A type reduction theory for systems with replicated components

The Parameterised Model Checking Problem asks whether an implementation Impl(t) satisfies a specification Spec(t) for all instantiations of parameter t. In general, t can determine numerous entities: the number of processes used in a network, the type of data, the capacities of buffers, etc. The main theme of this paper is automation of uniform verification of a subclass of PMCP with the parameter of the first kind, i.e. the number of processes in the network. We use CSP as our formalism. We present a type reduction theory, which, for a given verification problem, establishes a function \phi that maps all (sufficiently large) instantiations T of the parameter to some fixed type T^ and allows us to deduce that if Spec(T^) is refined by \phi(Impl(T)), then (subject to certain assumptions) Spec(T) is refined by Impl(T). The theory can be used in practice by combining it with a suitable abstraction method that produces a t-independent process Abstr that is refined by {\phi}(Impl(T)) for all sufficiently large T. Then, by testing (with a model checker) if the abstract model Abstr refines Spec(T^), we can deduce a positive answer to the original uniform verification problem. The type reduction theory relies on symbolic representation of process behaviour. We develop a symbolic operational semantics for CSP processes that satisfy certain normality requirements, and we provide a set of translation rules that allow us to concretise symbolic transition graphs. Based on this, we prove results that allow us to infer behaviours of a process instantiated with uncollapsed types from known behaviours of the same process instantiated with a reduced type. One of the main advantages of our symbolic operational semantics and the type reduction theory is their generality, which makes them applicable in a wide range of settings.

[1]  Krzysztof R. Apt,et al.  Limits for Automatic Verification of Finite-State Concurrent Systems , 1986, Inf. Process. Lett..

[2]  Bill Roscoe Verifying Determinism of Concurrent Systems Which Use Unbounded Arrays , 1998 .

[3]  Stephan Merz,et al.  Model Checking , 2000 .

[4]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[5]  Martin D. Davis,et al.  Computability and Unsolvability , 1959, McGraw-Hill Series in Information Processing and Computers.

[6]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[7]  Simon L. Peyton Jones,et al.  Imperative functional programming , 1993, POPL '93.

[8]  Erwin Engeler,et al.  Logic of Programs, Workshop , 1981 .

[9]  Amir Pnueli,et al.  Liveness with (0, 1, infty)-Counter Abstraction , 2002, CAV.

[10]  A. W. Roscoe The Three Platonic Models of Divergence-Strict CSP , 2008, ICTAC.

[11]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching Time Temporal Logic , 2008, 25 Years of Model Checking.

[12]  R. BurchJ.,et al.  Symbolic model checking , 1992 .

[13]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[14]  Gavin Lowe,et al.  Counter Abstraction in the CSP/FDR setting , 2009, AVoCS.

[15]  Boris D. Lubachevsky,et al.  An approach to automating the verification of compact parallel coordination programs. I , 2018, Acta Informatica.

[16]  A. W. Roscoe,et al.  Proving security protocols with model checkers by data independence techniques , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[17]  Mordechai Ben-Ari,et al.  The temporal logic of branching time , 1981, POPL '81.

[18]  Amir Pnueli,et al.  Liveness with (0, 1, ∞)-counter abstraction , 2002 .

[19]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[20]  A. W. Roscoe Understanding Concurrent Systems , 2010, Texts in Computer Science.

[21]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[22]  Gavin Lowe,et al.  CSP-based counter abstraction for systems with node identifiers , 2014, Sci. Comput. Program..

[23]  Tomasz Mazur,et al.  Model Checking Systems with Replicated Components using CSP , 2011 .

[24]  Nicholas Moffat Identifying and exploiting symmetry for CSP refinement checking , 2011 .

[25]  Hüsnü Yenigün,et al.  Proceedings of the 5th international colloquium on Theoretical Aspects of Computing , 2008 .

[26]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[27]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[28]  Ranko S. Lazic,et al.  A semantic study of data independence with applications to model checking , 1999 .

[29]  A. W. Roscoe,et al.  On model checking data-independent systems with arrays without reset , 2004, Theory and Practice of Logic Programming.

[30]  W. Johnson,et al.  University of Oxford , 1956, Nature.

[31]  Gavin Lowe On the Application of Counterexample−Guided Abstraction refinement and data independence to the parameterised model checking problem , 2004 .

[32]  A. W. Roscoe,et al.  Formal Verification of Arbitrary Network Topologies , 1999, PDPTA.

[33]  Edmund M. Clarke,et al.  Characterizing Correctness Properties of Parallel Programs Using Fixpoints , 1980, ICALP.

[34]  Bill Roscoe TTP: A case study in combining induction and data independence , 1999 .