Skip to main content
SpringerLink
Log in

Verifying Temporal Properties of Reactive Systems: A STeP Tutorial

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

We review a number of formal verification techniques supported by STeP, the Stanford Temporal Prover, describing how the tool can be used to verify properties of several versions of the Bakery Mutual exclusion algorithm for mutual exclusion. We verify the classic two-process algorithm and simple variants, as well as an atomic parameterized version. The methods used include deductive verification rules, verification diagrams, automatic invariant generation, and finite-state model checking and abstraction.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. R. Alur and T.A. Henzinger (Eds.), Proc. 8th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1102, Springer-Verlag, July 1996.

  2. C. Barrett, D.L. Dill, and J. Levitt, “Validity checking for combinations of theories with equality, ” in 1st Intl. Conf. on Formal Methods in Computer-Aided Design. LNCS, Vol. 1166, Nov. 1996, pp. 187–201.

    Google Scholar 

  3. S. Bensalem, Y. Lakhnech, and S. Owre, “Computing abstractions of infinite state systems compositionally and automatically, ” in A.J. Hu and M.Y. Vardi (Eds.), Proc. 10th Intl. Conferance on Computer Aided Verification. LNCS, Vol. 1427, Springer-Verlag, June 1998, pp. 319–331.

  4. S. Bensalem, Y. Lakhnech, and H. Saidi, “Powerful techniques for the automatic generation of invariants, ” in R. Alur and T.A. Henzinger (Eds.), Proc. 8th Intl. Conferance on Computer Aided Verification. LNCS, Vol. 1102, Springer-Verlag, July 1996, pp. 323–335.

  5. N.S. Bjørner, “Integrating decision procedures for temporal verification, ” PhD Thesis, Computer Science Department, Stanford University, Nov. 1998.

  6. N.S. Bjørner, A. Browne, E.S. Chang, M. Colón, A. Kapur, Z. Manna, H.B. Sipma, and T.E. Uribe, “STeP: The Stanford Temporal Prover, ” User's Manual, Technical Report STAN-CS-TR-95-1562, Computer Science Department, Stanford University, Nov. 1995.

  7. N.S. Bjørner, A. Browne, E.S. Chang, M. Colón, A. Kapur, Z. Manna, H.B. Sipma, and T.E. Uribe, “STeP: Deductive-algorithmic verification of reactive and real-time systems, ” in R. Alur and T.A. Henzinger (Eds.), Proc. 8th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1102, Springer-Verlag, July 1996, pp. 415–418.

  8. N.S. Bjørner, A. Browne, and Z. Manna, “Automatic generation of invariants and intermediate assertions, ” Theoretical Computer Science, Vol. 173, No. 1, pp. 49–87, February 1997. Preliminary version appeared in 1st Intl. Conf. on Principles and Practice of Constraint Programming, LNCS, Vol. 976, Springer-Verlag, 1995, pp. 589-623.

    Google Scholar 

  9. N.S. Bjørner, U. Lerner, and Z. Manna, “Deductive verification of parameterized fault-tolerant systems: A case study, ” in Proc. Intl. Conf. on Temporal Logic, Kluwer.

  10. N.S. Bjørner, Z. Manna, H.B. Sipma, and T.E. Uribe, “Deductive verification of real-time systems using STeP, ” Technical Report STAN-CS-TR-98-1616, Stanford University, Jan. 1998. To appear in Theoretical Computer Science. Preliminary version appeared in 4th Intl. AMASTWorkshop on Real-Time Systems, LNCS, Vol. 1231, Springer-Verlag, May 1997, pp. 484–498.

    Google Scholar 

  11. N.S. Bjørner, M.E. Stickel, and T.E. Uribe, “A practical integration of first-order reasoning and decision procedures, ” in Proc. of the 14th Intl. Conference on Automated Deduction. LNCS, Vol. 1249, Springer-Verlag, July 1997, pp. 101–115.

    Google Scholar 

  12. E. Börger (Ed.), Specification and Validation Methods, Oxford University Press, International Schools for Computer Scientists, 1994.

