Compositional Verification and 3-Valued Abstractions Join Forces

Two of the most promising approaches to fighting the state explosion problem are abstraction and compositional verification. In this work we join their forces to obtain a novel fully automatic compositional technique that can determine the truth value of the full μ-calculus with respect to a given system. Given a system M = M1||M2, we view each component Mi as an abstraction Mi↑ of the global system. The abstract component Mi↑ is defined using a 3-valued semantics so that whenever a μ-calculus formula φ has a definite value (true or false) on Mi↑, the same value holds also for M. Thus, φ can be checked on either M1↑ or M2↑ (or both), and if any of them returns a definite result, then this result holds also for M. If both checks result in an indefinite value, the composition of the components needs to be considered. However, instead of constructing the composition of M1↑ and M2↑, our approach identifies and composes only the parts of the components in which their composition is necessary in order to conclude the truth value of φ. It ignores the parts which can be handled separately. The resulting model can potentially be significantly smaller than the full system. We explain how our compositional approach can be combined with abstraction of the components, in order to further reduce the size of the checked components. The result is an incremental compositional abstraction-refinement framework, which resembles automatic AssumeGuarantee reasoning.