• Publications
  • Influence
Symbolic Model Checking without BDDs
This paper shows how boolean decision procedures, like Stalmarck's Method or the Davis & Putnam Procedure, can replace BDDs, and introduces a bounded model checking procedure for LTL which reduces model checking to propositional satisfiability. Expand
Automatic verification of finite-state concurrent systems using temporal logic specifications
It is argued that this technique can provide a practical alternative to manual proof construction or use of a mechanical theorem prover for verifying many finite-state concurrent systems. Expand
A Tool for Checking ANSI-C Programs
The tool supports almost all ANSI-C language features, including pointer constructs, dynamic memory allocation, recursion, and the float and double data types, and is integrated into a graphical user interface. Expand
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
We have shown that it is possible to automatically synthesize the synchronization skeleton of a concurrent program from a Temporal Logic specification. We believe that this approach may in the longExpand
NuSMV 2: An OpenSource Tool for Symbolic Model Checking
This paper describes version 2 of the NuSMV tool, a state-of-the-art symbolic model checker designed to be applicable in technology transfer projects and is robust and close to industrial systems standards. Expand
Symbolic Model Checking: 10^20 States and Beyond
It is shown how the novel mu-calculus model checking algorithm can be used to derive efficient decision procedures for CTL model checking, satisfiability of linear-time temporal logic formulas, strong and weak observational equivalence of finite transition systems, and language containment of finite omega -automata. Expand
Counterexample-guided abstraction refinement
  • E. Clarke
  • Computer Science
  • 10th International Symposium on Temporal…
  • 2003
Counterexample-guided abstraction refinement is an automatic abstraction method where the key step is to extract information from false negatives ("spurious counterexamples") due to over-approximation. Expand
Counterexample-guided abstraction refinement for symbolic model checking
An automatic iterative abstraction-refinement methodology that extends symbolic model checking to large hardware designs and devise new symbolic techniques that analyze such counterexamples and refine the abstract model correspondingly. Expand
Symbolic Model Checking
Using symbolic model checking techniques it is possible to verify industrial-size finite state systems and models with more than 10120 states have been verified using special techniques. Expand
The complexity of propositional linear temporal logics
We consider the complexity of satisfiability and determination of truth in a particular finite structure for different propositional linear temporal logics. We show that both the above problems areExpand