Model Checking with Strong Fairness
Elad Shahar
Li-on Raviv2006, Formal Methods in System Design
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
In this paper we present a coherent framework for symbolic model checking of linear-time temporal logic (ltl) properties over finite state reactive systems, taking full fairness constraints into consideration. We use the computational model of a fair discrete system (fds) which takes into account both justice (weak fairness) and compassion (strong fairness). The approach presented here reduces the model-checking problem
Related papers
PLTL-partitioned model checking for reactive systems under fairness assumptions
ACM Transactions on Embedded Computing Systems, 2005
We are interested in verifying dynamic properties of finite state reactive systems under fairness assumptions by model checking. The systems we want to verify are specified through a top-down refinement process.
Fairness in Temporal Verification of Distributed Systems
Contemporary Complex Systems and Their Dependability, 2018
The verification of deadlock freeness and distributed termination in distributed systems by Dedan tool is described. In Dedan, the IMDS formalism for specification of distributed systems is used. A system is described in terms of servers' states, agents' messages, and actions. Universal temporal formulas for checking deadlock and termination features are elaborated. It makes possible to verify distributed systems without a knowledge of temporal logic by a user. For verification, external model checkers: Spin, NuSMV and Uppaal are used. The experience with these verifiers show problems with strong fairness (compassion), required for model checking of distributed systems. The problems outcome from busy form of waiting in some examples. The problem is solved by own temporal formulas evaluation algorithm, using breadth-first search and reverse reachability. This algorithm does not require to specify compassion requirements for individual events, as it supports strong fairness for all cases. Thus it is appropriate for verification of distributed systems.
Symmetry in temporal logic model checking
ACM Computing Surveys, 2006
Temporal logic model checking involves checking the state-space of a model of a system to determine whether errors can occur in the system. Often this involves checking symmetrically equivalent areas of the state-space. The use of symmetry reduction to increase the efficiency of model checking has inspired a wealth of activity in the area of model checking research. We provide a survey of the associated literature.
Efficient Decision Procedures for Model Checking of Linear Time Logic Properties
Lecture Notes in Computer Science, 1999
We propose an algorithm for LTL model checking based on the classification of the automata and on guided symbolic search. Like most current methods for LTL model checking, our algorithm starts with a tableau construction and uses a model checker for CTL with fairness constraints to prove the existence of fair paths. However, we classify the tableaux according to their structure, and use efficient decision procedures for each class. Guided search applies hints to constrain the transition relation during fixpoint computations. Each fixpoint is thus translated into a sequence of fixpoints that are often much easier to compute than the original one. Our preliminary experimental results suggest that the new algorithm for LTL is quite efficient. In fact, for properties that can be expressed in both CTL and LTL, the algorithm is competitive with the CTL model checking algorithm. This work was supported in part by SRC contract 98-DJ-620.
Exploiting Symmetry in Linear Time Temporal Logic Model Checking: One Step Beyond
Model checking is a useful technique to verify properties of dynamic systems but it has to cope with the state explosion problem. By simultaneous exploitation of symmetries of both the system and the property, the model checking can be performed on a reduced quotient structure [2,6,7]. In these techniques a property is specified within a temporal logic formula (CTL*) and the symmetries of the formula are obtained by a syntactical checking. We show here that these approaches fail to capture symmetries in the LTL path subformulas. Thus we propose a more accurate method based on local symmetries of the associated Biichi automaton. We define an appropriate quotient structure for the synchronized product of the Biichi automaton and the global state transition graph. We prove that model checking can be performed over this quotient structure leading to efficient algorithms. Topic: Formal Methods.
Deterministic Compilation of Temporal Safety Properties in Explicit State Model Checking
Abstract. The translation of temporal logic specifications constitutes an essential step in model checking and a major influence on the efficiency of formal verification via model checking. We devise a new explicit-state translation of Linear Temporal Logic to automata for the class of LTL specifications that describe safety properties, arguably the most used formal specifications in real-world systems.
Techniques for Temporal Logic Model Checking
Refinement Techniques in Software Engineering, 2006
A partial approach to model checking
1991
Abstract A model-checking method for linear-time temporal logic that avoids the state explosion due to the modeling of concurrency by interleaving is presented. The method relies on the concept of the Mazurkiewicz trace as a semantic basis and uses automata-theoretic techniques, including automata that operate on words of ordinality higher than ω. In particular, automata operating on words of length ω× n, n∈ ω are defined.
Model checking with multi-valued temporal logics
2001
Abstract Multi-valued logics support the explicit modeling of uncertainty and disagreement by allowing additional truth values in the logic. Such logics can be used for verification of dynamic properties of systems where complete, agreed upon models of the system are not available. This paper presents a symbolic model checker for multi-valued temporal logics. The model checker works for any multi-valued logic whose truth values form a quasi-boolean lattice.
Bounded Model Checking for Timed Systems
2002
Enormous progress has been achieved in the last decade in the verification of timed systems, making it possible to analyze significant real-world protocols. An open challenge is the identification of fully symbolic verification techniques, able to deal effectively with the finite state component as well as with the timing aspects. In this paper we propose a new, symbolic verification technique that extends the Bounded Model Checking (BMC) approach for the verification of timed systems. The approach is based on the following ingredients. First, a BMC problem for timed systems is reduced to the satisfiability of a math-formula, i.e., a boolean combination of propositional variables and linear mathematical relations over real variables (used to represent clocks). Then, an appropriate solver, called MATHSAT, is used to check the satisfiability of the math-formula. The solver is based on the integration of SAT techniques with some specialized decision procedures for linear mathematical constraints, and requires polynomial memory. Our methods allow for handling expressive properties in a fully-symbolic way. A preliminary experimental evaluation confirms the potential of the approach.
