Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Component-wise incremental LTL model checking

  • 131 Accesses

  • 4 Citations

Abstract

Efficient symbolic and explicit-state model checking approaches have been developed for the verification of linear time temporal logic (LTL) properties. Several attempts have been made to combine the advantages of the various algorithms. Model checking LTL properties usually poses two challenges: one must compute the synchronous product of the state space and the automaton model of the desired property, then look for counterexamples that is reduced to finding strongly connected components (SCCs) in the state space of the product. In case of concurrent systems, where the phenomenon of state space explosion often prevents the successful verification, the so-called saturation algorithm has proved its efficiency in state space exploration. This paper proposes a new approach that leverages the saturation algorithm both as an iteration strategy constructing the product directly, as well as in a new fixed-point computation algorithm to find strongly connected components on-the-fly by incrementally processing the components of the model. Complementing the search for SCCs, explicit techniques and component-wise abstractions are used to prove the absence of counterexamples. The resulting on-the-fly, incremental LTL model checking algorithm proved to scale well with the size of models, as the evaluation on models of the Model Checking Contest suggests.

This is a preview of subscription content, log in to check access.

References

  1. BZC99

    Biere A, Zhu Y, Clarke EM (1999) Multiple state and single state tableaux for combining local and global model checking. In: Olderog E-R, Steffen B (eds) Correct system design, Lecture notes in computer science, vol 1710. Springer, Berlin, pp 163–179

  2. BCCZ99

    Biere A, Cimatti A, Clarke EM, Zhu Y (1999) Symbolic model checking without BDDs. In: Cleaveland WR (ed) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 1579. Springer, Berlin, pp 193–207

  3. Bry86

    Bryant RE (1986) Graph-based algorithms for Boolean function manipulation. IEEE Trans Comput C-35 8: 677–691

  4. BSHZ11

    Bradley AR, Somenzi F, Hassan Z, Zhang Y (2011) An incremental approach to model checking progress properties. In: Bjesse P, Slobodová A (eds) Proceedings of the international conference on formal methods in computer-aided design. FMCAD Inc, pp 144–153

  5. Büc62

    Büchi JR (1962) On a decision method in restricted second order arithmetic. In: Nagel E, Suppes P, Tarski A (eds) Proceedings of the 1960 international congress on logic, methodology and philosophy of science. Stanford University Press, Stanford, pp 1–11

  6. BCM+92

    Burch JR, Clarke EM, McMillan KL, Dill DL, Hwang LJ (1992) Symbolic model checking: 1020 states and beyond. Inf Comput 98(2): 142–170

  7. CCD+14

    Cavada R, Cimatti A, Dorigatti M, Mariotti A, Micheli A, Mover S, Griggio A, Roveri M, Tonetta S (2014) The nuXmv symbolic model checker. Technical report, Fondazione Bruno Kessler

  8. CCG+02

    Cimatti A, Clarke E, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella T (2002) NuSMV 2: an opensource tool for symbolic model checking. In: Brinksma E, Larsen KG (eds) Computer aided verification, Lecture notes in computer science, vol 2404. Springer, Berlin, pp 359–364

  9. CLS01

    Ciardo G, Lüttgen G, Siminiceanu R (2001) Saturation: an efficient iteration strategy for symbolic state space generation. In: Margaria T, Yi W (eds) Tools and algorithms for the construction and analysis of systems, vol 2031 of Lecture notes in computer science. Springer, Berlin, pp 328–342

  10. CMS03

    Ciardo G, Marmorstein R, Siminiceanu R (2003) Saturation unbound. In: Garavel H, Hatcliff J (eds) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 2619. Springer, Berlin, pp 379–393

  11. CLY07

    Ciardo G, Lüttgen G, Yu AJ (2007) Improving static variable orders via invariants. In: Kleijn J, Yakovlev A (eds) Petri nets and other models of concurrency – ICATPN 2007, Lecture Notes in Computer Science, vol 4546. Springer, Berlin, pp 83–103

  12. CMS06

    Ciardo G, Marmorstein R, Siminiceanu R (2006) The saturation algorithm for symbolic state-space exploration. Int J Softw Tools Technol Transf 8(1): 4–25

  13. CGH97

    Clarke EM, Grumberg O, Hamaguchi K (1997) Another look at LTL model checking. Formal Methods Syst Des 10(1): 47–71

  14. CGP99

    Clarke EM, Grumberg O, Peled DA (1999) Model checking. MIT Press, Cambridge

  15. CMCH96

    Clarke EM, McMillan KL, Campos SV, Hartonas-Garmhausen V (1996) Symbolic model checking. In: Alur R, Henzinger TA (eds) Computer aided verification, Lecture notes in computer science, vol 1102. Springer, Berlin, pp 419–422

