## Compositional Model Checking (1999)

### Cached

### Download Links

- [www-2.cs.cmu.edu]
- [www.springerlink.com]
- [www.informatik.uni-bremen.de]
- DBLP

### Other Repositories/Bibliography

Citations: | 2435 - 63 self |

### BibTeX

@INPROCEEDINGS{Clarke99compositionalmodel,

author = {E. M. Clarke and D. E. Long and K. L. Mcmillan},

title = {Compositional Model Checking},

booktitle = {},

year = {1999},

publisher = {MIT Press}

}

### Years of Citing Articles

### OpenURL

### Abstract

We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.

### Citations

3421 | Communication Sequential Processes
- Hoare
- 1985
(Show Context)
Citation Context ... is like EF and INEV is like our AF.) – Formula evaluation in [QS82] is by computing fixpoints as in [CE81]. In [CES83, CES86] more efficient graph algorithms are used. – The programming language CSP =-=[Hoa85]-=- is used for describing models in both [QS82] and [CES83, CES86]. The Alternating Bit Protocol [BSW69] is also used for illustration in both [QS82] and [CES83, CES86]. – There is a clear distinction b... |

2948 | Graph-based algorithms for boolean function manipulation - Bryant - 1986 |

2452 | The Design and Analysis of Computer Algorithms - Aho, Hopcroft, et al. - 1974 |

1986 | Perturbed timed automata - Alur, Torre, et al. - 2005 |

1899 |
Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints
- Cousot, Cousot
- 1977
(Show Context)
Citation Context ...ftware by Static Data Flow Analysis, [TO80]. – P. Cousot and R. Cousot, Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints, =-=[CC77]-=-. The paper by Taylor and Osterweil was definitely ahead of its time. Although it was written thirty years ago, the title sounds surprisingly modern. In fact, several papers with similar sounding titl... |

1509 | The Temporal Logic of Reactive and Concurrent Systems — Specification - Manna, Pnueli - 1992 |

1337 | A Calculus of Communicating Systems - Milner - 1980 |

1301 | Symbolic Model Checking - McMillan - 1993 |

1185 | Automatic verification of finite-state concurrent systems using temporal logic specifications - Clarke, Emerson, et al. - 1986 |

1145 | A semantics for a logic of authentication - Abadi, Tuttle - 1991 |

1109 | Temporal and Modal Logic - Emerson - 1998 |

1002 | Depth-First Search and Linear Graph Algorithms - Tarjan - 1972 |

885 | Symbolic Boolean Manipulation with Ordered Binary Decision Diagrams - Bryant |

798 |
Design and synthesis of synchronization skeletons using branchingtime temporal logic
- Clarke, Emerson
- 1981
(Show Context)
Citation Context ...combined the state-exploration approach with Temporal Logic in an efficient manner and showed that the result could be used to solve non-trivial problems. Here is a quote from our original 1981 paper =-=[CE81]-=-: ⋆ This research was sponsored by the National Science Foundation under grant nos. CNS- 0411152, CCF-0429120, CCR-0121547, and CCR-0098072, the US Army Research Office under grant no. DAAD19-01-1-048... |

717 | A New Introduction to Modal Logic - Cresswell, Hughes - 1996 |

711 | Symbolic Model Checking without BDDs - Biere, Cimmatti, et al. |

692 |
Introduction to Metamathematics. D
- Kleene
- 1952
(Show Context)
Citation Context ... background research for my Ph.D. thesis. Perhaps the two most important results for my subsequent research on Model Checking were Tarski’s Fixpoint Lemma [Tar55] and Kleene’s First Recursion Theorem =-=[Kle71]-=-. Most Symbolic Model Checkers exploit Tarski’s Lemma [Tar55] that every monotonic functional on aThe Birth of Model Checking 7 complete lattice has a fixpoint. A paper by David Park Finiteness is Mu... |

657 |
Concurrency and Automata on Infinite Sequences
- Park
- 1981
(Show Context)
Citation Context ...ormula FM that uniquely characterizes M. WeuseanotionThe Birth of Model Checking 17 of equivalence between Kripke Structures, similar to the notion of bisimulation studied by Milner [Mil71] and Park =-=[Par81]-=-. The first construction of FM uses of the next-time operator X. We also considered the case in which the next-time operator is disallowed. The proof, in this case, required another notion of equivale... |

636 | Systematic design of program analysis frameworks - Cousot, Cousot - 1979 |

624 | Model checking and abstraction - Clarke, Grumberg, et al. - 1994 |

610 | Counterexample-guided abstraction refinement,” in Computer Aided Verification, ser - Clarke, Grumberg, et al. |

606 | H.: Construction of abstract state graphs with PVS - Graf, Saidi - 1997 |

587 |
An automata-theoretic approach to automatic program verifi- cation
- Vardi, Wolper
(Show Context)
Citation Context ... containment is implicit in the work of Kurshan, which ultimately resulted in the development of the COSPAN verifier [AKS83, HK87, Dil89]. Automata Theoretic Model Checking with LTL. Vardi and Wolper =-=[VW86]-=- first proposed the use of ω-automata (automata over infinite words) for automated verification. They showed how linear temporal logic Model Checking could be formulated in terms of language containme... |

