Affiliation:
1. Univ. of California, Santa Barbara
2. Univ. of Maryland, College Park
3. Yale Univ.
Abstract
There has been a surge of progress in automated verification methods based on state exploration. In areas like hardware design, these technologies are rapidly augmenting key phases of testing and validation. To date, one of the most successful of these methods has been symbolic model-checking, in which large finite-state machines are encoded into compact data structures such as Binary Decision Diagrams (BDDs), and are then checked for safety and liveness properties. However, these techniques have not realized the same success on software systems. One limitation is their inability to deal with infinite-state programs, even those with a single unbounded integer. A second problem is that of finding efficient representations for various variable types. We recently proposed a model-checker for integer-based systems that uses arithmetic constraints as the underlying state representation. While this approach easily verified some subtle, infinite-state concurrency problems, it proved inefficient in its treatment of boolean and (unordered) enumerated types—which are not efficiently representable using arithmetic constraints. In this article we present a new technique that combines the strengths of both BDD and arithmetic constraint representations. Our composite model merges multiple type-specific symbolic representations in a single model-checker. A system's transitions and fixpoint computations are encoded using both BDD (for boolean and enumerated types) and arithmetic constraints (for integers) representations, where the choice depends on the variable types. Our composite model-checking strategy can be extended to other symbolic representations provided that they support operations such as intersection, union, complement, equivalence checking, and relational image computation. We also present conservative approximation techniques for composite representations to address the undecidability of model-checking on infinite-state systems. We demonstrate the effectiveness of our approach by analyzing two example software specifications which include a mixture of booleans, integers, and enumerated types. One of them is a requirements specification for the control software of a nuclear reactor's cooling system, and the other one is a protocol specification.
Publisher
Association for Computing Machinery (ACM)
Reference54 articles.
1. The algorithmic analysis of hybrid systems
2. Automatic symbolic verification of embedded systems
3. Model checking large software specifications
4. ARNOLD A. AND PLAICE J. Eds 1994. Finite Transition Systems: Semantics of Communicating Systems. Prentice-Hall International Series in Computer Science. Prentice Hall International (UK) Ltd. Hertfordshire UK. ARNOLD A. AND PLAICE J. Eds 1994. Finite Transition Systems: Semantics of Communicating Systems. Prentice-Hall International Series in Computer Science. Prentice Hall International (UK) Ltd. Hertfordshire UK.
Cited by
29 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献