Skip to main content
SpringerLink
Log in

Component-wise incremental LTL model checking

  • Original Article
  • Published:
Formal Aspects of Computing

Abstract

Efficient symbolic and explicit-state model checking approaches have been developed for the verification of linear time temporal logic (LTL) properties. Several attempts have been made to combine the advantages of the various algorithms. Model checking LTL properties usually poses two challenges: one must compute the synchronous product of the state space and the automaton model of the desired property, then look for counterexamples that is reduced to finding strongly connected components (SCCs) in the state space of the product. In case of concurrent systems, where the phenomenon of state space explosion often prevents the successful verification, the so-called saturation algorithm has proved its efficiency in state space exploration. This paper proposes a new approach that leverages the saturation algorithm both as an iteration strategy constructing the product directly, as well as in a new fixed-point computation algorithm to find strongly connected components on-the-fly by incrementally processing the components of the model. Complementing the search for SCCs, explicit techniques and component-wise abstractions are used to prove the absence of counterexamples. The resulting on-the-fly, incremental LTL model checking algorithm proved to scale well with the size of models, as the evaluation on models of the Model Checking Contest suggests.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Biere A, Zhu Y, Clarke EM (1999) Multiple state and single state tableaux for combining local and global model checking. In: Olderog E-R, Steffen B (eds) Correct system design, Lecture notes in computer science, vol 1710. Springer, Berlin, pp 163–179

    Google Scholar 

  2. Biere A, Cimatti A, Clarke EM, Zhu Y (1999) Symbolic model checking without BDDs. In: Cleaveland WR (ed) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 1579. Springer, Berlin, pp 193–207

    Google Scholar 

  3. Bryant RE (1986) Graph-based algorithms for Boolean function manipulation. IEEE Trans Comput C-35 8: 677–691

    Article  MATH  Google Scholar 

  4. Bradley AR, Somenzi F, Hassan Z, Zhang Y (2011) An incremental approach to model checking progress properties. In: Bjesse P, Slobodová A (eds) Proceedings of the international conference on formal methods in computer-aided design. FMCAD Inc, pp 144–153

  5. Büchi JR (1962) On a decision method in restricted second order arithmetic. In: Nagel E, Suppes P, Tarski A (eds) Proceedings of the 1960 international congress on logic, methodology and philosophy of science. Stanford University Press, Stanford, pp 1–11

    Google Scholar 

  6. Burch JR, Clarke EM, McMillan KL, Dill DL, Hwang LJ (1992) Symbolic model checking: 1020 states and beyond. Inf Comput 98(2): 142–170

    Article  MathSciNet  MATH  Google Scholar 

  7. Cavada R, Cimatti A, Dorigatti M, Mariotti A, Micheli A, Mover S, Griggio A, Roveri M, Tonetta S (2014) The nuXmv symbolic model checker. Technical report, Fondazione Bruno Kessler

  8. Cimatti A, Clarke E, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella T (2002) NuSMV 2: an opensource tool for symbolic model checking. In: Brinksma E, Larsen KG (eds) Computer aided verification, Lecture notes in computer science, vol 2404. Springer, Berlin, pp 359–364

    Google Scholar 

  9. Ciardo G, Lüttgen G, Siminiceanu R (2001) Saturation: an efficient iteration strategy for symbolic state space generation. In: Margaria T, Yi W (eds) Tools and algorithms for the construction and analysis of systems, vol 2031 of Lecture notes in computer science. Springer, Berlin, pp 328–342

    Google Scholar 

  10. Ciardo G, Marmorstein R, Siminiceanu R (2003) Saturation unbound. In: Garavel H, Hatcliff J (eds) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 2619. Springer, Berlin, pp 379–393

    Google Scholar 

  11. Ciardo G, Lüttgen G, Yu AJ (2007) Improving static variable orders via invariants. In: Kleijn J, Yakovlev A (eds) Petri nets and other models of concurrency – ICATPN 2007, Lecture Notes in Computer Science, vol 4546. Springer, Berlin, pp 83–103

    Google Scholar 

  12. Ciardo G, Marmorstein R, Siminiceanu R (2006) The saturation algorithm for symbolic state-space exploration. Int J Softw Tools Technol Transf 8(1): 4–25

    Article  Google Scholar 

  13. Clarke EM, Grumberg O, Hamaguchi K (1997) Another look at LTL model checking. Formal Methods Syst Des 10(1): 47–71

    Article  Google Scholar 

  14. Clarke EM, Grumberg O, Peled DA (1999) Model checking. MIT Press, Cambridge

    Google Scholar 

  15. Clarke EM, McMillan KL, Campos SV, Hartonas-Garmhausen V (1996) Symbolic model checking. In: Alur R, Henzinger TA (eds) Computer aided verification, Lecture notes in computer science, vol 1102. Springer, Berlin, pp 419–422

