Advertisement

Abstraction Refinement with Path Constraints for 3-Valued Bounded Model Checking

  • Nils TimmEmail author
  • Stefan Gruner
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1008)

Abstract

We present an abstraction refinement-based technique for checking safety properties of software. The technique employs predicate abstraction and SAT-based 3-valued bounded model checking. In contrast to classical refinement techniques where a single state space model is iteratively explored and refined with predicates, our approach is as follows: We use a coarsely-abstracted model of the full state space where we check for abstract witness paths for the property of interest. For each detected abstract witness we construct a partial model whose state space is restricted to refinements of the witness only. On the partial models we check whether the witness is real or spurious. We eliminate spurious witnesses in the full model via constraints, which do not increase the state space complexity. Our technique terminates when a real witness in a partial model can be detected, or no more witnesses in the full model exist. The approach enables verification with a reduced state space complexity.

References

  1. 1.
    Beyer, D., Henzinger, T.A., Keremoglu, M.E., Wendler, P.: Conditional model checking: a technique to pass information between verifiers. In: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, FSE 2012, pp. 57:1–57:11. ACM, New York (2012)Google Scholar
  2. 2.
    Bruns, G., Godefroid, P.: Model checking partial state spaces with 3-valued temporal logics. In: Halbwachs, N., Peled, D. (eds.) CAV 1999. LNCS, vol. 1633, pp. 274–287. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48683-6_25CrossRefGoogle Scholar
  3. 3.
    Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154–169. Springer, Heidelberg (2000).  https://doi.org/10.1007/10722167_15CrossRefGoogle Scholar
  4. 4.
    Degiovanni, R., Ponzio, P., Aguirre, N., Frias, M.: Improving lazy abstraction for SCR specifications through constraint relaxation. Softw. Test. Verif. Reliab. 28(2), e1657 (2018)CrossRefGoogle Scholar
  5. 5.
    Fecher, H., Shoham, S.: Local abstraction-refinement for the \(\mu \)-calculus. In: Bošnački, D., Edelkamp, S. (eds.) SPIN 2007. LNCS, vol. 4595, pp. 4–23. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73370-6_3CrossRefGoogle Scholar
  6. 6.
    Fitting, M.: Kleene’s three valued logics and their children. Fundamenta Informaticae 20(1–3), 113–131 (1994)MathSciNetzbMATHGoogle Scholar
  7. 7.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2002, pp. 58–70. ACM, New York (2002)Google Scholar
  8. 8.
    Hsu, K., Majumdar, R., Mallik, K., Schmuck, A.: Lazy abstraction-based control for reachability. CoRR abs/1804.02722 (2018)Google Scholar
  9. 9.
    Kroening, D., Ouaknine, J., Strichman, O., Wahl, T., Worrell, J.: Linear completeness thresholds for bounded model checking. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 557–572. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22110-1_44CrossRefGoogle Scholar
  10. 10.
    Madhukar, K., Srivas, M., Wachter, B., Kroening, D., Metta, R.: Verifying synchronous reactive systems using lazy abstraction. In: 2015 Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1571–1574, March 2015Google Scholar
  11. 11.
    Nadel, A.: Boosting minimal unsatisfiable core extraction. In: Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design, FMCAD 2010, pp. 221–229. FMCAD Inc., Austin (2010)Google Scholar
  12. 12.
    Schrieb, J., Wehrheim, H., Wonisch, D.: Three-valued spotlight abstractions. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 106–122. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-05089-3_8CrossRefGoogle Scholar
  13. 13.
    Shoham, S., Grumberg, O.: 3-valued abstraction: more precision at less cost. Inf. Comput. 206(11), 1313–1333 (2008)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Timm, N., Gruner, S.: Three-valued bounded model checking with cause-guided abstraction refinement (manuscript submitted for publication). http://www.github.com/ssfm-up/TVMC/raw/unbounded/SCICO2018.pdf
  15. 15.
    Timm, N., Gruner, S., Harvey, M.: A bounded model checker for three-valued abstractions of concurrent software systems. In: Ribeiro, L., Lecomte, T. (eds.) SBMF 2016. LNCS, vol. 10090, pp. 199–216. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-49815-7_12CrossRefGoogle Scholar
  16. 16.
    Wehrheim, H.: Bounded model checking for partial Kripke structures. In: Fitzgerald, J.S., Haxthausen, A.E., Yenigun, H. (eds.) ICTAC 2008. LNCS, vol. 5160, pp. 380–394. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85762-4_26CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of PretoriaPretoriaSouth Africa

Personalised recommendations