1 | We have conducted preliminary experiments to tests and compare the performance of our strategy with existing abstraction-refinement technique available in VIS. As our test platforms requires fairness constraints, we have chosen the \emph{incremental\_ctl\_verification} abstraction refinement technique as it supports CTL formulas and fairness constraints \cite{PardoHachtel98incremCTLMC} \cite{PardoHachtel97autoAbsMC}. It is an automatic abstraction refinement algorithm which generates an initial conservative abstraction principally by reducing the size of the latches by a constant factor. If the initial abstraction is not conclusive, a \emph{goal set} will then be computed in order to guide the refinement process. |
---|
2 | |
---|
3 | We have executed and compared the execution time and the number of refinement iterations for two examples: VCI-PI platform consisting of Virtual Component Interface (VCI), a PI-Bus and VCI-PI protocol converter and a simplified version of a CAN bus platform consisting of 3 nodes on a CAN bus. Table \ref{StatsVCI_PI} and Table \ref{StatsCAN_Bus} give the size and the statistics concerning the VCI-PI platform and CAN bus platform respectively. All the values are obtained using the \emph{compute\_reach} command with option \emph{-v 1} in VIS except the number of BDD variables, computed using the \emph{print\_bdd\_stats} command. The experiments have been executed on a PC with an AMD Athlon dual-core processor 4450e and 1.8GB of RAM memory. |
---|
4 | |
---|
5 | \begin{table*} [ht] |
---|
6 | \hspace*{10mm} |
---|
7 | \begin{tabular}{clccccc} |
---|
8 | |
---|
9 | \toprule |
---|
10 | \multicolumn{2}{c}{\textbf{VCI-PI}} & \emph{Number of} & \emph{FSM} & \emph{BDD} & \emph{Number of } & \emph{Analysis}\\ |
---|
11 | \multicolumn{2}{c}{\textbf{Platform}} &\emph{BDD Variables} & \emph{Depth} & \emph{Size} & \emph{Reachable States} & \emph{Time (s)} \\ |
---|
12 | \midrule |
---|
13 | \midrule |
---|
14 | & 1 Master-1 Slave & 308 & 599 & 33 442 & 3.64116e+06 & 41.49 \\ |
---|
15 | Concrete & 2 Masters-1 Slave & 439 & 186 & 75 210 & 7.3282e+04 & 14.36 \\ |
---|
16 | Model & 4 Masters-1 Slave & 709 & 408 & 156 657 & 2.15076e+07 & 414.38 \\ |
---|
17 | & 4 Masters-2 Slaves & 883 & 597 & 217 797 & 3.22215e+10 & 4064.09 \\ |
---|
18 | \midrule |
---|
19 | \midrule |
---|
20 | Final & 1 Master-1 Slave & 197 & 2 & 76 & 5.03316e+07 & 0.01 \\ |
---|
21 | Abstract & 2 Masters-1 Slave & 301 & 2 & 99 & 4.12317e+11 & 0.02 \\ |
---|
22 | Model & 4 Masters-1 Slave & 501 & 2 & 147 & 3.45876e+18 & 0.03\\ |
---|
23 | for $\phi_1$ & 4 Masters-2 Slaves & 589 & 2 & 167 & 7.08355e+21 & 0.04 \\ |
---|
24 | \midrule |
---|
25 | Final & 1 Master-1 Slave & 194 & 1 & 50 & 2.62144e+07 & 0 \\ |
---|
26 | Abstract & 2 Masters-1 Slave & 298 & 1 & 73 & 2.14748e+11 & 0.01 \\ |
---|
27 | Model & 4 Masters-1 Slave & 498 & 1 & 121 & 1.80144e+18 & 0.02 \\ |
---|
28 | for $\phi_2$ & 4 Masters-2 Slaves & 586 & 1 & 141 & 3.68935e+21 & 0.02 \\ |
---|
29 | \bottomrule |
---|
30 | \bottomrule |
---|
31 | \end{tabular} |
---|
32 | |
---|
33 | \caption{\label{StatsVCI_PI} Statistics on the VCI-PI platform} |
---|
34 | \end{table*} |
---|
35 | %\medskip |
---|
36 | |
---|
37 | |
---|
38 | \begin{table*} [ht] |
---|
39 | \hspace*{12mm} |
---|
40 | \begin{tabular}{cccccc} |
---|
41 | |
---|
42 | \toprule |
---|
43 | \textbf{CAN Bus} & \emph{Number of} & \emph{FSM} & \emph{BDD} & \emph{Number of } & \emph{Analysis}\\ |
---|
44 | \textbf{Platform} &\emph{BDD Variables} & \emph{Depth} & \emph{Size} & \emph{Reachable States} & \emph{Time (s)} \\ |
---|
45 | \midrule |
---|
46 | \midrule |
---|
47 | Concrete Model & 838 & 182 & 212550 & 2.87296e+08 & 167.9 \\ |
---|
48 | \midrule |
---|
49 | \midrule |
---|
50 | Final Abstract Model for $\phi_1$ & xx & 2 & xxx & xxx & xxxx \\ |
---|
51 | \midrule |
---|
52 | Final Abstract Model for $\phi_2$ & xx & 2 & xxx & xxx & xxxx \\ |
---|
53 | \bottomrule |
---|
54 | \bottomrule |
---|
55 | \end{tabular} |
---|
56 | |
---|
57 | \caption{\label{StatsCAN_Bus} Statistics on the CAN Bus platform} |
---|
58 | \end{table*} |
---|
59 | |
---|
60 | |
---|
