Results 1 
5 of
5
Model Checking and Modular Verification
 ACM Transactions on Programming Languages and Systems
, 1991
"... We describe a framework for compositional verification of finite state processes. The framework is based on two ideas: a subset of the logic CTL for which satisfaction is preserved under composition; and a preorder on structures which captures the relation between a component and a system containing ..."
Abstract

Cited by 271 (11 self)
 Add to MetaCart
We describe a framework for compositional verification of finite state processes. The framework is based on two ideas: a subset of the logic CTL for which satisfaction is preserved under composition; and a preorder on structures which captures the relation between a component and a system containing the component. Satisfaction of a formula in the logic corresponds to being below a particular structure (a tableau for the formula) in the preorder. We show how to do assumeguarantee style reasoning within this framework. In addition, we demonstrate efficient methods for model checking in the logic and for checking the preorder in several special cases. We have implemented a system based on these methods, and we use it to give a compositional verification of a CPU controller. 1 Introduction Temporal logic model checking procedures are useful tools for the verification of finite state systems [3, 12, 20]. However, these procedures have traditionally suffered from the state explosion proble...
Onthefly Verification of Finite Transition Systems
, 1993
"... The analysis of programs by the exhaustive inspection of reachable states in a finite state graph is a wellunderstood procedure. It is straightforwardly applicable to many description languages and is actually implemented in several industrial tools. But one of the main limitations of today's v ..."
Abstract

Cited by 12 (2 self)
 Add to MetaCart
The analysis of programs by the exhaustive inspection of reachable states in a finite state graph is a wellunderstood procedure. It is straightforwardly applicable to many description languages and is actually implemented in several industrial tools. But one of the main limitations of today's verification tools is the size of the memory needed to exhaustively build the state graphs of the programs. For numerous properties, it is not necessary to explicitly build this graph and an exhaustive depthfirst traversal is often sufficient. This leads to an online algorithms for computing Buchi acceptance (in the deterministic case) and behavioral equivalences: they are presented in detail. In order to avoid retraversing states, it is however important to store some of the already visited states in memory. To keep the memory size bounded (and avoid a performance falling down), visited states are randomly replaced. In most cases this depthfirst traversal with replacement ca...
Compositional state space generation with partial order reductions for Asynchronous Communicating Systems
 In Proceedings of TACAS'2000
, 2000
"... . Compositional generation is an incremental technique for generating a reduced labelled transition system representing the behaviour of a set of communicating processes. In particular, since intermediate reductions can be performed after each generation step, the size of the Lts can be kept sma ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
. Compositional generation is an incremental technique for generating a reduced labelled transition system representing the behaviour of a set of communicating processes. In particular, since intermediate reductions can be performed after each generation step, the size of the Lts can be kept small and stateexplosion can be avoided in many cases. This paper deals with compositional generation in presence of asynchronous communications via shared buffers. More precisely, we show how partialorder reduction techniques can be used in this context to define equivalence relations: that preserve useful properties, are congruence w.r.t asynchronous composition, and rely on a (syntactic) notion of preorder on execution sequences characterizing their "executability" in any buffer environment. Two such equivalences are proposed, together with dedicated asynchronous composition operators able to directly produce reduced Lts. 1 Introduction This work takes place in the context of fo...
OnTheFly Verification Of Finite Transition Systems
 FORMAL METHODS IN SYSTEM DESIGN
, 1993
"... The analysis of programs by the exhaustive inspection of reachable states in a finite state graph is a wellunderstood procedure It is actually implemented in several industrial tools but one of their main limitations is the size of the memory needed to exhaustively build the state graphs of the pr ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
The analysis of programs by the exhaustive inspection of reachable states in a finite state graph is a wellunderstood procedure It is actually implemented in several industrial tools but one of their main limitations is the size of the memory needed to exhaustively build the state graphs of the programs. For numerous properties such as Buchi acceptance (in the deterministic case) and behavioral equivalence, it is not necessary to explicitly build this graph and an exhaustive depthfirst traversal is often sufficient. In order to avoid retraversing states, it is however important to store in memory some of the already visited states and randomly replace them (to keep the memory size bounded and avoid a performance falling down) In most cases this depthfirst traversal with replacement can push back significantly the limits of verification tools.