Invisible Invariants and Abstract Interpretation

  • Kenneth L. McMillan
  • Lenore D. Zuck
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6887)


The method of Invisible Invariants provides a way to verify safety properties of infinite parameterized classes of finite-state systems using finite-state model checking techniques. This paper looks at invisible invariants from the point of view of abstract interpretation. Viewed in this way, the method suggests a generic strategy for computing abstract fixed points in the case where the best abstract transformer has a high computational cost. This strategy requires only that we can reasonably segregate the infinite concrete state space into finite subsets of increasing size or complexity. We observe that in domains for which the computation of the best abstract transformer may require an exponential number of calls to a theorem prover, we can sometimes reduce the number of theorem prover calls to just one, without sacrificing accuracy.


Abstract Interpretation Reachable State Disjunctive Normal Form Binary Decision Diagram Abstract Domain 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [APR+01]
    Arons, T., Pnueli, A., Ruah, S., Xu, J., Zuck, L.D.: Parameterized verification with automatically computed inductive assertions. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, p. 221–234 Springer, Heidelberg (2001)Google Scholar
  2. [BCI10]
    Berdine, J., Cook, B., Ishtiaq, S.: SLAyer: Memory safety for systems-level code. Technical Report 144848, MSR (2010); To appear in CAV 2011 (2011)Google Scholar
  3. [BFPZ05]
    Balaban, I., Fang, Y., Pnueli, A., Zuck, L.D.: IIV: An invisible invariant verifier. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 408–412. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. [Bin08]
    Bingham, J.D.: Automatic non-interference lemmas for parameterized model checking. In: Cimatti, A., Jones, R.B. (eds.) FMCAD, pp. 1–8. IEEE, Los Alamitos (2008)Google Scholar
  5. [BLS02]
    Bryant, R.E., Lahiri, S.K., Seshia, S.A.: Modeling and verifying systems using a logic of counter arithmetic with lambda expressions and uninterpreted functions. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, p. 78. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. [BPZ06]
    Balaban, I., Pnueli, A., Zuck, L.D.: Invisible safety of distributed protocols. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 528–539. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. [BPZ07]
    Balaban, I., Pnueli, A., Zuck, L.D.: Shape analysis of single-parent heaps. In: Cook, B., Podelski, A. (eds.) VMCAI 2007. LNCS, vol. 4349, pp. 91–105. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. [CC77]
    Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL, pp. 238–252 (1977)Google Scholar
  9. [CC79]
    Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL, pp. 269–282 (1979)Google Scholar
  10. [Cou81]
    Cousot, P.: Semantic foundations of program analysis. In: Muchnick, S.S., Jones, N.D. (eds.) Program Flow Analysis - Theory and Applications. Prentice Hall software series, pp. 303–342. Prentice Hall, Englewood Cliffs (1981)Google Scholar
  11. [Din99]
    Dingel, J.: Systematic Parallel Programming. PhD thesis, Carnegie Mellon University (1999)Google Scholar
  12. [FPPZ06]
    Fang, Y., Piterman, N., Pnueli, A., Zuck, L.D.: Liveness with invisible ranking. STTT 8(3), 261–279 (2006)CrossRefzbMATHGoogle Scholar
  13. [GNRT10]
    Godefroid, P., Nori, A.V., Rajamani, S.K., Tetali, S.: Compositional may-must program analysis: unleashing the power of alternation. In: POPL, pp. 43–56 (2010)Google Scholar
  14. [Lah04]
    Lahiri, S.K.: Ubounded System Verification using decision Procedure and predicate abstraction. PhD thesis, Carnegie Mellon University (2004)Google Scholar
  15. [LAS00]
    Lev-Ami, T., Sagiv, S.: TVLA: A system for implementing static analyses. In: SAS 2000, pp. 280–301. Springer, Heidelberg (2000)Google Scholar
  16. [LBC03]
    Lahiri, S.K., Bryant, R.E., Cook, B.: A symbolic approach to predicate abstraction. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 141–153. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. [Mon09]
    Monniaux, D.: Automatic modular abstractions for linear constraints. In: POPL 2009, pp. 140–151. ACM, New York (2009)Google Scholar
  18. [PS96]
    Pnueli, A., Shahar, E.: The TLV system and its applications. Technical report, The Weizmann Institute (1996)Google Scholar
  19. [RSY04]
    Reps, T., Sagiv, M., Yorsh, G.: Symbolic implementation of the best transformer. In: Steffen, B., Levi, G. (eds.) VMCAI 2004. LNCS, vol. 2937, pp. 252–266. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. [vE98]
    van Eijk, C.A.J.: Sequential equivalence checking without state space traversal. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 1998, pp. 618–623. IEEE Computer Society, Washington, DC, USA (1998)Google Scholar
  21. [YBS06]
    Yorsh, G., Ball, T., Sagiv, M.: Testing, abstraction, theorem proving: better together? In: ISSTA, pp. 145–156 (2006)Google Scholar
  22. [ZP04]
    Zuck, L.D., Pnueli, A.: Model checking and abstraction to the aid of parameterized systems (a survey). Computer Languages, Systems & Structures 30(3-4), 139–169 (2004)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Kenneth L. McMillan
    • 1
  • Lenore D. Zuck
    • 2
  1. 1.Microsoft ResearchRedmondUSA
  2. 2.University of IllinoisChicagoUSA

Personalised recommendations