    Google Scholar 

  16. Clarke E, Grumberg O, Jha S, Lu Y, Veith H (2000) Counterexample-guided abstraction refinement. In: Emerson EA, Sistla AP (eds) Computer aided verification, Lecture notes in computer science, vol 1855. Springer, Berlin, pp 154–169

    Google Scholar 

  17. Courcoubetis CA, Vardi MY, Wolper P, Yannakakis M (1991) Memory efficient algorithms for the verification of temporal properties. In: Clarke EM, Kurshan RP (eds) Computer-aided verification, Lecture notes in computer science, vol 531. Springer, Berlin, pp 233–242

    Google Scholar 

  18. Duret-Lutz A, Poitrenaud D (2004) SPOT: an extensible model checking library using transition-based generalized Büchi automata. In: Proceedings of the IEEE international symposium on modeling, analysis, and simulation of computer and telecommunications systems, pp 76–83

  19. Duret-Lutz A, Klai K, Poitrenaud D, Thierry-Mieg Y (2011) Combining explicit and symbolic approaches for better on-the-fly LTL model checking. CoRR, abs/1106.5700. http://arxiv.org/abs/1106.5700

  20. Duret-Lutz A, Klai K, Poitrenaud D, Thierry-Mieg Y (2011) Self-loop aggregation product—a new hybrid approach to on-the-fly LTL model checking. In: Bultan T, Hsiung P-A (eds) Automated technology for verification and analysis, Lecture notes in computer science, vol 6996. Springer, Berlin, pp 336–350

    Google Scholar 

  21. Emerson EA, Clarke EM (1980) Characterizing correctness properties of parallel programs using fixpoints. In: Bakker J, Leeuwen J (eds) Automata, languages and programming, Lecture notes in computer science, vol 85. Springer, Berlin, pp 169–181

    Google Scholar 

  22. Gastin P, Oddoux D (2001) Fast LTL to Büchi automata translation. In: Berry G, Comon H, Finkel A (eds) Computer aided verification, Lecture notes in computer science, vol 2102. Springer, Berlin, pp 53–65

    Google Scholar 

  23. Gerth R, Peled D, Vardi MY, Wolper P (1995) Simple on-the-fly automatic verification of linear temporal logic. In: Dembinski P, Sredniawa M (eds) Proceedings of the international symposium on protocol specification, testing and verification. Chapman & Hall, Ltd, pp 3–18

    Google Scholar 

  24. Godefroid P (1996) Partial-order methods for the verification of concurrent systems: an approach to the state-explosion problem. Springer, Secaucus

    Book  MATH  Google Scholar 

  25. Haddad S, Ilié J-M, Klai K (2004) Design and evaluation of a symbolic and abstraction-based model checker. In: Wang F (ed) Automated technology for verification and analysis, Lecture notes in computer science, vol 3299. Springer, Berlin, pp 196–210

    Google Scholar 

  26. Henzinger TA, Jhala R, Majumdar R, Sutre G (2002) Lazy abstraction. In: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on principles of programming languages. ACM, New York, pp 58–70

  27. Hillah LM, Kindler E, Kordon F, Petrucci L, Treves N et al (2009) A primer on the Petri Net Markup Language and ISO/IEC 15909-2. Petri Net Newsl 76:9–28

  28. Holzmann GJ, Peled D, Yannakakis M (1997) On nested depth first search. In: Holzmann GJ, Grégoire J-C, Peled D-A (eds) The spin verification system, DIMACS series in discretemathematics and theoretical computer science, vol 32. AMS, pp 81–89

  29. Klai K, Poitrenaud D (2008) MC-SOG: An LTL model checker based on symbolic observation graphs. In: Hee KM, Valk R (eds) Applications and theory of Petri nets, Lecture notes in computer science, vol 5062. Springer, Berlin, pp 288–306

    Google Scholar 

  30. Kripke SA (1963) Semantical considerations on modal logic. Acta Philos Fenn 16: 83–94

    MathSciNet  MATH  Google Scholar 

  31. Manna Z, Pnueli A (1992) The temporal logic of reactive and concurrent systems. Springer, New York

    Book  MATH  Google Scholar 

  32. McMillan KL (1992) Symbolic model checking: an approach to the state explosion problem. PhD thesis, Carnegie Mellon University, UMI Order No. GAX92-24209

  33. McMillan KL (2003) Interpolation and SAT-based model checking. In: Hunt WA, Jr, Somenzi F (eds) Lecture notes in computer science, vol 2725, pp 1–13

  34. Miller DM, Drechsler R (1998) Implementing a multiple-valued decision diagram package. In: Proceedings of the 28th IEEE international symposium on multiple-valued logic, pp 52–57

