Model checking with generalized Rabin and Fin-less automata

In the automata theoretic approach to explicit state LTL model checking, the synchronized product of the model and an automaton that represents the negated formula is checked for emptiness. In practice, a (transition-based generalized) Büchi automaton (TGBA) is used for this procedure. This paper investigates whether using a more general form of acceptance, namely a transition-based generalized Rabin automaton (TGRA), improves the model checking procedure. TGRAs can have significantly fewer states than TGBAs; however, the corresponding emptiness checking procedure is more involved. With recent advances in probabilistic model checking and LTL to TGRA translators, it is only natural to ask whether checking a TGRA directly is more advantageous in practice. We designed a multi-core TGRA checking algorithm and performed experiments on a subset of the models and formulas from the 2015 Model Checking Contest and generated LTL formulas for models from the BEEM database. While we found little to no improvement by checking TGRAs directly, we show how various aspects of a TGRA’s structure influences the model checking performance. In this paper, we also introduce a Fin-less acceptance condition, which is a disjunction of TGBAs. We show how to convert TGRAs into automata with Fin-less acceptance and show how a TGBA emptiness procedure can be extended to check Fin-less automata.

[1]  Chin-Laung Lei,et al.  Modalities for model checking (extended abstract): branching time strikes back , 1985, POPL.

[2]  Edsger W. Dijkstra Finding the Maximum Strong Components in a Directed Graph , 1982 .

[3]  Denis Poitrenaud,et al.  On-the-Fly Emptiness Checks for Generalized Büchi Automata , 2005, SPIN.

[4]  Alfons Laarman,et al.  LTSmin: High-Performance Language-Independent Model Checking , 2015, TACAS.

[5]  Jan Kretínský,et al.  Rabinizer 4: From LTL to Your Favourite Deterministic Automaton , 2018, CAV.

[6]  Krishnendu Chatterjee,et al.  Automata with Generalized Rabin Pairs for Probabilistic Model Checking and LTL Synthesis , 2013, CAV.

[7]  Jan Kretínský,et al.  From LTL to deterministic automata , 2014, Formal Methods Syst. Des..

[8]  Jaco van de Pol,et al.  Multi-core SCC-Based LTL Model Checking , 2016, Haifa Verification Conference.

[9]  Gerard J. Holzmann,et al.  Parallelizing the Spin Model Checker , 2012, SPIN.

[10]  Mauro Pezzè,et al.  Model-driven generation of runtime checks for system properties , 2014, International Journal on Software Tools for Technology Transfer.

[11]  BloemenVincent,et al.  Multi-core on-the-fly SCC decomposition , 2016 .

[12]  Gavin Lowe Concurrent depth-first search algorithms based on Tarjan’s Algorithm , 2015, International Journal on Software Tools for Technology Transfer.

[13]  Alfons Laarman,et al.  Multi-core on-the-fly SCC decomposition , 2016, PPoPP.

[14]  Jan Strejcek,et al.  Effective Translation of LTL to Deterministic Rabin Automata: Beyond the (F, G)-Fragment , 2013, ATVA.

[15]  Denis Poitrenaud,et al.  On-the-fly Emptiness Check of Transition-Based Streett Automata , 2009, ATVA.

[16]  Bernhard Steffen,et al.  The physics of software tools: SWOT analysis and vision , 2017, International Journal on Software Tools for Technology Transfer.

[17]  Salomon Sickert,et al.  LTL to Deterministic Emerson-Lei Automata , 2017, GandALF.

[18]  Alfons Laarman,et al.  Improved Multi-Core Nested Depth-First Search , 2012, ATVA.

[19]  Radek Pelánek,et al.  BEEM: Benchmarks for Explicit Model Checkers , 2007, SPIN.

[20]  Alexandre Duret-Lutz,et al.  Spot 2.0 - A Framework for LTL and \omega -Automata Manipulation , 2016, ATVA.

[21]  Anton Wijs,et al.  BFS-Based Model Checking of Linear-Time Properties with an Application on GPUs , 2016, CAV.

[22]  Jun Sun,et al.  Scalable Multi-core Model Checking Fairness Enhanced Systems , 2009, ICFEM.

[23]  Jan Kretínský,et al.  The Hanoi Omega-Automata Format , 2015, CAV.

[24]  Fabrice Kordon,et al.  Symbolic Model Checking of Stutter-Invariant Properties Using Generalized Testing Automata , 2014, TACAS.

[25]  Javier Esparza,et al.  A Note on On-the-Fly Verification Algorithms , 2005, TACAS.

[26]  Jaco van de Pol,et al.  Explicit state model checking with generalized Büchi and Rabin automata , 2017, SPIN.

[27]  Jan Strejcek,et al.  Comparison of LTL to Deterministic Rabin Automata Translators , 2013, LPAR.

[28]  Alexandre Duret-Lutz,et al.  Spot 2 . 0 — a framework for LTL and ω-automata manipulation , 2016 .

[29]  Peter H. Schmitt,et al.  Improving Non-Progress Cycle Checks , 2009, SPIN.

[30]  Chao Wang,et al.  Abstraction and mining of traces to explain concurrency bugs , 2016, FM 2016.

[31]  Gerard J. Holzmann,et al.  An improvement of the piggyback algorithm for parallel model checking , 2014, SPIN.

[32]  Jan Kretínský,et al.  Rabinizer 3: Safraless Translation of LTL to Small Deterministic Automata , 2014, ATVA.

[33]  Alfons Laarman,et al.  Improved on-the-Fly Livelock Detection , 2013, NASA Formal Methods.

[34]  Fabrice Kordon,et al.  Variations on parallel explicit emptiness checks for generalized Büchi automata , 2017, International Journal on Software Tools for Technology Transfer.

[35]  Alex Groce,et al.  Swarm Verification Techniques , 2011, IEEE Transactions on Software Engineering.

[36]  Alfons Laarman,et al.  Multi-Core LTSmin: Marrying Modularity and Scalability , 2011, NASA Formal Methods.

[37]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[38]  Christel Baier,et al.  Principles of model checking , 2008 .