Automatic verification of finite-state concurrent systems using temporal logic specifications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
Statecharts: A visual formalism for complex systems
Science of Computer Programming
Software Requirements Analysis for Real-Time Process-Control Systems
IEEE Transactions on Software Engineering
Requirements Specification for Process-Control Systems
IEEE Transactions on Software Engineering
Verification of arithmetic circuits with binary moment diagrams
DAC '95 Proceedings of the 32nd annual ACM/IEEE Design Automation Conference
Model checking software systems: a case study
SIGSOFT '95 Proceedings of the 3rd ACM SIGSOFT symposium on Foundations of software engineering
Completeness and consistency analysis of state-based requirements
Proceedings of the 17th international conference on Software engineering
A lower bound for integer multiplication with read-once branching programs
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
A logic-model semantics for SCR software requirements
ISSTA '96 Proceedings of the 1996 ACM SIGSOFT international symposium on Software testing and analysis
Symbolic Model Checking
Evaluating Deadlock Detection Methods for Concurrent Software
IEEE Transactions on Software Engineering
What is in a Step: On the Semantics of Statecharts
TACS '91 Proceedings of the International Conference on Theoretical Aspects of Computer Software
Abstract Model Checking of Infinite Specifications
FME '94 Proceedings of the Second International Symposium of Formal Methods Europe on Industrial Benefit of Formal Methods
Word Level Symbolic Model Checking: A New Approach for Verifying Arithmetic Circuits
Word Level Symbolic Model Checking: A New Approach for Verifying Arithmetic Circuits
Elements of Style: Analyzing a Software Design Feature with a Counterexample Detector
IEEE Transactions on Software Engineering - Special issue: best papers of the 1996 international symposium on software testing and analysis ISSTA'96
Model checking graphical user interfaces using abstractions
ESEC '97/FSE-5 Proceedings of the 6th European SOFTWARE ENGINEERING conference held jointly with the 5th ACM SIGSOFT international symposium on Foundations of software engineering
Improving efficiency of symbolic model checking for state-based system requirements
Proceedings of the 1998 ACM SIGSOFT international symposium on Software testing and analysis
Verifying systems with integer constraints and Boolean predicates: a composite approach
Proceedings of the 1998 ACM SIGSOFT international symposium on Software testing and analysis
Filter-based model checking of partial systems
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Using Abstraction and Model Checking to Detect Safety Violations in Requirements Specifications
IEEE Transactions on Software Engineering
Checking safety properties using compositional reachability analysis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Property specification patterns for finite-state verification
FMSP '98 Proceedings of the second workshop on Formal methods in software practice
Checking properties of safety critical specifications using efficient decision procedures
FMSP '98 Proceedings of the second workshop on Formal methods in software practice
Composite model-checking: verification with type-specific symbolic representations
ACM Transactions on Software Engineering and Methodology (TOSEM)
Verification of time partitioning in the DEOS scheduler kernel
Proceedings of the 22nd international conference on Software engineering
Using predicate abstraction to reduce object-oriented programs for model checking
FMSP '00 Proceedings of the third workshop on Formal methods in software practice
Verification of Large State/Event Systems Using Compositionality and Dependency Analysis
Formal Methods in System Design
Explanation-Based Scenario Generation for Reactive System Models
Automated Software Engineering
Model Checking Large Software Specifications
IEEE Transactions on Software Engineering
An Abductive Approach for Analysing Event-Based Requirements Specifications
ICLP '02 Proceedings of the 18th International Conference on Logic Programming
Supporting the Deployment of Object-Oriented Frameworks
CAiSE '02 Proceedings of the 14th International Conference on Advanced Information Systems Engineering
Salsa: Combining Constraint Solvers with BDDs for Automatic Invariant Checking
TACAS '00 Proceedings of the 6th International Conference on Tools and Algorithms for Construction and Analysis of Systems: Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS 2000
PSI '99 Proceedings of the Third International Andrei Ershov Memorial Conference on Perspectives of System Informatics
A Modular Approach to the Specification and Validation of an Electrical Flight Control System
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
Symbolic Model Checking with Fewer Fixpoint Computations
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
Implementing Statecharts in PROMELA/SPIN
WIFT '98 Proceedings of the Second IEEE Workshop on Industrial Strength Formal Specification Techniques
A tutorial introduction to symbolic model checking
Logic for concurrency and synchronisation
A model checking framework for hierarchical systems
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Hi-index | 0.00 |
In this paper we present our results and experiences of using symbolic model checking to study the specification of an aircraft collision avoidance system. Symbolic model checking has been highly successful when applied to hardware systems. We are interested in the question of whether or not model checking techniques can be applied to large software specifications.To investigate this, we translated a portion of the finite-state requirements specification of TCAS II (Traffic Alert and Collision Avoidance System) into a form accepted by a model checker (SMV). We successfully used the model checker to investigate a number of dynamic properties of the system.We report on our experiences, describing our approach to translating the specification to the SMV language and our methods for achieving acceptable performance in model checking, and giving a summary of the properties that we were able to check. We consider the paper as a data point that provides reason for optimism about the potential for successful application of model checking to software systems. In addition, our experiences provide a basis for characterizing features that would be especially suitable for model checkers built specifically for analyzing software systems.The intent of this paper is to evaluate symbolic model checking of state-machine based specifications, not to evaluate the TCAS II specification. We used a preliminary version of the specification, the version 6.00, dated March, 1993, in our study. We did not have access to later versions, so we do not know if the properties identified here are present in later versions.