Formal verification coverage: computing the coverage gap between temporal specifications

Existing methods for formal verification coverage compare a given specification with a given implementation, and evaluate the coverage gap in terms of quantitative metrics. We consider a new problem, namely to compare two formal temporal specifications and to find a set of additional temporal properties that close the coverage gap between the two specifications. In this paper we present: (1) the problem definition and motivation, (2) a methodology for computing the coverage gap between specifications, and (3) a methodology for representing the coverage gap as a collection of temporal properties that preserve the syntactic structure of the target specification.

[1]  Timothy Kam,et al.  Coverage estimation for symbolic model checking , 1999, DAC '99.

[2]  Pallab Dasgupta,et al.  Formal verification coverage: are the RTL-properties covering the design's architectural intent? , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[3]  Orna Grumberg,et al.  "Have I written enough Properties?" - A Method of Comparison between Specification and Implementation , 1999, CHARME.

[4]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[5]  Orna Grumberg,et al.  Enhanced Vacuity Detection in Linear Temporal Logic , 2003, CAV.

[6]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[7]  Orna Kupferman,et al.  Coverage Metrics for Temporal Logic Model Checking , 2001, TACAS.