Results 1  10
of
13
Enhancing random walk state space exploration
 In Proc. of Formal Methods for Industrial Critical Systems (FMICS’05
, 2005
"... Abstract. We study the behaviour of the random walk method in the context of model checking and its capacity to explore a state space. We describe the methodology we have used for observing the random walk and report on the results obtained. We also describe many possible enhancements of the random ..."
Abstract

Cited by 17 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We study the behaviour of the random walk method in the context of model checking and its capacity to explore a state space. We describe the methodology we have used for observing the random walk and report on the results obtained. We also describe many possible enhancements of the random walk and study their behaviour and limits. Finally, we discuss some practically important but often neglected issues like counterexamples, coverage estimation, and setting of parameters. Similar methodology can be used for studying other state space exploration techniques like bitstate hashing, partial storage methods, or partial order reduction. 1
Fighting state space explosion: Review and evaluation
 In Proc. of Formal Methods for Industrial Critical Systems (FMICS’08
, 2008
"... Abstract. In order to apply formal methods in practice, the practitioner has to comprehend a vast amount of research literature and realistically evaluate practical merits of different approaches. In this paper we focus on explicit finite state model checking and study this area from practitioner’s ..."
Abstract

Cited by 10 (3 self)
 Add to MetaCart
(Show Context)
Abstract. In order to apply formal methods in practice, the practitioner has to comprehend a vast amount of research literature and realistically evaluate practical merits of different approaches. In this paper we focus on explicit finite state model checking and study this area from practitioner’s point of view. We provide a systematic overview of techniques for fighting state space explosion and we analyse trends in the research. We also report on our own experience with practical performance of techniques. Our main conclusion and recommendation for practitioner is the following: be critical to claims of dramatic improvement brought by a single sophisticated technique, rather use many different simple techniques and combine them. 1
Model Classifications and Automated Verification
 In Formal Methods for Industrial Critical Systems (FMICS’07
, 2007
"... Abstract. Due to the significant progress in automated verification, there are often several techniques for a particular verification problem. In many circumstances different techniques are complementary — each technique works well for different type of input instances. Unfortunately, it is not clea ..."
Abstract