Related topics
Related papers
Fairness and related properties in transition systems ? a temporal logic to deal with fairness
Acta Informatica, 1983
In this paper we propose a notion of fairness for transition systems and a logic for proving properties under the fairness assumption corresponding to this notion.
Fair SMG and linear time model checking
Lecture Notes in Computer Science, 1990
SMG [GB88] is a system designed to generate a finite state model of a program from the program itself and an operational semantics for the programming language. This finite state model can then be model-checked to verify desired temporal properties of the original program.
Transformational Verification of Linear Temporal Logic
We present a new method for verifying Linear Temporal Logic (LTL) properties of finite state reactive systems based on logic programming and program transformation. We encode a finite state sys- tem and an LTL property which we want to verify as a logic program on infinite lists. Then we apply a verification method consisting of two steps. In the first step we transform the logic program that encodes the given system and the given property into a new program belonging to the class of the so-called linear monadic !-programs (which are stratified, linear recursive programs defining nullary predicates or unary predicates on infinite lists). This transformation is performed by applying rules that preserve correctness. In the second step we verify the property of inter- est by using suitable proof rules for linear monadic !-programs. These proof rules can be encoded as a logic program which always terminates, if evaluated by using tabled resolution. Although our method uses stan- dard pr...
Direct Model Checking of Temporal Properties
In this paper, we address the problem of model checking temporal properties of finite-state programs.
A symmetry reduction technique for model checking temporal-epistemic logic
2009
We introduce a symmetry reduction technique for model checking temporal-epistemic properties of multi-agent systems defined in the mainstream interpreted systems framework. The technique, based on counterpart semantics, aims to reduce the set of initial states that need to be considered in a model. We present theoretical results establishing that there are neither false positives nor false negatives in the reduced model. We evaluate the technique by presenting the results of an implementation tested against two well known applications of epistemic logic, the muddy children and the dining cryptographers. The experimental results obtained confirm that the reduction in model checking time can be dramatic, thereby allowing for the verification of hitherto intractable systems.
Verification of Reactive Systems Using Temporal Logic with Clocks
Theoretical Computer Science, 1999
This paper presents a framework for the specification and verification of timing properties of reactive systems using Temporal Logic with Clocks (TLC). Reactive systems usually contain a number of parallel processes, therefore, it is essential to study and analyse each process based on its own local time. TLC is a temporal logic extended with multiple clocks, and it is in particular suitable for the specification of reactive systems. In our framework, the behavior of a reactive system is described through a formal specification; its timing properties, including safety and liveness properties, are expressed by TLC formulas. We also propose several demonstration techniques, such as an application of local reasoning and deriving fixed-time rules from the proof system of TLC, for proving that a reactive system meets its temporal specification. Under the proposed framework, the timing properties of a reactive system can therefore be directly reasoned about from the formal specification of the system.
Model Checking for a First-Order Temporal Logic Using Multiway Decision Graphs (MDGs)
The Computer Journal, 2004
We study model checking for a first-order linear-time temporal logic. We present the computation model: abstract description of state machines (ASMs), in which data and data operations are described using abstract sort and uninterpreted function symbols. ASMs are suitable for describing Register Transfer level designs. We define a first-order linear-time temporal logic called L MDG which supports the abstract data representations. Both safety and liveness properties can be expressed in L MDG , however, only universal path quantification is possible. Fairness constraints can also be imposed. The property checking algorithms are based on implicit state enumeration of an ASM and implemented using Multiway Decision Graphs.
Partial Order Reduction for Model Checking Markov Decision Processes under Unconditional Fairness
2011 Eighth International Conference on Quantitative Evaluation of SysTems, 2011
Fairness assumptions are needed to verify liveness properties of concurrent systems. In this paper we explore the so-called unconditional fairness in Markov decision processes (MDPs), which is a prerequisite for quantitative assumeguarantee reasoning. Unconditional fairness refers to executions where all processes are guaranteed to participate. We prove that realisability of unconditional fairness coincides with the absence of partial deadlocks, i.e., end components where a process suffers from starvation. We propose a weak variant of the stubborn set method to reduce MDPs, while preserving the realisability of unconditional fairness and maximal probabilities of reaching bottom end components under fair schedulers.
Bounded Model Checking Real-Time Multi-agent Systems with Clock Differences: Theory and Implementation
2006
We present a methodology for verifying epistemic and real-time temporal properties of multi-agent systems. We introduce an interpreted systems semantics based on diagonal timed automata and use a real-time temporal epistemic language to describe properties of multi-agent systems. We develop a bounded model checking algorithm for this setting and present experimental results for a real-time version of the alternating bit-transmission problem obtained by means of a preliminary implementation of the technique.
Abstract satisfiability of linear temporal logic
2001
Abstract. Model Checking has become one of the most powerful methods for automatic verification of software systems. But this technique is only directly applicable to small or medium size systems. For large systems, it suffers from the state explosion problem. One of the most promising ways to solve this problem is the use of Abstract Interpretation to construct simpler models of the system, where the interesting properties can be analyzed. In this paper, we present a theoretical language-independent framework to assist in the ...
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.