Eecient Local and Global Model Checking

  • B h Schlingloo
  • Published 2007

Abstract

In order to apply formal veriication methods to industrial-size product developments there are two prerequisites: First, one needs convenient, intuitive description and speciica-tion languages for the system and properties to be veriied. Second, there should be eecient algorithms with reasonable average-case complexity for the analysis of the formal languages under consideration. Elementary Petri nets provide a natural way to model the control structure of concurrent and distributed systems. Since the state spaces of elementary nets are nite, most properties of these state spaces are decidable. In contrast to other nite-state representations of relational structures, Petri nets distinguish between nondeterminism caused by the abstraction from data, and nondeterminism caused by diierent scheduling strategies of the parallel processes. As we show, this fact can be exploited to improve the evaluation of certain properties. Formally, an EPN is a tuple N = (P; T; 0 ; pre; post), where P and T are nonempty nite sets of places and transitions, respectively, 0 2 2 P is the initial marking of the net, and pre; post : T 7 ! 2 P are functions determinining the pre-and postset of a transition, respectively. A marking 2 2 P is any subset of P, and for any t 2 T we deene the ring relation t !: 2 P 7 ! 2 P as follows: 1 t ! 2 if pre(t) 1 , post(t) \ 1 = ;, and 2 = (1 n pre(t)) post(t). The reachable state space of an EPN is the smallest set of markings containing 0 which is closed under all ring relations. An execution is a maximal path through the reachable state space. The EPN is deadlock-free if every execution is innnite. Temporal Logic was invented by philosophers to formally duplicate natural language sentences about events in time. Several variants and extensions for the speciication of reactive systems have been developed, most notably being the distinction between branching time logics (interpreted on reachable state spaces) and linear time logics (interpreted on executions). In this note, we use dynamic Peirce algebras to represent certain properties of elementary nets, since they can be interpreted both on branching and linear structures. A DPA is a tuple K a boolean algebra; \:" is a Peirce product (modal diamond) A B 7 ! B, and \?" is a cylindriication mapping (test) B 7 ! A. The concrete interpretation I N (') of a DPA term ' …

Cite this paper

@inproceedings{Schlingloo2007EecientLA, title={Eecient Local and Global Model Checking}, author={B h Schlingloo}, year={2007} }