Local Proofs for Linear-Time Properties of Concurrent Programs

This paper develops a local reasoning method to check linear-time temporal properties of concurrent programs. In practice, it is often infeasible to model check over the product state space of a concurrent program. The method developed in this paper replaces such global reasoning with checks of (abstracted) individual processes. An automatic refinement step gradually exposes local state if necessary, ensuring that the method is complete. Experiments show that local reasoning can hold a significant advantage over global reasoning.

[1]  George S. Avrunin,et al.  Breaking up is hard to do: an investigation of decomposition for assume-guarantee reasoning , 2006, ISSTA '06.

[2]  Matthew B. Dwyer,et al.  Automated environment generation for software model checking , 2003, 18th IEEE International Conference on Automated Software Engineering, 2003. Proceedings..

[3]  Kedar S. Namjoshi,et al.  Symmetry and Completeness in the Analysis of Parameterized Systems , 2007, VMCAI.

[4]  K. Mani Chandy,et al.  Proofs of Networks of Processes , 1981, IEEE Transactions on Software Engineering.

[5]  Kedar S. Namjoshi,et al.  Local Proofs for Global Safety Properties , 2007, CAV.

[6]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic , 1981, Logic of Programs.

[7]  Shmuel Sagiv Thread-Modular Shape Analysis , 2009, VMCAI.

[8]  Orna Grumberg,et al.  Abstract interpretation of reactive systems , 1997, TOPL.

[9]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[10]  Orna Grumberg,et al.  Compositional verification and 3-valued abstractions join forces , 2010, Inf. Comput..

[11]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[12]  Amir Pnueli,et al.  Model Checking with Strong Fairness , 2006, Formal Methods Syst. Des..

[13]  Cliff B. Jones,et al.  Developing methods for computer programs including a notion of interference , 1981 .

[14]  Sanjit A. Seshia,et al.  Modular verification of multithreaded programs , 2005, Theor. Comput. Sci..

[15]  A. Prasad Sistla,et al.  Symmetry and model checking , 1993, Formal Methods Syst. Des..

[16]  Corina S. Pasareanu,et al.  Learning-Based Assume-Guarantee Verification (Tool Paper) , 2005, SPIN.

[17]  Amir Pnueli,et al.  A Platform for Combining Deductive with Algorithmic Verification , 1996, CAV.

[18]  Cormac Flanagan,et al.  Thread-Modular Model Checking , 2003, SPIN.

[19]  Jozef Hooman,et al.  Concurrency Verification: Introduction to Compositional and Noncompositional Methods , 2001, Cambridge Tracts in Theoretical Computer Science.

[20]  Thomas A. Henzinger,et al.  Thread-Modular Abstraction Refinement , 2003, CAV.

[21]  Richard Banach,et al.  Book Review: "Concurrency Verification: Introduction to Compositional and Non-compositional Methods" by Willem-Paul de Roever, Frank de Boer, Ulrich Hanneman, Jozef Hooman, Yassine Lakhnech, Mannes Poel and Job Zwiers (eds.) , 2003, J. Log. Comput..

[22]  永田 守男,et al.  Verifying Properties of Parallel Programs : An Axiomatic Approach , 1976 .

[23]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[24]  Andreas Podelski,et al.  Proving thread termination , 2007, PLDI '07.

[25]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[26]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[27]  Ranjit Jhala,et al.  Microarchitecture Verification by Compositional Model Checking , 2001, CAV.

[28]  Edsger W. Dijkstra,et al.  Predicate Calculus and Program Semantics , 1989, Texts and Monographs in Computer Science.

[29]  C. A. Petri,et al.  Concurrency Theory , 1986, Advances in Petri Nets.

[30]  Thomas A. Henzinger,et al.  Race checking by context inference , 2004, PLDI '04.

[31]  Thomas A. Henzinger,et al.  Automating Modular Verification , 1999, CONCUR.

[32]  Kenneth L. McMillan,et al.  A Compositional Rule for Hardware Design Refinement , 1997, CAV.

[33]  Sagar Chaki,et al.  Automated Assume-Guarantee Reasoning for Simulation Conformance , 2005, CAV.

[34]  Edmund M. Clarke,et al.  Avoiding the state explosion problem in temporal logic model checking , 1987, PODC '87.

[35]  Howard Barringer,et al.  Assumption generation for software component verification , 2002, Proceedings 17th IEEE International Conference on Automated Software Engineering,.

[36]  Ugo Montanari,et al.  International Symposium on Programming , 1982, Lecture Notes in Computer Science.

[37]  Amir Pnueli,et al.  In Transition From Global to Modular Temporal Reasoning about Programs , 1989, Logics and Models of Concurrent Systems.

[38]  Edsger W. Dijkstra,et al.  Guarded commands, nondeterminacy and formal derivation of programs , 1975, Commun. ACM.

[39]  Jerzy Tiuryn,et al.  Logics of Programs , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[40]  C. Rattray,et al.  Specification and Verification of Concurrent Systems , 1990, Workshops in Computing.

[41]  Yih-Kuen Tsay,et al.  Extending Automated Compositional Verification to the Full Class of Omega-Regular Languages , 2008, TACAS.

[42]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[43]  Joseph Sifakis,et al.  Specification and verification of concurrent systems in CESAR , 1982, Symposium on Programming.