Decoupling Synchronization from Logic for Efficient Symbolic Model Checking of Statecharts

Symbolic model checking is a powerful formal-verification technique for reactive systems. In this paper we address the problem of symbolic model checking for software specifications written as statecharts. We concentrate on how the synchronization of statecharts relates to the efficiency of model checking. We show that statecharts synchronized in an oblivious manner, such that the synchronization and the control logic are decoupled, tend to be easier for symbolic analysis. Thanks to this insight, the verification of some non-oblivious systems can be optimized by a simple, transparent modification to the model to separate the synchronization from the logic. The technique enabled the analysis of the statecharts model of a fault-tolerant electrical power distribution system developed by the Boeing Commercial Airplane Group. The results disclosed subtle modeling and logical flaws not found by simulation.

[1]  Nancy G. Leveson,et al.  Requirements Specification for Process-Control Systems , 1994, IEEE Trans. Software Eng..

[2]  G. Cabodi,et al.  Improved reachability analysis of large finite state machines , 1996, ICCAD 1996.

[3]  David Notkin,et al.  Improving efficiency of symbolic model checking for state-based system requirements , 1998, ISSTA '98.

[4]  Edmund M. Clarke,et al.  Characterizing Finite Kripke Structures in Propositional Temporal Logic , 1988, Theor. Comput. Sci..

[5]  Kavita Ravi,et al.  High-density reachability analysis , 1995, ICCAD.

[6]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[7]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[8]  Alan J. Hu,et al.  Efficient Verification with BDDs using Implicitly Conjoined Invariants , 1993, CAV.

[9]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[10]  Gérard Berry,et al.  The Esterel Synchronous Programming Language: Design, Semantics, Implementation , 1992, Sci. Comput. Program..

[11]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[12]  Amnon Naamad,et al.  The STATEMATE semantics of statecharts , 1996, TSEM.

[13]  Leslie Lamport,et al.  What Good is Temporal Logic? , 1983, IFIP Congress.

[14]  Joanne M. Atlee,et al.  Feasibility of model checking software requirements: a case study , 1996, Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.

[15]  David Notkin,et al.  Model checking large software specifications , 1996, SIGSOFT '96.

[16]  William E. Warner,et al.  Lessons learned from a trial application of requirements modeling using statecharts , 1996, Proceedings of the Second International Conference on Requirements Engineering.