Results 1  10
of
26
LTL Translation Improvements in Spot
"... Spot is a library of modelchecking algorithms. This paper focuses on the module translating LTL formulæ into automata. We discuss improvements that have been implemented in the last four years, we show how Spot’s translation competes on various benchmarks, and we give some insight into its implemen ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
(Show Context)
Spot is a library of modelchecking algorithms. This paper focuses on the module translating LTL formulæ into automata. We discuss improvements that have been implemented in the last four years, we show how Spot’s translation competes on various benchmarks, and we give some insight into its implementation.
Larger automata and less work for LTL model checking
 In Model Checking Software, 13th Int’l SPIN Workshop, volume 3925 of LNCS
, 2006
"... Abstract. Many different automata and algorithms have been investigated in the context of automatatheoretic LTL model checking. This article compares the behaviour of two variations on the widely used Büchi automaton, namely (i) a Büchi automaton where states are labelled with atomic propositions a ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Many different automata and algorithms have been investigated in the context of automatatheoretic LTL model checking. This article compares the behaviour of two variations on the widely used Büchi automaton, namely (i) a Büchi automaton where states are labelled with atomic propositions and transitions are unlabelled, and (ii) a form of testing automaton that can only observe changes in state propositions and makes use of special livelock acceptance states. We describe how these variations can be generated from standard Büchi automata, and outline an SCCbased algorithm for verification with testing automata. The variations are compared to standard automata in experiments with both random and humangenerated Kripke structures and LTL X formulas, using SCCbased algorithms as well as a recent, improved version of the classic nested search algorithm. The results show that SCCbased algorithms outperform their nested search counterpart, but that the biggest improvements come from using the variant automata. Much work has been done on the generation of small automata, but small automata do not necessarily lead to small products when combined with the system being verified. We investigate the underlying factors for the superior performance of the new variations. 1
SelfLoop Aggregation Product — A New Hybrid Approach to OntheFly LTL Model Checking
"... Abstract. We present the SelfLoop Aggregation Product (SLAP), a new hybrid technique that replaces the synchronized product used in the automatatheoretic approach for LTL model checking. The proposed product is an explicit graph of aggregates (symbolic sets of states) that can be interpreted as a ..."
Abstract

Cited by 7 (4 self)
 Add to MetaCart
(Show Context)
Abstract. We present the SelfLoop Aggregation Product (SLAP), a new hybrid technique that replaces the synchronized product used in the automatatheoretic approach for LTL model checking. The proposed product is an explicit graph of aggregates (symbolic sets of states) that can be interpreted as a Büchi automaton. The criterion used by SLAP to aggregate states from the Kripke structure is based on the analysis of selfloops that occur in the Büchi automaton expressing the property to verify. Our hybrid approach allows on the one hand to use classical emptinesscheck algorithms and build the graph onthefly, and on the other hand, to have a compact encoding of the state space thanks to the symbolic representation of the aggregates. Our experiments show that this technique often outperforms other existing (hybrid or fully symbolic) approaches. 1
Comparison of algorithms for checking emptiness on Büchi automata
, 2009
"... Abstract. We reinvestigate the problem of LTL modelchecking for finitestate systems. Typical solutions, like in Spin, work on the fly, reducing the problem to Büchi emptiness. This can be done in linear time, and a variety of algorithms with this property exist. Nonetheless, subtle design decisio ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We reinvestigate the problem of LTL modelchecking for finitestate systems. Typical solutions, like in Spin, work on the fly, reducing the problem to Büchi emptiness. This can be done in linear time, and a variety of algorithms with this property exist. Nonetheless, subtle design decisions can make a great difference to their actual performance in practice, especially when used onthefly. We compare a number of algorithms experimentally on a large benchmark suite, measure their actual runtime performance, and propose improvements. Compared with the algorithm implemented in Spin, our best algorithm is faster by about 33 % on average. We therefore recommend that, for onthefly explicitstate model checking, nested DFS should be replaced by better solutions. 1
Three SCCbased emptiness checks for generalized Büchi automata
 In LPAR’13, vol. 8312 of LNCS
, 2013
"... Abstract. The automatatheoretic approach for the verification of linear time properties involves checking the emptiness of a Büchi automaton. However generalized Büchi automata, with multiple acceptance sets, are preferred when verifying under weak fairness hypotheses. Existing emptiness checks ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
(Show Context)
