Liveness by Invisible Invariants
The method of Invisible Invariants was developed in order to verify safety properties of parametrized systems in a fully automatic manner. In this paper, we apply the method of invisible invariant to “bounded response” properties, i.e., liveness properties of the type \( p \Rightarrow \diamondsuit q\) that are bounded – once a p-state is reached, it takes a bounded number of rounds (where a round is a sequence of steps in which each process has been given a chance to proceed) to reach a q-state – thus, they are essentially safety properties.
With a “liveness monitor” that observes certain behavior of a system, establishing “bounded response” properties over the system is reduced to the verification of invariant properties.
It is often the case that the inductive invariants for systems with “liveness monitors” contain assertions of a certain form that the original method of invisible invariant is not able to generate, nor to check inductiveness. To accommodate invariants of such forms, we extend the techniques used for invariant generation, as well as the small model theorem for validity check.
KeywordsModel Check Atomic Formula Safety Property Program Simple Liveness Property
- [AK86]Apt, K.R., Kozen, D.: Limits for automatic program verification of finite-state concurrent systems. Info. Proc. Lett. 22(6) (1986)Google Scholar
- [APZ03]Arons, T., Pnueli, A., Zuck, L.D.: Parameterized verification by probabilistic abstraction. In: Gordon, A.D. (ed.) FOSSACS 2003. LNCS, vol. 2620, pp. 87–102. Springer, Heidelberg (2003)Google Scholar
- [BAS02]Biere, A., Artho, C., Schuppan, V.: Liveness checking as safety checking. In: Cleaveland, R., Garavel, H. (eds.) Electronic Notes in Theoretical Computer Science, vol. 66. Elsevier, Amsterdam (2002)Google Scholar
- [BBC+95]Bjørner, N., Browne, I.A., Chang, E., Colón, M., Kapur, A., Manna, Z., Sipma, H.B., Uribe, T.E.: STeP: The Stanford Temporal Prover, User’s Manual. Technical Report STAN-CS-TR-95-1562, Computer Science Department, Stanford University (November 1995)Google Scholar
- [EK00]Emerson, E.A., Kahlon, V.: Reducing model checking of the many to the few. In: 17th International Conference on Automated Deduction (CADE-17), pp. 236–255 (2000)Google Scholar
- [EN95]Emerson, E.A., Namjoshi, K.S.: Reasoning about rings. In: Proc. 22nd ACM Conf. on Principles of Programming Languages, POPL 1995, San Francisco (1995)Google Scholar
- [LHR97]Lesens, D., Halbwachs, N., Raymond, P.: Automatic verification of parameterized linear networks of processes. In: 24th ACM Symposium on Principles of Programming Languages, POPL 1997, Paris (1997)Google Scholar
- [OSR93]Owre, S., Shankar, N., Rushby, J.M.: User guide for the PVS specification and verification system (draft). Technical report, Comp. Sci., Laboratory, SRI International, Menlo Park, CA (1993)Google Scholar
- [PXZ02]Pnueli, A., Xu, J., Zuck, L.: Liveness with (0,1, ∞ )-counter abstraction (2002)Google Scholar
- [VW86]Vardi, M.Y., Wolper, P.: An automata-theoretic approach to automatic program verification. In: Proc. First IEEE Symp. Logic in Comp. Sci., pp. 332–344 (1986)Google Scholar