Results 1  10
of
16
Efficient Decision Procedures for Model Checking of Linear Time Logic Properties
 Eleventh Conference on Computer Aided Verification (CAV'99
, 1999
"... . We propose an algorithm for LTL model checking based on the classification of the automata and on guided symbolic search. Like most current methods for LTL model checking, our algorithm starts with a tableau construction and uses a model checker for CTL with fairness constraints to prove the exist ..."
Abstract

Cited by 43 (14 self)
 Add to MetaCart
(Show Context)
. We propose an algorithm for LTL model checking based on the classification of the automata and on guided symbolic search. Like most current methods for LTL model checking, our algorithm starts with a tableau construction and uses a model checker for CTL with fairness constraints to prove the existence of fair paths. However, we classify the tableaux according to their structure, and use efficient decision procedures for each class. Guided search applies hints to constrain the transition relation during fixpoint computations. Each fixpoint is thus translated into a sequence of fixpoints that are often much easier to compute than the original one. Our preliminary experimental results suggest that the new algorithm for LTL is quite efficient. In fact, for properties that can be expressed in both CTL and LTL, the algorithm is competitive with the CTL model checking algorithm. 1 Introduction Successful application of model checking requires strategies to bridge the gap betwee...
Least Fixpoint Approximations for Reachability Analysis
 In Proceedings of the International Conference on ComputerAided Design
, 1999
"... The knowledge of the reachable states of a sequential circuit can dramatically speed up optimization and model checking. However, since exact reachability analysis may be intractable, approximate techniques are often preferable. Cho et al. presented the MachineByMachine (MBM) and FrameByFrame ( ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
(Show Context)
The knowledge of the reachable states of a sequential circuit can dramatically speed up optimization and model checking. However, since exact reachability analysis may be intractable, approximate techniques are often preferable. Cho et al. presented the MachineByMachine (MBM) and FrameByFrame (FBF) methods to perform approximate FSM traversal. FBF produces tighter upper bounds than MBM; however, it usually takes much more time and it may have convergence problems. In this paper, we show that there exists a class of methodsLeast Fixpoint Approximations that compute the same results as RFBF (Reached FBF, one of the FBF methods). We show that one member of this class, which we call Least fixpoint MBM (LMBM), is as efficient as MBM, but provably more accurate. Therefore, the tradeoff that existed between MBM and RFBF has been eliminated. LMBM can compute RFBFquality approximations for all the large ISCAS89 benchmark circuits in a total of less than 9000 seconds. 1 Introduction...
Iterative Abstractionbased CTL Model Checking
, 2000
"... A paradigm for automatic approximation/refinement in conservative CTL model checking is presented. The approximations are used to verify a given formula conservatively by computing upper and lower bounds to the set of satisfying states at each subformula. These approximations attempt to perform con ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
A paradigm for automatic approximation/refinement in conservative CTL model checking is presented. The approximations are used to verify a given formula conservatively by computing upper and lower bounds to the set of satisfying states at each subformula. These approximations attempt to perform conservative verification with the least possible number of BDD variables and BDD nodes. We present new forms of operational graphs to avoid limitations associated with previously used operational graphs. Three new techniques for efficient automatic refinement of approximate system are presented. These methods make it easier to find the locality. We also present a new type of don't cares (Approximate Satisfying Don't Cares) that can make model checking more efficient in time and space. On average, an order of magnitude speedup was achieved.
