Advertisement

Induction in Compositional Model Checking

  • Kenneth L. McMillan
  • Shaz Qadeer
  • James B. Saxe
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1855)

Abstract

This paper describes a technique of inductive proof based on model checking. It differs from previous techniques that combine induction and model checking in that the proof is fully mechanically checked and temporal variables (process identifiers, for example) may be natural numbers. To prove ∀n.ϕ(n) inductively, the predicate \(\varphi(n-1) \Rightarrow \varphi(n)\) must be proved for all values of the parameter n. Its proof for a fixed n uses a conservative abstraction that partitions the natural numbers into a finite number of intervals. This renders the model finite. Further, the abstractions for different values of n fall into a finite number of isomorphism classes. Thus, an inductive proof of ∀n.ϕ(n) can be obtained by checking a finite number of formulas on finite models. The method is integrated with a compositional proof system based on the SMV model checker. It is illustrated by examples, including the N-process “bakery” mutual exclusion algorithm.

Keywords

Model Check Abstract Model Critical Section Mutual Induction Ground Instance 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. [BLO98]
    Bensalem, S., Lakhnech, Y., Owre, S.: Computing abstractions of infinite state systems compositionally and automatically. In: Hu, A.J., Vardi, M.Y. (eds.) CAV 1998. LNCS, vol. 1427, pp. 319–331. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. [DDP99]
    Das, S., Dill, D.L., Park, S.: Experience with predicate abstraction. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 160–171. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. [HQR99]
    Henzinger, T.A., Qadeer, S., Rajamani, S.K.: Verifying sequential consistency on shared-memory multiprocessor systems. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 301–315. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  4. [KM89]
    Kurshan, R., McMillan, K.L.: A structural induction theorem for processes. In: Proceedings of the 8th Annual ACM Symposium on Principles of Distributed Computing, pp. 239–247 (1989)Google Scholar
  5. [Lam74]
    Lamport, L.: A new solution of Dijkstra’s concurrent programming problem. Comm. ACM 17, 453–455 (1974)zbMATHCrossRefMathSciNetGoogle Scholar
  6. [McM97]
    McMillan, K.L.: A compositional rule for hardware design refinement. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 24–35. Springer, Heidelberg (1997)Google Scholar
  7. [McM98]
    McMillan, K.L.: Verification of an implementation of Tomasulo’s algorithm by compositional model checking. In: Hu, A.J., Vardi, M.Y. (eds.) CAV 1998. LNCS, vol. 1427, pp. 110–121. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  8. [McM99]
    McMillan, K.L.: Verification of infinite state systems by compositional model checking. In: Pierre, L., Kropf, T. (eds.) CHARME 1999. LNCS, vol. 1703, pp. 219–237. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  9. [ORS92]
    Owre, S., Rushby, J.M., Shankar, N.: PVS: A prototype verification system. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 748–752. Springer, Heidelberg (1992)Google Scholar
  10. [RSS95]
    Rajan, S., Shankar, N., Srivas, M.K.: An integration of model checking with automated proof checking. In: Wolper, P. (ed.) CAV 1995. LNCS, vol. 939, pp. 84–97. Springer, Heidelberg (1995)Google Scholar
  11. [SG97]
    Saïdi, H., Graf, S.: Construction of abstract state graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 72–83. Springer, Heidelberg (1997)Google Scholar
  12. [SS99]
    Saïdi, H., Shankar, N.: Abstract and model check while you prove. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 443–454. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. [WL89]
    Wolper, P., Lovinfosse, V.: Verifying properties of large sets of processes with network invariants. In: Sifakis, J. (ed.) CAV 1989. LNCS, vol. 407, pp. 68–80. Springer, Heidelberg (1990)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Kenneth L. McMillan
    • 1
  • Shaz Qadeer
    • 2
  • James B. Saxe
    • 2
  1. 1.Cadence Berkeley Labs 
  2. 2.Compaq Systems Research Center 

Personalised recommendations