6 research outputs found
Trail-directed model checking
HSF-SPIN is a Promela model checker based on heuristic search strategies. It utilizes heuristic estimates in order to direct the search for finding software bugs in concurrent systems. As a consequence, HSF-SPIN is able to find shorter trails than blind depth-first search.
This paper contributes an extension to the paradigm of directed model checking to shorten already established unacceptable long error trails. This approach has been implemented in HSF-SPIN. For selected benchmark and industrial communication protocols experimental evidence is given that trail-directed model-checking effectively shortcuts existing witness paths
Taming Numbers and Durations in the Model Checking Integrated Planning System
The Model Checking Integrated Planning System (MIPS) is a temporal least
commitment heuristic search planner based on a flexible object-oriented
workbench architecture. Its design clearly separates explicit and symbolic
directed exploration algorithms from the set of on-line and off-line computed
estimates and associated data structures. MIPS has shown distinguished
performance in the last two international planning competitions. In the last
event the description language was extended from pure propositional planning to
include numerical state variables, action durations, and plan quality objective
functions. Plans were no longer sequences of actions but time-stamped
schedules. As a participant of the fully automated track of the competition,
MIPS has proven to be a general system; in each track and every benchmark
domain it efficiently computed plans of remarkable quality. This article
introduces and analyzes the most important algorithmic novelties that were
necessary to tackle the new layers of expressiveness in the benchmark problems
and to achieve a high level of performance. The extensions include critical
path analysis of sequentially generated plans to generate corresponding optimal
parallel plans. The linear time algorithm to compute the parallel plan bypasses
known NP hardness results for partial ordering by scheduling plans with respect
to the set of actions and the imposed precedence relations. The efficiency of
this algorithm also allows us to improve the exploration guidance: for each
encountered planning state the corresponding approximate sequential plan is
scheduled. One major strength of MIPS is its static analysis phase that grounds
and simplifies parameterized predicates, functions and operators, that infers
knowledge to minimize the state description length, and that detects domain
object symmetries. The latter aspect is analyzed in detail. MIPS has been
developed to serve as a complete and optimal state space planner, with
admissible estimates, exploration engines and branching cuts. In the
competition version, however, certain performance compromises had to be made,
including floating point arithmetic, weighted heuristic search exploration
according to an inadmissible estimate and parameterized optimization
Model checking of concurrent software systems via heuristic-guided SAT solving
An established approach to software verification is SAT-based bounded model checking where a state space model is encoded as a Boolean formula and the exploration is performed via SAT solving. Most existing approaches in SAT-based model checking rely on general-purpose solvers that do not exploit the structural features of the encoding. Aiming at a significantly better runtime performance in such settings, we show in this paper that SAT algorithms can be specifically tailored w.r.t. the structure of the Boolean encoding of the model checking problem to be solved. We define a state space encoding of concurrent software systems that preserves control flow information. This allows to modify the solver such that the number of SAT decision levels can be significantly reduced by assigning a set of atoms at each level. Such set assignment always characterises a location in the control flow of the encoded system. Moreover, we introduce heuristics that guide the SAT search into directions where a violation of the property of interest may be most likely detected. The heuristic approach enables to quickly discover errors while keeping the actually explored part of the state space small.http://link.springer.combookseries/5582018-10-11hj2018Computer Scienc
Survey on Directed Model Checking
International audienceThis article surveys and gives historical accounts to the algorithmic essentials of directed model checking, a promising bug-hunting technique to mitigate the state explosion problem. In the enumeration process, successor selection is prioritized. We discuss existing guidance and methods to automatically generate them by exploiting system abstractions. We extend the algorithms to feature partial-order reduction and show how liveness problems can be adapted by lifting the search Space. For deterministic, finite domains we instantiate the algorithms to directed symbolic, external and distributed search. For real-time domains we discuss the adaption of the algorithms to timed automata and for probabilistic domains we show the application to counterexample generation. Last but not least, we explain how directed model checking helps to accelerate finding solutions to scheduling problems
Engineering Benchmarks for Planning: the Domains Used in the Deterministic Part of IPC-4
In a field of research about general reasoning mechanisms, it is essential to
have appropriate benchmarks. Ideally, the benchmarks should reflect possible
applications of the developed technology. In AI Planning, researchers more and
more tend to draw their testing examples from the benchmark collections used in
the International Planning Competition (IPC). In the organization of (the
deterministic part of) the fourth IPC, IPC-4, the authors therefore invested
significant effort to create a useful set of benchmarks. They come from five
different (potential) real-world applications of planning: airport ground
traffic control, oil derivative transportation in pipeline networks,
model-checking safety properties, power supply restoration, and UMTS call
setup. Adapting and preparing such an application for use as a benchmark in the
IPC involves, at the time, inevitable (often drastic) simplifications, as well
as careful choice between, and engineering of, domain encodings. For the first
time in the IPC, we used compilations to formulate complex domain features in
simple languages such as STRIPS, rather than just dropping the more interesting
problem constraints in the simpler language subsets. The article explains and
discusses the five application domains and their adaptation to form the PDDL
test suites used in IPC-4. We summarize known theoretical results on structural
properties of the domains, regarding their computational complexity and
provable properties of their topology under the h+ function (an idealized
version of the relaxed plan heuristic). We present new (empirical) results
illuminating properties such as the quality of the most wide-spread heuristic
functions (planning graph, serial planning graph, and relaxed plan), the growth
of propositional representations over instance size, and the number of actions
available to achieve each fact; we discuss these data in conjunction with the
best results achieved by the different kinds of planners participating in
IPC-4
Error Detection with Directed Symbolic Model Checking
. In practice due to entailed memory limitations the most important problem in model checking is state space explosion. Therefore, to prove the correctness of a given design binary decision diagrams #BDDs# are widely used as a concise and symbolic state space representation. Nevertheless, BDDs are not able to avoid an exponential blow-up in general. If we restrict ourselves to #nd an error of a design which violates a safety property,inmany cases a complete state space exploration is not necessary and the introduction of a heuristic to guide the search can help to keep both the explored part and the associated BDD representation smaller than with the classical approach. In this paper we will show that this idea can be extended with an automatically generated heuristic and that it is applicable to a large class of designs. Since the proposed algorithm can be expressed in terms of BDDs it is even possible to use an existent model checker without any internal changes.