LREs: A Framework for Guiding Symbolic Reachability Analysis

ISCAS 2001. The 2001 IEEE International Symposium on Circuits and Systems (Cat. No.01CH37196), 2001

We present a new symbolic algorithm for reachability analysis in sequential circuits. Using don't cares from the computed reachable states, we introduce flexibility in choosing the transition relation, which can be used to minimize its Binary Decision Diagram (BDD). This can reduce the time-consuming image computation step. The technique is implemented and integrated in our equivalence checking system M-CHECK and its efficiency is shown on the ISCAS-89 benchmark circuits.

Symbolic reachability analysis of large finite-state systems is a computationally hard problem. Approximate techniques tradeoff precision for scalability by devising efficient ways of computing approximate images. A formal comparison of the accuracy and performance of alternative strategies, however, usually requires case-specific specialized reasoning. In this paper, we first discuss a formal framework to uniformly express and reason about the accuracy and some performance metrics of a large class of exact and approximate reachability techniques. We then use this framework to arrive at new techniques that allow the user to tune the accuracy-performance tradeoff fairly easily. This gives us new tunable methods that yield higher precision, but incur small or no performance penalties compared to existing methods. We present experimental results that demonstrate the advantages of the proposed methods.

Electronic Notes in Theoretical Computer Science, 2008

Binary Decision Diagrams (BDDs) and their multi-terminal extensions have shown to be very helpful for the quantitative verification of systems. Many different approaches have been proposed for deriving symbolic state graph (SG) representations from high-level model descriptions, where compositionality has shown to be crucial for the efficiency of the schemes. Since the symbolic composition schemes deliver the potential SG of a high-level model, one must execute a reachability analysis on the level of the symbolic structures. This step is the main resource of CPU-time and peak memory consumption when it comes to symbolic SG generation. In this work a new operator for zero-suppressed BDDs and their multi-terminal extensions for carrying out (partitioned) symbolic reachability analysis is presented. This algorithm not only replaces standard BDD-based schemes, it even makes symbolic composition as found in contemporary symbolic model checkers such as Prism and Caspa obsolete.

2009

Diagrams (BDDs) representing high-level model's underlying state/transition systems. The obtained decision diagram may serve as input for various analysis methods such as symbolic (probabilistic) model checking and/or Markovian performance and reliability analysis. As usual the proposed technique makes use of partitioned symbolic reachability analysis. However, contrary to existing techniques it neither relies on pregenerated symbolic representations of transition relations, nor does it make use of standard BDD-manipulating algorithms. Instead, symbolic reachability analysis is carried out by means of customized BDD-algorithms directly synthesized from high-level models to be analyzed. Overall the presented approach yields the core of a new tool bench for the symbolic analysis of state-based system descriptions. The tool bench is implemented on top of the Eclipse Modeling Framework and exploits Java Emitter Templates for code synthesis. Standard benchmark models show that for generating high-level models underlying state/transition systems significant improvements with respect to CPU time and memory consumption can be realized, ultimately allowing the verification of larger and much more complex systems.

2006

Asynchronous systems consist of a set of transitions which are non-deterministically chosen and executed. We present a theory of guiding symbolic reachability in such systems by scheduling clusters of transitions. A theory of reachability expressions which specify the schedules is presented. This theory allows proving equivalence of different schedules which may have radically different performance in BDD-based search.

Lecture Notes in Computer Science, 2005

We propose a new saturation-based symbolic state-space generation algorithm for finite discrete-state systems. Based on the structure of the high-level model specification, we first disjunctively partition the transition relation of the system, then conjunctively partition each disjunct. Our new encoding recognizes identity transformations of state variables and exploits event locality, enabling us to apply a recursive fixed-point image computation strategy completely different from the standard breadth-first approach employing a global fix-point image computation. Compared to breadth-first symbolic methods, saturation has already been empirically shown to be several orders more efficient in terms of runtime and peak memory requirements for asynchronous concurrent systems. With the new partitioning, the saturation algorithm can now be applied to completely general asynchronous systems, while requiring similar or better run-times and peak memory than previous saturation algorithms.

Lecture Notes in Computer Science, 2006

Chaining can reduce the number of iterations required for symbolic state-space generation and model-checking, especially in Petri nets and similar asynchronous systems, but requires considerable insight and is limited to a static ordering of the events in the high-level model. We introduce a two-step approach that is instead fine-grained and dynamically applied to the decision diagrams nodes. The first step, based on a precedence relation, is guaranteed to improve convergence, while the second one, based on a notion of node fullness, is heuristic. We apply our approach to traditional breadth-first and saturation state-space generation, and show that it is effective in both cases.

Timed reachability analysis of gate-level circuits is important in several applications. In this paper, we present techniques for efficient approximate symbolic reachability of circuits assuming discrete delays of gates. We exploit local interactions among gates to develop a highly scalable algorithm for over-approximating the set of timed reachable states. We present a scheme of successive overapproximations and provide a probabilistic analysis to prove that these approximations converge quickly on an average. We argue that this scheme corresponds to successively extracting trees in the underlying factor graph representing the interaction of gates. We report experimental results on a set of benchmarks that demonstrate the effectiveness of our approach.

Lecture Notes in Computer Science, 1997

prod is a reachability analyzer for Predicate/Transition Nets.

State space exploration using symbolic techniques provides a basis for the verification of software systems. The exploration procedure has direct impact on the overall effectiveness of the verification efforts. For example, choosing the breadth-first exploration strategy results in a verification tool that finds counterexamples quickly, but may sacrifice the efficiency of the reachability analysis. The existing exploration heuristics, such as A * search or chaotic iteration, are geared towards optimizing only one objective, e.g., counterexample length or convergence of fixpoint computation, while neglecting various others that maybe of significant importance as well. In this paper, we present a new subsumer guided heuristic for symbolic state space exploration that supports both efficient counterexample discovery and quick convergence of the reachability computation. The Subsumer-first heuristic leverages the results of partial fixpoint checks performed during the symbolic state space exploration. We present an application of the heuristic for improving efficiency of abstraction-based software verification. Our experimental evaluation of the heuristic in a predicate abstraction-based tool indicates its practical applicability, as we observe significant efficiency improvement (median of 40%) on difficult benchmarks from the transportation domain.