Results 1 - 10
of
175
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract
-
Cited by 3252 (70 self)
- Add to MetaCart
(Show Context)
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Counterexample-guided Abstraction Refinement
, 2000
"... We present an automatic iterative abstraction-refinement methodology in which the initial abstract model is generated by an automatic analysis of the control structures in the program to be verified. Abstract models may admit erroneous (or "spurious") counterexamples. We devise new symb ..."
Abstract
-
Cited by 843 (71 self)
- Add to MetaCart
We present an automatic iterative abstraction-refinement methodology in which the initial abstract model is generated by an automatic analysis of the control structures in the program to be verified. Abstract models may admit erroneous (or "spurious") counterexamples. We devise new symbolic techniques which analyze such counterexamples and refine the abstract model correspondingly.
Symbolic Model Checking: 10^20 States and Beyond
, 1992
"... Many different methods have been devised for automatically verifying finite state systems by examining state-graph models of system behavior. These methods all depend on decision procedures that explicitly represent the state space using a list or a table that grows in proportion to the number of st ..."
Abstract
-
Cited by 758 (41 self)
- Add to MetaCart
Many different methods have been devised for automatically verifying finite state systems by examining state-graph models of system behavior. These methods all depend on decision procedures that explicitly represent the state space using a list or a table that grows in proportion to the number of states. We describe a general method that represents the state space symbolical/y instead of explicitly. The generality of our method comes from using a dialect of the Mu-Calculus as the primary specification language. We describe a model checking algorithm for Mu-Calculus formulas that uses Bryant’s Binary Decision Diagrams (Bryant, R. E., 1986, IEEE Trans. Comput. C-35) to represent relations and formulas. We then show how our new Mu-Calculus model checking algorithm can be used to derive efficient decision procedures for CTL model checking, satistiability of linear-time temporal logic formulas, strong and weak observational equivalence of finite transition systems, and language containment for finite w-automata. The fixed point computations for each decision procedure are sometimes complex. but can be concisely expressed in the Mu-Calculus. We illustrate the practicality of our approach to symbolic model checking by discussing how it can be used to verify a simple synchronous pipeline circuit.
Simple On-the-fly Automatic Verification of Linear Temporal Logic
, 1995
"... We present a tableau-based algorithm for obtaining an automaton from a temporal logic formula. The algorithm is geared towards being used in model checking in an "on-the-fly" fashion, that is the automaton can be constructed simultaneously with, and guided by, the generation of the model. ..."
Abstract
-
Cited by 327 (29 self)
- Add to MetaCart
We present a tableau-based algorithm for obtaining an automaton from a temporal logic formula. The algorithm is geared towards being used in model checking in an "on-the-fly" fashion, that is the automaton can be constructed simultaneously with, and guided by, the generation of the model. In particular, it is possible to detect that a propertydoes not hold by only constructing part of the model and of the automaton. The algorithm can also be used to checkthevalidity of a temporal logic assertion. Although the general problem is PSPACE-complete, experiments show that our algorithm performs quite well on the temporal formulas typically encountered in verification. While basing linear-time temporal logic model-checking upon a transformation to automata is not new, the details of how to do this efficiently, and in "on-the-fly" fashion havenever been given.
Interpolation and SAT-based model checking
, 2003
"... Abstract. We consider a fully SAT-based method of unbounded symbolic model checking based on computing Craig interpolants. In benchmark studies using a set of large industrial circuit verification instances, this method is greatly more efficient than BDD-based symbolic model checking, and compares f ..."
Abstract
-
Cited by 285 (11 self)
- Add to MetaCart
(Show Context)
Abstract. We consider a fully SAT-based method of unbounded symbolic model checking based on computing Craig interpolants. In benchmark studies using a set of large industrial circuit verification instances, this method is greatly more efficient than BDD-based symbolic model checking, and compares favorably to some recent SAT-based model checking methods on positive instances. 1
Protocol Verification as a Hardware Design Aid
- IN IEEE INTERNATIONAL CONFERENCE ON COMPUTER DESIGN: VLSI IN COMPUTERS AND PROCESSORS
, 1992
"... The role of automatic formal protocol verification in hardware design is considered. Principles are identified that maximize the benefits of protocol verification while minimizing the labor and computation required. A new protocol description language and verifier (both called Mur') are descri ..."
