Ansuman Banerjee
Abstract
Assume-guarantee style verification of modules relies on the appropriate modeling of the interaction of the module with its environment. Popular temporal logics such as Computation Tree Logic (CTL) and Linear Temporal Logic (LTL) that were originally defined for closed systems (Kripke structures) do not make any syntactic discrimination between input and output variables. As a result, these logics and their recent derivatives (such as System Verilog, Sugar, Forspec, etc) permit the specification of properties that have some semantic problems when interpreted over open systems or modules. These semantic problems are quite common in practice, but are computationally hard to detect within a given specification. In this article, we propose a new style for writing temporal specifications of open systems that helps the designer to avoid most of these problems. In the proposed style, the basic temporal operators (such as next and until) are annotated with assume constraints over the input variables. We formalize this style through an extension of LTL, namely Open-LTL and an extension of CTL with fairness, called Open-CTL. We show that this simple syntactic separation between the assume and the guarantee achieves the desired results. We show that the proposed style can be integrated with traditional symbolic model-checking techniques and present a complete tool for the verification of Verilog RTL modules in isolation.
- Abadi, M. and Lamport, L. 1995. Conjoining specifications. ACM Trans. Program. Lang. Syst. 17, 3, 507--535.]] Google Scholar
Digital Library
- Amla, N., Emerson, E. A., Kurshan, R. P., and Namjoshi, K. S. 2001. RTDT: A front-end for efficient model checking of synchronous timing diagrams. In Proceedings of the International Conference on Computer Aided Verification (CAV'01). 387--390.]] Google ScholarDigital Library
- Amla, N., Emerson, E. A., and Namjoshi, K. S. 1999. Efficient decompositional model checking for regular timing diagrams. In Proceedings of the International Conference on Correct Hardware Design and Verification Methods (CHARME'99). 67--81.]] Google ScholarDigital Library
- Amla, N., Emerson, E. A., Namjoshi, K. S., and Trefler, R. 2001. Assume-guarantee based compositional reasoning for synchronous timing diagrams. In Proceedings of the International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'01). Lecture Notes in Computer Science, vol. 2031, 465--479.]] Google ScholarDigital Library
- Amla, N., Emerson, E. A., Namjoshi, K. S., and Trefler, R. 2002. Visual specifications for modular reasoning about asynchronous systems. In Proceedings of the International Conference on Formal Techniques for Networked and Distributed Systems (FORTE'02). 226--242.]] Google ScholarDigital Library
- Amla, N., Emerson, E. A., Namjoshi, K. S., and Trefler, R. 2003. Abstract patterns of compositional reasoning. In Proceedings of the International Conference on Concurrency Theory (CONCUR'03). 423--438.]]Google Scholar
- Armoni, R., Fix, L., Gerth, R., Ginsburg, B., Kanza, T., Lantrer, A., Modor-Haim, S., Tiemeyer, A., Singerman, E., and Vardi, M. Y. 2002. The ForSpec temporal logic: A new property-specification language. In Proceedings of the 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'02). Lecture Notes in Computer Science, vol. 2280, Springer Verlag. 296--311.]] Google ScholarDigital Library
- Banerjee, A., Dasgupta, P. and Chakrabarti, P. P. 2004. Formal verification of modules under real time environment constraints. In Proceedings of the International Conference on VLSI Design (VLSI'04). 103--108.]] Google ScholarDigital Library
- Chakrabarti, A., Dasgupta, P., Chakrabarti, P. P., and Banerjee, A. 2002. Formal verification of module interfaces against real time specifications. In Proceedings of the Design Automation Conference (DAC'02). 141--145.]] Google ScholarDigital Library
- Chandy, K. M. and Misra, J. 1981. Proofs of networks of processes. IEEE Trans. Softw. Eng. 7, 4, 417--426.]]Google Scholar
- Clarke, E. M., Emerson, E. A., and Sistla, A. P. 1986. Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Trans. Program. Lang. Syst. 8, 2, 244--263.]] Google ScholarDigital Library
- Clarke, E. M., Grumberg, O., and Peled, D. A. 2000. Model Checking, MIT Press, Cambridge, MA.]]Google Scholar
- Dasgupta, P., Chakrabarti, A., and Chakrabarti, P. P. 2002. Open computation tree logic for formal verification of modules. In Proceedings of the IEEE Asia South Pacific Design Automation Conference (ASPDAC'02). 735--740.]] Google ScholarDigital Library
- Emerson, E. A. and Clarke, E. M. 1980. Characterizing correctness properties of parallel programs using fixpoints. Automata, Languages and Programming. Lecture Notes in Computer Science, vol. 85, Springer-Verlag. 169--181.]] Google ScholarDigital Library
- Emerson, E. A. and Lei, C. L. 1985. Modalities for model checking: Branching time strikes back. In Proceedings of the 12th ACM Symposium on Principles of Programming Languages, New Orleans, LA. (Jan.). 84--95.]] Google ScholarDigital Library
- Emerson, E. A., Mok, A. K., Sistla, A. P., and Srinivasan, J. 1990. Quantitative temporal reasoning. In the Ist Annual Workshop on Computer-Aided Verification (CAV'90). 136--145.]] Google ScholarDigital Library
