Advertisement

Counter-example generation in symbolic abstract model-checking

  • Gordon Pace
  • Nicolas Halbwachs
  • Pascal Raymond
Special section on formal methods for industrial critical systems

Abstract

The boundaries of model-checking have been extended through the use of abstraction. These techniques are conservative, in the following sense: when the verification succeeds, the verified property is guaranteed to hold; but when it fails, it may result either from the non satisfaction of the property, or from a too rough abstraction. In case of failure, it is, in general, undecidable whether an abstract trace corresponding to a counter-example has any concrete counterparts. For debugging purposes, one usually desires to go further than giving a “yes/no” answer (actually, a “yes/don’t know” answer!), and look for such concrete counter-examples. We propose a solution in which we apply standard test-pattern generation technology to search for concrete instances of abstract traces.

Keywords

Model-checking Abstraction Concrete counterexample Test pattern generation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bensalem S, Caspi P, Dumas C, Parent-Vigouroux C (1999) A methodology for proving control programs with Lustre and PVS. In: Dependable Computing for Critical Applications, DCCA-7, San Jose. IEEE Computer Society, January Google Scholar
  2. 2.
    Burch JR, Clarke EM, McMillan KL, Dill DL, Hwang J (1990) Symbolic model checking: 1020 states and beyond. In: Fifth IEEE Symposium on Logic in Computer Science, Philadelphia Google Scholar
  3. 3.
    Ball T, Rajamani SK (2000) Checking temporal properties of software with boolean programs. In: Workshop on Advances in Verification (with CAV 2000) Google Scholar
  4. 4.
    Chauhan P, Clarke EM, Kukula J, Sapra S, Veith H, Wang D (2002) Automated abstraction refinement for model checking large state spaces using SAT based conflict analysis. In: Formal Methods in Computer Aided Design (FMCAD), November Google Scholar
  5. 5.
    Clarke E, Grumberg O, Jha S, Lu Y, Veith H (2003) Counterexample-guided abstraction refinement. JACM, 50(5), September. Preliminary version in CAV’2000, LNCS, vol 1855, Springer-Verlag Google Scholar
  6. 6.
    Clarke EM, Gupta A, Kukula J, Strichman O (2002) SAT based abstraction-refinement using ILP and machine learning techniques. In: CAV’02, July Google Scholar
  7. 7.
    Clarke EM, Grumberg O, Long DE (1994) Model checking and abstraction. ACM TOPLAS 16(5) Google Scholar
  8. 8.
    Coudert O, Madre JC, Berthet C (1990) Verifying temporal properties of sequential machines without building their state diagrams. In: Kurshan R (ed) International Workshop on Computer Aided Verification, Rutgers (NJ), June Google Scholar
  9. 9.
    Graf S, Loiseaux C (1993) A tool for symbolic program verification and abstraction. In: Fifth Conference on Computer-Aided Verification, CAV’93, Elounda (Greece), July. LNCS, vol 697, Springer Verlag Google Scholar
  10. 10.
    Halbwachs N, Caspi P, Raymond P, Pilaud D (1991) The synchronous dataflow programming language Lustre . Proceedings of the IEEE 79(9):1305–1320, September CrossRefGoogle Scholar
  11. 11.
    Halbwachs N, Lagnier F, Ratel C (1992) Programming and verifying real-time systems by means of the synchronous data-flow programming language Lustre . IEEE Transactions on Software Engineering, Special Issue on the Specification and Analysis of Real-Time Systems, September Google Scholar
  12. 12.
    Halbwachs N, Raymond P (1999) Validation of synchronous reactive systems: from formal verification to automatic testing. In: ASIAN’99, Asian Computing Science Conference, Phuket (Thailand), December Google Scholar
  13. 13.
    Jahier E, Jeannet B, Gaucher F, Maraninchi F (2003) Automatic state reaching for debugging reactive programs. In: AADEBUG’2003 – Fifth International Workshop on Automated Debugging, Ghent, September Google Scholar
  14. 14.
    Lakhnech Y, Bensalem S, Berezin S, Owre S (2001) Incremental verification by abstraction. In: Tools and Algorithms for the Construction and Analysis of Systems (TACAS), LNCS. Springer-Verlag Google Scholar
  15. 15.
    Păsăreanu CS, Dwyer MB, Visser W (2001) Finding feasible counter-examples when model checking Java programs. In: Tools and Algorithms for the Construction and Analysis of Systems (TACAS), LNCS, vol 2031. Springer-Verlag Google Scholar
  16. 16.
    Pace G, Halbwachs N, Raymond P (2001) Counter-example generation in symbolic abstract model-checking. In: 6th International Workshop on Formal Methods for Industrial Critical Systems, FMICS’2001, Paris, July. Inria Google Scholar
  17. 17.
    Raymond P, Weber D, Nicollin X, Halbwachs N (1998) Automatic testing of reactive systems. In: 19th IEEE Real-Time Systems Symposium, Madrid, Spain, December Google Scholar
  18. 18.
    Saraswat VA (1990) The paradigm of concurrent constraint programming. In: Warren P, Szerdei DHD (eds) Proceedings of the 7th International Conference on Logic Programming (ICLP ’90), pp 777–778, Jerusalem, June. MIT PressGoogle Scholar

Copyright information

© Springer-Verlag 2004

Authors and Affiliations

  • Gordon Pace
    • 1
  • Nicolas Halbwachs
    • 1
  • Pascal Raymond
    • 1
  1. 1.VérimagGrenobleFrance

Personalised recommendations