More Scalable LTL Model Checking via Discovering Design-Space Dependencies ( $$D^{3}$$ D 3 )

Dureja, Rohit; Rozier, Kristin Yvonne

doi:10.1007/978-3-319-89960-2_17

Cited by 18 publications

(20 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We also plan to explore lazy encodings from MLTL formulas to SMT models. For example, instead of encoding the whole MLTL formula into a monolithic SMT model, we may be able to decrease overall satisfiability-solving time by encoding the MLTL formula in parts with dynamic ordering similar to [15]. To make the output of SMT-based MLTL satisfiability checking more usable, we plan to investigate translations from the functions returned from Z3 for satisfiable instances into more easily parsable satisfying assignments.…”

Section: Discussionmentioning

confidence: 99%

“…For every U operator, we randomly chose an interval [i, j] where i ≥ 0 and j ≤ 100. (2) NASA-Boeing MLTL Formulas (NB): We use challenging benchmarks [15] created from projects at NASA [17,26] and Boeing [11]. We extract 63 real-life LTL requirements from the SMV models of the benchmarks, and then randomly generate an interval for each temporal operator.…”

Section: Experimental Evaluationsmentioning

confidence: 99%

See 1 more Smart Citation

Satisfiability Checking for Mission-Time LTL

Vardi

Rozier

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Mission-time LTL (MLTL) is a bounded variant of MTL over naturals designed to generically specify requirements for mission-based system operation common to aircraft, spacecraft, vehicles, and robots. Despite the utility of MLTL as a specification logic, major gaps remain in analyzing MLTL, e.g., for specification debugging or model checking, centering on the absence of any complete MLTL satisfiability checker. We prove that the MLTL satisfiability checking problem is NEXPTIME-complete and that satisfiability checking MLTL0, the variant of MLTL where all intervals start at 0, is PSPACE-complete. We introduce translations for MLTL-to-LTL, MLTL-to-LTL f , MLTL-to-SMV, and MLTL-to-SMT, creating four options for MLTL satisfiability checking. Our extensive experimental evaluation shows that the MLTL-to-SMT transition with the Z3 SMT solver offers the most scalable performance.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Experimental Evaluationsmentioning

confidence: 99%

Satisfiability Checking for Mission-Time LTL

Vardi

Rozier

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…This is important for our early-design-time analysis because we want to be able to efficiently find violations of our safety requirements, however rare, so that we can proceed with a more complete knowledge of what could go wrong than we can obtain, e,g., from rare-event simulation. Tools based on model-checking technology [36,37] have enjoyed a substantial and growing use over the last few years, and have recently been used to comparatively analyze multiple possible avionics system designs to narrow the design space early in the system design process [20,21,38]. Given a system or system model in some formal semantics, and a requirement in some mathematical logic, model checking is the task of exhaustively and automatically checking whether the model satisfies the requirement, designated |= .…”

Section: A Model Checkingmentioning

confidence: 99%

“…We use the symbolic model-checking tool: New e(X)tensible Model Verifier ( X ) [39] for our experiments because it is well-documented [40][41][42], freely available , and frequently used in industry [26,31,38,[43][44][45][46][47][48][49][50][51][52]. However,…”

Section: A Model Checkingmentioning

confidence: 99%

Formal Framework for Safety, Security, and Availability of Aircraft Communication Networks

Dureja

Rozier

2020

Journal of Aerospace Information Systems

Self Cite

View full text Add to dashboard Cite

As the costs of fuel and maintenance increase and regulations on weight and environmental impact tighten, there is an increasing push to transition onboard aircraft networks to wireless, reducing weight, fuel, maintenance time, and pollution. A candidate short-range wireless network for aircraft onboard communications is outlined using the common ZigBee protocol and privacy-preserving search implemented as a secure publish/subscribe system using specially coded metadata. Formally specifying safety and security properties and modeling the network in New e(X)tensible Model Verifier enable verification and fault analysis via model checking and lay the groundwork for future certification avenues. Experiments formally analyzing the candidate wireless network are reported, showing overhead and availability for encrypted and fault-tolerant communications. A formal model is proposed, which allows system designers to estimate communication failure rates and directly trade off fault tolerance for bandwidth, while preserving communication security.

show abstract

“…The framework of local and global proofs [18] has been used to derive a "debugging set" of properties to fix before verifying others, implying a property ordering but not a partitioning for minimal collective resource. LTL satisfiability checking has been used to establish logical dependencies between properties [14] to dynamically reduce verification resource; however, this work requires a quadratic number of resource-intensive comparisons.…”

Section: A Related Workmentioning

confidence: 99%

Boosting Verification Scalability via Structural Grouping and Semantic Partitioning of Properties

Dureja

Baumgartner

Ivrii

et al. 2019

2019 Formal Methods in Computer Aided Design (FMCAD)

Self Cite

View full text Add to dashboard Cite

From equivalence checking to functional verification to design-space exploration, industrial verification tasks entail checking a large number of properties on the same design. State-of-the-art tools typically solve all properties concurrently, or one-at-a-time. They do not optimally exploit subproblem sharing between properties, leaving an opportunity to save considerable verification resource via concurrent verification of properties with nearly identical cone of influence (COI). These high-affinity properties can be concurrently solved; the verification effort expended for one can be directly reused to accelerate the verification of the others, without hurting per-property verification resources through bloating COI size. We present a near-linear runtime algorithm for partitioning properties into provably high-affinity groups for concurrent solution. We also present an effective method to partition high-structural-affinity groups using semantic feedback, to yield an optimal multi-property localization abstraction solution. Experiments demonstrate substantial end-to-end verification speedups through these techniques, leveraging parallel solution of individual groups.

show abstract

More Scalable LTL Model Checking via Discovering Design-Space Dependencies ( $$D^{3}$$ D 3 )

Cited by 18 publications

References 27 publications

Satisfiability Checking for Mission-Time LTL

Satisfiability Checking for Mission-Time LTL

Formal Framework for Safety, Security, and Availability of Aircraft Communication Networks

Boosting Verification Scalability via Structural Grouping and Semantic Partitioning of Properties

Contact Info

Product

Resources

About