Utilizing don’t care states in SATbased bounded sequential problems
 in Great Lakes Symp. VLSI, 2005
, 2005
"... Boolean Satisfiability (SAT) solvers are popular engines used throughout the verification world. Bounded sequential problems such as bounded model checking and bounded sequential equivalence checking rely on fast and robust SAT solvers. In this work, we introduce a technique that improves the perfor ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
(Show Context)
Boolean Satisfiability (SAT) solvers are popular engines used throughout the verification world. Bounded sequential problems such as bounded model checking and bounded sequential equivalence checking rely on fast and robust SAT solvers. In this work, we introduce a technique that improves the performance of the underlying SAT solver for bounded sequential problems by taking advantage of a design’s don’t care states. We develop cost effective methods of filtering, replicating and applying the don’t care states to the original problem thus reducing the search space. Experiments demonstrate the effectiveness of the proposed method on ISCAS’89 benchmarks. Categories and Subject Descriptors J.6 [ComputerAided Engineering]: Computeraided design
The Compositional Far Side of Image Computation
, 2003
"... Symbolic image computation is the most fundamental computation in BDDbased sequential system optimization and formal verification. In this paper, we explore the use of overapproximation and BDD minimization with don’t cares during image computation. Our new method, based on the partitioned represe ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
(Show Context)
Symbolic image computation is the most fundamental computation in BDDbased sequential system optimization and formal verification. In this paper, we explore the use of overapproximation and BDD minimization with don’t cares during image computation. Our new method, based on the partitioned representation of the transition relation, consists of three phases: First, the model is treated as a set of loosely coupled components, and overapproximate images are computed to minimize the transition relation of each component. A refined overall image is then computed using the simplified transition relation. Finally, the exact image is obtained by a clipping operation that recovers all previous overapproximations. Since BDD minimization employs constraints on the nextstate variables of the transition relation, instead of the customary constraints on the presentstate variables, we call the resulting method far side image computation. The new method can be implemented on top of any image computation algorithm that is based on the partitioned transition relation. (For example, IWLS95 [21], MLP [17], and FineGrain [16].) We demonstrate the effectiveness of our approach by experiments on models ranging from easy to hard: The new method wins significantly over the best known algorithms so far in both CPU time and memory usage, especially on the hard models.
Compositional SCC Analysis for Language Emptiness
, 2006
"... We propose a refinement approach to language emptiness, which is based on the enumeration and the successive refinements of SCCs on overapproximations of the exact system. Our algorithm is compositional: It performs as much computation as possible on the abstract systems, and prunes uninteresting ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
We propose a refinement approach to language emptiness, which is based on the enumeration and the successive refinements of SCCs on overapproximations of the exact system. Our algorithm is compositional: It performs as much computation as possible on the abstract systems, and prunes uninteresting part of the search space as early as possible. It decomposes the state space disjunctively so that each state subset can be checked in isolation to decide language emptiness for the given system. We prove that the strength of an SCC or a set of SCCs decreases monotonically with composition. This allows us to deploy the proper model checking algorithms according to the strength of the SCC at hand. We also propose to use the approximate distance of a fair cycle from the initial states to guide the search. Experimental studies on a set of LTL model checking problems prove the effectiveness of our method.
Approximations for Fixpoint Computations in Symbolic Model Checking
"... . We review the techniques for over and underapproximation used in symbolic model checking and their applications to the efficient computation of fixpoints. 1 Introduction Model checking has emerged as one of the most effective approaches to the formal verification of complex reactive systems. M ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
. We review the techniques for over and underapproximation used in symbolic model checking and their applications to the efficient computation of fixpoints. 1 Introduction Model checking has emerged as one of the most effective approaches to the formal verification of complex reactive systems. Model checking is based on the exploration of the state space of the system to be verified. The use of Binary Decision Diagrams (BDDs [4]) has led to Symbolic Model Checking, and has been quite effective at addressing the socalled state explosion problem [5]. However, it is often the case that state explosion translates into BDD explosion. Besides abstraction [12] and compositional reasoning techniques [15], approximation techniques may be very effective in controlling the size of BDDs. This paper reviews existing techniques for computing approximations, and their application to model checking. Due to space limitations, rather than presenting an exhaustive survey, we concentrate on represent...
Divide and Compose: SCC Refinement for Language Emptiness
"... We propose a refinement approach to symbolic SCC analysis, which performs large parts of the computation on abstracted systems, and on small subsets of the state space. For languageemptiness checking, it quickly discards uninteresting parts of the state space. For ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
We propose a refinement approach to symbolic SCC analysis, which performs large parts of the computation on abstracted systems, and on small subsets of the state space. For languageemptiness checking, it quickly discards uninteresting parts of the state space. For