- Emerson, E. A. and Trefler, R. J. 1997. Generalized Quantitative temporal reasoning: An automata theoretic-approach. In Proceedings of the 7th International Joint Conference on Theory and Practice of Software Development (TAPSOFT'97). 189--200.]] Google ScholarDigital Library
- Emerson, E. A. and Trefler, R. J. 1999. Parametric quantitative temporal reasoning: In Logic in Computer Science. 336--343.]] Google ScholarDigital Library
- Grumberg, O. and Long, D. E. 1994. Model checking and modular verification. ACM Trans. Program. Lang. Syst. 16, 843--872.]] Google ScholarDigital Library
- Henzinger, T., Qadeer, S., and Rajamani, S. 2000. Decomposing refinement proofs using assume-guarantee reasoning. In Proceedings of the International Conference on Computer-Aided Design (ICCAD'00). IEEE Computer Society Press, 245--252.]] Google ScholarDigital Library
- Jones, C. B. 1983. Specification and design of parallel programs. In Proceedings of the International Conference of International Federation for Information Processing (IFIP'83). North Holland, 321--332.]]Google Scholar
- Josko, B. 1987. MCTL---An extension of CTL for modular verification of concurrent systems. In Proceedings of the Temporal Logic in Specification Lecture Notes in Computer Science, vol. 398, Springer Verlag. 165--187.]] Google ScholarDigital Library
- Josko, B. 1999. Verifying the correctness of AADL Modules using model checking. Lecture Notes in Computer Science, vol. 430, Springer-Verlag. 386--400.]] Google ScholarDigital Library
- Kupferman, O. and Vardi, M. Y. 1996. Module checking. In Proceedings of the 8th International Conference on Computer Aided Verification (CAV'96). Lecture Notes in Computer Science, vol. 1102, 75--86.]] Google ScholarDigital Library
- Kurshan, R. P. 1994. Computer Aided Verification of Coordinating Processes: The Automata Theoretic Approach. Princeton University Press, Princeton, NJ.]] Google ScholarDigital Library
- Mcmillan, K. L. 1999. Circular compositional reasoning about liveness. In Proceedings of the International Conference on Correct Hardware Design and Verification Methods (CHARME'99). Lecture Notes in Computer Science, vol. 1703, 342--345.]] Google ScholarDigital Library
- Namjoshi, K. and Trefler, R. J. 2000. On the completeness of compositional reasoning. In Proceedings of the International Conference on Computer Aided Verification (CAV'00). Lecture Notes in Computer Science, vol. 1855, 139--153.]] Google ScholarDigital Library
- Pandya, P. and Joseph, M. 1991. P-A logic---A compositional proof system for distributed programs. Distrib. Comput. 5, 37--54.]] Google ScholarDigital Library
- Pnueli, A. 1977. The temporal logic of programs. In Proceedings of the 18th International Symposium on Foundations of Computer Science (FOCS'77). 46--57.]]Google ScholarDigital Library
- Pnueli, A. 1984. In transition for global to modular temporal reasoning about programs. In Logics and Models of Concurrent Systems, K. R. Apt, Ed. Springer-Verlag. 123--144.]] Google ScholarDigital Library
- Pnueli, A. and Rosner, R. 1989. On the Synthesis of a Reactive Module. In Proceedings of the Principles of Programming Languages (POPL'89). 179--190.]] Google ScholarDigital Library
- Roever, W.-P. 1997. The need for Compositional Proof Systems. A Survey. In the International Symposium on Compositionality: The Significant Difference (COMPOS'97). Lecture Notes in Computer Science, vol. 1536, 1--22.]] Google ScholarDigital Library
- Schlör, R. C. 2000. Symbolic timing diagrams: A visual formalism for model verification. PhD Thesis, University of Oldenburg.]]Google Scholar
- Somenzi, F. 1998. CUDD: CU Decision Diagram Package, Release 2.3.0, User's Manual. Department of Electrical and Computer Engineering, University of Colorado, Boulder, CO.]]Google Scholar
- Stark, E. 1985. A proof technique for rely/guarantee properties. In Proceedings of the International Conference on Foundations of Software Technology and Theoretical Computer Science (FST&TCS'85). 369--391.]] Google ScholarDigital Library
- Thiagarajan, J. and Henriksen, P. S. 1999. Dynamic linear time temporal logic. Annals Pure Applied Logic 96, 1--3, 187--207.]]Google Scholar
- Vardi, M. 1997. Verification of open systems. In Proceedings of the International Conference on Foundations of Software Technology and Theoretical Computer Science (FST&TCS'97). 250--266.]] Google ScholarDigital Library
Index Terms
- The open family of temporal logics: Annotating temporal operators with input constraints
Recommendations
Reified Temporal Logics: An Overview
There are three main approaches to the representation of temporal information in AI literature: the so-called method of temporal arguments that simply extends functions and predicates of first-order language to include time as the additional argument; modal ...
Arity hierarchy for temporal logics
A major result concerning temporal logics is Kamp's Theorem which states that the pair of modalities ''until'' and ''since'' is expressively complete for the first-order fragment of the monadic logic over the linear-time canonical model of naturals. The ...
Intuitionistic Trilattice Logics
We take up a suggestion by Odintsov (2009, Studia Logica, 91, 407–428) and define intuitionistic variants of certain logics arising from the trilattice SIXTEEN3 introduced in Shramko and Wansing (2005, Journal of Philosophical Logic, 34, 121–153 and ...
Comments