Bounded Model Checking for Unbounded Client Server Systems

TL;DR

This paper introduces a novel bounded model checking approach for unbounded client-server systems using a new counting logic and a two-dimensional strategy, implemented in the DCModelChecker tool, verified on industrial benchmarks.

Contribution

It proposes a new counting logic and a 2D bounded model checking strategy for unbounded systems, implemented in a tool that leverages SMT solvers and tested on benchmarks.

Findings

Effective verification of unbounded client-server systems.

Successful application to industrial benchmarks.

Enhanced model checking with the 2D approach.

Abstract

Bounded model checking (BMC) is an efficient formal verification technique which allows for desired properties of a software system to be checked on bounded runs of an abstract model of the system. The properties are frequently described in some temporal logic and the system is modeled as a state transition system. In this paper we propose a novel counting logic, $\mathcal{L}_{C}$, to describe the temporal properties of client-server systems with an unbounded number of clients. We also propose two dimensional bounded model checking ($2D$-BMC) strategy that uses two distinguishable parameters, one for execution steps and another for the number of tokens in the net representing a client-server system, and these two evolve separately, which is different from the standard BMC techniques in the Petri Nets formalism. This $2D$-BMC strategy is implemented in a tool called DCModelChecker which leverages the $2D$-BMC technique with a state-of-the-art satisfiability modulo theories (SMT) solver Z3. The system is given as a Petri Net and properties specified using $\mathcal{L}_{C}$ are encoded into formulas that are checked by the solver. Our tool can also work on industrial benchmarks from the Model Checking Contest (MCC). We report on these experiments to illustrate the applicability of the $2D$-BMC strategy.