DISTRIBUTOR and BCG_MERGE: Tools for Distributed Explicit State Space Generation

The explicit-state verification of complex concurrent systems, whose underlying state spaces may be prohibitively large, requires an important amount of memory and computation time. Although explicit state space generation is known to be exponential as the number of concurrent processes in the system increases, it is tempting to push forward the capabilities of verification tools by exploiting the computing resources (memory and processors) of massively parallel machines, such as clusters and grids. Several distributed algorithms have been proposed for analyzing stochastic Petri nets and Markov chains (e.g., by Nicol and Ciardo, by Haverkort, Bell, and Bohnenkamp, etc.), as well as for model checking (e.g., by Stern and Dill, by Lerda and Sisto, etc.). Our own distributed algorithms [3] allow the construction of Labelled Transition Systems (Ltss) using several machines connected by a network. These algorithms are implemented in the Distributor and Bcg Merge tools using the facilities of the Cadp [2] verification toolbox. In a nutshell, each machine used by Distributor is responsible for generating and storing a fragment of the entire Lts. Upon termination of the distributed state space generation, all these fragments are combined together using Bcg Merge to obtain the entire Lts. Between 2000 and 2005, we developed three successive versions (1.0, 2.0, and 3.0) of Distributor and Bcg Merge. This led to significant functionality improvements. For instance, version 3.0 of Distributor can also reduce Ltss on-the-fly, by applying τ -compression (elimination of τ -cycles denoting divergence) or τ -confluence (a form of partial order reduction preserving branching equivalence) [4] using the algorithms proposed in [6]. However, besides the distributed algorithms themselves, we realized that it was also essential to pay attention to often-neglected practical issues, such as software architecture concepts and user-oriented features pertaining to ergonomy, and this is what the present paper is about.