TY - JOUR

T1 - Learning to divide and conquer: Applying the L*algorithm to automate assume-guarantee reasoning

AU - Pǎsǎreanu, Corina S.

AU - Giannakopoulou, Dimitra

AU - Bobaru, Mihaela Gheorghiu

AU - Cobleigh, Jamieson M.

AU - Barringer, Howard

N1 - Pasareanu, Corina S. Giannakopoulou, Dimitra Bobaru, Mihaela Gheorghiu Cobleigh, Jamieson M. Barringer, Howard 31 SPRINGER DORDRECHT 304DG

PY - 2008/6

Y1 - 2008/6

N2 - Assume-guarantee reasoning enables a "divide-and-conquer" approach to the verification of large systems that checks system components separately while using assumptions about each component's environment. Developing appropriate assumptions used to be a difficult and manual process. Over the past five years, we have developed a framework for performing assume-guarantee verification of systems in an incremental and fully automated fashion. The framework uses an off-the-shelf learning algorithm to compute the assumptions. The assumptions are initially approximate and become more precise by means of counterexamples obtained by model checking components separately. The framework supports different assume-guarantee rules, both symmetric and asymmetric. Moreover, we have recently introduced alphabet refinement, which extends the assumption learning process to also infer assumption alphabets. This refinement technique starts with assumption alphabets that are a subset of the minimal interface between a component and its environment, and adds actions to it as necessary until a given property is shown to hold or to be violated in the system. We have applied the learning framework to a number of case studies that show that compositional verification by learning assumptions can be significantly more scalable than non-compositional verification. © 2008 Springer Science+Business Media, LLC.

AB - Assume-guarantee reasoning enables a "divide-and-conquer" approach to the verification of large systems that checks system components separately while using assumptions about each component's environment. Developing appropriate assumptions used to be a difficult and manual process. Over the past five years, we have developed a framework for performing assume-guarantee verification of systems in an incremental and fully automated fashion. The framework uses an off-the-shelf learning algorithm to compute the assumptions. The assumptions are initially approximate and become more precise by means of counterexamples obtained by model checking components separately. The framework supports different assume-guarantee rules, both symmetric and asymmetric. Moreover, we have recently introduced alphabet refinement, which extends the assumption learning process to also infer assumption alphabets. This refinement technique starts with assumption alphabets that are a subset of the minimal interface between a component and its environment, and adds actions to it as necessary until a given property is shown to hold or to be violated in the system. We have applied the learning framework to a number of case studies that show that compositional verification by learning assumptions can be significantly more scalable than non-compositional verification. © 2008 Springer Science+Business Media, LLC.

KW - Assume-guarantee reasoning

KW - Compositional verification

KW - Labeled transition systems

KW - Learning

KW - Model checking

KW - Proof rules

KW - Safety properties

U2 - 10.1007/s10703-008-0049-6

DO - 10.1007/s10703-008-0049-6

M3 - Article

SN - 0925-9856

VL - 32

SP - 175

EP - 205

JO - Formal Methods in System Design

JF - Formal Methods in System Design

IS - 3

ER -