  16. CGJ+00

    Clarke E, Grumberg O, Jha S, Lu Y, Veith H (2000) Counterexample-guided abstraction refinement. In: Emerson EA, Sistla AP (eds) Computer aided verification, Lecture notes in computer science, vol 1855. Springer, Berlin, pp 154–169

  17. CVWY91

    Courcoubetis CA, Vardi MY, Wolper P, Yannakakis M (1991) Memory efficient algorithms for the verification of temporal properties. In: Clarke EM, Kurshan RP (eds) Computer-aided verification, Lecture notes in computer science, vol 531. Springer, Berlin, pp 233–242

  18. DP04

    Duret-Lutz A, Poitrenaud D (2004) SPOT: an extensible model checking library using transition-based generalized Büchi automata. In: Proceedings of the IEEE international symposium on modeling, analysis, and simulation of computer and telecommunications systems, pp 76–83

  19. DKPT11a

    Duret-Lutz A, Klai K, Poitrenaud D, Thierry-Mieg Y (2011) Combining explicit and symbolic approaches for better on-the-fly LTL model checking. CoRR, abs/1106.5700. http://arxiv.org/abs/1106.5700

  20. DKPT11b

    Duret-Lutz A, Klai K, Poitrenaud D, Thierry-Mieg Y (2011) Self-loop aggregation product—a new hybrid approach to on-the-fly LTL model checking. In: Bultan T, Hsiung P-A (eds) Automated technology for verification and analysis, Lecture notes in computer science, vol 6996. Springer, Berlin, pp 336–350

  21. EC80

    Emerson EA, Clarke EM (1980) Characterizing correctness properties of parallel programs using fixpoints. In: Bakker J, Leeuwen J (eds) Automata, languages and programming, Lecture notes in computer science, vol 85. Springer, Berlin, pp 169–181

  22. GO01

    Gastin P, Oddoux D (2001) Fast LTL to Büchi automata translation. In: Berry G, Comon H, Finkel A (eds) Computer aided verification, Lecture notes in computer science, vol 2102. Springer, Berlin, pp 53–65

  23. GPVW95

    Gerth R, Peled D, Vardi MY, Wolper P (1995) Simple on-the-fly automatic verification of linear temporal logic. In: Dembinski P, Sredniawa M (eds) Proceedings of the international symposium on protocol specification, testing and verification. Chapman & Hall, Ltd, pp 3–18

  24. God96

    Godefroid P (1996) Partial-order methods for the verification of concurrent systems: an approach to the state-explosion problem. Springer, Secaucus

  25. HIK04

    Haddad S, Ilié J-M, Klai K (2004) Design and evaluation of a symbolic and abstraction-based model checker. In: Wang F (ed) Automated technology for verification and analysis, Lecture notes in computer science, vol 3299. Springer, Berlin, pp 196–210

  26. HJMS02

    Henzinger TA, Jhala R, Majumdar R, Sutre G (2002) Lazy abstraction. In: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on principles of programming languages. ACM, New York, pp 58–70

  27. HKK+09

    Hillah LM, Kindler E, Kordon F, Petrucci L, Treves N et al (2009) A primer on the Petri Net Markup Language and ISO/IEC 15909-2. Petri Net Newsl 76:9–28

  28. HPY97

    Holzmann GJ, Peled D, Yannakakis M (1997) On nested depth first search. In: Holzmann GJ, Grégoire J-C, Peled D-A (eds) The spin verification system, DIMACS series in discretemathematics and theoretical computer science, vol 32. AMS, pp 81–89

  29. KP08

    Klai K, Poitrenaud D (2008) MC-SOG: An LTL model checker based on symbolic observation graphs. In: Hee KM, Valk R (eds) Applications and theory of Petri nets, Lecture notes in computer science, vol 5062. Springer, Berlin, pp 288–306

  30. Kri63

    Kripke SA (1963) Semantical considerations on modal logic. Acta Philos Fenn 16: 83–94

  31. MP92

    Manna Z, Pnueli A (1992) The temporal logic of reactive and concurrent systems. Springer, New York

  32. McM92

    McMillan KL (1992) Symbolic model checking: an approach to the state explosion problem. PhD thesis, Carnegie Mellon University, UMI Order No. GAX92-24209

  33. McM03

    McMillan KL (2003) Interpolation and SAT-based model checking. In: Hunt WA, Jr, Somenzi F (eds) Lecture notes in computer science, vol 2725, pp 1–13

