TY - JOUR

T1 - A compositional approach to CTL* verification

AU - Kesten, Yonit

AU - Pnueli, Amir

N1 - Funding Information:
We gratefully acknowledge the continuous support, helpful suggestions, and critical assessment of the evolution of this work by Tamarah Arons who, in parallel with the theoretical developments reported here, implemented the CTL∗ deductive system as a PVS theory. These results will be reported in a separate publication. This research was supported in part by the Minerva Center for Verification of Reactive Systems, the Israel Science Foundation (Grant no. 106/02-1), and NSF Grant CCR-0205571.
Funding Information:
This research was supported in part by the Minerva Center for Verification of Reactive Systems, the Israel Science Foundation (grant no. 106/02-1), and NSF grant CCR-0205571. ∗Corresponding author. E-mail addresses: ykesten@bgumail.bgu.ac.il (Y. Kesten), amir.pnueli@weizmann.ac.il (A. Pnueli).

PY - 2005/2/21

Y1 - 2005/2/21

N2 - The paper presents a compositional approach to the verification of CTL* properties over reactive systems. Both symbolic model-checking (SMC) and deductive verification are considered. Both methods are based on two decomposition principles. A general state formula is decomposed into basic state formulas which are CTL* formulas with no embedded path quantifiers. To deal with arbitrary basic state formulas, we introduce another reduction principle which replaces each basic path formula, i.e., path formulas whose principal operator is temporal and which contain no embedded temporal operators or path quantifiers, by a newly introduced boolean variable which is added to the system. Thus, both the algorithmic and the deductive methods are based on two statification transformations which successively replace temporal formulas by assertions which contain no path quantifiers or temporal operators. Performing these decompositions repeatedly, we remain with basic assertional formulas, i.e., formulas of the form Efp and Afp for some assertion p. In the model-checking method we present a single symbolic algorithm to verify both universal and existential basic assertional properties. In the deductive method we present a small set of proof rules and show that this set is sound and relatively complete for verifying universal and existential basic assertional properties over reactive systems. Together with two proof rules for the decompositions, we obtain a sound and relatively complete proof system for arbitrary CTL* properties. Interestingly, the deductive approach for CTL* presented here, offers a viable new approach to the deductive verification of arbitrary LTL formulas.

AB - The paper presents a compositional approach to the verification of CTL* properties over reactive systems. Both symbolic model-checking (SMC) and deductive verification are considered. Both methods are based on two decomposition principles. A general state formula is decomposed into basic state formulas which are CTL* formulas with no embedded path quantifiers. To deal with arbitrary basic state formulas, we introduce another reduction principle which replaces each basic path formula, i.e., path formulas whose principal operator is temporal and which contain no embedded temporal operators or path quantifiers, by a newly introduced boolean variable which is added to the system. Thus, both the algorithmic and the deductive methods are based on two statification transformations which successively replace temporal formulas by assertions which contain no path quantifiers or temporal operators. Performing these decompositions repeatedly, we remain with basic assertional formulas, i.e., formulas of the form Efp and Afp for some assertion p. In the model-checking method we present a single symbolic algorithm to verify both universal and existential basic assertional properties. In the deductive method we present a small set of proof rules and show that this set is sound and relatively complete for verifying universal and existential basic assertional properties over reactive systems. Together with two proof rules for the decompositions, we obtain a sound and relatively complete proof system for arbitrary CTL* properties. Interestingly, the deductive approach for CTL* presented here, offers a viable new approach to the deductive verification of arbitrary LTL formulas.

UR - http://www.scopus.com/inward/record.url?scp=13444263623&partnerID=8YFLogxK

U2 - 10.1016/j.tcs.2004.09.023

DO - 10.1016/j.tcs.2004.09.023

M3 - Conference article

AN - SCOPUS:13444263623

VL - 331

SP - 397

EP - 428

JO - Theoretical Computer Science

JF - Theoretical Computer Science

SN - 0304-3975

IS - 2-3

T2 - Formal Methods for Components and Objects

Y2 - 5 November 2002 through 8 November 2002

ER -