Exploiting Symmetry and Transactions for Partial Order Reduction of Rule Based Specifications

  • Ritwik Bhattacharya
  • Steven M. German
  • Ganesh Gopalakrishnan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3925)


Rule based specifications are popular for specifying protocols, such as cache coherence protocols specified in TLA+, Murphi, or the BlueSpec language. Specifications in these notations are a collection of unordered rules of the form guardatomic_updates. There is no notion of a sequential process with local scope or specialized communication channels, and each rule tends to update multiple fields of the global state. It is believed that partial order (PO) reduction, a powerful state space reduction technique, is difficult to achieve in such a setting. Partial order reductions attempt to visit a smaller set of states by selectively exploring a subset of all enabled transitions at each state, based on the independence of transitions. In earlier work, we have reported a suitable algorithm for this purpose, where the independence relation is computed using symbolic analysis and SAT. In this paper, we expand on this algorithm and show how to exploit some commonly seen characteristics of rule based specifications. First, many of these systems have a transactional nature, such as the request/grant transactions of cache coherence protocols. We show how to use this information while picking subsets of transitions at each state. Second, many of these systems are parameterized, and also exhibit symmetry. We show that, for such systems, the SAT-based computation of the independence relation between rules can be performed once and for all in a manner that is accurate for all parameterized instances of the protocol. Third, we show that sharpening the SAT-based independence computation through local invariants can aid PO reduction. Here, we propose a way by which users may guess these invariants: we can check these invariants and the property of interest in one combined phase under PO reduction (we prove that there is no circularity in this process). Our results indicate that with the above measures, rule based systems can have efficient and effective PO reduction algorithms.


Atomic Formula Satisfying Assignment Independence Relation Cache Coherence Home Node 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Arvind: Bluespec: A language for hardware design, simulation, synthesis and verification. In: MEMOCODE, pp. 249–249 (2003) (invited Talk)Google Scholar
  2. 2.
  3. 3.
    Bhattacharya, R., German, S., Gopalakrishnan, G.: A symbolic partial order reduction algorithm for rule based transition systems. Technical Report UUCS-03-028, School of Computing, University of Utah (2003)Google Scholar
  4. 4.
    Chen, X.: personal communicationGoogle Scholar
  5. 5.
    Clarke, E.M., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (1999)Google Scholar
  6. 6.
    Dill, D.: The Stanford Murphi Verifier. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 390–393. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  7. 7.
    Allen Emerson, E., Jha, S., Peled, D.: Combining partial order and symmetry reductions. In: Brinksma, E. (ed.) TACAS 1997. LNCS, vol. 1217. Springer, Heidelberg (1997)Google Scholar
  8. 8.
  9. 9.
    Godefroid, P.: Using partial orders to improve automatic verification methods. In: Clarke, E., Kurshan, R.P. (eds.) CAV 1990. LNCS, vol. 531, pp. 176–185. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  10. 10.
    Holzmann, G.J.: The model checker SPIN. IEEE Transactions on Software Engineering 23(5), 279–295 (1997); Special issue on Formal Methods in Software PracticeCrossRefGoogle Scholar
  11. 11.
    Holzmann, G.J., Godefroid, P., Pirottin, D.: Coverage preserving reduction strategies for reachability analysis. In: Proc. 12th Int. Conf on Protocol Specification, Testing, and Verification, INWG/IFIP (1992)Google Scholar
  12. 12.
    Norris Ip, C., Dill, D.L.: Better verification through symmetry. In: CHDL 1993, pp. 87–100 (1993)Google Scholar
  13. 13.
    Kuskin, J., Ofelt, D., et al.: The Stanford FLASH multiprocessor. In: SIGARC 1994, May 1994, pp. 302–313 (1994)Google Scholar
  14. 14.
    Lamport, L.: Specifying concurrent systems with TLA+. In: Calculational System Design (1999)Google Scholar
  15. 15.
  16. 16.
    Levin, V., Palmer, R., Qadeer, S., Rajamani, S.K.: Sound transaction-based reduction without cycle detection. In: Godefroid, P. (ed.) SPIN 2005. LNCS, vol. 3639, pp. 106–122. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Pnueli, A.: A temporal logic of concurrent programs. Theoretical Computer Science, 45–60 (1977)Google Scholar
  18. 18.
    Pnueli, A., Ruah, S., Zuck, L.D.: Automatic deductive verification with invisible invariants. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 82–97. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  19. 19.
    Qadeer, S., Rajamani, S., Rehof, J.: Summarizing procedures in concurrent programs. In: Proceedings of the ACM Symposium on the Principles of Programming Languages (2004)Google Scholar
  20. 20.
    Scott, D.: Stoller and Ernie Cohen. Optimistic synchronization-based state-space reduction. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 489–504. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Stump, A., Barrett, C.W., Dill, D.L.: CVC: A Cooperating Validity Checker. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 500–504. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  22. 22.
    Valmari, A.: A stubborn attack on state explosion. In: Clarke, E., Kurshan, R.P. (eds.) CAV 1990. LNCS, vol. 531, pp. 156–165. Springer, Heidelberg (1991)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Ritwik Bhattacharya
    • 1
  • Steven M. German
    • 2
  • Ganesh Gopalakrishnan
    • 1
  1. 1.School of ComputingUniversity of UtahUSA
  2. 2.IBM T.J. Watson Research CenterUSA

Personalised recommendations