Adapting Petri Nets Reductions to Promela Specifications
FORTE '08 Proceedings of the 28th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
| Hi-index | 0.00 |
Symmetries occur in different forms in concurrent programs. Such symmetries are induced by processes that behave similarly, and also by data items which are treated similarly by the processes. The talk will present three different methods, based on symmetry reductions, in containing the state explosion problem in model checking. The first method considers the symmetries in the program as well the formula. In this method we first construct a quotient structure, corresponding to the reachable part of the global state graph, and then check the satisfaction of the formula in the quotient structure using the traditional model checking algorithms. This method is primarily useful in checking safety properties. The second method considers only the symmetries in the program and is based on the construction of Annotated Quotient Structure (AQS). The AQS is like the quotient structure excepting that the edges carry additional information. This additional information is used for checking correctness under fairness. This method allows checking of both safety and liveness properties.The third method employs Guarded Quotient Structures (GQS). This method can be employed for employing symmetry reductions in systems that are almost symmetric. In this method, we expand the asymmetric system by adding new edges. We construct the AQS of the expanded reachability graph, and add guards to the edges of the AQS to obtain the GQS. In order to check for correctness, we unwind the GQS. The guards on the edges are used to only consider the edges in the original graph. The method employs formula decomposition and sub-formula tracking to further speed up the model-checking process.The talk will also present a Symmetry based Model Checker, called SMC. It is an on-the-fly model checker that employs symmetry reductions and checks for correctness under a variety of fairness conditions. SMC permits the user to invoke two different types of symmetry reductions-- process symmetry and state symmetry. It also allows the user to specify the type of fairness that needs to be invoked-- weak fairness, strong fairness. It also allows the user to specify different types of on-the-fly options that need to be invoked.