Finite Models vs Tree Automata in Safety Verification

In this paper we deal with verification of safety properties of term-rewriting systems. The verification problem is translated to a purely logical problem of finding a finite countermodel for a first-order formula, which is further resolved by a generic finite model finding procedure. A finite countermodel produced during successful verification provides with a concise description of the system invariant sufficient to demonstrate a specific safety property. We show the relative completeness of this approach with respect to the tree automata completion technique. On a set of examples taken from the literature we demonstrate the efficiency of finite model finding approach as well as its explanatory power.

[1]  Joshua D. Guttman Security Theorems via Model Theory , 2009, EXPRESS.

[2]  Yuki Chiba,et al.  A Higher-Order Knuth-Bendix Procedure and Its Applications , 2007, IEICE Trans. Inf. Syst..

[3]  Vlad Rusu,et al.  Equational approximations for tree automata completion , 2010, J. Symb. Comput..

[4]  Herbert B. Enderton,et al.  A mathematical introduction to logic , 1972 .

[5]  A. Lisitsa Reachability as deducibility , finite countermodels and verification , 2009 .

[6]  Alexei Lisitsa Finite Model Finding for Parameterized Verification , 2010, ArXiv.

[7]  Tomás Vojnar,et al.  Regular Model Checking Using Inference of Regular Languages , 2004, INFINITY.

[8]  Jean Goubault-Larrecq,et al.  Towards Producing Formally Checkable Security Proofs, Automatically , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[9]  Tobias Nipkow,et al.  Term rewriting and all that , 1998 .

[10]  José Meseguer,et al.  Conditioned Rewriting Logic as a United Model of Concurrency , 1992, Theor. Comput. Sci..

[11]  Giorgio Delzanno,et al.  Constraint-Based Verification of Parameterized Cache Coherence Protocols , 2003, Formal Methods Syst. Des..

[12]  Thi-Bich-Hanh Dao,et al.  Characterizing Conclusive Approximations by Logical Formulae , 2011, RP.

[13]  Alexei Lisitsa,et al.  Finite countermodels for safety verification of parameterized tree systems , 2011, ArXiv.

[14]  Jan Jürjens,et al.  Finite Models in FOL-Based Crypto-Protocol Verification , 2009, ARSPA-WITS.

[15]  Valérie Viet Triem Tong,et al.  Reachability Analysis over Term Rewriting Systems , 2004, Journal of Automated Reasoning.

[16]  Alexander Leitsch,et al.  Automated Model Building , 2010 .

[17]  Peter Selinger Models for an adversary-centric protocol logic , 2001, Electron. Notes Theor. Comput. Sci..

[18]  Alexei Lisitsa,et al.  First-order finite satisfiability vs tree automata in safety verification , 2011, ArXiv.

[19]  John P. Gallagher,et al.  Approximating Term Rewriting Systems: A Horn Clause Specification and Its Implementation , 2008, LPAR.

[20]  Valérie Viet Triem Tong,et al.  Reachability Analysis of Term Rewriting Systems with Timbuk , 2001, LPAR.

[21]  Yohan Boichut,et al.  Rewriting Approximations for Fast Prototyping of Static Analyzers , 2007, RTA.

[22]  Christoph Weidenbach,et al.  Towards an Automatic Analysis of Security Protocols in First-Order Logic , 1999, CADE.

[23]  Marcus Nilsson,et al.  Regular Model Checking , 2000, CAV.

[24]  Parosh Aziz Abdulla,et al.  A Survey of Regular Model Checking , 2004, CONCUR.

[25]  Narciso Martí-Oliet,et al.  All About Maude - A High-Performance Logical Framework, How to Specify, Program and Verify Systems in Rewriting Logic , 2007, All About Maude.