Verification of liveness properties using compositional reachability analysis

  • Shing Chi Cheung
  • Dimitra Giannakopoulou
  • Jeff Kramer
Regular Sessions Formal Analysis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1301)


The software architecture of a distributed program can be represented by a hierarchical composition of subsystems, with interacting processes at the leaves of the hierarchy. Compositional reachability analysis (CRA) is a promising state reduction technique which can be automated and used to derive in stages the overall behaviour of a distributed program based on its architecture. Conventional CRA however has a limitation. The properties available for analysis after composition and reduction are constrained by the set of actions that remain globally observable. The liveness properties which involve internal actions of subsystems may therefore not be analysed. In this paper, we extend compositional reachability analysis to check liveness properties which may involve actions that are not globally observable. In particular, our approach permits the hiding of actions independently of the liveness properties that are to be verified in the final graph. In addition, it supports the simultaneous checking of multiple properties (both liveness and safety), and identifies those properties that are violated. The effectiveness of the extended technique is illustrated using a case study of a Reliable Multicast Transport Protocol (RMTP) with over 96,000 states and 660,000 transitions.


Reachability analysis compositional verification distributed computing systems labelled transition systems Büchi automata liveness properties 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    S. Aggarwal, C. Courcoubetis, and P. Wolper, “Adding Liveness Properties to Coupled Finite-State Machines,” ACM Transactions on Programming Languages and Systems, vol. 12, no. 2,, 1990.Google Scholar
  2. [2]
    A. V. Aho, J. E. Hopcroft, and J. D. Ullman, Data Structures and Algorithms: Addison-Wesley, 1983.Google Scholar
  3. [3]
    B. Alpern and F. B. Schneider, “Verifying Temporal Properties without Temporal Logic,” ACM Transactions on Programming Languages and Systems, vol. 11, no. 1, pp. 147–167, 1989.Google Scholar
  4. [4]
    G. R. Andrews, Concurrent Programming — Principles and Practice: The Benjamin / Cummings Publishing Company Ltd., 1991.Google Scholar
  5. [5]
    G. S. Avrunin, U. A. Buy, J. C. Corbett, L. K. Dillon, and J. C. Wileden, “Automated Analysis of Concurrent Systems with the Constrained Expression Toolset,” IEEE Transactions on Software Engineering, vol. 17, no. 11, pp. 1204–1222, 1991.Google Scholar
  6. [6]
    T. Bultan, J. Fischer, and R. Gerber, “Compositional Verification by Model Checking for Counter-Examples,” presented at International Symposium on Software Testing and Analysis, San Diego, California, January 1996.Google Scholar
  7. [7]
    S. C. Cheung and J. Kramer, “Checking Subsystem Safety Properties in Compositional Reachability Analysis,” presented at 18th International Conference on Software Engineering, Berlin, Germany, March 1996.Google Scholar
  8. [8]
    S. C. Cheung and J. Kramer, “Context Constraints for Compositional Reachability Analysis,” ACM Transactions on Software Engineering and Methodology,, October 1996.Google Scholar
  9. [9]
    E. M. Clarke, D. E. Long, and K. L. McMillan, “Compositional Model Checking,” presented at 4th Annual Symposium on Logic in Computer Science, Pacific Grove, California, June 1989.Google Scholar
  10. [10]
    H.-C. Fernandez, L. Mounier, C. Jard, and T. Jéron, “On-the-fly Verification of Finite Transition Systems,” in Computer-Aided Verification, R. Kurshan, Ed.: Kluwer Academic Publishers, 1993.Google Scholar
  11. [11]
    C. Ghezzi, M. Jazayeri, and D. Mandrioli, Fundamentals of Software Engineering, Chapter 6: Prentice-Hall, Inc., 1991.Google Scholar
  12. [12]
    D. Giannakopoulou, J. Kramer, and S. C. Cheung, “TRACTA: An Environment for Analysing the Behaviour of Distributed Systems,” presented at ACM SIGPLAN Workshop on Automated Analysis of Software, Paris, January 1997.Google Scholar
  13. [13]
    P. Godefroid and G. J. Holzmann, “On the Verification of Temporal Properties,” presented at 13th IFIP WG 6.1 International Symposium, on Protocol Specification, Testing, and Verification.Google Scholar
  14. [14]
    P. Gribomont and P. Wolper, “Temporal Logic,” in From Modal Logic to Deductive Databases, A. Thayse, Ed.: John Wiley and Sons, 1989.Google Scholar
  15. [15]
    C. A. R. Hoare, Communicating Sequential Processes: Prentice-Hall, 1985.Google Scholar
  16. [16]
    J. Kemppainen, M. Levanto, A. Valmari, and M. Clegg, “ARA” Puts Advanced Reachability Analysis Techniques Together,” presented at 5th Nordic Workshop on Programming Environment Research, Tampere, Finland, January 1992.Google Scholar
  17. [17]
    J. Kramer and J. Magee, “Exposing the Skeleton in the Coordination Closet,” presented at Coordination `97, Berlin, September 1997.Google Scholar
  18. [18]
    J. C. Lin and S. Paul, “RMTP: A Reliable Multicast Transport Protocol,” presented at IEEE INFOCOMM'96, San Francisco, California, March 1996.Google Scholar
  19. [19]
    J. Malhotra, S. A. Smolka, A. Giacalone, and R. Shapiro, “A Tool for Hierarchical Design and Simulation of Concurrent Systems,” presented at BCS-FACS Workshop on Specification and Verification of Concurrent Systems, Stirling, Scotland, July 1988.Google Scholar
  20. [20]
    R. Milner, Communication and Concurrency: Prentice-Hall, 1989.Google Scholar
  21. [21]
    A. Rabinovich, “Checking Equivalences Between Concurrent Systems of Finite Agents,” presented at 19th International Colloquium on Automata, Languages and Programming, Wien, Austria, July 1992.Google Scholar
  22. [22]
    K. K. Sabnani, A. M. Lapone, and M. U. Uyar, “An Algorithmic Procedure for Checking Safety Properties of Protocols,” IEEE Transactions on Communications, vol. 37, no. 9, pp. 940–948, September 1989.Google Scholar
  23. [23]
    K. C. Tai and P. V. Koppol, “Hierarchy-Based Incremental Reachability Analysis of Communication Protocols,” presented at IEEE International Conference on Network Protocols, San Francisco, California, October 1993.Google Scholar
  24. [24]
    A. Valmari. Alleviating State Explosion during Verification of Behavioural Equivalence, Technical Report, A-1992, Department of Computer Science, University of Helsinki, Finland, August 1992.Google Scholar
  25. [25]
    W. J. Yeh. Controlling State Explosion in Reachability Analysis, Technical Report, SERC-TR-147-P, SERC, Purdue University, December 1993.Google Scholar
  26. [26]
    W. J. Yeh and M. Young, “Compositional Reachability Analysis Using Process Algebra,” presented at Symposium on Testing, Analysis, and Verification (TAV4), Victoria, British Columbia, October 8–10, 1991.Google Scholar
  27. [27]
    W. J. Yeh and M. Young, “Hierarchical Tracing of Concurrent Programs,” presented at 3rd Irvine Software Symposium (ISS'93), Irvine, California, April 1993.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • Shing Chi Cheung
    • 1
  • Dimitra Giannakopoulou
    • 2
  • Jeff Kramer
    • 1
  1. 1.Department of Computer ScienceHong Kong University of Science and TechnologyClear Water BayHong Kong
  2. 2.Department of ComputingImperial College of Science, Technology and MedicineLondonUK

Personalised recommendations