Infinite-State Liveness-to-Safety via Implicit Abstraction and Well-Founded Relations

We present a fully-symbolic LTL model checking approach for infinite-state transition systems. We extend liveness-to-safety, a prominent approach in the finite-state case, by means of implicit abstraction, to effectively prove the absence of abstract fair loops without explicitly constructing the abstract state space. We increase the effectiveness of the approach by integrating termination techniques based on well-founded relations derived from ranking functions. The idea is to prove that any existing abstract fair loop is covered by a given set of well-founded relations. Within this framework, \(k\)-liveness is integrated as a generic ranking function. The algorithm iterates by attempting to remove spurious abstract fair loops: either it finds new predicates, to avoid spurious abstract prefixes, or it introduces new well-founded relations, based on the analysis of the abstract lasso. The implementation fully leverages the efficiency and incrementality of the underlying safety checker IC3ia. The proposed approach outperforms other temporal checkers on a wide class of benchmarks.

[1]  P. Wolper,et al.  Handling Liveness Properties in ( ω-) Regular Model Checking , 2004 .

[2]  Marco Roveri,et al.  The nuXmv Symbolic Model Checker , 2014, CAV.

[3]  Stefano Tonetta,et al.  Abstract Model Checking without Computing the Abstraction , 2009, FM.

[4]  Albert Oliveras,et al.  SMT Techniques for Fast Predicate Abstraction , 2006, CAV.

[5]  Viktor Schuppan,et al.  Liveness Checking as Safety Checking , 2002, FMICS.

[6]  Aaron R. Bradley,et al.  SAT-Based Model Checking without Unrolling , 2011, VMCAI.

[7]  Armin Biere,et al.  Turbo-charging Lemmas on demand with don't care reasoning , 2014, 2014 Formal Methods in Computer-Aided Design (FMCAD).

[8]  Alberto Griggio,et al.  IC3 Modulo Theories via Implicit Predicate Abstraction , 2013, TACAS.

[9]  Moshe Y. Vardi,et al.  Temporal property verification as a program analysis task , 2012, Formal Methods Syst. Des..

[10]  Paul Gastin,et al.  Fast LTL to Büchi Automata Translation , 2001, CAV.

[11]  Jochen Hoenicke,et al.  Linear Ranking for Linear Lasso Programs , 2013, ATVA.

[12]  Silvio Ghilardi,et al.  MCMT: A Model Checker Modulo Theories , 2010, IJCAR.

[13]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[14]  Pierre Wolper,et al.  Handling Liveness Properties in (omega-)Regular Model Checking , 2004, INFINITY.

[15]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[16]  Frank Plumpton Ramsey,et al.  On a Problem of Formal Logic , 1930 .

[17]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[18]  Qiang Wang,et al.  Formal Verification of Infinite-State BIP Models , 2015, ATVA.

[19]  Marc Brockschmidt,et al.  Better Termination Proving through Cooperation , 2013, CAV.

[20]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2006, Theor. Comput. Sci..

[21]  Nir Piterman,et al.  On Automation of CTL* Verification for Infinite-State Systems , 2015, CAV.

[22]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[23]  Andrey Rybalchenko,et al.  Synthesizing software verifiers from proof rules , 2012, PLDI.

[24]  Amir Pnueli,et al.  Ranking Abstraction as Companion to Predicate Abstraction , 2005, FORTE.

[25]  Thomas A. Henzinger,et al.  Abstractions from proofs , 2004, SIGP.

[26]  Moshe Y. Vardi An Automata-Theoretic Approach to Linear Temporal Logic , 1996, Banff Higher Order Workshop.

[27]  Marco Bozzano,et al.  Safety assessment of AltaRica models via symbolic model checking , 2015, Sci. Comput. Program..

[28]  Alberto Griggio,et al.  Verifying LTL Properties of Hybrid Systems with K-Liveness , 2014, CAV.

[29]  Marco Roveri,et al.  Kratos - A Software Model Checker for SystemC , 2011, CAV.

[30]  Ashish Tiwari,et al.  HybridSAL Relational Abstracter , 2012, CAV.

[31]  Andreas Podelski,et al.  Fairness Modulo Theory: A New Approach to LTL Software Model Checking , 2015, CAV.

[32]  Andreas Podelski,et al.  Transition predicate abstraction and fair termination , 2005, POPL '05.

[33]  Alberto Griggio,et al.  The MathSAT5 SMT Solver , 2013, TACAS.

[34]  Alberto Griggio,et al.  HyComp: An SMT-Based Model Checker for Hybrid Systems , 2015, TACAS.

[35]  Andreas Podelski,et al.  A Complete Method for the Synthesis of Linear Ranking Functions , 2004, VMCAI.

[36]  Javier Esparza,et al.  Efficient Algorithms for Model Checking Pushdown Systems , 2000, CAV.

[37]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[38]  Viktor Schuppan,et al.  Liveness Checking as Safety Checking for Infinite State Spaces , 2006, INFINITY.

[39]  Wang Yi,et al.  UPPAAL - a Tool Suite for Automatic Verification of Real-Time Systems , 1996, Hybrid Systems.

[40]  Joseph Sifakis,et al.  Modeling Heterogeneous Real-time Components in BIP , 2006, Fourth IEEE International Conference on Software Engineering and Formal Methods (SEFM'06).

[41]  Andreas Podelski,et al.  Termination proofs for systems code , 2006, PLDI '06.

[42]  Koen Claessen,et al.  A liveness checking algorithm that counts , 2012, 2012 Formal Methods in Computer-Aided Design (FMCAD).

[43]  Kenneth L. McMillan,et al.  Interpolation and SAT-Based Model Checking , 2003, CAV.

[44]  Ashish Tiwari,et al.  Sal 2 , 2004, CAV.

[45]  A. Rybalchenko,et al.  Transition invariants , 2004, LICS 2004.

[46]  Nir Piterman,et al.  Fairness for Infinite-State Systems , 2015, TACAS.