576 | Symbolic model checking: 1020 states and beyond - Burch, Clarke, et al. - 1992 |

533 |
A lattice-theoretical fixpoint theorem and its applications
- Tarski
- 1955
(Show Context)
Citation Context ...e Logics. I read many papers on this topic as background research for my Ph.D. thesis. Perhaps the two most important results for my subsequent research on Model Checking were Tarski’s Fixpoint Lemma =-=[Tar55]-=- and Kleene’s First Recursion Theorem [Kle71]. Most Symbolic Model Checkers exploit Tarski’s Lemma [Tar55] that every monotonic functional on aThe Birth of Model Checking 7 complete lattice has a fix... |

528 | The complexity of relational query languages - Vardi - 1982 |

501 |
Symbolic Model Checking: An Approach to the State Explosion Problem
- McMillan
- 1993
(Show Context)
Citation Context ...techniques by other researchers have pushed the state count up to more than 10 120 . The SMV Model Checker. The Model Checking system that McMillan developed as part of his Ph.D. thesis is called SMV =-=[McM93]-=-. It is based on a language for describing hierarchical finite-state concurrent systems. Programs in the language can be annotated by specifications expressed in temporal logic. The Model Checker extr... |

417 |
Introduction to VLSI systems
- Mead, Conway
- 1980
(Show Context)
Citation Context ... student, Bud Mishra, was the first to use Model Checking for Hardware Verification [MC85]. He found a bug in the Sietz FIFO Queue (Figure 4) from Mead and Conway’s book, Introduction to VLSI Systems =-=[MC79]-=-. David Dill and Mike Browne also started working on hardware verification. The four of us wrote several papers on applying Model Checking to hardware verification [MC85, BCD85, BCD86, BCDM86, DC86] W... |

416 | Computer-aided verification of coordinating processes: the automata-theoretic approach - Kurshan - 1994 |

406 | Automata for Modeling Real-Time Systems - Alur, Dill - 1990 |

399 | Automatic predicate abstraction of c programs - Ball, Majumdar, et al. |

361 | Model-checking for real-time systems - Alur, Courcoubetis, et al. - 1990 |

359 | Propositional dynamic logic of regular programs - Fischer, Ladner - 1979 |

323 | Symbolic model checking: 10 states and beyond - Burch, Clarke, et al. - 1990 |

311 | A unified approach to global program optimization
- Kildall
- 1973
(Show Context)
Citation Context ...aught the undergraduate course on Compilers. In preparing for this course, I read a number of papers on data-flow analysis including: – G. Killdall, A Unified Approach to Global Program Optimization, =-=[Kil73]-=-. 1 I was unaware of the work by Basu and Yeh [BY75] until I saw it cited in Emerson’s paper in this volume. The paper shows that the weakest precondition for total correctness is the least fixed poin... |

307 | A.: On the development of reactive systems - Harel, Pnueli - 1989 |

293 | Reachability analysis of pushdown automata: Application to model-checking
- Bouajjani, Esparza, et al.
- 1997
(Show Context)
Citation Context ...n Reduction and CEGAR [Kur94, CGJ + 00] – Compositional Model Checking and Learning [MC81, Jon83, Pnu84, GL94] – Predicate Abstraction [GS97, BMMR01] – Infinite State Systems (e.g., pushdown systems) =-=[BEM97]-=- I conclude with a list of challenges for the future. I believe that all of the problems in the list are important and that all require major breakthroughs in order to become sufficiently practical fo... |

287 | An n log n algorithm for minimizing states in a finite automaton - Hopcroft - 1971 |

272 | Proof methods for modal and intuitionistic logics - Fitting - 1983 |

271 | Model checking and modular verification - Grumberg, Long - 1994 |

270 | Relational queries computable in polynomial time - Immerman - 1986 |

268 | What's decidable about hybrid automata - Henzinger, Kopke, et al. - 1998 |

265 | Symbolic model checking using SAT procedures instead of BDDs - Biere, Cimatti, et al. - 1999 |

265 | A Stubborn attack on state explosion - Valmari |

264 | Algebraic decision diagrams and their applications - Bahar, Frohm, et al. - 1993 |

264 | Automated analysis of cryptographic protocols using murphi - Mitchell, Mitchell, et al. - 1997 |

260 | Results on the propositional -calculus - Kozen - 1983 |

255 |
Results on the propositional mu-calculus
- Kozen
- 1982
(Show Context)
Citation Context ...Emerson [EC80] made the connection between BranchingTime Logics and the Mu-calculus. Kozen references the 1980 paper that Emerson and I wrote in his influential paper on the propositional Mu-calculus =-=[Koz83]-=-. Because of the close connection between the Mu-Calculus and Branching-time Temporal Logics, I believe it was inevitable that Model Checking algorithms were developed for Branching-time Logics before... |

248 | Abstract interpretation of reactive systems - Dams, Gerth, et al. - 1997 |

247 | Trace Theory for Automatic Hierarchical Veri of Speed-Independent Circuits - Dill - 1988 |