Model checking lattices: using and reasoning about information orders for abstraction

Abstract

The state explosion problem is the central challenge in automatic verification using model checking. In many cases, representing the state space of a system as a lattice is an effective way of representing very large state spaces. The partial order of the lattice represents an information ordering between states, which can be used as an abstraction mechanism to reduce the computational cost of model checking. The 'traditional' logical framework for model checking finite state systems has serious deficiencies when applied to information-ordered state spaces. Interpreting the truth of a proposition about a state or a sequence of states in a four-valved truth domain is better from a modelling point of view, allowing us to reason about partial and contradictory information. Moreover, it overcomes a serious technical difficulty encountered when using a two-valued truth domain. The paper defines the syntax and semantics of a four-valued temporal logic that can be used for specifying properties of a computer system. This framework has particular relevance to hardware verification. It could be used by several model checking algorithms. Symbolic trajectory evaluation (STE) [33] is a model checking algorithm that has had success in model checking using information orderings to reduce computational cost. Previous work used a two-valued logic though, which limited the expressiveness of the logic. Using the framework presented here, the STE algorithm can be generalised, and then applied in practice to a richer logic. Some examples are shown in this paper. Keywords:Symbolic trajectory evaluation, quarternary logic, model checking, temporal logic, bilattices.