On the use of Automata-based Techniques in Symbolic Model Checking

At the heart of all the techniques that have been proposed for exploring infinite state spaces, is a symbolic representation that can finitely represent infinite sets of states. In early work on the subject, this representation was domain specific, for example linear constraints for sets of real vectors. For several years now, the idea that a generic finite-automaton based representation could be used in many settings has gained ground, starting with systems manipulating queues and integers [8,11,9,13], then moving to parametric systems [6], and, recently, reaching systems using real variables [10,2]. For exploring an infinite state space, one does not only need a finite representation of infinite sets, but also techniques for finitely computing the effect of an unbounded number of transitions. Such techniques can be domain specific or generic. Domain specific techniques exploit the specific properties and representations of the domain being considered and were, for instance, obtained for queues in [15,14], for integers and reals in [17,22,12], for pushdown system in [18,16], and for lossy channels in [19]. Generic techniques consider finite-automata representations and provide algorithms that operate directly on this representation, mostly disregarding the domain for which it is used. Generic techniques appeared first in the context of the verification of systems whose states can be encoded by finite words, such as parametric systems. The idea used there is that a configuration being a finite word, a transition relation is a relation on finite words, or equivalently a language of pairs of finite words. If this language is regular, it can be represented by a finite state automaton, more specifically a finite-state transducer, and the problem then becomes the one of iterating such a transducer. Finite state transducers are