Model checking and modular verification

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Model checking and modular verification

Full text

Pdf (1.87 MB)

Source

ACM Transactions on Programming Languages and Systems (TOPLAS) archive
Volume 16 , Issue 3 (May 1994) table of contents

Pages: 843 - 871

Year of Publication: 1994

ISSN:0164-0925

Authors

Orna Grumberg	Technion–Israel Institute of Technology, Haifa, Israel
David E. Long	Carnegie Mellon Univ., Pittsburgh, PA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 17, Downloads (12 Months): 96, Citation Count: 57

Additional Information:

abstract references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/177492.177725 What is a DOI?

ABSTRACT

We describe a framework for compositional verification of finite-state processes. The framework is based on two ideas: a subset of the logic CTL for which satisfaction is preserved under composition, and a preorder on structures which captures the relation between a component and a system containing the component. Satisfaction of a formula in the logic corresponds to being below a particular structure (a tableau for the formula) in the preorder. We show how to do assume-guarantee-style reasoning within this framework. Additionally, we demonstrate efficient methods for model checking in the logic and for checking the preorder in several special cases. We have implemented a system based on these methods, and we use it to give a compositional verification of a CPU controller.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	BEN-ARI, M., MANNA, Z., AND PNUELI, A. 1983. The temporal logic of branching time. Acta Informatica 20, 207-226.
	2	BURCH, J. R., CLARKE, E. M., MCMILLAN, K. L., DILL, D. L., AND HWANG, J. 1990. Symbolic model checking: 102o states and beyond. In Proceedings of the 5th Annual Symposium on Logic ~n Computer Science. IEEE Computer Society Press, Los Alamitos, Calif.
	3	Edmund M. Clarke , E. Allen Emerson, Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic, Logic of Programs, Workshop, p.52-71, May 01, 1981
	4	E. M. Clarke , I. A. Browne , R. P. Kurshan, A unified approach for showing language containment and equivalence between various types of &ohgr;-automata, Proceedings of the fifteenth colloquium on CAAP'90, p.103-116, May 1990, Copenhagen, Denmark
	5	E. M. Clarke , E. A. Emerson , A. P. Sistla, Automatic verification of finite-state concurrent systems using temporal logic specifications, ACM Transactions on Programming Languages and Systems (TOPLAS), v.8 n.2, p.244-263, April 1986 [doi>10.1145/5397.5399]
	6	E. Clarke , D. Long , K. McMillan, Compositional model checking, Proceedings of the Fourth Annual Symposium on Logic in computer science, p.353-362, June 1989, Pacific Grove, California, United States
	7	CLARKE, E. M., LONG, D. E., AND MCMILLAN, K. L 1989b. A language for compositional specification and verification of finite state hardware controllers. In Proceedtngs of the 9th International Symposzum on Computer Hardware Descmpt~on Languages and thezr Appltcations. North-Holland, Amsterdam.
	8	R. Cleaveland, Tableau-based model checking in the propositional mu-calculus, Acta Informatica, v.27 n.9, p.725-747, Sep. 1990
	9	CLEAVELAND, R., AND STEFFEN, B. 1990. When is "partial" adequate. A logic-based proof technique using partial specifications. In Proceedings of the 5th Annual Sympostum on Logzc in Computer Sctence. IEEE Computer Society Press, Los Alamitos, Calif.
	10	R. Cleaveland , J. Parrow , B. Steffen, The concurrency workbench, Proceedings of the international workshop on Automatic verification methods for finite state systems, p.24-37, February 1990, Grenoble, France
	11	Olivier Coudert , Jean Christophe Madre , Christian Berthet, Verifying Temporal Properties of Sequential Machines Without Building their State Diagrams, Proceedings of the 2nd International Workshop on Computer Aided Verification, p.23-32, June 18-21, 1990
