Scalable Distributed On-the-Fly Symbolic Model Checking

This paper presents a scalable method for parallel symbolic on-thefly model checking on a distributed-memory environment of workstations. Our method combines a parallel version of an on-the-fly model checker for safety properties with a scalable scheme for reachability analysis. The extra load of storage required for counter example generation is evenly distributed among the processes by our memory balancing. For the sake of scalability, at no point during computation the memory of a single process contains all the data from any of the cycles. The counter example generation is thus performed through collaboration of the parallel processes. We develop a method for the counter example generation keeping a low peak memory requirement during the backward step and the computation of the inverse transition relation.We implemented our method on a standard, loosely-connected environment of workstations, using a high-performance SMV-based model checker. Our initial performance evaluation using several large circuits shows that our method can check models that are too large to fit in the memory of a single node. Our on-thefly approach may find counter examples even when the model is too large to fit in the memory of the parallel system.

[1]  R. Brayton,et al.  Reachability analysis using partitioned-ROBDDs , 1997, ICCAD 1997.

[2]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[3]  Girish Bhat,et al.  Efficient on-the-fly model checking for CTL , 1995, Proceedings of Tenth Annual IEEE Symposium on Logic in Computer Science.

[4]  David L. Dill,et al.  Parallelizing the Murphi Verifier , 1997, CAV.

[5]  Edmund M. Clarke,et al.  Efficient generation of counterexamples and witnesses in symbolic model checking , 1995, DAC '95.

[6]  Assaf Schuster,et al.  Achieving Scalability in Parallel Reachability Analysis of Very Large Circuits , 2000, CAV.

[7]  Gianpiero Cabodi,et al.  Improving the efficiency of BDD-based operators by means of partitioning , 1999, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[8]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[9]  Pierre Wolper,et al.  Memory-efficient algorithms for the verification of temporal properties , 1990, Formal Methods Syst. Des..

[10]  Doron A. Peled Combining Partial Order Reductions with On-the-fly Model-Checking , 1994, CAV.

[11]  G. Cabodi,et al.  Improved reachability analysis of large finite state machines , 1996, ICCAD 1996.

[12]  A. Sangiovanni-Vincentelli,et al.  Partitioned ROBDDs—a compact, canonical and efficiently manipulable representation for Boolean functions , 1996, ICCAD 1996.

[13]  Ilan Beer,et al.  On-the-Fly Model Checking of RCTL Formulas , 1998, CAV.

[14]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[15]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[16]  Edmund M. Clarke,et al.  Model checking, abstraction, and compositional verification , 1993 .

[17]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[18]  Olivier Coudert,et al.  Verifying Temporal Properties of Sequential Machines without Building Their State Diagrams , 1990, CAV.

[19]  Edmund M. Clarke,et al.  Symbolic Model Checking with Partitioned Transistion Relations , 1991, VLSI.

[20]  Dana Fisman,et al.  The Temporal Logic Sugar , 2001, CAV.

[21]  Ilan Beer,et al.  RuleBase: an industry-oriented formal verification tool , 1996, DAC '96.