Towards scalable compositional analysis

Due to the state explosion problem, analysis of large concurrent programs will undoubtedly require compositional techniques. Existing compositional techniques are based on the idea of replacing complex subsystems with simpler processes with the same interfaces to their environments, and using the simpler processes to analyze the full system. Most algorithms for proving equivalence between two processes, however, require enumerating the states of both processes. When part of a concurrent system consists of many highly coupled processes, it may not be possible to decompose the system into components that are both small enough to enumerate and have simple interfaces with their enviornments. In such cases, analysis of the systems by standard methods will be infeasible.In this paper, we describe a technique for proving trace equivalence of deterministic and divergence-free systems without enumerating their states. (For deterministic systems, essentially all the standard notions of process equivalence collapse to trace equivalence, so this technique also establishes failures equivalence, observational equivalence, etc.) Our approach is to generate necessary conditions for the existence of a trace of one system that is not a trace of the other; if the necessary conditions cannot be satisfied the systems are equivalent. We have implemented the technique and used it to establish the equivalence of some systems with state spaces too large for enumeration to be practical.

[1]  James C. Corbett,et al.  Verifying General Safety and Liveness Propterties with Integer Programming , 1992, CAV.

[2]  George S. Avrunin,et al.  A practical technique for bounding the time between events in concurrent real-time systems , 1993, ISSTA '93.

[3]  Edmund M. Clarke,et al.  Compositional model checking , 1989, [1989] Proceedings. Fourth Annual Symposium on Logic in Computer Science.

[4]  Costas Courcoubetis Computer Aided Verification: 5th International Conference, CAV'93, Elounda, Greece, June 28 - July 1, 1993. Proceedings , 1993 .

[5]  George S. Avrunin,et al.  Using integer programming to verify general safety and liveness properties , 1995, Formal Methods Syst. Des..

[6]  George S. Avrunin,et al.  Integer Programming in the Analysis of Concurrent Systems , 1991, CAV.

[7]  Scott A. Smolka,et al.  CCS expressions, finite state processes, and three problems of equivalence , 1983, PODC '83.

[8]  Rance Cleaveland,et al.  The concurrency workbench: a semantics-based tool for the verification of concurrent systems , 1993, TOPL.

[9]  Michal Young,et al.  Compositional reachability analysis using process algebra , 1991, TAV4.

[10]  Robert de Simone,et al.  Symbolic Bisimulation Minimisation , 1992, CAV.

[11]  Alain Kerbrat,et al.  Symbolic Equivalence Checking , 1993, CAV.

[12]  George S. Avrunin,et al.  Automated Analysis of Concurrent Systems With the Constrained Expression Toolset , 1991, IEEE Trans. Software Eng..

[13]  George S. Avrunin,et al.  Automated Derivation of Time Bounds in Uniprocessor Concurrent Systems , 1994, IEEE Trans. Software Eng..

[14]  Antti Valmari,et al.  On-the-Fly Verification with Stubborn Sets , 1993, CAV.

[15]  Lori A. Clarke,et al.  A proposed testing and analysis research initiative , 1992, IEEE Software.

[16]  Shing-Chi Cheung,et al.  Enhancing compositional reachability analysis with context constraints , 1993, SIGSOFT '93.

[17]  Peter Thompson,et al.  Transputers and routers: components for concurrent machines , 1990 .