification, that aims to decompose the verification of a large system into the more manageable verification of its components. To account for dependencies between components, assume-guarantee reasoning defines rules that break-up the global verification of a system into local verification of individual components, using assumptions about the rest of the system. In recent years, compositional techniques have gained significant successes following a breakthrough in the ability to automate assume-guarantee reasoning. However, automation has been restricted to simple acyclic assume-guarantee rules. In this work, we focus on automating circular assume-guarantee reasoning in which the verification of individual components mutually depends on each other. We use a sound and complete circular assume-guarantee rule and we describe how to automatically build the assumptions needed for using the rule. Our algorithm accumulates joint constraints on the assumptions based on (spurious) counterexamples obtained from checking the premises of the rule, and uses a SAT solver to synthesize minimal assumptions that satisfy these constraints. To the best of our knowledge, our work is the first to fully automate circular assume-guarantee reasoning. We implemented our approach and compared it with established non-circular compositional methods that use learning or SAT-based techniques. The experiments show that the assumptions generated for the circular rule are generally smaller, and on the larger examples, we obtain a significant speedup.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Alur R, Madhusudan P, Nam W (2005) Symbolic compositional verification by learning assumptions. In: Proceedings of the 17th international conference on computer aided verification, CAV 2005, Edinburgh, Scotland, UK, 6–10 July 2005, pp 548–562

  2. Angluin D (1987) Learning regular sets from queries and counterexamples. Inf Comput 75(2): 87–106

    Article  MathSciNet  MATH  Google Scholar 

  3. Bobaru MG, Pasareanu CS, Giannakopoulou D (2008) Automated assume-guarantee reasoning by abstraction refinement. In: Proceedings of the 20th international conference on computer aided verification, CAV 2008, Princeton, NJ, USA, 7–14 July 2008, pp 135–148

  4. Bshouty NH (1995) Exact learning boolean function via the monotone theory. Inf Comput 123(1): 146–153

    Article  MathSciNet  MATH  Google Scholar 

  5. Chen Y-F, Clarke EM, Farzan A, Tsai M-H, Tsay Y-K, Wang B-Y (2010) Automated assume-guarantee reasoning through implicit learning. In: Proceedings of the 22nd international conference on computer aided verification, CAV 2010, Edinburgh, UK, 15–19 July 2010, pp 511–526

  6. Chaki S, Clarke EM, Sinha N, Thati P (2005) Automated assume-guarantee reasoning for simulation conformance. In: Proceedings of the 17th international conference on computer aided verification, CAV 2005, Edinburgh, Scotland, UK, 6–10 July 2005, pp 534–547

  7. Chen Y-F, Farzan A, Clarke EM, Tsay Y-K, Wang B-Y (2009) Learning minimal separating DFA’s for compositional verification. In: Proceedings of the 15th international conference on tools and algorithms for the construction and analysis of systems, TACAS 2009, held as part of the joint European conferences on theory and practice of software, ETAPS 2009, York, UK, 22–29 March 2009, pp 31–45

  8. Clarke EM, Grumberg O, Jha S, Lu Y, Veith H (2003) Counterexample-guided abstraction refinement for symbolic model checking. J ACM 50(5): 752–794

    Article  MathSciNet  MATH  Google Scholar 

  9. Clarke EM, Grumberg O, Peled DA (1999) Model checking. MIT press, Cambridge

    Google Scholar 

  10. Cobleigh JM, Giannakopoulou D, Pasareanu CS (2003) Learning assumptions for compositional verification. In: Proceedings of the 9th international conference on tools and algorithms for the construction and analysis of systems, TACAS 2003, held as part of the joint European conferences on theory and practice of software, ETAPS 2003, Warsaw, Poland, 7–11 April 2003, pp 331–346

  11. Chaki S, Strichman O (2007) Optimized l*-based assume-guarantee reasoning. In: Proceedings of the 13th international conference on tools and algorithms for the construction and analysis of systems, TACAS 2007, held as part of the joint European conferences on theory and practice of software, ETAPS 2007, Braga, Portugal, March 24–April 1 2007, pp 276–291

  12. Chen Y-F, Wang B-Y (2012) Learning boolean functions incrementally. In: Proceedings of the 24th international conference on computer aided verification, CAV 2012, Berkeley, CA, USA, 7–13 July 2012, pp 55–70

  13. de Roever WP, de~Boer FS, Hannemann U, Hooman J, Lakhnech Y, Poel M, Zwiers J (2000) Basic principles of a textbook on the compositional and noncompositional verification of concurrent programs. In: Formale beschreibungstechniken für verteilte systeme, 10. GI/ITG-Fachgespräch, Lübeck, Juni 2000, pp 3–5

  14. Elkader KA, Grumberg O, Pasareanu CS, Shoham S (2016) Automated circular assume-guarantee reasoning with n-way decomposition and alphabet refinement. In: Proceedings of the 28th international conference computer aided verification, CAV 2016, Toronto, ON, Canada, 17–23 July 2016, Part I, pp 329–351

  15. Een N, S̈orensson N The minisat. http://minisat.se

  16. Gheorghiu M, Giannakopoulou D, Pasareanu CS (2007) Refining interface alphabets for compositional verification. In: Proceedings of the 13th international conference on tools and algorithms for the construction and analysis of systems, TACAS 2007, held as part of the joint European conferences on theory and practice of software, ETAPS 2007, Braga, Portugal, March 24–April 1 2007, pp 292–307

