Presentation is loading. Please wait.

Presentation is loading. Please wait.

Complexity of Compositional Model Checking of Computation Tree Logic on Simple Structures Krishnendu Chatterjee Pallab Dasgupta P.P. Chakrabarti IWDC 2004,

Published byClaude Stuart Spencer Modified over 8 years ago

Similar presentations

Presentation on theme: "Complexity of Compositional Model Checking of Computation Tree Logic on Simple Structures Krishnendu Chatterjee Pallab Dasgupta P.P. Chakrabarti IWDC 2004,"— Presentation transcript:

1 Complexity of Compositional Model Checking of Computation Tree Logic on Simple Structures Krishnendu Chatterjee Pallab Dasgupta P.P. Chakrabarti IWDC 2004, ISI Calcutta, Dec 28, 2004.

2 Correctness of Systems Verifying correctness of systems Testing Testing systems with test cases Formal methods Proof of correctness, e.g., theorem proving, model checking

3 Formal Methods Given a system model and a property does the system satisfy the property Verifying the correctness of the system specified as properties

4 Model Checking Property  System Model Model Checker Yes No, Counter example

5 Model Checking Property  Temporal Logic System Model Kripke Structure Model Checker Yes No, Counter example

6 System Model System modeled as labeled transition system Kripke structures Graphs Vertices labeled by atomic proposition Edges represent transitions between states

7 Specification Language Specification language to specify properties Temporal logic: formulas specify temporal behaviors of a systems Examples of temporal logic Computation Tree Logic (CTL) Linear Temporal Logic (LTL)

8 System and Properties System modeled as Kripke structures Labeled transition systems Properties as temporal logic formulas Linear time: Linear time logic (LTL) Branching time: Computation Tree Logic (CTL)

9 Kripke Structure and CTL p p r q r p r Temporal Logics: CTL : ( p U q ) E ( p U q ) A ( p U q ) LTL, CTL * are other examples of temporal logics.

10 CTL Syntax S ::= p | : S | S Æ S | AX(S) | EX(S) | A( S U S ) | E (S U S) where p is a member of atomic propositions

11 CTL CTL: attractive temporal logic Polynomial time algorithm for model checking if the system modeled as a single kripke structure Elegant syntax Top down decomposition of formulas to sub-formulas

12 CTL Model Checking CTL Formula System Polytime Model Checker

13 System Model System composed of several modules that run in parallel and concurrently Specially in parallel and distributed environment The whole system is the product of the individual components

14 System Composed of Modules CTL Formula System Polytime Model Checker

15 Composition Explicit construction of whole system State space explosion by product No more polynomial in size of the input Exponential space to construct a single Kripke structure Explicit construction makes CTL model checking exponential

16 CTL Model Checking Can we verify properties without explicit product construction Even for restrictive class of systems Even for simpler formulas of CTL

17 Simplest Class of Components Tree-like kripke structures Components consist of kripke structures such that the underlying graph is a tree with leaves having self-loops Simplest class of component kripke structure Can this class be verified without explicit composition and tractable

18 Composition Composition of several components Synchronous composition: all components make transition simultaneously Asynchronous composition: some of the components make transitions and other does not make a transition

19 Results No (Negative) Complexity for compositional CTL model checking for tree-like kripke structures CTL Model checking: PSPACE-complete E(B U B) : NP-complete A(B U B) : coNP-complete B is a boolean formula

20 Results The complexity results hold for Synchronous composition: all components make transition simultaneously Asynchronous composition: some of the components make transitions and other does not make a transition

21 PSPACE-hardness

22 Proof Idea Reduction of Quantified Boolean Formula (QBF) to CTL model checking of tree-like kripke structures QBF formula  = 9 x 1 8 x 2 9 x 3 … 8 x n. C 1 Æ C 2 Æ … C m Each C j is a clause (disjunction of literals) and has exactly 3 distinct literals