  35. Molnár V, Darvas D, Vörös A, Bartha T (2015) Saturation-based incremental LTL model checking with inductive proofs. In: Baier C, Tinelli C (eds) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 9035. Springer, Berlin, pp 643–657

    Google Scholar 

  36. Murata T (1989) Petri nets: properties, analysis and applications. Proc IEEE 77(4): 541–580

    Article  Google Scholar 

  37. Peled D (1998) Ten years of partial order reduction. In: Hu AJ, Vardi MY (eds) Computer aided verification, Lecture notes in computer science, vol 1427. Springer, Berlin, pp 17–28

    Google Scholar 

  38. Pnueli A (1977) The temporal logic of programs. In: Proceedings of the 18th annual symposium on foundations of computer science. IEEE Computer Society, pp 46–57

  39. Sebastiani R, Tonetta S, Vardi MY (2005) Symbolic systems, explicit properties: on hybrid approaches for LTL symbolic model checking. In: Etessami K, Rajamani SK (eds) Computer aided verification, Lecture notes in computer science, vol 3576. Springer, Berlin, pp 350–363

    Google Scholar 

  40. Sheeran M, Singh S, Stålmarck G (2000) Checking safety properties using induction and a SAT-solver. In: Hunt WA, Johnson SD (eds) Formal methods in computer-aided design, Lecture notes in computer science, vol 1954. Springer, Berlin, pp 108–125

    Google Scholar 

  41. Siminiceanu RI, Ciardo G (2006) New metrics for static variable ordering in decision diagrams. In: Hermanns H, Palsberg J (eds) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 3920. Springer, Berlin, pp 90–104

    Google Scholar 

  42. Somenzi v, Ravi K, Bloem R (2002) Analysis of symbolic SCC hull algorithms. In: Aagaard MD, O’Leary JW (eds) Formal methods in computer-aided design, Lecture notes in computer science, vol 2517. Springer, Berlin, pp 88–105

    Google Scholar 

  43. Szpyrka M, Biernacka A, Jerzy B (2014) Methods of translation of Petri nets to NuSMV language. In: Popova-Zeugmann L (ed) Concurrency, specification and programming, CEUR workshop proceedings, vol 1269, pp 245–256

  44. Tarjan R (1972) Depth-first search and linear graph algorithms. SIAM J Comput 1(2): 146–160

    Article  MathSciNet  MATH  Google Scholar 

  45. Thierry-Mieg Y, Ilié J-M, Poitrenaud D (2004) A symbolic symbolic state space representation. In: Frutos-Escrig D, Núñez M (eds) Formal techniques for networked and distributed systems – FORTE 2004, Lecture notes in computer science, vol 3235. Springer, Berlin, pp 276–291

    Google Scholar 

  46. Vardi MY (1996) An automata-theoretic approach to linear temporal logic. In: Moller F, Birtwistle G (eds) Logics for concurrency, Lecture notes in computer science, vol 1043. Springer, Berlin, pp 238–266

    Google Scholar 

  47. Vardi MY, Wolper P (1986) An automata-theoretic approach to automatic program verification. In: Proceedings of the symposium on logic in computer science. IEEE Computer Society, pp 332–344

  48. Wang C, Bloem R, Hachtel GD, Ravi K, Somenzi F (2006) Compositional SCC analysis for language emptiness. Form Methods Syst Des 28(1): 5–36

    Article  MATH  Google Scholar 

  49. Zhao Y, Ciardo G (2009) Symbolic CTL model checking of asynchronous systems using constrained saturation. In: Liu Z, Ravn AP (eds) Automated technology for verification and analysis, Lecture notes in computer science, vol 5799. Springer, Berlin, pp 368–381

    Google Scholar 

  50. Zhao Y, Ciardo G (2011) Symbolic computation of strongly connected components and fair cycles using saturation. Innov Syst Softw Eng 7(2): 141–150

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Measurement and Information Systems, Budapest University of Technology and Economics, Magyar tudósok körútja 2., Budapest, 1117, Hungary

    Vince Molnár, András Vörös, Dániel Darvas & István Majzik

  2. Institute for Computer Science and Control, Hungarian Academy of Sciences, Kende utca 13–17., Budapest, 1111, Hungary

    Tamás Bartha

Authors
  1. Vince Molnár
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. András Vörös
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dániel Darvas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tamás Bartha
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. István Majzik
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vince Molnár.

Additional information

Stephan Merz, Jun Pang, and Jin Song Dong

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Molnár, V., Vörös, A., Darvas, D. et al. Component-wise incremental LTL model checking. Form Asp Comp 28, 345–379 (2016). https://doi.org/10.1007/s00165-015-0347-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-015-0347-x

Keywords

Search

Navigation