Efficient Symbolic Representations for Arithmetic Constraints in Verification

In this paper we discuss efficient symbolic representations for infinite-state systems specified using linear arithmetic constraints. We give algorithms for constructing finite automata which represent integer sets that satisfy linear constraints. These automata can represent either signed or unsigned integers and have a lower number of states compared to other similar approaches. We present efficient storage techniques for the transition function of the automata and extend the construction algorithms to formulas on both boolean and integer variables. We also derive conditions which guarantee that the pre-condition computations used in symbolic verification algorithms do not cause an exponential increase in the automata size. We experimentally compare different symbolic representations by using them to verify non-trivial concurrent systems. Experimental results show that the symbolic representations based on our construction algorithms outperform the polyhedral representation used in Omega Library, and the automata representation used in LASH.

[1]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[2]  Thomas R. Shiple,et al.  A Comparison of Presburger Engines for EFSM Reachability , 1998, CAV.

[3]  Nils Klarlund,et al.  MONA Version 1.4 - User Manual , 2001 .

[4]  William Pugh,et al.  The Omega test: A fast and practical integer programming algorithm for dependence analysis , 1991, Proceedings of the 1991 ACM/IEEE Conference on Supercomputing (Supercomputing '91).

[5]  Hubert Comon-Lundh,et al.  Diophantine Equations, Presburger Arithmetic and Finite Automata , 1996, CAAP.

[6]  Tevfik Bultan,et al.  Action Language Verifier , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[7]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[8]  Nicolas Halbwachs,et al.  Verification of Real-Time Systems using Linear Relation Analysis , 1997, Formal Methods Syst. Des..

[9]  Steve Alten,et al.  Omega Project , 1978, Encyclopedia of Parallel Computing.

[10]  Richard Gerber,et al.  Model-checking concurrent systems with unbounded integer variables: symbolic representations, approximations, and experimental results , 1999, TOPL.

[11]  Tevfik Bultan,et al.  Specification, verification, and synthesis of concurrency control components , 2002, ISSTA '02.

[12]  Giorgio Delzanno,et al.  Constraint-based deductive model checking , 2001, International Journal on Software Tools for Technology Transfer.

[13]  Michael Rodeh,et al.  Cleanness Checking of String Manipulations in C Programs via Integer Analysis , 2001, SAS.

[14]  Pierre Wolper,et al.  On the Expressiveness of Real and Integer Arithmetic Automata (Extended Abstract) , 1998, ICALP.

[15]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Presburger Arithmetic Constraints (Extended Abstract) , 1995, SAS.

[16]  Tevfik Bultan,et al.  A Library for Composite Symbolic Representations , 2001, TACAS.

[17]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[18]  Giorgio Delzanno,et al.  Constraint-Based Verification of Client-Server Protocols , 2001, CP.

[19]  Nils Klarlund,et al.  MONA: Monadic Second-Order Logic in Practice , 1995 .

[20]  Pierre Wolper,et al.  On the Construction of Automata from Linear Arithmetic Constraints , 2000, TACAS.

[21]  Tevfik Bultan,et al.  Automata-based representations for arithmetic constraints in automated verification , 2002, CIAA'02.