23 Tree from Clauses p i10 p i11 p i31 p i30 A tree T i from clause C i If a variable x j occurs in C i then two child at level j, otherwise only one child. The left branch corresponds to an assignment of false. The right branch corresponds to an assignment of true. Clause with (x 1 Ç x 3 … ) p i30 p i31

24 Tree from Clauses p i10 p i11 p i31 p i30 The atomic proposition t i represents truth of the clause given an assignment of variables Clause with (x 1 Ç x 3 ) p i30 p i31 titi

25 Tree from Clauses p i10 p i11 p i31 p i30 CTL formula: p j to ensure consistency p j =( Æ i=1 n p ij0 ) Ç ( Æ i=1 n p ij1 ) Clause with (x 1 Ç x 3 … ) p i30 p i31

26 Proof Idea Tree-like kripke structure T i for every clause C i CTL formula  = EX(p 1 Æ AX(p 2 (EX(p 3 … AX(p n Æ (t 1 Æ t 2 … Æ t m )))))) Recall the QBF formula  = 9 x 1 8 x 2 9 x 3 … 8 x n. C 1 Æ C 2 Æ … C m

27 Proof Tree and Solution Tree Proof tree to prove a CTL formula Choose a successor for EX branch All successors for AX branch Solution tree for QBF formula A valuation for existential variables All valuation for universal variables

28 Proof Idea Argue that  is true if and only if the CTL formula  is true in the kripke structure composed of the component tree-like kripke structure Proof idea Solution tree for  for proof tree for  Proof tree for  from solution tree for 

29 Proof Idea The argument establish PSPACE hardness PSPACE algorithm: DFS search and on-the-fly state space construction Similar to Savitch’s Theorem PSPACE-completeness

30 Complexity of Sub-logics NP-complete for formulae of the form E(B U B) Reduction to SAT coNP-complete for formulae of the form A(B U B) Reduction Validity problem

31 Conclusion and Future works Compositional model checking of CTL Problem is inherently difficult Future directions Identify simpler logics and properties such that compositional reasoning is tractable Reachability properties: Tractable for asynchronous composition Complexity open for synchronous composition

32 Thank you !!!

Download ppt "Complexity of Compositional Model Checking of Computation Tree Logic on Simple Structures Krishnendu Chatterjee Pallab Dasgupta P.P. Chakrabarti IWDC 2004,"

Similar presentations

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Partial Order Reduction: Main Idea

Partial Order Reduction: Main Idea
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
Timed Automata.

Timed Automata.
CS 267: Automated Verification Lecture 7: SMV Symbolic Model Checker, Partitioned Transition Systems, Counter-example Generation in Symbolic Model Checking.

CS 267: Automated Verification Lecture 7: SMV Symbolic Model Checker, Partitioned Transition Systems, Counter-example Generation in Symbolic Model Checking.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
Complexity 12-1 Complexity Andrei Bulatov Non-Deterministic Space.

Complexity 12-1 Complexity Andrei Bulatov Non-Deterministic Space.
CS21 Decidability and Tractability

CS21 Decidability and Tractability
Computability and Complexity 15-1 Computability and Complexity Andrei Bulatov NP-Completeness.

Computability and Complexity 15-1 Computability and Complexity Andrei Bulatov NP-Completeness.
Witness and Counterexample Li Tan Oct. 15, 2002.

Witness and Counterexample Li Tan Oct. 15, 2002.
1 CSE 417: Algorithms and Computational Complexity Winter 2001 Lecture 23 Instructor: Paul Beame.

1 CSE 417: Algorithms and Computational Complexity Winter 2001 Lecture 23 Instructor: Paul Beame.
Review of the automata-theoretic approach to model-checking.

Review of the automata-theoretic approach to model-checking.
Witness and Counterexample Li Tan Oct. 15, 2002.

Witness and Counterexample Li Tan Oct. 15, 2002.

Similar presentations

Ads by Google