	12	David L. Dill, Trace theory for automatic hierarchical verification of speed-independent circuits, MIT Press, Cambridge, MA, 1989
	13	E. Allen Emerson , Joseph Y. Halpern, “Sometimes” and “not never” revisited: on branching versus linear time temporal logic, Journal of the ACM (JACM), v.33 n.1, p.151-178, Jan. 1986 [doi>10.1145/4904.4999]
	14	EMERSON, E. A., AND LEI, C.-L. 1986. Efficient model checking in fragments of the propositional mu-calculus. In Proceedings of the 1st Annual Sympostum on Logic ~n Computer Science IEEE Computer Society Press, Los Alamitos, Calif.
	15	Susanne Graf , Bernhard Steffen, Compositional Minimization of Finite State Systems, Proceedings of the 2nd International Workshop on Computer Aided Verification, p.186-196, June 18-21, 1990
	16	John E. Hopcroft , Jeffrey D. Ullman, Introduction To Automata Theory, Languages, And Computation, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1990
	17	B. Josko, Verifying the correctness of AADL modules using model checking, Proceedings on Stepwise refinement of distributed systems: models, formalisms, correctness, p.386-400, May 1990, Mook, The Netherlands
	18	R. P. Kurshan, Analysis of discrete event coordination, Proceedings on Stepwise refinement of distributed systems: models, formalisms, correctness, p.414-453, May 1990, Mook, The Netherlands
	19	R. P. Kurshan , K. McMillan, A structural induction theorem for processes, Proceedings of the eighth annual ACM Symposium on Principles of distributed computing, p.239-247, June 1989, Edmonton, Alberta, Canada [doi>10.1145/72981.72998]
	20	Kim Guldstrand Larsen, The expressive power of implicit specifications, Proceedings of the 18th international colloquium on Automata, languages and programming, p.204-216, June 1991, Madrid, Spain
	21	Orna Lichtenstein , Amir Pnueli, Checking that finite state concurrent programs satisfy their linear specification, Proceedings of the 12th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, p.97-107, January 14-16, 1985, New Orleans, Louisiana, United States [doi>10.1145/318593.318622]
	22	R. Milner, A Calculus of Communicating Systems, Springer-Verlag New York, Inc., Secaucus, NJ, 1982
	23	MILNER, R. 1971. An algebraic definition of simulation between programs. In Proceedtngs of the 2nd International Joint Conference on Artificial Intelhgence (Sept.).
	24	A. Pnueli, In transition from global to modular temporal reasoning about programs, Logics and models of concurrent systems, Springer-Verlag New York, Inc., New York, NY, 1989
	25	PNUELI, A., AND SHERMAN, R. 1981 Semantic tableau for temporal logic. Tech. Rep. CS81-21, The Weizmann Institute, Israel.
	26	Z. Shtadler , O. Grumberg, Network grammars, communication behaviors and automatic verification, Proceedings of the international workshop on Automatic verification methods for finite state systems, p.151-165, February 1990, Grenoble, France
	27	Gil Shurek , Orna Grumberg, The Modular Framework of Computer-Aided Verification, Proceedings of the 2nd International Workshop on Computer Aided Verification, p.214-223, June 18-21, 1990
	28	Colin Stirling , David Walker, Local Model Checking in the Modal Mu-Calculus, Proceedings of the International Joint Conference on Theory and Practice of Software Development, Volume 1: Advanced Seminar on Foundations of Innovative Software Development I and Colloquium on Trees in Algebra and Programming, p.369-383, March 13-17, 1989
	29	WALKER, D. 1988. Bisimulations and divergence. In Proceedings of the 3rd Annual Symposium on Logic in Computer Science. IEEE Computer Society Press, Los Alamitos, Calif.
	30	Glynn Winskel, A note on model checking the model &ngr;-calculus, Selected papers of the 16th international colloquium on Automata, languages, and programming, p.157-167, June 1991, Stresa, Italy
	31	WOLPER, P. 1983. Temporal logic can be more expressive. Infi Contr. 56, 1/2 (Jan./Feb.), 72-99.

