#### DMCA

## A Game-Based Framework for CTL Counter-Examples and3-Valued Abstraction-Refinement

### BibTeX

@MISC{_agame-based,

author = {},

title = {A Game-Based Framework for CTL Counter-Examples and3-Valued Abstraction-Refinement},

year = {}

}

### OpenURL

### Abstract

Abstract This work exploits and extends the game-based framework of CTL model checking for counter-example and incremental abstraction-refinement. We define a game-based CTL model checking for abstract models over the 3-valued semantics, which can be used for verification as well as refutation.The model checking process of an abstract model may end with an indefinite result, in which case we suggest a new notion of refinement, which eliminates indefinite results of the model checking. Thisprovides an iterative abstraction-refinement framework. This framework is enhanced by an incremental algorithm, where refinement is applied only where indefinite results exist and definite results from prioriterations are used within the model checking algorithm. We also define the notion of annotated counterexamples, which are sufficient and minimal counter-examples for full CTL. We present an algorithm thatuses the game board of the model checking game to derive an annotated counter-example in case the examined system model refutes the checked formula. 1 Introduction This work exploits and extends the game-based framework [33] of CTL model checking for counterexampleand incremental abstraction-refinement. The first goal of this work is to suggest a game-based new model checking algorithm for the branching-time temporal logic CTL [8] in the context of abstraction. Model checking is a successful approach for verifying whether a system model M satisfies a specification ', written as a temporal logic formula. Yet,concrete (regular) models of realistic systems tend to be very large, resulting in the state explosion problem. This raises the need for abstraction. Abstraction hides some of the system details, thus resulting in smallermodels. Abstractions are usually designed to be conservative w.r.t. some logic of interest. That is, if the abstract model satisfies a formula in that logic then the concrete model satisfies it as well. However, if theabstract model does not satisfy the formula then nothing is known about the concrete model.

### Keyphrases

game-based framework ctl counter-examples and3-valued abstraction-refinement indefinite result abstract model model checking ctl model incremental algorithm minimal counter-examples successful approach system detail annotated counter-example 3-valued semantics branching-time temporal logic ctl realistic system full ctl game-based new model checked formula counterexampleand incremental abstraction-refinement definite result game-based ctl model temporal logic formula system model first goal new notion game board annotated counterexample iterative abstraction-refinement framework concrete model examined system model theabstract model state explosion problem concrete model satisfies