Conference Paper

Uppaal/DMC – Abstraction-Based Heuristics for Directed Model Checking

DOI: 10.1007/978-3-540-71209-1_52 Conference: Tools and Algorithms for the Construction and Analysis of Systems, 13th International Conference, TACAS 2007, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2007 Braga, Portugal, March 24 - April 1, 2007, Proceedings
Source: DBLP


UPPAAL/DMC is an extension of UPPAAL that provides generic heuris- tics for directed model checking. In this approach, the traversal of the state space is guided by a heuristic function which estimates the distance of a search state to the nearest error state. Our tool combines two recent approaches to design such estimation functions. Both are based on computing an abstraction of the system and using the error distance in this abstraction as the heuristic value. The abstrac- tions, and thus the heuristic functions, are generated fully automatically and do not need any additional user input. UPPAAL/DMC needs less time and memory to find shorter error paths than UPPAAL's standard search methods.

Download full-text


Available from: Klaus Dräger
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: State space exploration using symbolic techniques provides a basis for the verification of software systems. The exploration procedure has direct impact on the overall effectiveness of the verification efforts. For example, choosing the breadth-first exploration strategy results in a verification tool that finds counterexamples quickly, but may sacri- fice the efficiency of the reachability analysis. The existing exploration heuristics, such as Asearch or chaotic iteration, are geared towards op- timizing only one objective, e.g., counterexample length or convergence of fixpoint computation, while neglecting various others that maybe of significant importance as well. In this paper, we present a new subsumer guided heuristic for symbolic state space exploration that supports both efficient counterexample discovery and quick convergence of the reacha- bility computation. The Subsumer-first heuristic leverages the results of partial fixpoint checks performed during the symbolic state space explo- ration. We present an application of the heuristic for improving efficiency of abstraction-based software verification. Our experimental evaluation of the heuristic in a predicate abstraction-based tool indicates its prac- tical applicability, as we observe significant efficiency improvement (me- dian of 40%) on difficult benchmarks from the transportation domain.
    Preview · Article ·
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This article surveys and gives historical accounts to the algorithmic essentials of directed model checking, a promising bug-hunting technique to mitigate the state explosion problem. In the enumeration process, successor selection is prioritized. We discuss existing guidance and methods to automatically generate them by exploiting system abstractions. We extend the algorithms to feature partial-order reduction and show how liveness problems can be adapted by lifting the search space. For deterministic, finite domains we instantiate the algorithms to directed symbolic, external and distributed search. For real-time domains we discuss the adaption of the algorithms to timed automata and for probabilistic domains we show the application to counterexample generation. Last but not least, we explain how directed model checking helps to accelerate finding solutions to scheduling problems.
    Full-text · Chapter · Jan 1970
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We present a fully automatic approach for counterexample guided abstraction refinement of real-time systems modelled in a subset of timed a u- tomata. Our approach is implemented in the MOBY/RT tool environment, which is a CASE tool for embedded system specifications. Verification in M OBY/RT is done by constructing abstractions of the semantics in terms of timed automata which are fed into the model checker UPPAAL. Since the abstractions are over- approximations, absence of abstract counterexamples implies a valid result for the full model. Our new approach deals with the situation in which an abstract counterexample is found by UPPAAL. The generated abstract counterexample is used to construct either a concrete counterexample for the full model or to iden- tify a slightly refined abstraction in which the found spurious counterexamp le cannot occur anymore. Hence, the approach allows for a fully automatic abstrac- tion refinement loop starting from the coarsest abstraction towards an ab straction for which a valid verification result is found. Nontrivial case studies dem onstrate that this approach computes small abstractions fast without any user inte raction.
    Full-text · Conference Paper · Oct 2007
Show more