CITED BY 58

	Yunja Choi , Sanjai Rayadurgam , Mats P.E. Heimdahl, Automatic abstraction for model checking software systems with interrelated numeric constraints, ACM SIGSOFT Software Engineering Notes, v.26 n.5, Sept. 2001
	Thomas A. Henzinger , Orna Kupferman , Sriram K. Rajamani, Fair simulation, Information and Computation, v.173 n.1, p.64-81, February 25, 2002
	Rajeev Alur , Radu Grosu, Modular refinement of hierarchic reactive machines, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.390-402, January 19-21, 2000, Boston, MA, USA
	Arindam Chakrabarti , Pallab Dasgupta , P. P. Chakrabarti , Ansuman Banerjee, Formal verification of module interfaces against real time specifications, Proceedings of the 39th conference on Design automation, June 10-14, 2002, New Orleans, Louisiana, USA
	Tevfik Bultan , Richard Gerber , William Pugh, Model-checking concurrent systems with unbounded integer variables: symbolic representations, approximations, and experimental results, ACM Transactions on Programming Languages and Systems (TOPLAS), v.21 n.4, p.747-789, July 1999
	E. M. Clarke , O. Grumberg , S. Jha, Verifying parameterized networks, ACM Transactions on Programming Languages and Systems (TOPLAS), v.19 n.5, p.726-750, Sept. 1997
	Orna Kupferman , Moshe Y. Vardi, An automata-theoretic approach to modular model checking, ACM Transactions on Programming Languages and Systems (TOPLAS), v.22 n.1, p.87-128, Jan. 2000
	Edmund M. Clarke , Bernd-Holger Schlingloff, Model checking, Handbook of automated reasoning, Elsevier Science Publishers B. V., Amsterdam, The Netherlands, 2001
	Jason Baumgartner , Tamir Heyman , Vigyan Singhal , Adnan Aziz, An Abstraction Algorithm for the Verification of Level-Sensitive Latch-Based Netlists, Formal Methods in System Design, v.23 n.1, p.39-65, July 2003
	Christoph Kern , Mark R. Greenstreet, Formal verification in hardware design: a survey, ACM Transactions on Design Automation of Electronic Systems (TODAES), v.4 n.2, p.123-193, April 1999
	Kathi Fisler , Moshe Y. Vardi, Bisimulation Minimization and Symbolic Model Checking, Formal Methods in System Design, v.21 n.1, p.39-78, July 2002
	I. S. W. B. Prasetya , S. D. Swierstra, Factorizing fault tolerance, Theoretical Computer Science, v.290 n.2, p.1201-1222, 2 January 2003
	Hakan Erdogmus, Architecture-driven verification of concurrent systems, Nordic Journal of Computing, v.4 n.4, p.380-413, Winter 1997
	Stephan Merz, Model checking: a tutorial overview, Modeling and verification of parallel processes, Springer-Verlag New York, Inc., New York, NY, 2001
	Juergen Dingel, Computer-assisted assume/guarantee reasoning with VeriSoft, Proceedings of the 25th International Conference on Software Engineering, May 03-10, 2003, Portland, Oregon
	K. Mani Chandy , Michel Charpentier, An Experiment in Program Composition and Proof, Formal Methods in System Design, v.20 n.1, p.7-21, January 2002
	Doron Bustan , Orna Grumberg, Applicability of fair simulation, Information and Computation, v.194 n.1, p.1-18, 10 October 2004
	Rajeev Alur , Radu Grosu, Modular refinement of hierarchic reactive machines, ACM Transactions on Programming Languages and Systems (TOPLAS), v.26 n.2, p.339-369, March 2004
	Arindam Chakrabarti , Patrice Godefroid, Software partitioning for effective automated unit testing, Proceedings of the 6th ACM & IEEE International conference on Embedded software, October 22-25, 2006, Seoul, Korea
	David Déharbe, A tutorial introduction to symbolic model checking, Logic for concurrency and synchronisation, Kluwer Academic Publishers, Norwell, MA, 2003
	Xudong He , Huiqun Yu , Tianjun Shi , Junhua Ding , Yi Deng, Formally analyzing software architectural specifications using SAM, Journal of Systems and Software, v.71 n.1-2, p.11-29, April 2004
	David Harel , Orna Kupferman , Moshe Y. Vardi, On the complexity of verifying concurrent transition systems, Information and Computation, v.173 n.2, p.143-161, March 15, 2002
