Formal Verification of Simulation Traces Using Computation Slicing

Concurrent and distributed systems, such as system-on-chips (SoCs), present an immense challenge for verification due to their complexity and inherent concurrency. Traditional approaches for eliminating errors in concurrent and distributed systems include formal methods and simulation. We present an approach toward combining formal methods and simulation in a technique called predicate detection (aka runtime verification), while avoiding the complexity of formal methods and the pitfalls of ad hoc simulation. Our technique enables efficient formal verification on execution traces of actual scalable systems. Traditional simulation methodologies are woefully inadequate in the presence of concurrency and subtle synchronization. The bug in the system may appear only when the ordering of concurrent events is different from the ordering in the simulation trace. We use a partial order trace model rather than the traditional total order trace model and we get the benefit of properly dealing with concurrent events and especially of detecting errors from analyzing successful total order traces. Surprisingly, checking properties, even on a finite partial order trace, is NP-complete in the size of the trace description (aka state-explosion problem). Our approach to ameliorating state explosion in partial order trace model uses two techniques: 1) slicing and 2) exploiting the structure of the property itself-by imposing restrictions-to evaluate its value efficiently for a given execution trace. Intuitively, the slice of a trace with respect to a property is a subtrace that contains all of the global states of the trace that satisfy the property such that it is computed efficiently (without traversing the state space) and represented concisely (without explicit representation of individual states). We present temporal slicing algorithms with respect to properties in temporal logic RCTL+. We show how to use the slicing algorithms for efficient predicate detection of design properti- - es. We have developed a prototype system, partial order trace analyzer (POTA), which implements our algorithms. We verify several scalable and industrial protocols, including CORBA´s general inter-ORB protocol, PCI-based system-on-chip, ISO´s asynchronous transfer mode ring, cache coherence, and mutual exclusion. Our experimental results indicate that slicing can lead to exponential reduction over existing techniques, such as the ones in SPIN model checker, both in time and space