Combining Theorem Proving and Model Checking through Symbolic Analysis

Automated verification of concurrent systems is hindered by the fact that the state spaces are either infinite or too large for model checking, and the case analysis usually defeats theorem proving. Combinations of the two techniques have been tried with varying degrees of success. We argue for a specific combination where theorem proving is used to reduce verification problems to finite-state form, and model checking is used to explore properties of these reductions. This decomposition of the verification task forms the basis of the Symbolic Analysis Laboratory (SAL), a framework for combining different analysis tools for transition systems via a common intermediate language. We demonstrate how symbolic analysis can be an effective methodology for combining deduction and exploration.

[1]  Leslie Lamport,et al.  A new solution of Dijkstra's concurrent programming problem , 1974, Commun. ACM.

[2]  Steven M. German,et al.  A Synthesizer of Inductive Assertions , 1975, IEEE Trans. Software Eng..

[3]  David Michael Ritchie Park Finiteness is Mu-Ineffable , 1976, Theor. Comput. Sci..

[4]  Zohar Manna,et al.  Logical analysis of programs , 1976, CACM.

[5]  Norihisa Suzuki,et al.  Implementation of an array bound checker , 1977, POPL.

[6]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[7]  Nicolas Halbwachs,et al.  Automatic discovery of linear restraints among variables of a program , 1978, POPL.

[8]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[9]  Pascal Raymond,et al.  The synchronous data flow programming language LUSTRE , 1991, Proc. IEEE.

[10]  Joseph Sifakis,et al.  Property Preserving Simulations , 1992, CAV.

[11]  Gérard Berry,et al.  The Esterel Synchronous Programming Language: Design, Semantics, Implementation , 1992, Sci. Comput. Program..

[12]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[13]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[14]  Frits W. Vaandrager,et al.  Proof-Checking a Data Link Protocol , 1994, TYPES.

[15]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[16]  Jeffrey J. Joyce,et al.  Linking BDD-Based Symbolic Evaluation to Interactive Theorem-Proving , 1993, 30th ACM/IEEE Design Automation Conference.

[17]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[18]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[19]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[20]  Mogens Nielsen,et al.  TAPSOFT '95: Theory and Practice of Software Development , 1995, Lecture Notes in Computer Science.

[21]  Edward Y. Chang,et al.  STeP: The Stanford Temporal Prover , 1995, TAPSOFT.

[22]  Jürgen Dingel,et al.  Model Checking for Infinite State Systems Using Data Abstraction, Assumption-Commitment Style reasoning and Theorem Proving , 1995, CAV.

[23]  Natarajan Shankar,et al.  An Integration of Model Checking with Automated Proof Checking , 1995, CAV.

[24]  Thomas A. Henzinger,et al.  Reactive Modules , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[25]  Dennis Dams,et al.  Abstract interpretation and partition refinement for model checking , 1996 .

[26]  Hassen Saïdi,et al.  Powerful Techniques for the Automatic Generation of Invariants , 1996, CAV.

[27]  Hassen Saïdi A Tool for Proving Invariance Properties of Concurrent Systems Automatically , 1996, TACAS.

[28]  David L. Dill,et al.  Validity Checking for Combinations of Theories with Equality , 1996, FMCAD.

[29]  Zohar Manna,et al.  Automatic Generation of Invariants and Intermediate Assertions , 1997, Theor. Comput. Sci..

[30]  N. Shankar,et al.  Machine-assisted verification using theorem proving and model checking , 1997 .

[31]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[32]  Henny B. Sipma,et al.  Visual Abstractions for Temporal Verification , 1999, AMAST.

[33]  Tomás E. Uribe,et al.  Generating Finite-State Abstractions of Reactive Systems Using Decision Procedures , 1998, CAV.

[34]  Carl-Johan H. Seger Formal Methods in CAD from an Industrial Perspective (abstract) , 1998, FMCAD.

[35]  Yassine Lakhnech,et al.  Computing Abstractions of Infinite State Systems Compositionally and Automatically , 1998, CAV.

[36]  Natarajan Shankar,et al.  Abstract and Model Check While You Prove , 1999, CAV.

[37]  Yassine Lakhnech,et al.  Automatic Generation of Invariants , 1999, Formal Methods Syst. Des..

[38]  Kenneth L. McMillan,et al.  Verification of Infinite State Systems by Compositional Model Checking , 1999, CHARME.

[39]  David L. Dill,et al.  Experience with Predicate Abstraction , 1999, CAV.

[40]  Kenneth L. McMillan,et al.  Induction in Compositional Model Checking , 2000, CAV.

[41]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[42]  Natarajan Shankar,et al.  Deconstructing Shostak , 2001, Proceedings 16th Annual IEEE Symposium on Logic in Computer Science.