	Andrew D. Gordon , Alan Jeffrey, Authenticity by typing for security protocols, Journal of Computer Security, v.11 n.4, p.451-519, 01/01/2004
	Edmund Clarke , Armin Biere , Richard Raimi , Yunshan Zhu, Bounded Model Checking Using Satisfiability Solving, Formal Methods in System Design, v.19 n.1, p.7-34, July 2001
	Frédéric Herbreteau , Franck Cassez , Olivier Roux, Application of Partial-Order Methods to Reactive Programswith Event Memorization, Real-Time Systems, v.20 n.3, p.287-316, May 2001
	Adnan Aziz , Thomas Shiple , Vigyan Singhal , Robert Brayton , Alberto Sangiovanni-Vincentelli, Formula-Dependent Equivalence for Compositional CTL Model Checking, Formal Methods in System Design, v.21 n.2, p.193-224, September 2002
	Rajeev Alur , Thomas A. Henzinger, Reactive Modules, Formal Methods in System Design, v.15 n.1, p.7-48, July 1999
	Doron Bustan , Orna Grumberg, Simulation-based minimization, ACM Transactions on Computational Logic (TOCL), v.4 n.2, p.181-206, April 2003
	Robert John Walters, Checking of models built using a graphically based formal modelling language, Journal of Systems and Software, v.76 n.1, p.55-64, April 2005
	Peter Henderson, Modelling architectures for dynamic systems, Programming methodology, Springer-Verlag New York, Inc., New York, NY, 2003
	S. Chouali , J. Julliand , P.-A. Masson , F. Bellegarde, PLTL-partitioned model checking for reactive systems under fairness assumptions, ACM Transactions on Embedded Computing Systems (TECS), v.4 n.2, p.267-301, May 2005
	Ansuman Banerjee , Pallab Dasgupta, The open family of temporal logics: Annotating temporal operators with input constraints, ACM Transactions on Design Automation of Electronic Systems (TODAES), v.10 n.3, p.492-522, July 2005
	Yonit Kesten , Nir Piterman , Amir Pnueli, Bridging the gap between fair simulation and trace inclusion, Information and Computation, v.200 n.1, p.35-61, 1 July 2005
	Sara Gradara , Antonella Santone , Maria Luisa Villani, Using heuristic search for finding deadlocks in concurrent systems, Information and Computation, v.202 n.2, p.191-226, 1 November, 2005
	Dongfeng Wang , Farokh B. Bastani , I. -Ling Yen, Automated Aspect-Oriented Decomposition of Process-Control Systems for Ultra-High Dependability Assurance, IEEE Transactions on Software Engineering, v.31 n.9, p.713-732, September 2005
	Alma L. Juarez Dominguez , Nancy A. Day, Compositional reasoning for port-based distributed systems, Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering, November 07-11, 2005, Long Beach, CA, USA
	Thomas A. Henzinger , Orna Kupferman , Rupak Majumdar, On the universal and existential fragments of the μ-calculus, Theoretical Computer Science, v.354 n.2, p.173-186, 28 March 2006
	Samik Basu , C. R. Ramakrishnan, Compositional analysis for verification of parameterized systems, Theoretical Computer Science, v.354 n.2, p.211-229, 28 March 2006
	Jamieson M. Cobleigh , George S. Avrunin , Lori A. Clarke, Breaking up is hard to do: An evaluation of automated assume-guarantee reasoning, ACM Transactions on Software Engineering and Methodology (TOSEM), v.17 n.2, p.1-52, April 2008
	Ferucio Laurentiu Tiplea , Aurora Tiplea, Petri net reactive modules, Theoretical Computer Science, v.359 n.1, p.77-100, 14 August 2006
	Sharon Barner , Orna Grumberg, Combining symmetry reduction and under-approximation for symbolic model checking, Formal Methods in System Design, v.27 n.1/2, p.29-66, September 2005
	Claudio de la Riva , Javier Tuya, Automatic generation of assumptions for modular verification of software specifications, Journal of Systems and Software, v.79 n.9, p.1324-1340, September 2006
	Mats P. Heimdahl , Devaraj George, On the effect of test-suite reduction on automatically generated model-based tests, Automated Software Engineering, v.14 n.1, p.37-57, March 2007
	F. Zaraket , J. Baumgartner , A. Aziz, Scalable compositional minimization via static analysis, Proceedings of the 2005 IEEE/ACM International conference on Computer-aided design, p.1060-1067, November 06-10, 2005, San Jose, CA
