Communicating sequential processes
Communicating sequential processes
The complexity of Boolean functions
The complexity of Boolean functions
On the development of reactive systems
Logics and models of concurrent systems
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
Model checking and abstraction
POPL '92 Proceedings of the 19th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic functional test generation using the extended finite state machine model
DAC '93 Proceedings of the 30th international Design Automation Conference
Formally verifying a microprocessor using a simulation methodology
DAC '94 Proceedings of the 31st annual Design Automation Conference
Efficient generation of counterexamples and witnesses in symbolic model checking
DAC '95 Proceedings of the 32nd annual ACM/IEEE Design Automation Conference
Architecture validation for processors
ISCA '95 Proceedings of the 22nd annual international symposium on Computer architecture
DAC '96 Proceedings of the 33rd annual Design Automation Conference
Validation coverage analysis for complex digital designs
Proceedings of the 1996 IEEE/ACM international conference on Computer-aided design
An observability-based code coverage metric for functional simulation
Proceedings of the 1996 IEEE/ACM international conference on Computer-aided design
Abstraction Techniques for Validation Coverage Analysis and Test Generation
IEEE Transactions on Computers
DAC '98 Proceedings of the 35th annual Design Automation Conference
Coverage estimation for symbolic model checking
Proceedings of the 36th annual ACM/IEEE Design Automation Conference
Simulation vector generation from HDL descriptions for observability-enhanced statement coverage
Proceedings of the 36th annual ACM/IEEE Design Automation Conference
Checking that finite state concurrent programs satisfy their linear specification
POPL '85 Proceedings of the 12th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Model checking
An automata-theoretic approach to branching-time model checking
Journal of the ACM (JACM)
Improving coverage analysis and test generation for large designs
ICCAD '99 Proceedings of the 1999 IEEE/ACM international conference on Computer-aided design
Efficient Detection of Vacuity in Temporal Model Checking
Formal Methods in System Design - Special issue on CAV '97
Logic Synthesis and Verification Algorithms
Logic Synthesis and Verification Algorithms
ICCD '95 Proceedings of the 1995 International Conference on Computer Design: VLSI in Computers and Processors
Specification and verification of concurrent systems in CESAR
Proceedings of the 5th Colloquium on International Symposium on Programming
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
Logic of Programs, Workshop
Dos and don'ts of CTL state coverage estimation
Proceedings of the 40th annual Design Automation Conference
CHARME'05 Proceedings of the 13 IFIP WG 10.5 international conference on Correct Hardware Design and Verification Methods
The role of mutation analysis for property qualification
MEMOCODE'09 Proceedings of the 7th IEEE/ACM international conference on Formal Methods and Models for Codesign
Towards a notion of unsatisfiable cores for LTL
FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
Incremental formal verification of hardware
Proceedings of the International Conference on Formal Methods in Computer-Aided Design
Towards a notion of unsatisfiable and unrealizable cores for LTL
Science of Computer Programming
Hi-index | 0.03 |
In formal verification, we verify that a system is correct with respect to a specification. Even when the system is proved to be correct, there is still a question of how complete the specification is, and whether it really covers all the behaviors of the system. In this paper we study coverage metrics for model checking. Coverage metrics are based on modifications we apply to the system in order to check which parts of it were actually relevant for the verification process to succeed. We introduce two principles that we believe should be part of any coverage metric for model checking: a distinction between state-based and logic-based coverage, and a distinction between the system and its environment. We suggest several coverage metrics that apply these principles, and we describe two algorithms for finding the non-covered parts of the system under these definitions. The first algorithm is a symbolic implementation of a naive algorithm that model checks many variants of the original system. The second algorithm improves the naive algorithm by exploiting overlaps in the variants. We also suggest a few helpful outputs to the user, once the non-covered parts are found.