MCMT: A Model Checker Modulo Theories
نویسندگان
چکیده
We describe mcmt, a fully declarative and deductive symbolic model checker for safety properties of infinite state systems whose state variables are arrays. Theories specify the properties of the indexes and the elements of the arrays. Sets of states and transitions of a system are described by quantified first-order formulae. The core of the system is a backward reachability procedure which symbolically computes pre-images of the set of unsafe states and checks for safety and fix-points by solving Satisfiability Modulo Theories (SMT) problems. Besides standard SMT techniques, efficient heuristics for quantifier instantiation, specifically tailored to model checking, are at the very heart of the system. mcmt has been successfully applied to the verification of imperative programs, parametrised, timed, and distributed systems.
منابع مشابه
Model-Checking Modulo Theories at Work: the integration of Yices in MCMT
Recently, the notion of an array-based system has been introduced as an abstraction of infinite state systems (such as parametrised systems) which allows for model checking safety properties by SMT solving. Unfortunately, the use of quantified first-order formulae to describe sets of states makes checking for fix-point and unsafety extremely expensive. In this paper, we describe (static and dyn...
متن کاملMCMT in the Land of Parameterized Timed Automata
Timed networks are parametrised systems of timed automata. Solving reachability problems for this class of systems allows one to prove safety properties regardless of the number of processes in the network. Usually, these problems are attacked in the following way: the number n of processes in the network is fixed and a tool for timed automata (like Uppaal) is used to check the desired property...
متن کاملMCMT in the Land of Parametrized Timed Automata
Timed networks are parametrised systems of timed automata. Solving reachability problems for this class of systems allows one to prove safety properties regardless of the number of processes in the network. Usually, these problems are attacked in the following way: the number n of processes in the network is fixed and a tool for timed automata (like Uppaal) is used to check the desired property...
متن کاملAutomated Analysis of Parametric Timing-Based Mutual Exclusion Algorithms
Deadlock-free algorithms that ensure mutual exclusion crucially depend on timing assumptions. In this paper, we describe our experience in automatically verifying mutual-exclusion and deadlock-freedom of the Fischer and Lynch-Shavit algorithms, using the model checker modulo theories mcmt. First, we explain how to specify timing-based algorithms in the mcmt input language as symbolic transition...
متن کاملAutomated Support for the Design and Validation of Fault Tolerant Parameterized Systems: a case study
We propose a methodology to use the infinite state model checker MCMT, based on Satisfiability Modulo Theory techniques, for assisting in the design of fault tolerant algorithms. To prove the practical viability of our methodology, we apply it to formally check the agreement property of the reliable broadcast protocols of Chandra and Toueg.
متن کامل