  17. Gupta A, McMillan KL, Fu Z (2008) Automated assumption generation for compositional verification. Form Methods Syst Des 32(3): 285–301

    Article  MATH  Google Scholar 

  18. Giannakopoulou D, Pasareanu CS, Barringer H (2005) Component verification with automatically generated assumptions. Autom Softw Eng 12(3): 297–320

    Article  Google Scholar 

  19. Graf S, Passerone R, Quinton S (2014) Contract-based reasoning for component systems with rich interactions. In: Sangiovanni-Vincentelli A, Zeng H, Di~Natale M, Marwedel P (eds) Embedded systems development, volume 20 of embedded systems. Springer, New York, pp 139–154

  20. Hoare CAR (1969) An axiomatic basis for computer programming. Commun ACM 12(10): 576–580

    Article  MATH  Google Scholar 

  21. Henzinger TA, Qadeer S, Rajamani SK (1998) You assume, we guarantee: methodology and case studies. In: Proceedings of the 10th international conference on computer aided verification, CAV ’98, Vancouver, BC, Canada, June 28–July 2 1998, pp 440–451

  22. Henzinger TA, Qadeer S, Rajamani SK (2000) Decomposing refinement proofs using assume-guarantee reasoning. In: Proceedings of the 2000 IEEE/ACM international conference on computer-aided design, 2000, San Jose, California, USA, 5–9 Nov 2000, pp 245–252

  23. Li B, Dillig I, Dillig T, McMillan KL, Sagiv M (2013) Synthesis of circular compositional program proofs via abduction. In: Proceedings of the 19th international conference on tools and algorithms for the construction and analysis of systems, TACAS 2013, held as part of the European joint conferences on theory and practice of software, ETAPS 2013, Rome, Italy, 16–24 March 2013, pp 370–384

  24. Maier P (2003) Compositional circular assume-guarantee rules cannot be sound and complete. In: Proceedings of the 6th international conference on foundations of software science and computational structures, FOSSACS 2003, held as part of the joint European conference on theory and practice of software, ETAPS 2003, Warsaw, Poland, 7–11 April 2003, pp 343–357

  25. Misra J, Chandy KM (1981) Proofs of networks of processes. IEEE Trans Softw Eng 7(4): 417–426

    Article  MathSciNet  MATH  Google Scholar 

  26. McMillan KL (1998) Verification of an implementation of Tomasulo’s algorithm by compositional model checking. In: Proceedings of the 10th international conference on computer aided verification, CAV ’98, Vancouver, BC, Canada, June 28–July 2 1998, pp 110–121

  27. McMillan KL (1999) Circular compositional reasoning about liveness. In: Proceedings of the 10th IFIP WG 10.5 advanced research working conference on correct hardware design and verification Mmethods, CHARME ’99, Bad Herrenalb, Germany, 27–29 Sept 1999, pp 342–345

  28. McMillan KL (1999) Verification of infinite state systems by compositional model checking. In: Proceedings of the 10th IFIP WG 10.5 advanced research working conference on correct hardware design and verification methods, CHARME ’99, Bad Herrenalb, Germany, 27–29 Sept 1999, pp 219–234

  29. Magee J, Kramer J (1999) Concurrency: state models and Java programs. Wiley, New york

    MATH  Google Scholar 

  30. Namjoshi KS, Trefler RJ (2000) On the competeness of compositional reasoning. In: Proceedings of the 12th international conference on computer aided verification, CAV 2000, Chicago, IL, USA, 15–19 July 2000, pp 139–153

  31. Pasareanu CS, Giannakopoulou D, Bobaru MG, Cobleigh JM, Barringer H (2008) Learning to divide and conquer: applying the L* algorithm to automate assume-guarantee reasoning. Form Methods Syst Des 32(3): 175–205

    Article  MATH  Google Scholar 

  32. Pnueli A (1985) In transition from global to modular temporal reasoning about programs. In: AptKR (ed) Logics and models of concurrent systems, NATO ASI series (Series F: Computer and systems sciences), vol 13. Springer, Berlin, Heidelberg

  33. Rushby J (2001) Formal verification of Mcmillan’s compositional assume-guarantee rule. In: CSL technical report, SRI

  34. Tasiran S, Brayton RK (1997) STARI: a case study in compositional and hierarchical timing verification. In: Proceedings of the 9th international conference computer aided verification, CAV ’97, Haifa, Israel, 22–25 June 1997, pp 191–201

Download references

Author information

Authors and Affiliations

  1. Technion – Israel Institute of Technology, Haifa, Israel

    Karam Abd Elkader & Orna Grumberg

  2. CMU/NASA Ames Research Center, Mountain View, CA, USA

    Corina S. Păsăreanu

  3. Tel Aviv University, Tel Aviv, Israel

    Sharon Shoham

Authors
  1. Karam Abd Elkader
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Orna Grumberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Corina S. Păsăreanu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sharon Shoham
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karam Abd Elkader.

Additional information

Nikolaj Bjorner, Frank S. de Boer, and Andrew Butterfield

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Abd Elkader, K., Grumberg, O., Păsăreanu, C.S. et al. Automated circular assume-guarantee reasoning. Form Asp Comp 30, 571–595 (2018). https://doi.org/10.1007/s00165-017-0436-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-017-0436-0

Keywords

Search

Navigation