Model checking and modular verification

We describe a framework for compositional verification of finite state processes. The framework is based on two ideas: a subset of the logic CTL for which satisfaction is preserved under composition; and a preorder on structures which captures the relation between a component and a system containing the component. Satisfaction of a formula in the logic corresponds to being below a particular structure (a tableau for the formula) in the preorder. We show how to do assume-guarantee style reasoning within this framework. In addition, we demonstrate efficient methods for model checking in the logic and for checking the preorder in several special cases. We have implemented a system based on these methods, and we use it to give a compositional verification of a CPU controller.

[1]  E. Clarke,et al.  Automatic Veriication of Nite-state Concurrent Systems Using Temporal-logic Speciications. Acm , 1993 .

[2]  D. J. Walker,et al.  Bisimulations and divergence , 1988, [1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.

[3]  Robert P. Kurshan,et al.  A structural induction theorem for processes , 1989, PODC.

[4]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[5]  Edmund M. Clarke,et al.  A Unified Approach For Showing Language Containment And Equivalence Between Various Types Of Omega-Automata , 1990, CAAP.

[6]  David L. Dill,et al.  Trace theory for automatic hierarchical verification of speed-independent circuits , 1989, ACM distinguished dissertations.

[7]  Kim G. Larsen,et al.  The Expressive Power of Implicit Specifications , 1991, Theor. Comput. Sci..

[8]  Frank Thomson Leighton,et al.  Trace Theory for Automatic Hierarchical Verification of Speed-Independent Circuits , 1988 .

[9]  Robert P. Kurshan,et al.  Analysis of Discrete Event Coordination , 1989, REX Workshop.

[10]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[11]  Olivier Coudert,et al.  Verifying Temporal Properties of Sequential Machines without Building Their State Diagrams , 1990, CAV.

[12]  Edmund M. Clarke,et al.  Compositional model checking , 1989, [1989] Proceedings. Fourth Annual Symposium on Logic in Computer Science.

[13]  Kim G. Larsen The Expressive Power of Implicit Specifications , 1993, Theor. Comput. Sci..

[14]  Amir Pnueli,et al.  In Transition From Global to Modular Temporal Reasoning about Programs , 1989, Logics and Models of Concurrent Systems.

[15]  Bernhard Josko,et al.  Verifying the Correctness of AADL Modules Using Model Checking , 1989, REX Workshop.

[16]  David Walker,et al.  Local Model Checking in the Modal mu-Calculus , 1991, Theor. Comput. Sci..

[17]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[18]  Edmund M. Clarke,et al.  A language for compositional specification and verification of finite state hardware controllers , 1991 .

[19]  R. Cleaveland,et al.  When is 'partial' adequate? A logic-based proof technique using partial specifications , 1990, [1990] Proceedings. Fifth Annual IEEE Symposium on Logic in Computer Science.

[20]  Chin-Laung Lei,et al.  Efficient Model Checking in Fragments of the Propositional Mu-Calculus (Extended Abstract) , 1986, LICS.

[21]  Amir Pnueli,et al.  Checking that finite state concurrent programs satisfy their linear specification , 1985, POPL.

[22]  Orna Grumberg,et al.  Network Grammars, Communication Behaviors and Automatic Verification , 1989, Automatic Verification Methods for Finite State Systems.

[23]  Joseph Y. Halpern,et al.  “Sometimes” and “not never” revisited: on branching versus linear time temporal logic , 1986, JACM.

[24]  Grzegorz Rozenberg,et al.  Stepwise Refinement of Distributed Systems Models, Formalisms, Correctness , 1989, Lecture Notes in Computer Science.