We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.

We give an efficient procedure for verifying that a finite-state concurrent system meets a specification expressed in a (propositional, branching-time) temporal logic. Our algorithm has complexity linear in both the size of the specification and the size of the global state graph for the concurrent system. We also show how this approach can be adapted to handle fairness. We argue that our technique can provide a practical alternative to manual proof construction or use of a mechanical theorem prover for verifying many finite-state concurrent systems. Experimental results show that state machines with several hundred states can be checked in a matter of seconds.

: We survey 25 years of research on decidability issues for Petri nets. We collect results on the decidability of important properties, equivalence notions, and temporal logics. 1. Introduction Petri nets are one of the most popular formal models for the representation and analysis of parallel processes. They are due to C.A. Petri, who introduced them in his doctoral dissertation in 1962. Some years later, and independently from Petri's work, Karp and Miller introduced vector addition systems [47], a simple mathematical structure which they used to analyse the properties of "parallel program schemata', a model for parallel computation. In their seminal paper on parallel program schemata, Karp and Miller studied some decidability issues for vector addition systems, and the topic continued to be investigated by other researchers. When Petri's ideas reached the States around 1970, it was observed that Petri nets and vector addition systems were mathematically equivalent, even though thei...

We present an automata-theoretic framework to the verification of concurrent and nondeterministic programs. The basic idea is that to verify that a program P is correct one writes a program A that receives the computation of P as input and diverges only on incorrect computations of P . Now P is correct if and only if a program PA , obtained by combining P and A, terminates. We formalize this idea in a framework of !-automata with a recursive set of states. This unifies previous works on verification of fair termination and verification of temporal properties. 1 Introduction In this paper we present an automata-theoretic framework that unifies several trends in the area of concurrent program verification. The trends are temporal logic, model checking, automata theory, and fair termination. Let us start with a survey of these trends. In 1977 Pnueli suggested the use of temporal logic in the verification of concurrent programs [Pn77]. The basic motivation is that in the verificat...

Abstract. Although liveness and fairness have been used for a long time in classical model checking, with process-algebraic methods they have seen far less use. One problem is combining fairness with the compositionality of process algebra. In this article we analyse this problem, and then present an approach for using a class of fairness constraints. The approach fulfills all the requirements of compositionality and is compatible with an existing semantics. It is based on the standard LTS model and does not require new fairness-related constructs or rules for the process algebra. Therefore, it avoids potential conflicts between the fairness requirements and the underlying transition system. Although adding fairness can create an infinite subsystem, a larger system in which the subsystem is placed can still be finite. We present an algorithm for constructing a finite LTS which is equivalent to the larger system in every case that an exact finite representation exists, and which otherwise is a conservative estimate of it. However, checking whether an exact finite representation exists is costlier than building the representation, namely, it is PSPACE-complete in the size of an intermediate parameter system. 1

Abstract. Tableau-based proof systems have been designed for many logics extending classical rst-order logic. This paper proposes a sound tableau calculus for temporal logics of the rst-order CTL-family. Until now, a tableau calculus has only been presented for the propositional version of CTL. The calculus considered operates with pre xed formulas and may be regarded as an instance of a labelled deductive system. The pre xes allow an explicit partial description of states and paths of a potential Kripke counter model in the tableau. It is possible in particular to represent path segments of nite but arbitrary length which are needed to process reachability formulas. Furthermore, we show that by using pre xed formulas and explicit representation of paths it becomes possible to express and process fairness properties without having to resort to full CTL. The approach is suitable for use in interactive proof-systems. 1