Advances in Petri nets 1986, part II on Petri nets: applications and relationships to other models of concurrency
Symbolic Boolean manipulation with ordered binary-decision diagrams
ACM Computing Surveys (CSUR)
IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Partial commutation and traces
Handbook of formal languages, vol. 3
Partial-Order Methods for the Verification of Concurrent Systems: An Approach to the State-Explosion Problem
Stubborn sets for reduced state space generation
Proceedings of the 10th International Conference on Applications and Theory of Petri Nets: Advances in Petri Nets 1990
Evaluating Context Descriptions and Property Definition Patterns for Software Formal Validation
MODELS '09 Proceedings of the 12th International Conference on Model Driven Engineering Languages and Systems
Improving spin's partial-order reduction for breadth-first search
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
Improving model checking with context modelling
Advances in Software Engineering
Hi-index | 0.00 |
This article is concerned with the verification of closed-loop asynchronous reactive systems. Such systems, specified for instance with the industrial SDL (Specification and Description Language) language, communicate with their environment through buffers which memorize occurrences of events. Such a communication mechanism is quite interesting for specifying systems connected to several asynchronous external actors. However, it leads to a verification model possibly composed of a huge number of states (due to the state-space of the buffers). This article shows how this combinatorial explosion could be reduced by specifying the environment of the system to be verified, and by using partial-orders methods both on the system and its environment. After presenting the formal modeling languages SDL (for the reactive system) and CDL Context Description Language (for its environment), the main points of our work are two-fold: (1) we define an independence relation between input events for a given specification C, S, ϕ where S is the specification of the system (in SDL), C is the behavior of its external environment (in CDL), and ϕ the property to verify. The key point is that this independence relation is separately computed on S, C and ϕ, without building the global synchronization product of the system; (2) we apply the Mazurkiewicz theory for defining the set of scenarios (sequences of input events) which exactly covers the environment C and which is sufficient for verifying ϕ on S. We finally show on two industrial case-studies that this approach leads to an interesting reduction in verification time.