	Mauro Caporuscio , Paola Inverardi , Patrizio Pelliccione, Compositional Verification of Middleware-Based Software Architecture Descriptions, Proceedings of the 26th International Conference on Software Engineering, p.221-230, May 23-28, 2004
	Yunshan Zhu , James H. Kukula, Generator-based Verification, Proceedings of the 2003 IEEE/ACM international conference on Computer-aided design, p.146, November 09-13, 2003
	R. S. Lazić , T. C. Newcomb , A. W. Roscoe, On model checking data-independent systems with arrays without reset, Theory and Practice of Logic Programming, v.4 n.5-6, p.659-693, September 2004
	Pallab Dasgupta , Arindam Chakrabarti , P. P. Chakrabarti, Open Computation Tree Logic for Formal Verification of Modules, Proceedings of the 2002 conference on Asia South Pacific design automation/VLSI Design, p.735, January 07-11, 2002
	R. Gentilini , C. Piazza , A. Policriti, From Bisimulation to Simulation: Coarsest Partition Problems, Journal of Automated Reasoning, v.31 n.1, p.73-103, 2003
	Dilian Gurov , Marieke Huisman , Christoph Sprenger, Compositional verification of sequential programs with procedures, Information and Computation, v.206 n.7, p.840-868, July, 2008
	Vijay D'Silva , Sampada Sonalkar , S. Ramesh, Existential abstractions for distributed reactive systems via syntactic transformations, Proceedings of the 7th ACM & IEEE international conference on Embedded software, September 30-October 03, 2007, Salzburg, Austria
	Wonhong Nam , P. Madhusudan , Rajeev Alur, Automatic symbolic compositional verification by learning assumptions, Formal Methods in System Design, v.32 n.3, p.207-234, June 2008
	Orna Kupferman , Wenchao Li , Sanjit A. Seshia, A theory of mutations with applications to vacuity, coverage, and fault tolerance, Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design, p.1-9, November 17-20, 2008, Portland, Oregon
	J. Julliand , P. -A. Masson , E. Oudot, Partitioned PLTL model-checking for refined transition systems, Information and Computation, v.207 n.6, p.681-698, June, 2009
	Marieke Huisman , Dilian Gurov, Composing Modal Properties of Programs with Procedures, Electronic Notes in Theoretical Computer Science (ENTCS), v.203 n.7, p.87-101, April, 2009
	Ashish Tiwari, Abstractions for hybrid systems, Formal Methods in System Design, v.32 n.1, p.57-83, February 2008
	Haiqiong Yao , Hao Zheng, Automated interface refinement for compositional verification, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, v.28 n.3, p.433-446, March 2009
	Gr´egory Batt , Delphine Ropers , Hidde De Jong , Johannes Geiselmann , Radu Mateescu , Michel Page , Dominique Schneider, Analysis and verification of qualitative models of genetic regulatory networks: a model-checking approach, Proceedings of the 19th international joint conference on Artificial intelligence, p.370-375, July 30-August 05, 2005, Edinburgh, Scotland

INDEX TERMS

Primary Classification:
F. Theory of Computation
F.3 LOGICS AND MEANINGS OF PROGRAMS
F.3.1 Specifying and Verifying and Reasoning about Programs
Subjects: Mechanical verification

Additional Classification:
D. Software
D.2 SOFTWARE ENGINEERING
D.2.2 Design Tools and Techniques
Subjects: Computer-aided software engineering (CASE); Decision tables

F. Theory of Computation
F.1 COMPUTATION BY ABSTRACT DEVICES
F.1.1 Models of Computation
Subjects: Relations between models

General Terms:
Algorithms, Design, Languages, Theory, Verification

Keywords:
CTL, Moore machines, computer-aided verification, formal verification, model checking, temporal logics

REVIEW

"Ramaswamy Ramanujam : Reviewer"

When reasoning about systems of parallel processes, verifying global properties requires construction of the global state space, whose size is typically exponential in the number of processes. Avoiding this state explosion is a central problem more...

Collaborative Colleagues:

Orna Grumberg: colleagues

David E. Long: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player