Abstract
-
Cited by 275 (27 self)
- Add to MetaCart
The role of automatic formal protocol verification in hardware design is considered. Principles are identified that maximize the benefits of protocol verification while minimizing the labor and computation required. A new protocol description language and verifier (both called Mur') are described, along with experiences in applying them to two industrial protocols that were developed as part of hardware designs.
Symbolic model checking for sequential circuit verification
- IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS
, 1994
"... The temporal logic model checking algorithm of Clarke, Emerson, and Sistla [17] is modified to represent state graphs using binary decision diagrams (BDD’s) [7] and partitioned trunsirion relations [lo], 1111. Because this representation captures some of the regularity in the state space of circuit ..."
Abstract
-
Cited by 271 (12 self)
- Add to MetaCart
(Show Context)
The temporal logic model checking algorithm of Clarke, Emerson, and Sistla [17] is modified to represent state graphs using binary decision diagrams (BDD’s) [7] and partitioned trunsirion relations [lo], 1111. Because this representation captures some of the regularity in the state space of circuits with data path logic, we are able to verify circuits with an extremely large number of states. We demonstrate this new technique on a synchronous pipelined design with approximately 5 x 10^120 states. Our model checking algorithm handles full CTL with fairness constraints. Consequently, we are able to express a number of important liveness and fairness properties, which would otherwise not be expressible in CTL. We give empirical results on the performance of the algorithm applied to both synchronous and asynchronous circuits with data path logic.
Symbolic Model Checking with Partitioned Transition Relations
, 1991
"... We significantly reduce the complexity of BDD-based symbolic verification by using partitioned transition relations to represent state transition graphs. This method can be applied to both synchronous and asynchronous circuits. The times necessary to verify a synchronous pipeline and an asynchronous ..."
Abstract
-
Cited by 181 (17 self)
- Add to MetaCart
(Show Context)
We significantly reduce the complexity of BDD-based symbolic verification by using partitioned transition relations to represent state transition graphs. This method can be applied to both synchronous and asynchronous circuits. The times necessary to verify a synchronous pipeline and an asynchronous stack are both bounded by a low polynomial in the size of the circuit. We were able to handle stacks with over 10 50 reachable states and pipelines with over 10 120 reachable states. 1 Introduction Although methods for verifying sequential circuits by searching their state transition graphs have been investigated for many years, it is only recently that such methods have begun to seem practical. Before, the largest circuits that could be verified had about 10 6 states. Now it is easy to check circuits that have many orders of magnitude more states [3, 5, 6, 7]. The reason for the dramatic increase is the use of special data structures such as binary decision diagrams (BDDs) [2] for...
Applying SAT methods in unbounded symbolic model checking
, 2002
"... Abstract. A method of symbolic model checking is introduced that uses conjunctive normal form (CNF) rather than binary decision diagrams (BDD’s) and uses a SAT-based approach to quantifier elimination. This method is compared to a traditional BDD-based model checking approach using a set of benchmar ..."
Abstract
-
Cited by 164 (2 self)
- Add to MetaCart
(Show Context)
Abstract. A method of symbolic model checking is introduced that uses conjunctive normal form (CNF) rather than binary decision diagrams (BDD’s) and uses a SAT-based approach to quantifier elimination. This method is compared to a traditional BDD-based model checking approach using a set of benchmark problems derived from the compositional verification of a commercial microprocessor design. 1
Verification Tools for Finite-State Concurrent Systems
"... Temporal logic model checking is an automatic technique for verifying finite-state concurrent systems. Specifications are expressed in a propositional temporal logic, and the concurrent system is modeled as a state-transition graph. An efficient search procedure is used to determine whether or not t ..."
Abstract
-
Cited by 130 (3 self)
- Add to MetaCart
(Show Context)
Temporal logic model checking is an automatic technique for verifying finite-state concurrent systems. Specifications are expressed in a propositional temporal logic, and the concurrent system is modeled as a state-transition graph. An efficient search procedure is used to determine whether or not the state-transition graph satisfies the specification. When the technique was first developed ten years ago, it was only possible to handle concurrent systems with a few thousand states. In the last few years, however, the size of the concurrent systems that can be handled has increased dramatically. By representing transition relations and sets of states implicitly using binary decision diagrams, it is now possible to check concurrent systems with more than 10 120 states. In this paper we describe in detail how the new implementation works and
