Automatic generation of invariants and intermediate assertions
Verifying temporal specifications of reactive and concurrent systems commonly relies on generating auxiliary assertions and strengthening given properties of the system. Two dual approaches find solutions to these problems: the bottom-up method performs an abstract forward propagation of the system, generating auxiliary properties; the top-down method performs an abstract backward propagation to strengthen given properties. Exact application of these methods is complete but is usually infeasible for large-scale verification. An approximate analysis can often supply enough information to complete the verification.
The paper overviews some of the exact and approximate analysis methods to generate and strengthen assertions for the verification of invariance properties. By formulating and analyzing a generic safety verification rule we extend these methods to the verification of general temporal safety properties.
KeywordsMonotone Operator Safety Property Tree Automaton Rule Safe General Safety
Unable to display preview. Download preview PDF.
- [CC77]P. Cousot and R. Cousot. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In 4th ACM Symp. Princ. of Prog. Lang., pages 238–252. ACM Press, 1977.Google Scholar
- [CGL92]E.M. Clarke, O. Grumberg, and D.E. Long. Model checking and abstraction. In 19th ACM Symp. Princ. of Prog. Lang., pages 343–354, 1992.Google Scholar
- [CH78]P. Cousot and N. Halbwachs. Automatic discovery of linear restraints among the variables of a program. In 5th ACM Symp. Princ. of Prog. Lang., pages 84–97, Jan. 1978.Google Scholar
- [DGG94]D.R. Dams, O. Grumberg, and R. Gerth. Abstract interpretation of reactive systems: Abstractions preserving ∀CTL*, ∃ECTL*, CTL*. In IFIP Working Conference on Programming Concepts, Methods and Calculi (PROCOMET 94), pages 573–592, June 1994.Google Scholar
- [Gra91]P. Granger. Static analysis of linear congruence equalities among variables of a program. In TAPSOFT 91, Vol. 1: Colloq. on Trees in Algebra and Programming (CAAP '91), LNCS, pages 169–192. Springer-Verlag, April 1991.Google Scholar
- [GW75]S. M. German and B. Wegbreit. A Synthesizer of Inductive Assertions. IEEE transactions on Software Engineering, 1(1):68–75, March 1975.Google Scholar
- [Har84]D. Harel. Statecharts: A visual approach to complex systems. Technical Report CS84-05, Dept. of Applied Mathematics, Weizmann Institute of Science, 1984.Google Scholar
- [Hei92]N. Heintze. Set Based Program Analysis. PhD thesis, Carnegie Mellon University, 1992.Google Scholar
- [HH95]T.A. Henzinger and P.-H. Ho. Algorithmic analysis of nonlinear hybrid systems. In Proc. 7th Intl. Conference on Computer Aided Verification, LNCS, 1995.Google Scholar
- [HJ91]N. Heintze and J. Jaffar. A decision procedure for a class of Herbrand set constraints. Technical Report CMU-CS-91-110, Carnegie Mellon University, Feb. 1991. Abstract appears in Proceedings of the 5th Annual IEEE Symposium on Logic in Computer Science, 1990.Google Scholar
- [HRP94]N. Halbwachs, P. Raymond, and Y.-E. Proy. Verification of linear hybrid systems by means of convex approximations. In 1st Intl. Static Analysis Symp., vol. 864 of LNCS, pages 223–237. Springer-Verlag, Sept. 1994.Google Scholar
- [Lau73]K. Lautenbach. Exacte Bedingungen der Lebendigkeit für eine Klasse von Petri-Netzen. St. Augustin, GMD Bonn, 82, 1973.Google Scholar
- [MAB+94]Z. Manna, A. Anuchitanukul, N. Bjørner, A. Browne, E. Chang, M. Colón, L. de Alfaro, H. Devarajan, H.B. Sipma, and T.E. Uribe. STeP: The Stan-ford temporal prover. Technical Report STAN-CS-TR-94-1518, Computer Science Department, Stanford University, July 1994.Google Scholar
- [MP95]Z. Manna and A. Pnueli. Temporal Verification of Reactive Systems: Safety. Springer-Verlag, New York, 1995.Google Scholar
- [Rei85]W. Reisig. Petri Nets: An Introduction, vol. 4 of EATCS Monographs on Theoretical Computer Science. Springer-Verlag, Berlin, 1985.Google Scholar