Scalable distributed on-the-fly symbolic model checking

This paper presents a scalable method for parallel symbolic on-the-fly model checking in a distributed memory environment. Our method combines a scheme for on-the-fly model checking for safety properties with a scheme for scalable reachability analysis. We suggest an efficient, BDD-based algorithm for a distributed construction of a counterexample. The extra memory requirement for counterexample generation is evenly distributed among the processes by a memory balancing procedure. At no point during computation does the memory of a single process contain all the data. This enhances scalability. Collaboration between the parallel processes during counterexample generation reduces memory utilization for the backward step. We implemented our method on a standard, loosely- connected environment of workstations, using a high-performance model checker. Our initial performance evaluation, carried out on several large circuits, shows that our method can check models that are too large to fit in the memory of a single node. Our on-the-fly approach may find counterexamples even when the model is too large to fit in the memory of the parallel system.

[1]  David L. Dill,et al.  Parallelizing the Murphi Verifier , 1997, CAV.

[2]  Edmund M. Clarke,et al.  Symbolic Model Checking with Partitioned Transistion Relations , 1991, VLSI.

[3]  Dana Fisman,et al.  The Temporal Logic Sugar , 2001, CAV.

[4]  Pierre Wolper,et al.  Memory-efficient algorithms for the verification of temporal properties , 1990, Formal Methods Syst. Des..

[5]  Ilan Beer,et al.  RuleBase: an industry-oriented formal verification tool , 1996, DAC '96.

[6]  Doron A. Peled Combining Partial Order Reductions with On-the-fly Model-Checking , 1994, CAV.

[7]  E. Clarke,et al.  Symbolic Model Checking : IO * ’ States and Beyond * , 1992 .

[8]  Edmund M. Clarke,et al.  Efficient generation of counterexamples and witnesses in symbolic model checking , 1995, DAC '95.

[9]  Assaf Schuster,et al.  Achieving Scalability in Parallel Reachability Analysis of Very Large Circuits , 2000, CAV.

[10]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[11]  Avner Landver,et al.  The ForSpec Temporal Logic: A New Temporal Property-Specification Language , 2002, TACAS.

[12]  Stephan Merz,et al.  Model Checking , 2000 .

[13]  David L. Dill,et al.  Parallelizing the Murϕ Verifier , 2001, Formal Methods Syst. Des..

[14]  A. Sangiovanni-Vincentelli,et al.  Partitioned ROBDDs—a compact, canonical and efficiently manipulable representation for Boolean functions , 1996, ICCAD 1996.

[15]  Pierre Wolper,et al.  Memory-efficient algorithms for the verification of temporal properties , 1990, Formal Methods Syst. Des..

[16]  Gianpiero Cabodi,et al.  Improving the efficiency of BDD-based operators by means of partitioning , 1999, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[17]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[18]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[19]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[20]  Girish Bhat,et al.  Efficient on-the-fly model checking for CTL , 1995, Proceedings of Tenth Annual IEEE Symposium on Logic in Computer Science.

[21]  Ilan Beer,et al.  On-the-Fly Model Checking of RCTL Formulas , 1998, CAV.

[22]  R. Brayton,et al.  Reachability analysis using partitioned-ROBDDs , 1997, ICCAD 1997.

[23]  Olivier Coudert,et al.  Verifying Temporal Properties of Sequential Machines without Building Their State Diagrams , 1990, CAV.