## Put your Model Checker on Diet: Verification on Local States (1997)

Citations: | 1 - 1 self |

### BibTeX

@TECHREPORT{Huhn97putyour,

author = {Michaela Huhn and Peter Niebert and Frank Wallner},

title = {Put your Model Checker on Diet: Verification on Local States},

institution = {},

year = {1997}

}

### OpenURL

### Abstract

. Net unfoldings are a well-known partial order semantics for Petri nets, very suited to act as models for branching-time logics interpreted on local states. We demonstrate how these local logics (in particular a distributed ¯-calculus) can be used to express properties from the point of view of one component in a distributed system. Thus -- in contrast to interleaving branching time logics -- in general they do not refer to the entire space of global states. We show that verification of local properties can be done by applying standard model checking algorithms known for interleaving branching time logics. The key is to extract a finite (usually small), local transition system bisimilar to the unfolding. The construction is based on the finite prefix of a net unfolding defined by McMillan. 1 Introduction One of the causes of the state explosion problem limiting verification of finite state systems is the representation of concurrency as interleaving. Recently proposed partial order m...

### Citations

3218 |
Communication and Concurrency
- Milner
- 1989
(Show Context)
Citation Context ... R s 0 1 . Two states s and s 0 are called bisimilar, denoted sss 0 , iff there exists a bisimulationsR with s R s 0 . We also write TsT 0 if for the initial states s 0ss 0 0 . It was shown by Milner =-=[Mil89]-=- (see also [Sti92]) that sss 0 implies s j= T OE , s 0 j= T OE for all closed -calculus formulae OE. The local transition system T Unf . Let Unf be the unfolding of a distributed net system \Sigma . T... |

1183 | Automatic verification of finite-state concurrent systems using temporal logics
- Clarke, Emerson, et al.
- 1986
(Show Context)
Citation Context ... describes that whenever p holds in i then i's next a-action may be a synchronization with j and k, where a also for j and k is the next step. It is useful to translate a local logic reminding of CTL =-=[CES86]-=- to our logic. Localised variants of the two next operators, EX J and AX J are already part of the syntax, namely h-i J and [-] J . The set of locations specifies, for which components this event is a... |

260 |
Results on the propositional -calculus
- Kozen
- 1983
(Show Context)
Citation Context ...ngs (or prime event structures) can be shown to have a highly undecidable model-checking problem even for 1-safe Petri nets. The distributed -calculus corresponds directly to the sequential -calculus =-=[Koz83]-=- interpreted on the local configurations of the system's unfolding. Since the (local) state space of the unfolding is in general infinite, our aim is to extract a bisimilar, finite-state representatio... |

194 |
Modal and Temporal Logics
- Stirling
- 1992
(Show Context)
Citation Context ...tes s and s 0 are called bisimilar, denoted sss 0 , iff there exists a bisimulationsR with s R s 0 . We also write TsT 0 if for the initial states s 0ss 0 0 . It was shown by Milner [Mil89] (see also =-=[Sti92]-=-) that sss 0 implies s j= T OE , s 0 j= T OE for all closed -calculus formulae OE. The local transition system T Unf . Let Unf be the unfolding of a distributed net system \Sigma . Then the local tran... |

178 | W.: An improvement of McMillan’s unfolding algorithm
- Esparza, Römer, et al.
- 2002
(Show Context)
Citation Context ...uration of the system's unfolding we find a bisimilar local configuration in the finite prefix -- no matter whether we take McMillan's original definition or the improved prefix construction given in =-=[ERV96]-=-. But the proof does not indicate which event within the prefix can serve as a representative for an event lying outside the prefix. The major problem to solve is to make the proof constructive, i.e. ... |

171 |
G.: Petri nets, event structures and domains
- Nielsen, Plotkin, et al.
- 1981
(Show Context)
Citation Context ...ct transitions t 1 ; t 2 such that ffl t 1 " ffl t 2 6= ;, and (t 1 ; x 1 ); (t 2 ; x 2 ) belong to the reflexive and transitive closure of F . If x#x, we say x is in self-conflict. An occurrence=-= net [NPW80]-=- is a net N = (B; E; F ) where the irreflexive transitive closure of the flow relation F is well-founded and acyclic (and thus a (strict) partial order which we denote by OE ). Furtheron j ffl bjs1 fo... |

