GSTE is partitioned model checking

Verifying whether an ω-regular property is satisfied by a finite-state system is a core problem in model checking. Standard techniques build an automaton with the complementary language, compute its product with the system, and then check for emptiness. Generalized symbolic trajectory evaluation (GSTE) has been recently proposed as an alternative approach, extending the computationally efficient symbolic trajectory evaluation (STE) to general ω-regular properties. In this paper, we show that the GSTE algorithms are essentially a partitioned version of standard symbolic model-checking (SMC) algorithms, where the partitioning is driven by the property under verification. We export this technique of property-driven partitioning to SMC and show that it typically does speed up SMC algorithm

More on Nonregular PDL: Finite Models and Fibonacci-Like Programs

: We continue research on enriching propositional dynamic logic (PDL) with nonregular programs. Previous work indicates that the general problem of characterizing those extensions for which PDL becomes undecidable is probably very hard. After observing that any nonregular extension increases the expressive power of PDL, we concentrate on one-letter extensions. First, we address the issue of finite models: A general condition is formulated, and is proven to be sufficient for a one-letter extension to violate the finite model property. We show the condition to hold in several cases, including all polynomials, sums of primes, and linear recurrences. We then build on a technique of Paterson and Harel, and show that the validity problem for PDL enriched with any Fibonacci-like sequence is \Pi 1 1 -complete. 1 Introduction Propositional dynamic logic (PDL) was introduced by Fischer and Ladner [FL], based upon the first-order version of Pratt [P1]. It is a direct extension of the propositio..

Interactive Abstractions: Proving Safety Properties by Integrating Static Analysis, Theorem Proving and Abstraction

We present a new approach for proving safety properties of reactive systems, based on tight interaction between static analysis, theorem proving and abstraction techniques. The method incrementally constructs a proof or finds a counterexample. Every step consists of applying one of the techniques and makes constructive use of information obtained from failures in previous steps. The amount of user intervention is limited and is highly guided by the system at each step. We demonstrate the method on some examples and show that by using it one can prove more properties than by using each component as a stand-alone

Formal Verification of Backward Compatibility of Microcode

Microcode is used to facilitate new technologies in Intel CPU designs. A critica

An Overview of SAL

To become practical for assurance, automated formal methods must be made more scalable, automatic, and cost-effective. Such an increase in scope, scale, automation, and utility can be derived from an emphasis on a systematic separation of concerns during verification. SAL (Symbolic Analysis Laboratory) attempts to address these issues. It is a framework for combining different tools to calculate properties of concurrent systems. The heart of SAL is a language, developed in collaboration with Stanford, Berkeley, and Verimag for specifying concurrent systems in a compositional way. Our instantiation of the SAL framework augments PVS with tools for abstraction, invariant generation, program analysis (such as slicing), theorem proving, and model checking to separate concerns as well as calculate properties (i.e., perform, symbolic analysis) of concurrent systems. We. describe the motivation, the language, the tools, their integration in SAL/PAS, and some preliminary experience of their use