  13. E. Börger, Y. Gurevich, and D. Rosenzweig, “The Bakery algorithm: Yet another specification and veri-fication, ” in E. Börger (Ed.), Specification and Validation Methods, Oxford University Press, International Schools for Computer Scientists, 1994, pp. 231–243.

  14. R.S. Boyer and J.S. Moore, “Integrating decision procedures into heuristic theorem provers: A case study with linear arithmetic, ” Machine Intelligence, Vol. 11, pp. 83–124, 1988.

    Google Scholar 

  15. J.C. Bradfield and C. Stirling, “Local model checking for infinite state spaces, ” Theoretical Computer Science, Vol. 96, No. 1, pp. 157–174, Apr. 1992.

    Google Scholar 

  16. A. Browne, Z. Manna, and H.B. Sipma, “Generalized temporal verification diagrams, ” in 15th Conference on the Foundations of Software Technology and Theoretical Computer Science. LNCS, Vol. 1026, Springer-Verlag, 1995, pp. 484–498.

    Google Scholar 

  17. R.E. Bryant, “Graph-based algorithms for Boolean function manipulation, ” IEEE Transactions on Computers, Vol. C-35, No. 8, pp. 677–691, Aug. 1986.

    Google Scholar 

  18. E.S. Chang, Z. Manna, and A. Pnueli, “Characterization of temporal property classes, ” in W. Kuich (Ed.), Proc. 19th Intl. Colloq. Aut. Lang. Prog. LNCS, Vol. 623, Springer-Verlag, 1992, pp. 474–486.

  19. E.M. Clarke and E.A. Emerson, “Design and synthesis of synchronization skeletons using branching time temporal logic, ” in Proc. IBM Workshop on Logics of Programs. LNCS, Vol. 131, Springer-Verlag, 1981, pp. 52–71.

    Google Scholar 

  20. E.M. Clarke, O. Grumberg, and D.E. Long, “Model checking and abstraction, ” ACM Trans. on Programming Languages and Systems, Vol. 16, No. 5, pp. 1512–1542, Sept. 1994.

    Google Scholar 

  21. M.A. Colón and T.E. Uribe, “Generating finite-state abstractions of reactive systems using decision procedures, ” in A.J. Hu and M.Y. Vardi (Eds.), in Proc. 10th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1427, Springer-Verlag, 1998, pp. 293–304.

  22. P. Cousot and R. Cousot, “Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints, ” in 4th ACM Symp. Princ. of Prog. Lang., ACM Press, 1977, pp. 238–252.

  23. P. Cousot and N. Halbwachs, “Automatic discovery of linear restraints among the variables of a program, ” in 5th ACM Symp. Princ. of Prog. Lang., Jan. 1978.

  24. D.R. Dams, “Abstract interpretation and partition refinement for model checking, ” PhD Thesis, Eindhoven University of Technology, July 1996.

  25. D.L. Detlefs, K.R.M. Leino, G. Nelson, and J.B. Saxe, “Extended static checking, ” Technical Report 159, Compaq SRC, Dec. 1998.

  26. L. Fix and O. Grumberg, “Verification of temporal properties, ” J. Logic and Computation, Vol. 6, No. 3, pp. 343–362, 1996.

    Google Scholar 

  27. S.M. German and B. Wegbreit, “A synthesizer of inductive assertions, ” IEEE transactions on Software Engineering, Vol. 1, No. 1, pp. 68–75, March 1975.

    Google Scholar 

  28. M. Gordon and T.F. Melham, Introduction to HOL: A Theorem Proving Environment for Higher Order Logic, Cambridge University Press, 1993.

  29. S. Graf and H. Saidi, “Construction of abstract state graphs with PVS, ” in O. Grumberg (Ed.), Proc. 9th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1254, Springer-Verlag, June 1997, pp. 72–83.

  30. R. Hardin, Z. Har'El, and R. Kurshan, “COSPAN, ” in R. Alur and T.A. Henzinger (Eds.), Proc. 8th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1102, Springer-Verlag, July 1996, pp. 423–427.

