Advertisement

Formal Aspects of Computing

, Volume 28, Issue 2, pp 295–323 | Cite as

Optimising the ProB model checker for B using partial order reduction

  • Ivaylo Dobrikov
  • Michael Leuschel
Original Article

Abstract

Partial order reduction has been very successful at combatting the state explosion problem for lower-level formalisms, but has thus far made hardly any impact for model checking higher-level formalisms such as B, Z or TLA+. This paper attempts to remedy this issue in the context of Event-B, with its much more fine-grained events and thus increased potential for event-independence and partial order reduction. In this work, we provide a detailed description of a partial order reduction for explicit state model checking in ProB. The technique is evaluated on a variety of models. The implementation of the method is discussed, which is based on new constraint-based analyses. Further, we give a comprehensive description for elaborating the implementation into the LTL model checker of ProB for checking LTLX formulae.

Keywords

Model checking Partial order reduction Static analysis Event-B LTL 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. A96.
    Abrial J-R (1996) The B-book: assigning programs to meanings. Cambridge University Press, New YorkCrossRefMATHGoogle Scholar
  2. A10.
    Abrial J-R (2010) Modeling in Event-B: system and software engineering, 1st edn. Cambridge University Press, New YorkCrossRefMATHGoogle Scholar
  3. AA09.
    Ait-Sadoune I, Ait-Ameur Y (2009) A proof based approach for modelling and verifying web services compositions. In: ICECCS ’09, Washington, DC, USA. IEEE Computer Society, pp 1–10Google Scholar
  4. ABHV06.
    Abrial J-R, Butler M, Hallertede S, Voisin L (2006) An open extensible tool environment for Event-B. In: ICFEM 2006. LNCS, vol 4260. Springer, pp 588–605Google Scholar
  5. BBČ+09.
    Bene N, Brim L, Černá I, Sochor J, Vařeková P, Zimmerova B (2009) Partial order reduction for state/event LTL. In: iFM 2009. LNCS, vol 5423. Springer, Berlin, pp 307–321Google Scholar
  6. BBH+13.
    Barnat J, Brim L, Havel V, Havlíček J, Kriho J, Lenčo M, Ročkai P, Štill V, Weiser J (2013) DiVinE 3.0—an explicit-state model checker for multithreaded C & C++ programs. In: CAV. LNCS, vol 8044. Springer, Berlin, pp 863–868Google Scholar
  7. BBR10.
    Barnat J, Brim L, Rockai P (2010) Parallel partial order reduction with topological sort proviso. In: SEFM. IEEE Computer Society, pp 222–231Google Scholar
  8. BDSW14.
    Boström P, Degerlund F, Sere K, Waldén M (2014) Derivation of concurrent programs by stepwise scheduling of Event-B models. Form Asp Comput 26(2): 281–303MathSciNetCrossRefGoogle Scholar
  9. BeL09.
    Bendisposto J, Leuschel M (2009) Proof assisted model checking for B. In: ICFEM. LNCS, vol 5885, pp 504–520, Springer, BerlinGoogle Scholar
  10. BeL11.
    Bendisposto J, Leuschel M (2011) Automatic flow analysis for Event-B. In: FASE. LNCS, vol 6603. Springer, Berlin, pp 50–64Google Scholar
  11. BK08.
    Baier C, Katoen J-P (2008) Principles of model checking. The MIT Press, BostonMATHGoogle Scholar
  12. BLL09.
    Bosnacki D, Leue S, Lluch-Lafuente A (2009) Partial-order reduction for general state exploring algorithms. STTT 11(1): 39–51CrossRefMATHGoogle Scholar
  13. CCO+04.
    Chaki S, Clarke EM, Ouaknine J, Sharygina N, Sinha N (2004) State/event based software model checking. In: iFM. LNCS, vol 2999, pp 128–147Google Scholar
  14. CEGP99.
    Clarke Jr, Edmund M, Grumberg O, Peled DA (1999) Model checking. MIT Press, CambridgeGoogle Scholar
  15. CGMP99.
    Clarke EM, Grumberg O, Minea M, Peled D (1999) State space reduction using partial order techniques. Int J STTT 2(3):279–287CrossRefMATHGoogle Scholar
  16. DL14.
    Dobrikov I, Leuschel M (2014) Optimising the ProB model checker for B using partial order reduction. In: SEFM LNCS, vol 8702, pp 220–234Google Scholar
  17. ELN+13.
    Esparza J, Lammich P, Neumann R, Nipkow T, Schimpf A, Smaus J-G (2013) A fully verified executable LTL model checker. In: CAV. LNCS, vol 8044. Springer, Berlin pp 463–478Google Scholar
  18. G96.
    Godefroid P (1996) Partial-order methods for the verification of concurrent systems—an approach to the state-explosion problem. LNCS, vol 1032. Springer, BerlinMATHGoogle Scholar
  19. GP93.
    Godefroid P, Pirottin D (993) Refining dependencies improves partial-order verification methods. In: CAV. LNCS, vol 697. Springer, BerlinGoogle Scholar
  20. GW91.
    Godefroid P, Wolper P (1991) Using partial orders for the efficient verification of deadlock freedom and safety properties. In: CAV. LNCS, vol 575, pp 332–342. Springer, BerlinGoogle Scholar