61 | \begin{table} [h] |
---|
62 | %\hspace*{-8mm} |
---|
63 | \begin{tabular}{cccc} |
---|
64 | |
---|
65 | \toprule |
---|
66 | \emph{Global} &\emph{Verification} & \emph{Refinement} & \emph{Verif.} \\ |
---|
67 | \emph{Property} & \emph{Technique} & \emph{Iteration} & \emph{Time (s)} \\ |
---|
68 | \midrule |
---|
69 | \midrule |
---|
70 | \multicolumn{4}{l}{\textbf{\underline{1 Master - 1 Slave :}}} \\ |
---|
71 | & Prop. Selection & 1 & 2.2 \\ |
---|
72 | $\phi_1$ & Incremental & 0 & 18.1 \\ |
---|
73 | & Standard MC & - & 14.9 \\ |
---|
74 | \midrule |
---|
75 | & Prop. Selection & 0 & 1.0 \\ |
---|
76 | $\phi_2$ & Incremental & 467 & 168.0 \\ |
---|
77 | & Standard MC & - & 14.9 \\ |
---|
78 | \midrule |
---|
79 | \midrule |
---|
80 | \multicolumn{4}{l}{\textbf{\underline{2 Masters - 1 Slave :}}} \\ |
---|
81 | & Prop. Selection & 1 & 2.0 \\ |
---|
82 | $\phi_1$ & Incremental & 0 & 1.3 \\ |
---|
83 | & Standard MC & - & 1.5 \\ |
---|
84 | \midrule |
---|
85 | & Prop. Selection & 0 & 1.0 \\ |
---|
86 | $\phi_2$ & Incremental & 0 & 15.3 \\ |
---|
87 | & Standard MC & - & 14.6 \\ |
---|
88 | \midrule |
---|
89 | \midrule |
---|
90 | \multicolumn{4}{l}{\textbf{\underline{4 Masters - 1 Slave :}}} \\ |
---|
91 | & Prop. Selection & 1 & 2.1 \\ |
---|
92 | $\phi_1$ & Incremental & 0 & 6.8 \\ |
---|
93 | & Standard MC & - & 175.5 \\ |
---|
94 | \midrule |
---|
95 | & Prop. Selection & 0 & 1.0 \\ |
---|
96 | $\phi_2$ & Incremental & 0 & 7.5 \\ |
---|
97 | & Standard MC & - & 195.1 \\ |
---|
98 | \midrule |
---|
99 | \midrule |
---|
100 | \multicolumn{4}{l}{\textbf{\underline{4 Masters - 2 Slaves :}}} \\ |
---|
101 | & Prop. Selection & 1 & 2.2 \\ |
---|
102 | $\phi_1$ & Incremental & N/A & >1 day \\ |
---|
103 | & Standard MC & - & 2231.3 \\ |
---|
104 | \midrule |
---|
105 | & Prop. Selection & 0 & 1.1\\ |
---|
106 | $\phi_2$ & Incremental & N/A & >1 day \\ |
---|
107 | & Standard MC & - & 12814.1 \\ |
---|
108 | \bottomrule |
---|
109 | \bottomrule |
---|
110 | |
---|
111 | \end{tabular} |
---|
112 | |
---|
113 | \caption{\label{TabVCI_PI} Results on the VCI-PI platform } |
---|
114 | \end{table} |
---|
115 | |
---|
116 | %\medskip |
---|
117 | |
---|
118 | |
---|
119 | \begin{table} [h] |
---|
120 | %\hspace*{-8mm} |
---|
121 | \begin{tabular}{lcccc} |
---|
122 | |
---|
123 | \toprule |
---|
124 | \emph{Global} & \emph{Verification} & \emph{Refinement} & \emph{Verif.} \\ |
---|
125 | \emph{Property} & \emph{Technique} & \emph{Iteration} & \emph{Time (s)} \\ |
---|
126 | \midrule |
---|
127 | \midrule |
---|
128 | & Prop. Selection & xxx & xxx \\ |
---|
129 | $\phi_3$ & Incremental & N/A & >1 day \\ |
---|
130 | & Standard MC & - & 51.9 \\ |
---|
131 | \midrule |
---|
132 | & Prop. Selection & xxx & xxx \\ |
---|
133 | $\phi_4$ & Incremental & 0 & 57.3 \\ |
---|
134 | & Standard MC & - & 2.2 \\ |
---|
135 | \bottomrule |
---|
136 | |
---|
137 | \end{tabular} |
---|
138 | |
---|
139 | \caption{\label{TabCANBus} Results on the CAN Bus platform } |
---|
140 | \end{table} |
---|
141 | |
---|
142 | |
---|
143 | |
---|
144 | In the following tables: Table \ref{TabVCI_PI} and Table \ref{TabCANBus}, we compare the execution time between our technique (Prop. Selection), incremental\_ctl\_verification (Incremental) and the standard model checking (Standard MC) computed using the \emph{model\_check} command in VIS (Note: Dynamic variable ordering has been enabled with sift method). For the VCI-PI platform, the global property $\phi_1$ is the type $AF((p=1)*AF(q=1))$ and $\phi_2$ is actually a stronger version of the same formula with $AG(AF((p=1)*AF(q=1)))$ whereas for the CAN bus platform, the global property $\phi_3$ is the type $AG(((p'=1)*(q'=1)) -> AF((s = 1)*(r = 1))$ and $\phi_4 = AG(((p'=1)*(q'=1)) -> AG(r' = 0))$. We can see that our technique systematically computes faster than the other two methods and interestingly in the case where the size of the platform increases by adding the more connected components, in contrary to the other two methods, our computation time remains stable. |
---|
145 | |
---|
146 | |
---|
147 | |
---|
148 | %\medskip |
---|
149 | |
---|
150 | |
---|