Parallelizing a Symbolic Compositional Model-Checking Algorithm

We describe a parallel, symbolic, model-checking algorithm, built around a compositional reasoning method. The method constructs a collection of per-process (i.e., local) invariants, which together imply a desired global safety property. The local invariant computation is a simultaneous fixpoint evaluation, which easily lends itself to parallelization. Moreover, locality of reasoning helps limit both the frequency and the amount of cross-thread synchronization, leading to good parallel performance. Experimental results show that the parallelized computation can achieve substantial speed-up, with reasonably small memory overhead.

[1]  永田 守男,et al.  Verifying Properties of Parallel Programs : An Axiomatic Approach , 1976 .

[2]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[3]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[4]  Amir Pnueli,et al.  Jtlv: A Framework for Developing Verification Algorithms , 2010, CAV.

[5]  Assaf Schuster,et al.  Achieving Speedups in Distributed Symbolic Reachability Analysis Through Asynchronous Computation , 2005, CHARME.

[6]  R. Brayton,et al.  Reachability analysis using partitioned-ROBDDs , 1997, ICCAD 1997.

[7]  Dragan Bosnacki,et al.  Multi-Core Model Checking with SPIN , 2007, 2007 IEEE International Parallel and Distributed Processing Symposium.

[8]  Alan J. Hu,et al.  Efficient Verification with BDDs using Implicitly Conjoined Invariants , 1993, CAV.

[9]  David L. Dill,et al.  Parallelizing the Murphi Verifier , 1997, CAV.

[10]  Boleslaw K. Szymanski A simple solution to Lamport's concurrent programming problem with linear wait , 1988, ICS '88.

[11]  Edmund M. Clarke,et al.  Symbolic Model Checking with Partitioned Transistion Relations , 1991, VLSI.

[12]  David L. Dill,et al.  Parallelizing the Murϕ Verifier , 2001, Formal Methods Syst. Des..

[13]  Kedar S. Namjoshi,et al.  Local Proofs for Linear-Time Properties of Concurrent Programs , 2008, CAV.

[14]  Gary L. Peterson,et al.  Myths About the Mutual Exclusion Problem , 1981, Inf. Process. Lett..

[15]  Cormac Flanagan,et al.  Thread-Modular Model Checking , 2003, SPIN.

[16]  Gianfranco Ciardo,et al.  Parallelising Symbolic State-Space Generators , 2007, CAV.

[17]  Debashis Sahoo,et al.  Multi-threaded reachability , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[18]  Alan J. Hu,et al.  Approximate reachability with BDDs using overlapping projections , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[19]  Massimo Poncino,et al.  A parallel approach to symbolic traversal based on set partitioning , 1997, CHARME.

[20]  Amir Pnueli,et al.  Parameterized Verification with Automatically Computed Inductive Assertions , 2001, CAV.

[21]  George J. Milne,et al.  Correct Hardware Design and Verification Methods , 2003, Lecture Notes in Computer Science.

[22]  Debashis Sahoo,et al.  A New Reachability Algorithm for Symmetric Multi-processor Architecture , 2005, ATVA.

[23]  In-Ho Moon,et al.  Least fixpoint approximations for reachability analysis , 1999, 1999 IEEE/ACM International Conference on Computer-Aided Design. Digest of Technical Papers (Cat. No.99CH37051).

[24]  Assaf Schuster,et al.  A Work-Efficient Distributed Algorithm for Reachability Analysis , 2003, CAV.

[25]  Amir Pnueli,et al.  Automatic Deductive Verification with Invisible Invariants , 2001, TACAS.

[26]  Kedar S. Namjoshi,et al.  SPLIT: A Compositional LTL Verifier , 2010, CAV.

[27]  Kedar S. Namjoshi,et al.  Symmetry and Completeness in the Analysis of Parameterized Systems , 2007, VMCAI.

[28]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[29]  Kedar S. Namjoshi,et al.  A Dash of Fairness for Compositional Reasoning , 2010, CAV.

[30]  Gianpiero Cabodi,et al.  Improved reachability analysis of large finite state machines , 1996, Proceedings of International Conference on Computer Aided Design.

[31]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[32]  Dragan Bosnacki,et al.  The Design of a Multicore Extension of the SPIN Model Checker , 2007, IEEE Transactions on Software Engineering.

[33]  Enrico Macii,et al.  Algorithms for approximate FSM traversal based on state space decomposition , 1996, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[34]  Edsger W. Dijkstra,et al.  Predicate Calculus and Program Semantics , 1989, Texts and Monographs in Computer Science.

[35]  Mohamed Nassim Seghir,et al.  A Lightweight Approach for Loop Summarization , 2011, ATVA.

[36]  Patrick Cousot,et al.  Automatic synthesis of optimal invariant assertions: Mathematical foundations , 1977, Artificial Intelligence and Programming Languages.

[37]  Kavita Ravi,et al.  High-density reachability analysis , 1995, ICCAD.

[38]  Kedar S. Namjoshi,et al.  Local Proofs for Global Safety Properties , 2007, CAV.