  21. H03.
    Holzmann G (2003) Spin model checker, the: primer and reference manual, 1st edn. Addison-Wesley Professional, BostonGoogle Scholar
  22. HD94.
    Holzmann G, Peled D (1994) An improvement in formal verification. In: Proceedings FORTE, pp 197–211Google Scholar
  23. KLM+15.
    Kant G, Laarman A, Meijer J, van de Pol J, Blom S, van Dijk T (2015) LTSmin: high-performance language-independent model checking. In: TACAS. LNCS, vol 9035. Springer, Berlin, pp 692–707Google Scholar
  24. L08.
    Leuschel M (2008) The high road to formal validation: model checking high-level versus low-level specifications. In: ABZ. LNCS, vol 5238. Springer, Berlin, pp 4–23Google Scholar
  25. LBST07.
    Leuschel M, Butler M, Spermann C, Turner E (2007) Symmetry reduction for B by permutation flooding. In: Proceedings B’2007. LNCS, vol 4355. Springer, Berlin, pp 79–93Google Scholar
  26. LB08.
    Leuschel M, Butler M (2008) ProB: an automated analysis toolset for the B method. STTT 10(2): 185–203CrossRefGoogle Scholar
  27. LBe10.
    Leuschel M, Bendisposto J (2010) Directed model checking for B: an evaluation and new techniques. In: SBMF’ 2010. LNCS, vol 6527. Springer, Berlin, pp 1–16Google Scholar
  28. LM07.
    Leuschel M, Massart T (2007) Efficient approximative verification for B via symmetry markers. In: Proceedings international symmetry conference, pp 71–85, JanuaryGoogle Scholar
  29. LP85.
    Lichtenstein O, Pnueli A (1985) Checking that finite state concurrent programs satisfy their linear specifications. In: POPL’85, New York, NY, USA, ACM, pp 97–107Google Scholar
  30. LW11.
    Laarman A, Wijs A (2014) Partial-order reduction for multi-core LTL model checking. In: HVC 2014. LNCS, vol 8855. Springer, Berlin, pp 267–283Google Scholar
  31. NWP02.
    Nipkow T, Wenzel M, Paulson LC (2002) Isabelle/HOL-A proof assistant for Higher-Order Logic. Springer, BerlinMATHGoogle Scholar
  32. P77.
    Pnueli A (1977) The temporal logic of programs. In: Proceedings of 18th IEEE symposium on foundations of computer science (SFCS ’77). IEEE Computer Society Press, pp 46–57Google Scholar
  33. P94.
    Peled D (1994) Combining partial order reduction with on-the-fly model-checking. In: Proceedings of the sixth workshop on CAV. LNCS, vol 818. Springer, Berlin, pp 377–390Google Scholar
  34. PL10.
    Plagge D, Leuschel M (2010) Seven at one stroke: LTL model checking for high-level specifications in B, Z, CSP, and more. STTT 12(1): 9–21CrossRefGoogle Scholar
  35. PW97.
    Peled D, Wilke T (1997) Stutter-invariant temporal properties are expressible without the next-time operator. Inf Process Lett. 63(5): 243–246MathSciNetCrossRefMATHGoogle Scholar
  36. RMQ10.
    Rosa CD, Merz S, Quinson M (2010) A simple model of communication APIs—application to dynamic partial-order reduction. ECEASST 35Google Scholar
  37. SLD08.
    Sun J, Liu Y, Dong JS (2008) Model checking CSP revisited: introducing a process analysis toolkit. In: Proceedings of ISoLA. Springer, Berlin, pp 307–322Google Scholar
  38. T72.
    Tarjan R (1972) Depth first search and linear graph algorithms. SIAM J Comput 1(2): 146–160MathSciNetCrossRefMATHGoogle Scholar
  39. TLSB07.
    Turner E, Leuschel M, Spermann C, Butler M (2007) Symmetry reduced model checking for B. In: TASE. IEEE, pp 25–34Google Scholar
  40. V89a.
    Valmari A (1989) Stubborn sets for reduced state space generation. In: Applications and theory of petri nets, pp 491–515Google Scholar
  41. V89b.
    Valmari A (1989) Eliminating redundant interleavings during concurrent program verification. In: PARLE. LNCS, vol 366, Springer, Berlin, pp 89–103Google Scholar
  42. V90.
    Valmari A (1990) A stubborn attack on state explosion. In: CAV, pp 156–165Google Scholar
  43. V96.
    Valmari A (1996) Stubborn set methods for process algebras. In: DIMACS, vol 29, pp 213–231Google Scholar
  44. W99.
    Wehrheim H (1999) Partial order reductions for failures refinement. In: Proceedings of the 6th international workshop on expressiveness in concurrency, Electronic notes in theoretical computer science, vol 27, pp 71–84Google Scholar
  45. ZSS+14.
    Zheng M, Sanán D, Sun J, Liu Y, Dong JS, Gu Y (2013) State space reduction for sensor networks using two-level partial order reduction. In: VMCAI, pp 515–535Google Scholar

Copyright information

© British Computer Society 2016

Authors and Affiliations

  1. 1.Institut für InformatikHeinrich-Heine Universität DüsseldorfDüsseldorfGermany

Personalised recommendations