662 research outputs found
Symbolic Reachability for Process Algebras with Recursive Data Types
Abstract. In this paper, we present a symbolic reachability algorithm for process algebras with recursive data types. Like the various saturation based algorithms of Ciardo et al, the algorithm is based on partitioning of the transition relation into events whose influence is local. As new fea-tures, our algorithm supports recursive data types and allows unbounded non-determinism, which is needed to support open systems with data. The algorithm does not use any specific features of process algebras. That is, it will work for any system that consists of a fixed number of communicating processes, where in each atomic step only a subset of the processes participate. As proof of concept we have implemented the algorithm in the context of the µCRL toolset. We also compared the per-formance of this prototype with the performance of the existing explicit tools on a set of typical case studies.
Bridging the Gap between Enumerative and Symbolic Model Checkers
We present a method to perform symbolic state space generation for languages with existing enumerative state generators. The method is largely independent from the chosen modelling language. We validated this on three different types of languages and tools: state-based languages (PROMELA), action-based process algebras (muCRL, mCRL2), and discrete abstractions of ODEs (Maple).\ud
Only little information about the combinatorial structure of the\ud
underlying model checking problem need to be provided. The key enabling data structure is the "PINS" dependency matrix. Moreover, it can be provided gradually (more precise information yield better results).\ud
\ud
Second, in addition to symbolic reachability, the same PINS matrix contains enough information to enable new optimizations in state space generation (transition caching), again independent from the chosen modelling language. We have also based existing optimizations, like (recursive) state collapsing, on top of PINS and hint at how to support partial order reduction techniques.\ud
\ud
Third, PINS allows interfacing of existing state generators to, e.g., distributed reachability tools. Thus, besides the stated novelties, the method we propose also significantly reduces the complexity of building modular yet still efficient model checking tools.\ud
\ud
Our experiments show that we can match or even outperform existing tools by reusing their own state generators, which we have linked into an implementation of our ideas
Efficient Instantiation of Parameterised Boolean Equation Systems to Parity Games
Parameterised Boolean Equation Systems (PBESs) are sequences of Boolean fixed point equations with data variables, used for, e.g., verification of modal μ-calculus formulae for process algebraic specifications with data. Solving a PBES is usually done by instantiation to a Parity Game and then solving the game. Practical game solvers exist, but the instantiation step is the bottleneck. We enhance the instantiation in two steps. First, we transform the PBES to a Parameterised Parity Game (PPG), a PBES with each equation either conjunctive or disjunctive. Then we use LTSmin, that offers transition caching, efficient storage of states and both distributed and symbolic state space generation, for generating the game graph. To that end we define a language module for LTSmin, consisting of an encoding of variables with parameters into state vectors, a grouped transition relation and a dependency matrix to indicate the dependencies between parts of the state vector and transition groups. Benchmarks on some large case studies, show that the method speeds up the instantiation significantly and decreases memory usage drastically
Recommended from our members
Graph models for reachability analysis of concurrent programs
Reachability analysis is an attractive technique for analysis of concurrent programs because it is simple and relatively straightforward to automate, and can be used in conjunction with model-checking procedures to check for application-specific as well as general properties. Several techniques have been proposed differing mainly on the model used; some of these propose the use of flowgraph based models, some others of Petri nets.This paper addresses the question: What essential difference does it make, if any, what sort of finite-state model we extract from program texts for purposes of reachability analysis? How do they differ in expressive power, decision power, or accuracy? Since each is intended to model synchronization structure while abstracting away other features, one would expect them to be roughly equivalent.We confirm that there is no essential semantic difference between the most well known models proposed in the literature by providing algorithms for translation among these models. This implies that the choice of model rests on other factors, including convenience and efficiency.Since combinatorial explosion is the primary impediment to application of reachability analysis, a particular concern in choosing a model is facilitating divide-and-conquer analysis of large programs. Recently, much interest in finite-state verification systems has centered on algebraic theories of concurrency. Yeh and Young have exploited algebraic structure to decompose reachability analysis based on a flowgraph model. The semantic equivalence of graph and Petri net based models suggests that one ought to be able to apply a similar strategy for decomposing Petri nets. We show this is indeed possible through application of category theory
Generating and Solving Symbolic Parity Games
We present a new tool for verification of modal mu-calculus formulae for
process specifications, based on symbolic parity games. It enhances an existing
method, that first encodes the problem to a Parameterised Boolean Equation
System (PBES) and then instantiates the PBES to a parity game. We improved the
translation from specification to PBES to preserve the structure of the
specification in the PBES, we extended LTSmin to instantiate PBESs to symbolic
parity games, and implemented the recursive parity game solving algorithm by
Zielonka for symbolic parity games. We use Multi-valued Decision Diagrams
(MDDs) to represent sets and relations, thus enabling the tools to deal with
very large systems. The transition relation is partitioned based on the
structure of the specification, which allows for efficient manipulation of the
MDDs. We performed two case studies on modular specifications, that demonstrate
that the new method has better time and memory performance than existing PBES
based tools and can be faster (but slightly less memory efficient) than the
symbolic model checker NuSMV.Comment: In Proceedings GRAPHITE 2014, arXiv:1407.767
Symbolic Reachability Analysis of B through ProB and LTSmin
We present a symbolic reachability analysis approach for B that can provide a
significant speedup over traditional explicit state model checking. The
symbolic analysis is implemented by linking ProB to LTSmin, a high-performance
language independent model checker. The link is achieved via LTSmin's PINS
interface, allowing ProB to benefit from LTSmin's analysis algorithms, while
only writing a few hundred lines of glue-code, along with a bridge between ProB
and C using ZeroMQ. ProB supports model checking of several formal
specification languages such as B, Event-B, Z and TLA. Our experiments are
based on a wide variety of B-Method and Event-B models to demonstrate the
efficiency of the new link. Among the tested categories are state space
generation and deadlock detection; but action detection and invariant checking
are also feasible in principle. In many cases we observe speedups of several
orders of magnitude. We also compare the results with other approaches for
improving model checking, such as partial order reduction or symmetry
reduction. We thus provide a new scalable, symbolic analysis algorithm for the
B-Method and Event-B, along with a platform to integrate other model checking
improvements via LTSmin in the future
- …