Cited by 7 (5 self)
 Add to MetaCart
(Show Context)
Abstract. Due to the significant progress in automated verification, there are often several techniques for a particular verification problem. In many circumstances different techniques are complementary — each technique works well for different type of input instances. Unfortunately, it is not clear how to choose an appropriate technique for a specific instance of a problem. In this work we argue that this problem, selection of a technique and tuning its parameter values, should be considered as a standalone problem (a verification metasearch). We propose several classifications of models of asynchronous system and discuss applications of these classifications in the context of explicit finite state model checking. 1
Properties of State Spaces and Their Applications
 SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER
"... Explicit model checking algorithms explore the full state space of a system. State spaces are usually treated as directed graphs without any specific features. We gather a large collection of state spaces and extensively study their structural properties. Our results show that state spaces have se ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Explicit model checking algorithms explore the full state space of a system. State spaces are usually treated as directed graphs without any specific features. We gather a large collection of state spaces and extensively study their structural properties. Our results show that state spaces have several typical properties, i.e., they are not arbitrary graphs. We also demonstrate that state spaces differ significantly from random graphs and that different classes of models (application domains, academic vs industrial) have different properties. We discuss consequences of these results for model checking experiments and we point out how to exploit typical properties of state spaces in practical model checking algorithms.
ResourceAware Verification Using Randomized Exploration of Large State Spaces
 In SPIN’08, number 5156 in LNCS
, 2008
"... Abstract. Exhaustive verification often suffers from the stateexplosion problem, where the reachable state space is too large to fit in main memory. For this reason, and because of disk swapping, once the main memory is full very little progress is made, and the process is not scalable. To alleviat ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Exhaustive verification often suffers from the stateexplosion problem, where the reachable state space is too large to fit in main memory. For this reason, and because of disk swapping, once the main memory is full very little progress is made, and the process is not scalable. To alleviate this, partial verification methods have been proposed, some based on randomized exploration, mostly in the form of random walks. In this paper, we enhance partial, randomized statespace exploration methods with the concept of resourceawareness: the exploration algorithm is made aware of the limits on resources, in particular memory and time. We present a memoryaware algorithm that by design never stores more states than those that fit in main memory. We also propose criteria to compare this algorithm with similar other algorithms. We study properties of such algorithms both theoretically on simple classes of state spaces and experimentally on some preliminary case studies. 1
Hierarchical Adaptive State Space Caching based on Level Sampling
 in "Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems TACAS’2009
, 2009
"... Abstract. In the past, several attempts have been made to deal with the state space explosion problem by equipping a depthfirst search (DFS) algorithm with a state cache, or by avoiding collision detection, thereby keeping the state hash table at a fixed size. Most of these attempts are tailored sp ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. In the past, several attempts have been made to deal with the state space explosion problem by equipping a depthfirst search (DFS) algorithm with a state cache, or by avoiding collision detection, thereby keeping the state hash table at a fixed size. Most of these attempts are tailored specifically for DFS, and are often not guaranteed to terminate and/or to exhaustively visit all the states. In this paper, we propose a general framework of hierarchical caches which can also be used by breadthfirst searches (BFS). Our method, based on an adequate sampling of BFS levels during the traversal, guarantees that the BFS terminates and traverses all transitions of the state space. We define several (static or adaptive) configurations of hierarchical caches and we study experimentally their effectiveness on benchmark examples of state spaces and on several communication protocols, using a generic implementation of the cache framework that we developed within the CADP toolbox. 1
Layered duplicate detection in externalmemory model checking
 SPIN 2008. LNCS
, 2008
"... This paper presents a diskbased explicit state model checking algorithm that uses an approach called layered duplicate detection. In this approach, states encountered during a breadthfirst traversal of the graph of the transition system are stored in memory according to the layer of the graph in ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
This paper presents a diskbased explicit state model checking algorithm that uses an approach called layered duplicate detection. In this approach, states encountered during a breadthfirst traversal of the graph of the transition system are stored in memory according to the layer of the graph in which they are first encountered. With this layered organization of memory, transition locality is exploited by checking only the most recent layers for duplicates. In RAM, exploiting transition locality in this way saves time. In external memory, it saves space. In addition, a layered structure allows an easy method of counterexample reconstruction in diskbased model checking. We prove a worstcase linear bound on the redundant work performed by our approach. Experimental results indicate that average case redundant work is much better than the worstcase. The implemented model checker has been used to verify a transition system that required more than 275 GBs of disk storage.
What is ResourceAware Verification?
, 2008
"... Exhaustive verification methods such as modelchecking suffer from the wellknown stateexplosion problem: the set of states is too large to explore exhaustively in reasonable amounts of time and space (memory). But modelcheckers are often plagued with another problem, which makes stateexplosion e ..."
Abstract
 Add to MetaCart
(Show Context)
Exhaustive verification methods such as modelchecking suffer from the wellknown stateexplosion problem: the set of states is too large to explore exhaustively in reasonable amounts of time and space (memory). But modelcheckers are often plagued with another problem, which makes stateexplosion even worse: the diskswapping problem. The latter problem manifests itself when the modelchecker fills up the main memory of the computer it runs on, but without exhausting the virtual memory address space. At this point diskswapping occurs, which is very slow and essentially makes the search stagnate: the rate of explored states (number of visited states per second) becomes practically zero. The diskswapping wall is usually hit pretty quickly. For example, using a modelchecker that can explore 105 new states per second, on a model that requires 1000 bytes to represent each state, consumes memory at a rate of approximately 100 MB/sec. This means that a main memory of size 8 GB can be filled in about 2 minutes. Exploration rates in the order of 105 states per second are not unusual today, for an advanced modelchecker such as Spin [1]. Ideally, we would like to have a verification method that scales well with resources. Informally, this could mean that the more time or the more memory we have available, “the more we can
Declaration
"... I declare that this thesis is my own work and has not been submitted in any form for another degree or diploma at any university or other institution of tertiary education. Information derived from the published or unpublished work of others has been acknowledged in the text and a list of references ..."
Abstract
 Add to MetaCart
(Show Context)
I declare that this thesis is my own work and has not been submitted in any form for another degree or diploma at any university or other institution of tertiary education. Information derived from the published or unpublished work of others has been acknowledged in the text and a list of references is given. Advisor: Mgr. Radek Pelánek, Ph.D. ii Acknowledgement I would like to thank my advisor Radek Pelánek for his endless patience and a lot of advice, and Jaroslav ˇSeděnka and Václav Roseck´y for inspiring comments. iii Graph properties of state space influence the efficiency of algorithms used in explicit model checking. We have studied the local structure of state spaces using motifs – patterns of interconnections in a graph. We have measured occurrence of selected motifs to split up our collection of state spaces into different classes. Then we have