Formal Methods in System Design

, Volume 6, Issue 1, pp 97–123 | Cite as

Using integer programming to verify general safety and liveness properties

  • James C. Corbett
  • George S. Avrunin


Analysis of concurrent systems is plagued by the state explosion problem. We describe an analysis technique that uses necessary conditions, in the form of linear inequalities, to verify certain properties of concurrent systems, thus avoiding the enumeration of the potentially explosive number of reachable states of the system. This technique has been shown to be capable of verifying simple safety properties, like freedom from deadlock, that can be expressed in terms of the number of certain events occurring in a finite execution, and has been successfully used to analyze a variety of concurrent software systems. In this paper, we extend the technique to the verification of more complex safety properties that involve the order of events and to the verification of liveness properties, which involve infinite executions.


Concurrent systems automated verification integer programming safety liveness 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    A. I. Ali, J. Kennington, and B. Shetty. The equal flow problem.European J. Oper. Res., 36:107–115, 1988.Google Scholar
  2. 2.
    G. S. Avrunin, U. A. Buy, and J. C. Corbett. Integer programming in the analysis of concurrent systems. In Larsen and Skou [16], pages 92–102.Google Scholar
  3. 3.
    G. S. Avrunin, U. A. Buy, J. C. Corbett, L. K. Dillon, and J. C. Wileden. Automated analysis of concurrent systems with the constrained expression toolset.IEEE Trans. Softw. Eng. 17(11):1204–1222, Nov. 1991.Google Scholar
  4. 4.
    J. A. Bergstra and J. W. Klop. Algebra of communicating processes with abstraction.Theoretical Comput. Sci., 37(1):77–121, 1985.Google Scholar
  5. 5.
    R. E. Bryant. Graph-based algorithms for boolean function manipulation.IEEE Transactions on Computers, C 35(8):677–691, 1986.Google Scholar
  6. 6.
    J. Burch, E. Clarke, K. McMillan, D. Dill, and L. Hwang. Symbolic model checking: 1020 states and beyond. InProceedings of the Fifth Annual IEEE Symposium on Logic in Computer Science, pages 428–439, 1990.Google Scholar
  7. 7.
    E. Clarke, D. Long, and K. McMillan. Compositional model checking. InProceedings of the Fourth Annual IEEE Symposium on Logic in Computer Science, 1989.Google Scholar
  8. 8.
    E. M. Clarke, O. Grumberg, and D. E. Long. Model checking and abstraction. InProceedings of the 19th ACM Symposium on Principles of Programming Languages, pages 343–354, Jan. 1992.Google Scholar
  9. 9.
    E. M. Clarke and R. P. Kurshan, editors.Computer-Aided Verification '90, number 3 in DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Providence, RI, 1991. American Mathematical Society.Google Scholar
  10. 10.
    R. Cleaveland, J. Parrow, and B. Steffen. The concurrency workbench: A semantics based tool for the verification of concurrent systems.ACM Trans. Prog. Lang. Syst., 15(1):36–72, Jan. 1993.Google Scholar
  11. 11.
    J. C. Corbett.Automated Formal Analysis Methods for Concurrent and Real-Time Software. PhD thesis, University of Massachusetts at Amherst, 1992.Google Scholar
  12. 12.
    H. Garcia-Molina and D. Barbara. How to assign votes in a distributed system.J. ACM, 32(4):841–860, Oct. 1985.Google Scholar
  13. 13.
    P. Godefroid and P. Wolper. Using partial orders for the efficient verification of deadlock freedom and safety properties. In Larsen and Skou [16], pages 332–242.Google Scholar
  14. 14.
    C. A. R. Hoare.Communicating Sequential Processes. Prentice-Hall International, 1985.Google Scholar
  15. 15.
    R. Hojati, H. Touati, R. P. Kurshan, and R. K. Brayton. Efficient ω-regular language containment. In G. v. Bochmann and D. K. Probst, editors,Computer Aided Verification, 4th International Workshop Proceedings, volume 663 ofLecture Notes in Computer Science, pages 371–382, Montreal, Canada, 1992. Springer-Verlag.Google Scholar
  16. 16.
    K. G. Larsen and A. Skou, editors.Computer Aided Verification, 3rd International Workshop Proceedings, volume 575 ofLecture Notes in Computer Science, Aalborg, Denmark, July 1991. Springer-Verlag.Google Scholar
  17. 17.
    R. Milner.Communication and Concurrency. Prentice Hall, London, 1989.Google Scholar
  18. 18.
    D. K. Probst and H. F. Li. Using partial-order semantics to avoid the state explosion problem in asynchronous systems. In Clarke and Kurshan [9], pages 15–24. Also LNCS 531, pp. 15–24.Google Scholar
  19. 19.
    W. Thomas. Automata on infinite objects. In J. van Leeuwen, editor,Handbook of Theoretical Computer Science, volume B. MIT Press/Elsevier, 1990.Google Scholar
  20. 20.
    A. Valmari. Compositional state space generation. InEuropean Conference on Petri Nets, pages 43–62, 1990.Google Scholar
  21. 21.
    A. Valmari. A stubborn attack on state explosion. In Clarke and Kurshan [9], pages 25–41.Google Scholar
  22. 22.
    W. J. Yeh and M. Young. Compositional reachability analysis using process algebra. InProceedings of the Symposium on Testing, Analysis, and Verification (TAV4), pages 178–187, New York, Oct. 1991. ACM SIGSOFT, Association for Computing Machinery.Google Scholar
  23. 23.
    H. Zuidweg. Verification by abstraction and bisimulation. In J. Sifakis, editor,Proceedings of the International Workshop on Automatic Verification Methods for Finite State Systems, pages 105–166, June 1989. Appeared asLecture Notes in Computer Science 407.Google Scholar

Copyright information

© Kluwer Academic Publishers 1995

Authors and Affiliations

  • James C. Corbett
    • 1
  • George S. Avrunin
    • 2
  1. 1.University of Hawaii at ManoaManoaUSA
  2. 2.University of Massachusetts at AmherstAmherstUSA

Personalised recommendations