Transition-based coverage estimation for symbolic model checking

Abstract — Lack of complete formal specification is one of the major obstacles for the deployment of model checking. Coverage estimation addresses this issue by revealing the unverified part of the design according to the specified properties. In this paper we propose a new transition-based coverage metric to evaluate the completeness of properties for symbolic model check-ing. It is more comprehensive and accurate than the existing coverage metrics for model checking. An ef-ficient symbolic algorithm is presented for computing the transition coverage for a subset of ACTL. Our cov-erage estimator has been applied to the model check-ing of a cache coherence protocol. We uncovered sev-eral coverage holes including one that eventually led to the discovery of a design bug. I