Skip to main content

Another Look at LTL Model Checking

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

We show how LTL model checking can be reduced to CTL model checking with fairness constraints. Using this reduction, we also describe how to construct a symbolic LTL model checker that appears to be quite efficient in practice. In particular, we show how the SMV model checking system developed by McMillan [16] can be extended to permit LTL specifications. The results that we have obtained are quite surprising. For the specifications which can be expressed in both CTL and LTL, the LTL model checker required at most twice as much time and space as the CTL model checker. We also succeeded in verifying non-trivial LTL specifications. The amount of time and space that is required is quite reasonable. Based on the examples that we considered, it appears that efficient LTL model checking is possible when the specifications are not excessively complicated.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. M. Ben-Ari, Z. Manna, and A. Pnueli. "The temporal logic of branching time," Acta Informatica, Vol. 20, pp. 207–226, 1983.

    Google Scholar 

  2. K. S. Brace, R. L. Rudell, and R. E. Bryant. "Efficient implementation of a BDD package," In Proceedings of the 27th ACM/IEEE Design Automation Conference. IEEE Computer Society Press, June 1990.

  3. R. E. Bryant. "Graph-based algorithms for boolean function manipulation," IEEE Transactions on Computers, Vol. C-35, 1986.

  4. J. R. Burch, E. M. Clarke, K. L. McMillan, D. L. Dill, and L. J. Hwang. "Symbolic model checking: 1020 states and beyond.," Information and Computation, Vol. 98, pp. 142–170,1992.

    Google Scholar 

  5. E. Clarke, O. Grumberg, and D. Long. "Verification tools for finite-state concurrent systems," In A Decade of Concurrency, Noordwijkerhout, The Netherlands, June 1993. Lecture Notes In Computer Science, Springer Verlag: vol. 684, pp. 124–175, 1994.

    Google Scholar 

  6. E. M. Clarke and I. A. Draghicescu. "Expressibility results for linear time and branching time logics," In Linear Time, Branching Time, and Partial Order in Logics and Models for Concurrency, Vol. 354, pp. 428–437. Springer-Verlag: Lecture Notes in Computer Science, 1988.

    Google Scholar 

  7. E. M. Clarke, I. A. Draghicescu, and R. P. Kurshan. "A unified approach for showing language containment and equivalence between various types of ω-automata," Information Processing Letters, Vol. 46, pp. 301–308, 1993.

    Google Scholar 

  8. E. M. Clarke and E. A. Emerson. "Synthesis of synchronization skeletons for branching time temporal logic," In Logic of Programs: Workshop, Yorktown Heights, NY, May 1981, Vol. 131 of Lecture Notes in Computer Science. Springer-Verlag, 1981.

  9. E. M. Clarke, E. A. Emerson, and A. P. Sistla. "Automatic verification of finite-state concurrent systems using temporal logic specifications," ACM Transactions on Programming Languages and Systems, Vol. 8, pp. 244–263, 1986.

    Google Scholar 

  10. E. M. Clarke, O. Grumberg, H. Hiraishi, S. Jha, D. E. Long, K. L. McMillan, and L. A. Ness. "Verification of the Futurebus+ cache coherence protocol," In L. Claesen, editor, Proceedings of the Eleventh International Symposium on Computer Hardware Description Languages and their Applications. North-Holland, April 1993.

  11. O. Coudert, J. C. Madre, and C. Berthet. "Verifying temporal properties of sequential machines without building their state diagrams," In R. P. Kurshan and E. M. Clarke, editors, Proceedings of the 1990 Workshop on Computer-Aided Verification, June 1990.

  12. E.A. Emerson and J.Y. Halpern. "Sometimes" and "Not Never" revisited: On branching time versus linear time." Journal of the ACM, vol. 33, pp. 151–178, 1986

    Google Scholar 

  13. E.A. Emerson and Chin Laung Lei. "Modalities for model checking: Branching time strikes back," Twelfth Symposium on Principles of Programming Languages, New Orleans, La., January 1985.

  14. O. Lichtenstein and A. Pnueli. "Checking that finite state concurrent programs satisfy their linear specifi-cation," In Proceedings of the Twelfth Annual ACM Symposium on Principles of Programming Languages, January 1985.

  15. A. J. Martin. "The design of a self-timed circuit for distributed mutual exclusion," In H. Fuchs, editor, Proceedings of the 1985 Chapel Hill Conference on Very Large Scale Integration, 1985.

  16. K. L. McMillan. Symbolic Model Checking. Kluwer Academic Publishers: Boston, 1993.

    Google Scholar 

  17. A. P. Sistla and E.M. Clarke. "Complexity of propositional temporal logics," Journal of the ACM, Vol. 32, pp. 733–749, July 1986.

  18. M. Y. Vardi and P. Wolper. "An automata-theoretic approach to automatic program verification," In Proceedings of the First Annual Symposium on Logic in Computer Science. IEEE Computer Society Press, June 1986.

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

About this article

Cite this article

Clarke, E.M., Grumberg, O. & Hamaguchi, K. Another Look at LTL Model Checking. Formal Methods in System Design 10, 47–71 (1997). https://doi.org/10.1023/A:1008615614281

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1008615614281