A game-based framework for CTL counterexamples and 3-valued abstraction-refinement

This work exploits and extends the game-based framework of CTL model checking for counterexample and incremental abstraction-refinement. We define a game-based CTL model checking for abstract models over the 3-valued semantics, which can be used for verification as well as refutation. The model checking may end with an indefinite result, in which case we suggest a new notion of refinement, which eliminates indefinite results of the model checking. This provides an iterative abstraction-refinement framework. It is enhanced by an incremental algorithm, where refinement is applied only where indefinite results exist and definite results from prior iterations are used within the model checking algorithm. We also define the notion of annotated counterexamples, which are sufficient and minimal counterexamples for full CTL. We present an algorithm that uses the game board of the model checking game to derive an annotated counterexample in case the examined system model refutes the checked formula.

[1]  Martin Leucker,et al.  Model Checking Games for the Alternation-Free µ-Calculus and Alternating Automata , 1999, LPAR.

[2]  Patrice Godefroid,et al.  Generalized Model Checking: Reasoning about Partial State Spaces , 2000, CONCUR.

[3]  Marsha Chechik,et al.  Proof-Like Counter-Examples , 2003, TACAS.

[4]  Radha Jagadeesan,et al.  Model checking partial state spaces with 3-valued temporal logics , 2001 .

[5]  David L. Dill,et al.  Verification by approximate forward and backward reachability , 1998, ICCAD '98.

[6]  Abelardo Pardo,et al.  Incremental CTL model checking using BDD subsetting , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[7]  Kedar S. Namjoshi,et al.  Syntactic Program Transformations for Automatic Abstraction , 2000, CAV.

[8]  Rance Cleaveland,et al.  Local model checking and protocol analysis , 1999, International Journal on Software Tools for Technology Transfer.

[9]  Marsha Chechik,et al.  chi-Chek: A Multi-valued Model-Checker , 2002, CAV.

[10]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[11]  Abelardo Pardo,et al.  Automatic Abstraction Techniques for Propositional µ-calculus Model Checking , 1997, CAV.

[12]  David L. Dill,et al.  Experience with Predicate Abstraction , 1999, CAV.

[13]  Hassen Saïdi,et al.  Model Checking Guided Abstraction and Analysis , 2000, SAS.

[14]  Y VardiMoshe,et al.  An automata-theoretic approach to branching-time model checking , 2000 .

[15]  Pierre Wolper,et al.  An automata-theoretic approach to branching-time model checking , 2000, JACM.

[16]  George C. Necula,et al.  Temporal-Safety Proofs for Systems Code , 2002, CAV.

[17]  Natarajan Shankar,et al.  Abstract and Model Check While You Prove , 1999, CAV.

[18]  Amir Pnueli,et al.  Checking that finite state concurrent programs satisfy their linear specification , 1985, POPL.

[19]  Radha Jagadeesan,et al.  Automatic Abstraction Using Generalized Model Checking , 2002, CAV.

[20]  Benedikt Bollig,et al.  Local Parallel Model Checking for the Alternation-Free µ-Calculus , 2002, SPIN.

[21]  G. Hachtel,et al.  Tearing based automatic abstraction for CTL model checking , 1996, ICCAD 1996.

[22]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[23]  Kedar S. Namjoshi,et al.  Certifying Model Checkers , 2001, CAV.

[24]  Marsha Chechik,et al.  Implementing a Multi-valued Symbolic Model Checker , 2001, TACAS.

[25]  Alberto L. Sangiovanni-Vincentelli,et al.  An Iterative Approach to Language Containment , 1993, CAV.

[26]  Helmut Veith,et al.  Tree-like counterexamples in model checking , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[27]  Edmund M. Clarke,et al.  Efficient generation of counterexamples and witnesses in symbolic model checking , 1995, DAC '95.

[28]  Marsha Chechik,et al.  Generating Counterexamples for Multi-valued Model-Checking , 2003, FME.

[29]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[30]  Rance Cleaveland,et al.  Evidence-Based Model Checking , 2002, CAV.

[31]  Henrik Reif Andersen,et al.  Stepwise CTL Model Checking of State/Event Systems , 1999, CAV.

[32]  Radha Jagadeesan,et al.  On the Expressiveness of 3-Valued Models , 2002, VMCAI.

[33]  Christel Baier,et al.  Model Checking with Formula-Dependent Abstract Models , 2001, CAV.

[34]  Amir Pnueli,et al.  From Falsification to Verification , 2001, FSTTCS.

[35]  E. A Emerson,et al.  Using Branching Time Logic to Synthesize Synchronization Skeletons , 1982 .

[36]  Joseph Sifakis,et al.  Specification and verification of concurrent systems in CESAR , 1982, Symposium on Programming.

[37]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic , 1981, Logic of Programs.

[38]  Orna Grumberg,et al.  Abstract interpretation of reactive systems , 1997, TOPL.

[39]  Radha Jagadeesan,et al.  Modal Transition Systems: A Foundation for Three-Valued Program Analysis , 2001, ESOP.

[40]  Dana Fisman,et al.  Reasoning with Temporal Logic on Truncated Paths , 2003, CAV.

[41]  Kim G. Larsen,et al.  Modal Specifications , 1989, Automatic Verification Methods for Finite State Systems.

[42]  Daniel Geist,et al.  Symbolic Localization Reduction with Reconstruction Layering and Backtracking , 2002, CAV.

[43]  Abelardo Pardo,et al.  Tearing based automatic abstraction for CTL model checking , 1996, Proceedings of International Conference on Computer Aided Design.

[44]  Doron A. Peled,et al.  From model checking to a temporal proof , 2001, SPIN '01.

[45]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[46]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[47]  Helmut Veith,et al.  Automated Abstraction Refinement for Model Checking Large State Spaces Using SAT Based Conflict Analysis , 2002, FMCAD.

[48]  Colin Stirling,et al.  Lokal Model Checking Games , 1995, CONCUR.

[49]  Patrice Godefroid,et al.  Model Checking Partial State Spaces with 3-Valued Temporal Logics , 1999, CAV.

[50]  Radha Jagadeesan,et al.  Abstraction-Based Model Checking Using Modal Transition Systems , 2001, CONCUR.

[51]  Stephan Merz,et al.  Model Checking , 2000 .

[52]  Ofer Strichman,et al.  SAT Based Abstraction-Refinement Using ILP and Machine Learning Techniques , 2002, CAV.

[53]  Colin Stirling,et al.  Modal and Temporal Properties of Processes , 2001, Texts in Computer Science.

[54]  Eran Yahav,et al.  LTL Model Checking for Systems with Unbounded Number of Dynamically Created Threads and Objects , 2001 .

[55]  Michael Huth,et al.  Model Checking Modal Transition Systems Using Kripke Structures , 2002, VMCAI.

[56]  Kim G. Larsen,et al.  A modal process logic , 1988, [1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.

[57]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[58]  Martin Lange A Game Based Approach to CTL* Model Checking , 2000 .