  31. G.J. Holzmann and D. Peled, “The state of SPIN, ” In R. Alur and T.A. Henzinger (Eds.), Proc. 8th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1102, Springer-Verlag, July 1996, pp. 385–389.

  32. A.J. Hu and M.Y. Vardi (Eds.), Proc. 10th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1427, Springer-Verlag, June 1998.

  33. Y. Kesten, Z. Manna, and A. Pnueli, “Temporal verification of simulation and refinement, ” in J.W. de Bakker, C. Huizing, W.-P. de Roever, and G. Rosenberg (Eds.), “A Decade of Concurrency: Reflections and Perspectives,” LNCS, Vol. 803, Springer-Verlag, 1994, pp. 273–346.

  34. Y. Kesten, Z. Manna, and A. Pnueli, “Verifying clocked transition systems, ” in R. Alur, T.A. Henzinger, and E.D. Sontag (Eds.), Hybrid Systems III, LNCS, Vol. 1066, Springer-Verlag, 1996, pp. 13–40.

  35. R.P. Kurshan, “Testing containment of ω-regular languages, ” Technical Report 1121-861010-33, Bell Labs, 1986.

  36. R.P. Kurshan, Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach, Princeton University Press, 1994.

  37. L. Lamport, “A new solution of Dijkstra's concurrent programming problem, ” Communications of the ACM, Vol. 17, No. 8, pp. 435–455, 1974.

    Google Scholar 

  38. L. Lamport, “The synchronization of independent processes, ” Acta Informatica, Vol. 7, No. 1, pp. 15–34, 1976.

    Google Scholar 

  39. L. Lamport, “The temporal logic of actions, ” ACM Transactions on Programming Languages and Systems, Vol. 16, No. 3, pp. 872–923, May 1994.

    Google Scholar 

  40. L. Lamport and L.C. Paulson, “Should your specification language be typed?” Research Report 147, DEC Systems Research Center, Palo Alto, CA, May 1997.

    Google Scholar 

  41. C. Loiseaux, S. Graf, J. Sifakis, A. Bouajjani, and S. Bensalem, “Property preserving abstractions for the verification of concurrent systems, ” Formal Methods in System Design, Vol. 6, pp. 1–35, 1995.

    Google Scholar 

  42. Z. Manna, A. Anuchitanukul, N. Bjørner, A. Browne, E.S. Chang, M. Colón, L. de Alfaro, H. Devarajan, H.B. Sipma, and T.E. Uribe, “STeP: The Stanford temporal prover, ” Technical Report STAN-CS-TR-94-1518, Computer Science Department, Stanford University, July 1994.

  43. Z. Manna, A. Browne, H.B. Sipma, and T.E. Uribe, “Visual abstractions for temporal verification, ” in A. Haeberer (Ed.), Algebraic Methodology and Software Technology (AMAST'98), LNCS, Vol. 1548, Springer-Verlag, Dec. 1998, pp. 28–41.

  44. Z. Manna, M.A. Colón, B. Finkbeiner, H.B. Sipma, and T.E. Uribe, “Abstraction and modular verification of infinite-state reactive systems, ” in M. Broy (Ed.), Requirements Targeting Software and Systems Engineering (RTSE). LNCS, Vol. 1526, Springer-Verlag, 1997, pp. 273–292.

  45. Z. Manna and A. Pnueli, “Completing the temporal picture, ” Theoretical Computer Science, Vol. 83, No. 1, pp. 97–130, 1991.

    Google Scholar 

  46. Z. Manna and A. Pnueli, The Temporal Logic of Reactive and Concurrent Systems: Specification, Springer-Verlag, New York, 1991.

    Google Scholar 

  47. Z. Manna and A. Pnueli, “Models for reactivity, ” Acta Informatica, Vol. 30, pp. 609–678, 1993.

    Google Scholar 

  48. Z. Manna and A. Pnueli, “Temporal verification diagrams, ” in M. Hagiya and J.C. Mitchell (Eds.), Proc. International Symposium on Theoretical Aspects of Computer Software. LNCS, Vol. 789, Springer-Verlag, 1994, pp. 726–765.

