Strengthened State Transitions for Invariant Verification in Practical Depth-Induction

Bounded Model Checking (BMC) is often able to handle thousands of system variables by encoding the system and its properties via symbolic formulas and using satisfiability (SAT) solvers for verification. To further ease the verification of state invariants, BMC is augmented with a general induction rule called k -induction; however, this sacrifices completeness. Invariant strengthening, a method proposed to overcome this problem, often requires user intervention which limits its general applicability. This paper presents a systematic method which is able to prove every property that is provable with standard k-induction and, in addition, further properties that the standard technique is unable to prove might be provable as well. Our case studies demonstrate the benefit of our approach with respect to plain k-induction. The main idea is to constrain the state transition relation in a way that the space of reachable states remains unchanged and k -induction is more likely to succeed. We show an implementation of our technique where the user needs only to extend the guard conditions with invariants obtained from the system’s specification. This is always possible if the schedule of the executed transitions is (partially) known a-priori.