Compositional model checking of Ada tasking programs

Model checking has proved to be an effective analysis tool for domains such as hardware circuits and communication protocols. However, it has not yet been widely applied to more general concurrent systems, such as those realized by Ada multitasking programs. A major impediment to the use of model checking in such systems is the exponential growth of the state-space, which results from the parallel composition of component tasks. Various compositional approaches have been proposed to address this problem, in which the parts of a system are analyzed separately, and then the results are combined into inferences about the whole. One of the more promising of these techniques is called compositional minimization, which eliminates each component's "uninteresting" states as the model checking proceeds; this in turn can lead to a significant reduction in the composite state-space. In this paper we evaluate the application of this approach to Ada multitasking programs, particularly highlighting the design choices made to accommodate Ada's semantics. We also discuss the types of systems (and properties) for which this method produces significant time/space savings, as well as those for which the savings are less pronounced.<<ETX>>

[1]  Joseph Sifakis,et al.  Property Preserving Simulations , 1992, CAV.

[2]  Barbara G. Ryder,et al.  A model of Ada programs for static deadlock detection in polynomial times , 1991, PADD '91.

[3]  Laura K. Dillon,et al.  Using symbolic execution for verification of Ada tasking programs , 1990, TOPL.

[4]  Joseph Y. Halpern,et al.  “Sometimes” and “not never” revisited: on branching versus linear time temporal logic , 1986, JACM.

[5]  E. Clarke,et al.  Automatic Veriication of Nite-state Concurrent Systems Using Temporal-logic Speciications. Acm , 1993 .

[6]  Robert K. Brayton,et al.  Automatic Reduction in CTL Compositional Model Checking , 1992, CAV.

[7]  Insup Lee,et al.  A Layered Approach to Automating the Verification of Real-Time Systems , 1992, IEEE Trans. Software Eng..

[8]  R. Alur,et al.  Modelchecking for real-time systems , 1990 .

[9]  Edmund M. Clarke,et al.  Symbolic model checking: 10/sup 20/ states and beyond , 1990, [1990] Proceedings. Fifth Annual IEEE Symposium on Logic in Computer Science.

[10]  Edmund M. Clarke,et al.  Compositional model checking , 1989, [1989] Proceedings. Fourth Annual Symposium on Logic in Computer Science.

[11]  Richard N. Taylor,et al.  A general-purpose algorithm for analyzing concurrent programs , 1983, CACM.

[12]  David C. Luckham,et al.  An Overview of Anna, a Specification Language for Ada , 1985, IEEE Software.

[13]  Lori A. Clarke,et al.  Task interaction graphs for concurrency analysis , 1989, ICSE '89.

[14]  Nicolas Halbwachs,et al.  Minimal State Graph Generation , 1992, Sci. Comput. Program..