Control and data abstraction: the cornerstones of practical formal verification

Abstract.In spite of the impressive progress in the development of the two main methods for formal verification of reactive systems – Symbolic Model Checking and Deductive Verification, they are still limited in their ability to handle large systems. It is generally recognized that the only way these methods can ever scale up is by the extensive use of abstraction and modularization, which break the task of verifying a large system into several smaller tasks of verifying simpler systems.In this paper, we review the two main tools of compositionality and abstraction in the framework of linear temporal logic. We illustrate the application of these two methods for the reduction of an infinite-state system into a finite-state system that can then be verified using model checking.The technical contributions contained in this paper are a full formulation of abstraction when applied to a system with both weak and strong fairness requirements and to a general temporal formula, and a presentation of a compositional framework for shared variables and its application for forming network invariants.

[1]  Bengt Jonsson,et al.  Compositional specification and verification of distributed systems , 1994, TOPL.

[2]  David L. Dill,et al.  Verifying Systems with Replicated Components in Murϕ , 1999, Formal Methods Syst. Des..

[3]  Orna Grumberg,et al.  Network Grammars, Communication Behaviors and Automatic Verification , 1989, Automatic Verification Methods for Finite State Systems.

[4]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[5]  Zohar Manna,et al.  Automatic Generation of Invariants and Intermediate Assertions , 1997, Theor. Comput. Sci..

[6]  Orna Grumberg,et al.  Abstract interpretation of reactive systems , 1997, TOPL.

[7]  Somesh Jha,et al.  Veryfying Parameterized Networks using Abstraction and Regular Languages , 1995, CONCUR.

[8]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[9]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[10]  A. Udaya Shankar,et al.  Refinement and Projection of Relational Specifications , 1990, REX Workshop.

[11]  Nicolas Halbwachs,et al.  Automatic verification of parameterized linear networks of processes , 1997, POPL '97.

[12]  Fredrik Orava,et al.  Verifying Safety and Deadlock Properties of Networks of Asynchronously Communicating Processes , 1989, PSTV.

[13]  Pierre Wolper,et al.  Verifying Properties of Large Sets of Processes with Network Invariants , 1990, Automatic Verification Methods for Finite State Systems.

[14]  Amir Pnueli,et al.  Algorithmic Verification of Linear Temporal Logic Specifications , 1998, ICALP.

[15]  Claire Loiseaux,et al.  A Tool for Symbolic Program Verification and Abstration , 1993, CAV.

[16]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[17]  Stephan Merz,et al.  Model Checking , 2000 .

[18]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[19]  Amir Pnueli The Temporal Semantics of Concurrent Programs , 1981, Theor. Comput. Sci..

[20]  Kedar S. Namjoshi,et al.  Automatic Verification of Parameterized Synchronous Systems (Extended Abstract) , 1996, CAV.

[21]  Robert P. Kurshan,et al.  A structural induction theorem for processes , 1989, PODC.

[22]  A. Prasad Sistla,et al.  Reasoning about systems with many processes , 1992, JACM.

[23]  Amir Pnueli,et al.  A Platform for Combining Deductive with Algorithmic Verification , 1996, CAV.

[24]  Amir Pnueli,et al.  Verification by Augmented Finitary Abstraction , 2000, Inf. Comput..

[25]  Martín Abadi,et al.  The Existence of Refinement Mappings , 1988, LICS.

[26]  David L. Dill,et al.  Verifying Systems with Replicated Components in Murphi , 1996, CAV.

[27]  Amir Pnueli,et al.  Impartiality, Justice and Fairness: The Ethics of Concurrent Termination , 1981, ICALP.

[28]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[29]  Edward Y. Chang,et al.  STeP: The Stanford Temporal Prover , 1995, TAPSOFT.

[30]  Edmund M. Clarke,et al.  Another Look at LTL Model Checking , 1994, CAV.

[31]  Eugene W. Stark Proving Entailment Between Conceptual State Specifications , 1988, Theor. Comput. Sci..

[32]  Nancy A. Lynch,et al.  Hierarchical correctness proofs for distributed algorithms , 1987, PODC '87.