159 |
Using unfoldings to avoid the state explosion problem in the verification of asynchronous circuits
- McMillan, L
- 1992
(Show Context)
Citation Context ...e interleaving model, verification can also be done directly on the partially ordered object: Net unfoldings 3 [NPW80, Eng91] provide a partial order branching time semantics for Petri nets. McMillan =-=[McM92] has shown-=- how to use net unfoldings for efficient deadlock detection and reachability analysis of finite-state Petri nets. He described the construction of a "finite prefix" of the (usually infinite)... |

156 | Stubborn sets for reduced state space generation, in - Valmari - 1989 |

152 | All from one, one for all: on model checking using representatives, in
- Peled
- 1993
(Show Context)
Citation Context ...al formulae, can be checked with a standard linear time model checker on T Fin . There are many examples known, where Fin is much smaller than the interleaving based reduced state spaces used e.g. in =-=[Pel93]-=-. We plan to implement a prototype of our proposed model checking system within the PEP environment [Be94]. Acknowledgment. We thank P.S. Thiagarajan for discussions on location based logics. Burkhard... |

144 |
Branching Processes of Petri Nets
- Engelfriet
- 1991
(Show Context)
Citation Context ...into P 2 and T 1 into T 2 as well, and if for every t 2T 1 the restriction of h to ffl t, denoted hj ffl t , is a bijection between ffl t and ffl h(t), and analogue for hj t ffl . A branching process =-=[Eng91]-=- of a net system \Sigma = (N; M 0 ) is a pair fi = (N 0 ; ) where N 0 = (B; E; F ) is an occurrence net ands: N 0 ! N is a net homomorphism, such that the restriction ofsto Min(N 0 ) is a bijection be... |

114 |
Model Checking Using Net Unfoldings
- Esparza
- 1993
(Show Context)
Citation Context ...ion of the unfolding. This representation immediately can be used by proved interleaving model checkers [CS93, CES86], yielding efficient automated verification. It was already observed by Esparza in =-=[Esp94]-=- that the McMillan prefix can be used for model checking S4 (the modal logic based on the reachability relation of the global state space). We show that for any local configuration of the system's unf... |

113 | A partial approach to model checking - Godefroid, Wolper - 1994 |

36 |
Temporal Logics for Communicating Sequential Agents
- Lodaya, Ramanujam, et al.
- 1992
(Show Context)
Citation Context ...ontributing components. The basic operator is an indexed modality hai J meaning "next a for the componentssi 2 J ". Using fixpoints, local CTL-operators (cf. Sec.3) or the knowledge operator=-= 2 i from [LRT92]-=- can be encoded. Thus, the distributed -calculus serves as a powerful low-level logic, in which other local branching time logics can be expressed. We demonstrate the use of the logic for specificatio... |

24 | A trace consistent subset of PTL, in - Thiagarajan - 1995 |

15 | A modal logic for a subclass of event structures - Lodaya, Thiagarajan - 1987 |

9 |
A -calculus with local views for systems of sequential agents
- Niebert
- 1995
(Show Context)
Citation Context ...ly, the formulae of the logic are interpreted over the local configurations of the unfolding of a distributed net system. The logic is adapted from a similar linear time logic for Mazurkiewicz traces =-=[Nie95]-=-. We will indicate how the local approach can be used for the specification and verification of distributed systems, and show that our logic naturally can be transferred to the conventional framework ... |

8 | A linear time model-checking algorithm for the alternation-free modal mu-calculus, Formal methods in system design - Cleaveland, Steffan - 1993 |

7 |
Petrinetzmodelle verteilter Algorithmen -- Beweistechnik und Intuition
- Walter
(Show Context)
Citation Context ... / is satisfied. Example. To give a flavour of the usage of our logic, and in order to show that it is indeed reasonable to argue in terms of local properties, we inspect the following echo-algorithm =-=[Wal95]-=-. Assume a (strongly connected) network N consisting of a set of agents Ag that includes initiator A 0 . Each agent A i communicates exclusively with her direct neighbours N i = fA i 1 ; : : : ; A i n... |

3 | ATrace Based Extension of PTL - Thiagarajan - 1994 |

2 |
Fleischhack (eds.). PEP: Programming environment based on nets
- Best, H
- 1994
(Show Context)
Citation Context ...own, where Fin is much smaller than the interleaving based reduced state spaces used e.g. in [Pel93]. We plan to implement a prototype of our proposed model checking system within the PEP environment =-=[Be94]-=-. Acknowledgment. We thank P.S. Thiagarajan for discussions on location based logics. Burkhard Graves has helped our understanding of the subtleties of Fin. Special thanks to Javier Esparza, whose con... |