State/Event Software Verification for Branching-Time Specifications

  • Sagar Chaki
  • Edmund Clarke
  • Orna Grumberg
  • Joël Ouaknine
  • Natasha Sharygina
  • Tayssir Touili
  • Helmut Veith
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3771)


In the domain of concurrent software verification, there is an evident need for specification formalisms and efficient algorithms to verify branching-time properties that involve both data and communication. We address this problem by defining a new branching-time temporal logic SE-A\({\it \Omega}\) which integrates both state-based and action-based properties. SE-A\({\it \Omega}\) is universal, i.e., preserved by the simulation relation, and thus amenable to counterexample-guided abstraction refinement. We provide a model-checking algorithm for this logic, based upon a compositional abstraction-refinement loop which exploits the natural decomposition of the concurrent system into its components. The abstraction and refinement steps are performed over each component separately, and only the model checking step requires an explicit composition of the abstracted components. For experimental evaluation, we have integrated our algorithm within the ComFort reasoning framework and used it to verify a piece of industrial robot control software.


Concurrent Software Model Checking State/Event-based Verification Branching-time Temporal Logic Automated Abstraction Refinement 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ball, T., Rajamani, S.K.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol. 2057, pp. 103–122. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Chaki, S., Clarke, E.M., Groce, A., Jha, S., Veith, H.: Modular verification of software components in C. In: Proceedings of the 25th International Conference on Software Engineering (ICSE), pp. 385–395. IEEE Press, Los Alamitos (2003)CrossRefGoogle Scholar
  3. 3.
    Chaki, S., Clarke, E.M., Ouaknine, J., Sharygina, N., Sinha, N.: State/event-based software model checking. In: Boiten, E.A., Derrick, J., Smith, G.P. (eds.) IFM 2004. LNCS, vol. 2999, pp. 128–147. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Chaki, S., Clarke, E.M., Ouaknine, J., Sharygina, N., Sinha, N.: Concurrent software verification with states, events, and deadlocks. Formal Aspects of Computing Journal (2005) (to appear)Google Scholar
  5. 5.
    Chaki, S., Ouaknine, J., Yorav, K., Clarke, E.M.: Automated compositional abstraction refinement for concurrent C programs: A two-level approach. In: Proceedings of the Workshop on Software Model Checking (SoftMC). ENTCS, vol. 89(3) (2003)Google Scholar
  6. 6.
    Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154–169. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Clarke, E.M., Grumberg, O., Kurshan, R.P.: A synthesis of two approaches for verifying finite state concurrent systems. Journal of Logic and Computation 2(5), 606–618 (1992)CrossRefMathSciNetGoogle Scholar
  8. 8.
    Clarke, E.M., Grumberg, O., Long, D.E.: Model checking and abstraction. ACM Transactions on Programming Languages and Systems 16(5), 1512–1542 (1994)CrossRefGoogle Scholar
  9. 9.
    Clarke, E.M., Jha, S., Lu, Y., Veith, H.: Tree-like counterexamples in model checking. In: Proceedings of the 17th Symposium on Logic in Computer Science (LICS), pp. 19–29. IEEE Press, Los Alamitos (2002)CrossRefGoogle Scholar
  10. 10.
    Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the SIGPLAN Conference on Programming Languages (1977)Google Scholar
  11. 11.
    Dam, M.: CTL* and ECTL* as fragments of the modal μ-calculus. Theoretical Computer Science 126, 77–96 (1994)MATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Graf, S., Saïdi, H.: Construction of abstract state graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254, pp. 72–83. Springer, Heidelberg (1997)Google Scholar
  13. 13.
    Haartsen, J.: Bluetooth Baseband Specification, version 1.0Google Scholar
  14. 14.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: Proceedings of the 29th Annual ACM Symposium on Principles of Programming Languages (POPL), pp. 58–70. ACM Press, New York (2002)CrossRefGoogle Scholar
  15. 15.
    Hoare, C.A.R.: Communicating Sequential Processes. Prentice Hall, Englewood Cliffs (1985)MATHGoogle Scholar
  16. 16.
    Huth, M., Jagadeesan, R., Schmidt, D.: Modal transition systems: A foundation for three-valued program analysis. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, pp. 137–154. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Ivers, J., Sharygina, N.: Overview of ComFoRT: A model checking reasoning framework. CMU/SEI-2004-TN-018 (2004)Google Scholar
  18. 18.
    Kindler, E., Vesper, T.: ESTL: A temporal logic for events and states. In: Desel, J., Silva, M. (eds.) ICATPN 1998. LNCS, vol. 1420, pp. 365–383. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Kurshan, R.P.: Analysis of discrete event coordination. In: de Bakker, J.W., de Roever, W.-P., Rozenberg, G. (eds.) REX 1989. LNCS, vol. 430, pp. 414–453. Springer, Heidelberg (1990)Google Scholar
  20. 20.
    Kurshan, R.P.: Computer-aided verification of coordinating processes: the automata-theoretic approach. Princeton University Press, Princeton (1994)Google Scholar
  21. 21.
    Lakhnech, Y., Bensalem, S., Berezin, S., Owre, S.: Incremental verification by abstraction. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 98–112. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  22. 22.
  23. 23.
    Milner, R.: Communication and Concurrency. Prentice-Hall, Englewood Cliffs (1989)MATHGoogle Scholar
  24. 24.
    Naumovich, G., Clarke, L.A., Osterweil, L.J., Dwyer, M.B.: Verification of concurrent software with FLAVERS. In: Proceedings of the 19th International Conference on Software Engineering (ICSE), pp. 594–595. IEEE Press, Los Alamitos (1997)CrossRefGoogle Scholar
  25. 25.
    De Nicola, R., Vaandrager, F.: Three logics for branching bisimulation. Journal of the ACM 42(2), 458–487 (1995)MATHCrossRefGoogle Scholar
  26. 26.
    Păsăreanu, C.S., Dwyer, M.B., Visser, W.: Finding feasible counter-examples when model checking abstracted Java programs. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 284–298. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  27. 27.
    Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice-Hall, Englewood Cliffs (1997)Google Scholar
  28. 28.
    Thomas, W.: Computation tree logic and regular ω-languages. In: Proceedings of REX Workshop. LNCS, pp. 690–713. Springer, Heidelberg (1988)Google Scholar
  29. 29.
    Vardi, M.Y., Wolper, P.: Yet another process logic. In: Proceedings of Logic of Programs. LNCS, pp. 501–512. Springer, Heidelberg (1983)Google Scholar
  30. 30.
    Vardi, M.Y., Wolper, P.: Reasoning about infinite computations. Information and Computation 115(1), 1–37 (1994)MATHCrossRefMathSciNetGoogle Scholar
  31. 31.
    Wolper, P.: Temporal logic can be more expressive. Information and Control 56, 72–99 (1983)MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Sagar Chaki
    • 1
  • Edmund Clarke
    • 2
  • Orna Grumberg
    • 3
  • Joël Ouaknine
    • 4
  • Natasha Sharygina
    • 2
    • 5
  • Tayssir Touili
    • 6
  • Helmut Veith
    • 7
  1. 1.Software Engineering InstituteCarnegie Mellon UniversityPittsburghUSA
  2. 2.School of Computer ScienceCarnegie Mellon UniversityPittsburghUSA
  3. 3.The TechnionHaifaIsrael
  4. 4.Computing LaboratoryOxford UniversityOxfordUK
  5. 5.USI (Università della Svizzera Italiana)LuganoSwitzerland
  6. 6.LIAFACNRS & University of Paris7ParisFrance
  7. 7.Technische Universität MünchenMunichGermany

Personalised recommendations