  49. Z. Manna and A. Pnueli, “Verification of parameterized programs, ” in Börger (Ed.), Specification and Validation Methods, Oxford University Press, International Schools for Computer Scientists, 1994, pp. 167–230.

  50. Z. Manna and A. Pnueli, Temporal Verification of Reactive Systems: Safety, Springer-Verlag, New York, 1995.

    Google Scholar 

  51. Z. Manna and H.B. Sipma, “Deductive verification of hybrid systems using STeP, ” in T. Henzinger and S. Sastry (Eds.), Hybrid Systems: Computation and Control. LNCS, Vol. 1386, Springer-Verlag, Apr. 1998, pp. 305–318.

  52. Z. Manna and H.B. Sipma, “Verification of parameterized systems by dynamic induction on diagrams, ” in Proc. 11th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1633, Springer-Verlag, 1999, pp. 25–43.

    Google Scholar 

  53. K.L. McMillan, Symbolic Model Checking, Kluwer Academic Pub., 1993.

  54. G. Nelson and D.C. Oppen, “Fast decision procedures based on congruence closure, ” J. ACM, Vol. 27, No. 2, pp. 356–364, Apr. 1980.

    Google Scholar 

  55. S. Owre, S. Rajan, J.M. Rushby, N. Shankar, and M.K. Srivas, “PVS: Combining specification, proof checking, and model checking, ” in R. Alur and T.A. Henzinger (Eds.), in Proc. 8th Intl. Conference on Computer Aided Verification. LNCS, Vol. 1102, Springer-Verlag, July 1996, pp. 411–414.

  56. A. Pnueli, “The temporal logic of programs, ” in Proc. 18th IEEE Symp. Found. of Comp. Sci., IEEE Computer Society Press, 1977, pp. 46–57.

  57. A. Pnueli, “Lecture notes: the Bakery algorithm, ” Draft Manuscript, Weizmann Institute of Science, Israel, May 1996.

  58. J. Queille and J. Sifakis, “Specification and verification of concurrent systems in CESAR, ” in M. Dezani-Ciancaglini and U. Montanari (Eds.), Intl. Symposium on Programming. LNCS, Vol. 137, Springer-Verlag, 1982, pp. 337–351.

  59. R.E. Shostak, “Deciding combinations of theories, ” J. ACM, Vol. 31. No. 1, pp. 1–12, Jan. 1984.

    Google Scholar 

  60. H.B. Sipma, “Diagram-based verification of discrete, real-time and hybrid systems, ” Ph.D. Thesis, Computer Science Department, Stanford University, Feb. 1999.

  61. W. Thomas, “Automata on infinite objects, ” in J. van Leeuwen (Ed.), Handbook of Theoretical Computer Science, Vol. B, Elsevier Science Publishers (North-Holland), 1990, pp. 133–191.

  62. T.E. Uribe, “Abstraction-based deductive-algorithmic verification of reactive systems, ” PhD Thesis, Computer Science Department, Stanford University, Dec. 1998. Technical Report STAN-CS-TR-99-1618.

  63. M.Y. Vardi and P. Wolper, “Automata-theoretic techniques for modal logics of programs, ” J. Comp. Sys. Sci., Vol. 32, pp. 183–221, 1986.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Stanford University, Stanford, California, 94305, USA

    Nikolaj S. Bjørner, Anca Browne, Michael A. Colón, Bernd Finkbeiner, Henny B. Sipma & Tomás E. Uribe

  2. Computer Science Department, Stanford University, Stanford, California, 94305, USA

    Zohar Manna

Authors
  1. Nikolaj S. Bjørner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anca Browne
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael A. Colón
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bernd Finkbeiner
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zohar Manna
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Henny B. Sipma
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Tomás E. Uribe
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Bjørner, N.S., Browne, A., Colón, M.A. et al. Verifying Temporal Properties of Reactive Systems: A STeP Tutorial. Formal Methods in System Design 16, 227–270 (2000). https://doi.org/10.1023/A:1008700623084

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1008700623084

Search

Navigation