Abstract. The automatatheoretic approach for the verification of linear time properties involves checking the emptiness of a Büchi automaton. However generalized Büchi automata, with multiple acceptance sets, are preferred when verifying under weak fairness hypotheses. Existing emptiness checks for which the complexity is independent of the number of acceptance sets are all based on the enumeration of Strongly Connected Components (SCCs). In this paper, we review the state of the art SCC enumeration algorithms to study how they can be turned into emptiness checks. This leads us to define two new emptiness check algorithms (one of them based on the UnionFind data structure), introduce new optimizations, and show that one of these can be of benefit to a classic SCCs enumeration algorithm. We have implemented all these variants to compare their relative performances and the overhead induced by the emptiness check compared to the corresponding SCCs enumeration algorithm. Our experiments shows that these three algorithms are comparable. 1
Model Checking using Generalized Testing Automata
"... Abstract. Geldenhuys and Hansen showed that a kind of ωautomata known as Testing Automata (TA) can, in the case of stutteringinsensitive properties, outperform the Büchi automata traditionally used in the automatatheoretic approach to model checking~[10]. In previous work~[23], we compared TA aga ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Geldenhuys and Hansen showed that a kind of ωautomata known as Testing Automata (TA) can, in the case of stutteringinsensitive properties, outperform the Büchi automata traditionally used in the automatatheoretic approach to model checking~[10]. In previous work~[23], we compared TA against Transitionbased Generalized Büchi Automata (TGBA), and concluded that TA were more interesting when counterexamples were expected, otherwise TGBA were more efficient. In this work we introduce a new kind of automata, dubbed Transitionbased Generalized Testing Automata (TGTA), that combine ideas from TA and TGBA. Implementation and experimentation of TGTA show that they outperform other approaches in most of the cases.
Emptiness Check of Powerset Büchi Automata using Inclusion Tests
"... We introduce two emptiness checks for Büchi automata whose states represent sets that may include each other. The first is equivalent to a traditional emptiness check but uses inclusion tests to direct the onthefly construction of the automaton. The second is impressively faster but may return fal ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
We introduce two emptiness checks for Büchi automata whose states represent sets that may include each other. The first is equivalent to a traditional emptiness check but uses inclusion tests to direct the onthefly construction of the automaton. The second is impressively faster but may return false negatives. We illustrate and benchmark the improvement on a symmetrybased reduction.
Generalized Büchi Automata versus Testing Automata for Model Checking
"... Geldenhuys and Hansen have shown that a kind of ωautomaton known as testing automata can outperform the Büchi automata traditionally used in the automatatheoretic approach to model checking [8]. This work completes their experiments by including a comparison with generalized Büchi automata; by us ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Geldenhuys and Hansen have shown that a kind of ωautomaton known as testing automata can outperform the Büchi automata traditionally used in the automatatheoretic approach to model checking [8]. This work completes their experiments by including a comparison with generalized Büchi automata; by using larger state spaces derived from Petri nets; and by distinguishing violated formulæ (for which testing automata fare better) from verified formulæ (where testing automata are hindered by their twopass emptiness check).
Specification and Verification using Temporal Logics
, 2009
"... This chapter illustrates two aspects of automata theory related to lineartime temporal logic LTL used for the verification of computer systems. First, we present a translation from LTL formulae to Büchi automata. The aim is to design an elementary translation which is reasonably efficient and produc ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
This chapter illustrates two aspects of automata theory related to lineartime temporal logic LTL used for the verification of computer systems. First, we present a translation from LTL formulae to Büchi automata. The aim is to design an elementary translation which is reasonably efficient and produces small automata so that it can be easily taught and used by hand on real examples. Our translation is in the spirit of the classical tableau constructions but is optimized in several ways. Secondly, we recall how temporal operators can be defined from regular languages and we explain why adding even a single operator definable by a contextfree language can lead to undecidability.
Verified efficient implementation of Gabow’s strongly connected component algorithm
 In Proc. of ITP
, 2014
"... Abstract. We present an Isabelle/HOL formalization of Gabow’s algorithm for finding the strongly connected components of a directed graph. Using data refinement techniques, we extract efficient code that performs comparable to a reference implementation in Java. Our style of formalization allows fo ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We present an Isabelle/HOL formalization of Gabow’s algorithm for finding the strongly connected components of a directed graph. Using data refinement techniques, we extract efficient code that performs comparable to a reference implementation in Java. Our style of formalization allows for reusing large parts of the proofs when defining variants of the algorithm. We demonstrate this by verifying an algorithm for the emptiness check of generalized Büchi automata, reusing most of the existing proofs. 1