Assume-Guarantee Model Checking
نویسندگان
چکیده
We present assume-guarantee model checking, a novel technique for verifying correctness properties of loosely-coupled multithreaded software systems. Assume-guarantee model checking verifies each thread of a multithreaded system separately by constraining the actions of other threads with an automatically inferred environment assumption. Separate verification of each thread allows the enumeration of the local state of only one thread at a time, thereby yieldig significant savings in the time and space needed for model checking. Suppose G is the size of the global store, L the size of the local store per thread, and n the number of threads. If each thread is finite-state (without a stack), the naive model checking algorithm is O(n.G.L) whereas assume-guarantee model checking is O(n.G.L.(n + L)). If each thread has a stack, the reachability problem is undecidable. However, assume-guarantee model checking terminates in time O(n.G.L.F ) where F is the number of stack symbols.
منابع مشابه
Abstraction and Assume-guarantee Reasoning for Automated Software Verification
ion and Assume-guarantee Reasoning for Automated Software Verification S. Chaki, E. Clarke, D. Giannakopoulou, and C.S. Păsăreanu 1 Carnegie Mellon Software Engineering Institute 2 Carnegie Mellon University 3 RIACS, NASA Ames Research Center, Moffett Field, CA, USA 4 Kestrel Technology LLC, NASA Ames Research Center, Moffett Field, CA, USA Abstract. Compositional verification and abstraction a...
متن کاملModular Veriication of Software Units ?
A variety of assume-guarantee model checking approaches have been proposed in the literature. In this paper, we adapt those approaches to checking guarantees (written in LTL and 8CTL) of software units in isolation. We propose to synthesize program fragments that implement the behavior speciied by assumptions written in LTL. We justify the safety of such synthesized environments and provide emp...
متن کاملAutomated Assume-Guarantee Reasoning by Abstraction Refinement
Current automated approaches for compositional model checking in the assume-guarantee style are based on learning of assumptions as deterministic automata. We propose an alternative approach based on abstraction refinement. Our new method computes the assumptions for the assume-guarantee rules as conservative and not necessarily deterministic abstractions of some of the components, and refines ...
متن کاملAssume-Guarantee Model Checking of Software: A Comparative Case Study
A variety of assume-guarantee model checking approaches have been proposed in the literature. In this paper, we describe several possible implementations of those approaches for checking properties of software components (units) using SPIN and SMVmodel checkers. Model checking software units requires, in general, the definition of an environment which establishes the run-time context in which t...
متن کاملAssume-Guarantee Verification for Interface Automata
Interface automata provide a formalism capturing the high level interactions between software components. Checking compatibility, and other safety properties, in an automata-based system suffers from the scalability issues inherent in exhaustive techniques such as model checking. This work develops a theoretical framework and automated algorithms for modular verification of interface automata. ...
متن کامل