In finite-state systems, if an LTL property is false, there is always a counterexample path (i.e. a witness) for it which is ultimately periodic (i.e. in a lasso-shaped form). When dealing with infinite-state systems, this is no longer the case. In this work, we address this issue by proposing an automatic approach that presents witnesses in an indirect way. The approach is based on two key insights. First, we leverage the notion of well-founded funnel, where a ranking function ensures that the states in the source set are guaranteed to inevitably reach the destination set. We show that, under suitable conditions, a sequence of funnels ensures the existence of a fair path. Second, we adopt a compositional approach to partition the original system into projections and to prove that they result in a non-empty under-approximation of the original system that only contains fair paths. Then, we propose an algorithm that, working in an abstract space induced by a set of predicates, identifies candidate funnels, proves their well-foundedness, and searches for a sequencing order. We experimentally evaluate the approach on examples taken from software, timed and hybrid systems, showing its wide applicability and expressiveness, with an implementation that outperforms various competitor tools.
LTL falsification in infinite-state systems
Cimatti, Alessandro;Griggio, Alberto;Magnago, Enrico
2022-01-01
Abstract
In finite-state systems, if an LTL property is false, there is always a counterexample path (i.e. a witness) for it which is ultimately periodic (i.e. in a lasso-shaped form). When dealing with infinite-state systems, this is no longer the case. In this work, we address this issue by proposing an automatic approach that presents witnesses in an indirect way. The approach is based on two key insights. First, we leverage the notion of well-founded funnel, where a ranking function ensures that the states in the source set are guaranteed to inevitably reach the destination set. We show that, under suitable conditions, a sequence of funnels ensures the existence of a fair path. Second, we adopt a compositional approach to partition the original system into projections and to prove that they result in a non-empty under-approximation of the original system that only contains fair paths. Then, we propose an algorithm that, working in an abstract space induced by a set of predicates, identifies candidate funnels, proves their well-foundedness, and searches for a sequencing order. We experimentally evaluate the approach on examples taken from software, timed and hybrid systems, showing its wide applicability and expressiveness, with an implementation that outperforms various competitor tools.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
