Better Veri cation Through Symmetry

A fundamental diiculty in automatic formal veriication of nite-state systems is the state explosion problem { even relatively simple systems can produce very large state spaces, causing great dii-culties for methods that rely on explicit state enumeration. We address the problem by exploiting structural symmetries in the description of the system to be veriied. We make symmetries easy to detect by introducing a new data type scalarset, a nite and unordered set, to our description language. The operations on scalarsets are restricted so that states are guaranteed to have the same future behaviors, up to permutation of the elements of the scalarsets. Using the symmetries implied by scalarsets, a veriier can automatically generate a reduced state space, on the y. We provide a proof of the soundness of the new symmetry-based veriication algorithm based on a deenition of the formal semantics of a simple description language with scalarsets. The algorithm has been implemented and evaluated on several realistic high-level designs. Memory requirements were reduced by amounts ranging from 83% to over 99%, with speedups ranging from 65% to 98%. Symmetry-based reduction leads to an alternative characterization of data independence: a protocol is data-independent if there is a scalarset type not used as an array index or for loop index. In this case, symmetry-based reduction converts an innnite state space to a nite state space. Unlike other methods that exploit data independence in veriication, this reduction occurs completely automatically.

[1]  Gary L. Peterson,et al.  Myths About the Mutual Exclusion Problem , 1981, Inf. Process. Lett..

[2]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[3]  Alan J. Hu,et al.  Protocol verification as a hardware design aid , 1992, Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors.

[4]  Anoop Gupta,et al.  The directory-based cache coherence protocol for the DASH multiprocessor , 1990, ISCA '90.

[5]  Gerard J. Holzmann,et al.  Automated Protocol Validation in Argos: Assertion Proving and Scatter Searching , 1987, IEEE Transactions on Software Engineering.

[6]  Michael L. Scott,et al.  Algorithms for scalable synchronization on shared-memory multiprocessors , 1991, TOCS.

[7]  David L. Dill,et al.  Efficient verification of symmetric concurrent systems , 1993, Proceedings of 1993 IEEE International Conference on Computer Design ICCD'93.

[8]  Daniel Brand,et al.  Towards Analyzing and Synthesizing Protocols , 1980, IEEE Trans. Commun..

[9]  Somesh Jha,et al.  Exploiting symmetry in temporal logic model checking , 1993, Formal Methods Syst. Des..

[10]  Anoop Gupta,et al.  The Stanford Dash multiprocessor , 1992, Computer.

[11]  A. Prasad Sistla,et al.  Symmetry and model checking , 1993, Formal Methods Syst. Des..

[12]  Robert K. Brayton,et al.  Implicit state enumeration of finite state machines using BDD's , 1990, 1990 IEEE International Conference on Computer-Aided Design. Digest of Technical Papers.

[13]  H. B. Mittal,et al.  A Fast Backtrack Algorithm for Graph Isomorphism , 1988, Inf. Process. Lett..

[14]  P. H. Starke,et al.  Reachability analysis of Petri nets using symmetries , 1991 .

[15]  Peter Huber,et al.  Towards reachability trees for high-level Petri nets , 1985, European Workshop on Applications and Theory in Petri Nets.

[16]  Carl Ebeling GeminiII: a second generation layout validation program , 1988, [1988] IEEE International Conference on Computer-Aided Design (ICCAD-89) Digest of Technical Papers.