TY - JOUR

T1 - Verification by augmented abstraction

T2 - The automata-theoretic view

AU - Kesten, Yonit

AU - Pnueli, Amir

AU - Vardi, Moshe Y.

N1 - Funding Information:
2Work partly done when this author was a Varon Visiting Professor at the Weizmann Institute of Science and partly supported by NSF Grants CCR-9700061 and CCR-9988322 and by a grant from the Intel Corporation.
Funding Information:
1 Supported in part by the Minerva Center for Verification of Reactive Systems, by a grant from the U.S. Israel Binational Science Foundation, by NSF Grant CCR-970061, and by a grant from the Intel Corporation.

PY - 2001/1/1

Y1 - 2001/1/1

N2 - This paper deals with the proof method of verification by finitary abstraction (VFA), which presents an alternative approach to the verification of (potentially infinite-state) reactive systems. We assume that the negation of the property to be verified is given by the user in the form of an infinite-state nondeterministic Büchi discrete system (BDS). The method consists of a two-step process by which, in a first step, the system and its (negated) specification are combined into a single infinite-state fair discrete system (FDS, which is similar to a BDS but with Streett acceptance conditions), which is abstracted into a finite-state automaton. The second step uses model checking to establish that the abstracted automaton is infeasible, i.e., has no computations. The VFA method can be considered as a viable alternative to verification by temporal deduction, which, up to now, has been the main method generally applicable for verification of infinite-state systems. The paper presents a general recipe for an FDS abstraction, which is shown to be sound, where soundness means that infeasibility of the abstracted FDS implies infeasibility of the unabstracted one, implying in turn the validity of the property over the concrete (infinite-state) system. To make the method applicable for the verification of liveness properties, pure abstraction is sometimes no longer adequate. We show that by augmenting the system with an appropriate (and standardly constructible)progress monitor, we obtain an augmented system, whose computations are essentially the same as those of the original system and which may now be abstracted while preserving the desired liveness properties. We refer to the extended method as verification by augmented abstraction (VAA). We then proceed to show that the VAA method is sound and complete for proving all properties whose negations are expressible by a BDS. Given that every linear temporal logic (LTL) property can be translated to a BDS, this establishes that the VAA method is sound and comple te for proving the validity of all LTL properties, including both safety and liveness.

AB - This paper deals with the proof method of verification by finitary abstraction (VFA), which presents an alternative approach to the verification of (potentially infinite-state) reactive systems. We assume that the negation of the property to be verified is given by the user in the form of an infinite-state nondeterministic Büchi discrete system (BDS). The method consists of a two-step process by which, in a first step, the system and its (negated) specification are combined into a single infinite-state fair discrete system (FDS, which is similar to a BDS but with Streett acceptance conditions), which is abstracted into a finite-state automaton. The second step uses model checking to establish that the abstracted automaton is infeasible, i.e., has no computations. The VFA method can be considered as a viable alternative to verification by temporal deduction, which, up to now, has been the main method generally applicable for verification of infinite-state systems. The paper presents a general recipe for an FDS abstraction, which is shown to be sound, where soundness means that infeasibility of the abstracted FDS implies infeasibility of the unabstracted one, implying in turn the validity of the property over the concrete (infinite-state) system. To make the method applicable for the verification of liveness properties, pure abstraction is sometimes no longer adequate. We show that by augmenting the system with an appropriate (and standardly constructible)progress monitor, we obtain an augmented system, whose computations are essentially the same as those of the original system and which may now be abstracted while preserving the desired liveness properties. We refer to the extended method as verification by augmented abstraction (VAA). We then proceed to show that the VAA method is sound and complete for proving all properties whose negations are expressible by a BDS. Given that every linear temporal logic (LTL) property can be translated to a BDS, this establishes that the VAA method is sound and comple te for proving the validity of all LTL properties, including both safety and liveness.

UR - http://www.scopus.com/inward/record.url?scp=0035361849&partnerID=8YFLogxK

U2 - 10.1006/jcss.2000.1744

DO - 10.1006/jcss.2000.1744

M3 - Article

AN - SCOPUS:0035361849

SN - 0022-0000

VL - 62

SP - 668

EP - 690

JO - Journal of Computer and System Sciences

JF - Journal of Computer and System Sciences

IS - 4

ER -