Symbolic model checking for discrete real-time systems

Abstract

A considerably large class of critical applications run in distributed and real-time environments, and most of the correctness requirements of such applications must be expressed by time-critical properties. To enable the specification and verification of these properties in both qualitative and quantitative manners, we propose a new real-time temporal logic $\rm~{RTCTL^*}$, by incorporating both the quantitative (bounded) future and past temporal operators from the qualitative temporal logic $\rm~{CTL^*}$. First, we propose a symbolic method for constructing the temporal tester for arbitrary principally temporal formulas. A temporal tester is constructed as a non-deterministic transducer with a fresh boolean output variable, such that at any position the output variable is set to be true if and only if the corresponding formula holds starting from that position. Then we propose a symbolic model checking method for $\rm~{RTCTL^*}$ over finite-state transition systems with weak fairness constraints based on the compositionality of testers. The soundness and completeness of the model checking method, the expressiveness of $\rm~{RTCTL^*}$, and the complexity of the tester construction are described and proven. We have already implemented an efficient model checking prototype for the real-time linear temporal logic $\rm~{RTLTL}$, which is a quantifier-free version of $\rm~{RTCTL^*}$, by building upon the NuSMV model checker. The theoretical and the experimental results from the prototype both confirm that for checking bounded temporal formulae of the form $f\texttt{U}_{[0,b]}g$ or $f\texttt{S}_{[0,b]}g$, our method performs exponentially better than the translation-based method in NuSMV.