  34. MD98

    Miller DM, Drechsler R (1998) Implementing a multiple-valued decision diagram package. In: Proceedings of the 28th IEEE international symposium on multiple-valued logic, pp 52–57

  35. MDVB15

    Molnár V, Darvas D, Vörös A, Bartha T (2015) Saturation-based incremental LTL model checking with inductive proofs. In: Baier C, Tinelli C (eds) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 9035. Springer, Berlin, pp 643–657

  36. Mur89

    Murata T (1989) Petri nets: properties, analysis and applications. Proc IEEE 77(4): 541–580

  37. Pel98

    Peled D (1998) Ten years of partial order reduction. In: Hu AJ, Vardi MY (eds) Computer aided verification, Lecture notes in computer science, vol 1427. Springer, Berlin, pp 17–28

  38. Pnu77

    Pnueli A (1977) The temporal logic of programs. In: Proceedings of the 18th annual symposium on foundations of computer science. IEEE Computer Society, pp 46–57

  39. STV05

    Sebastiani R, Tonetta S, Vardi MY (2005) Symbolic systems, explicit properties: on hybrid approaches for LTL symbolic model checking. In: Etessami K, Rajamani SK (eds) Computer aided verification, Lecture notes in computer science, vol 3576. Springer, Berlin, pp 350–363

  40. SSS00

    Sheeran M, Singh S, Stålmarck G (2000) Checking safety properties using induction and a SAT-solver. In: Hunt WA, Johnson SD (eds) Formal methods in computer-aided design, Lecture notes in computer science, vol 1954. Springer, Berlin, pp 108–125

  41. SC06

    Siminiceanu RI, Ciardo G (2006) New metrics for static variable ordering in decision diagrams. In: Hermanns H, Palsberg J (eds) Tools and algorithms for the construction and analysis of systems, Lecture notes in computer science, vol 3920. Springer, Berlin, pp 90–104

  42. SRB02

    Somenzi v, Ravi K, Bloem R (2002) Analysis of symbolic SCC hull algorithms. In: Aagaard MD, O’Leary JW (eds) Formal methods in computer-aided design, Lecture notes in computer science, vol 2517. Springer, Berlin, pp 88–105

  43. SBJ14

    Szpyrka M, Biernacka A, Jerzy B (2014) Methods of translation of Petri nets to NuSMV language. In: Popova-Zeugmann L (ed) Concurrency, specification and programming, CEUR workshop proceedings, vol 1269, pp 245–256

  44. Tar72

    Tarjan R (1972) Depth-first search and linear graph algorithms. SIAM J Comput 1(2): 146–160

  45. TMIP04

    Thierry-Mieg Y, Ilié J-M, Poitrenaud D (2004) A symbolic symbolic state space representation. In: Frutos-Escrig D, Núñez M (eds) Formal techniques for networked and distributed systems – FORTE 2004, Lecture notes in computer science, vol 3235. Springer, Berlin, pp 276–291

  46. Var96

    Vardi MY (1996) An automata-theoretic approach to linear temporal logic. In: Moller F, Birtwistle G (eds) Logics for concurrency, Lecture notes in computer science, vol 1043. Springer, Berlin, pp 238–266

  47. VW86

    Vardi MY, Wolper P (1986) An automata-theoretic approach to automatic program verification. In: Proceedings of the symposium on logic in computer science. IEEE Computer Society, pp 332–344

  48. WBH+06

    Wang C, Bloem R, Hachtel GD, Ravi K, Somenzi F (2006) Compositional SCC analysis for language emptiness. Form Methods Syst Des 28(1): 5–36

  49. ZC09

    Zhao Y, Ciardo G (2009) Symbolic CTL model checking of asynchronous systems using constrained saturation. In: Liu Z, Ravn AP (eds) Automated technology for verification and analysis, Lecture notes in computer science, vol 5799. Springer, Berlin, pp 368–381

  50. ZC11

    Zhao Y, Ciardo G (2011) Symbolic computation of strongly connected components and fair cycles using saturation. Innov Syst Softw Eng 7(2): 141–150

Download references

Author information

Correspondence to Vince Molnár.

Additional information

Stephan Merz, Jun Pang, and Jin Song Dong

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Molnár, V., Vörös, A., Darvas, D. et al. Component-wise incremental LTL model checking. Form Asp Comp 28, 345–379 (2016). https://doi.org/10.1007/s00165-015-0347-x

Download citation

Keywords

  • Symbolic model checking
  • LTL
  • Saturation
  • Component-wise abstraction
  • SCC computation
  • Incremental algorithm