Stack Overflow
Stack Overflow

Questions tagged [model-checking]

Model checking refers to the following problem: Given a model of a system, test automatically whether this model meets a given specification.

Model checking refers to the following problem: Given a model of a system, test automatically whether this model meets a given specification.

Typically, the systems one has in mind are hardware or software systems, and the specification contains safety requirements such as the absence of deadlocks and similar critical states that can cause the system to crash. Model checking is a technique for automatically verifying correctness properties of finite-state systems.

An important class of model checking methods have been developed for checking models of hardware and software designs where the specification is given by a temporal logic formula.

240 questions
0
votes
1 answer

How does one formally verify that the following protocol is correct?

In the following code sample, a Sender and a Receiver exchange --for an undetermined amount of time-- a number of packets. Each message, sent by the Sender, contains either 0 or 1 and a sequence number. Whenever the Receiver a message, it checks…
Patrick Trentin
  • 7,126
  • 3
  • 23
  • 40
0
votes
1 answer

State space size of state of the art model checkers

What is the approximate maximum state space size of modern model checkers, like NuSMV. I do not need an exact number but some state size value, where the run time is still acceptable (say a few weeks). What kind of improvements, beyond symbolic…
Cryptostasis
  • 1,166
  • 6
  • 15
0
votes
0 answers

Access NuSMV from java

How can I access NuSMV as a model checker from java? I want to use a library to call NuSMV and read a .smv file, check an LTLSPEC and return the satisfaction massage or counterexample as a result. I have found nusmv-tools, which is an Eclipse-based…
mirzanahal
  • 167
  • 2
  • 12
0
votes
1 answer

Static partial-order reduction on a given state space

Most papers about partial-order reduction assume that the system to be analyzed is given as a set of processes with some composition operator. This makes much sense, since you do not want to compute the state space first, and then to reduce it using…
eider
  • 51
  • 3
0
votes
1 answer

How can I define global constants in NuSMV?

I don't know how to declare global constants in NuSMV, in a way that is similar to #define n 5 in C. How can I do that in NuSMV?
Ainur Issina
  • 39
  • 1
0
votes
1 answer

System contains deadlock - how to find it? (UPPAAL)

I set up a model with UPPAAL and i used the verifier to check for a deadlock. The answer is: Property not satisfied. Thus there exists a deadlock. Is there a way in UPPAAL to report more detailled information about the deadlock such as the state…
Nikolas Rieble
  • 2,416
  • 20
  • 43
0
votes
1 answer

ddcal is not working

I am trying to use DDcal for evaluating binary decision diagrams. When I try to evaluate some formula e.g.: a+b*c', I always get this error: util_pipefork: can not exec dot: No such file or directory. Does anyone have idea how I can resolve this…
mark
  • 354
  • 2
  • 5
  • 15
0
votes
1 answer

How can i change psuedo-code to NuSMV code?

My professor decide to give us math student a code to change into NuSMV and i can't seem to find anywhere else for help and i read the textbook it like 6 pages only and only describe what certain property does. Module main is an example of NuSMV…
Darkflame
  • 79
  • 2
  • 11
0
votes
1 answer

Alloy assertion does not work as expected

Here is my alloy code: one sig Library { books: set Book, // set of the library's books patrons: set Patron, // set of the library's patrons circulation: Patron lone -> some Book // books in circulation } // set of books in the…
freud14
  • 35
  • 7
0
votes
1 answer

Bug in NuSMV Model Checking?

Suppose I have following structure M = (S, R, L) where S = {s0, s1, s2} is the set of possible states, R is a transition relation such that: s0 -> s1, s0 -> s2, s1 -> s0, s1 -> s2, and s2 -> s2, and L is the labeling function for each state defined…
Iqazra
  • 419
  • 1
  • 3
  • 11
0
votes
1 answer

nusmv 2.6 build failed

I downloaded the nusmv-2.6.0.tar.gz and followed the readme file in nusmv-2.6.0/nusmv/README.TXT to build it but there were some problems. I guess there may be a wrong config somewhere, but I didn't find it. tar -jxvf nusmv-2.6.0.tar.gz cd…
valiant wang
  • 75
  • 10
0
votes
2 answers

Calling Convention error - C

In the following code there is a calling convention error(possibly leading to an eternal loop), and i cannot detect it. I try to verify the code using 'Satabs'. What kind of model can bring the error to the surface. With the following model i get a…
Ioannis Koukoulis
  • 61
  • 1
  • 1
  • 9
0
votes
1 answer

Check equivalent CTL formulas

I'm doing an CTL exercise, I'm trying to check if the following formulas are equivalent or not. But I'm not sure if I'm doing right. EF (p or q) = EF(p) or EF(q) ? AF(p or q) = AF(p) or AF(q) ? A(p U ( A(q U r) )) = A(A(p U q) U r) ? Firt…
macco
  • 21
  • 1
  • 11
0
votes
1 answer

About a type specifier in NuSMV (error: invalid subrange)

In the last paragraph, page # 23 of user manual 2.5 (I am using 2.5.4): "A type specifier can be given by two expressions separated by .. (). The two expressions have both to evaluate to constants integer numbers, and may …
negin
  • 3
  • 2
0
votes
1 answer

ispin help (unreachable states in LTL formula)

I have modeled a system in ispin and when trying to verify the system using LTL formulas I found unreachable error like unreached in claim l0 _spin_nvr.tmp:8, state 9, "(!((getReciept&&getCard)))" _spin_nvr.tmp:10, state 11, "-end-" (2…
user5185231
  • 3
  • 2
1 2 3
15
16