Model Checking: From Hardware to Software

  • Thomas A. Henzinger
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2895)


While model checking has in.uenced industrial practice in sequential circuit veri- .cation for some time now, the use of model checking for program veri.cation has proved elusive until recently. One of the main reasons is that boolean .nite-state abstractions are readily available for circuits, but not for programs. A central problem in software model checking, therefore, is to .nd an abstraction of the input program which is su.ciently .ne to prove or disprove the desired property, and yet su.ciently coarse to allow the exhaustive exploration of the abstract state space by a model checker. For this purpose, it is often useful to abstract the values of program variables by recording, instead, at each program location the truth values of critical predicates. A key insight is that the critical predicates can be discovered automatically using counterexample-guided abstraction re.nement, which starts with a coarse abstraction of the program and iteratively re.nes the abstraction until either a bug is found or the property is proved. Furthermore, if the abstraction is re.ned lazily, then a critical predicate is evaluated only at those program locations where its value is relevant.


Model Check Program Location Error Trace Exhaustive Exploration Software Model Check 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: Proc. Principles of Programming Languages (POPL), pp. 58–70. ACM Press, New York (2002)Google Scholar
  2. 2.
    Henzinger, T.A., Jhala, R., Majumdar, R., Qadeer, S.: Thread-modular abstraction refinement. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 262–274. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Ball, T., Rajamani, S.K.: The Slam project: Debugging system software via static analysis. In: Proc. Principles of Programming Languages (POPL), pp. 1–3. ACM Press, New York (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Thomas A. Henzinger
    • 1
  1. 1.University of CaliforniaBerkeley

Personalised recommendations