Predicate Abstraction with Under-approximation Refinement

TL;DR

This paper introduces a model checking approach that refines under-approximations of system behaviors using concrete transitions and theorem proving, ensuring error detection and potentially finite exploration for systems with finite bisimulation quotients.

Contribution

It presents a novel abstraction-based model checking method that refines under-approximations without generating an abstract transition relation, using theorem proving for precision checks.

Findings

Guarantees error detection in safety properties.

Ensures eventual exploration of finite bisimilar structures.

Applicable to concurrent program verification.

Abstract

We propose an abstraction-based model checking method which relies on refinement of an under-approximation of the feasible behaviors of the system under analysis. The method preserves errors to safety properties, since all analyzed behaviors are feasible by definition. The method does not require an abstract transition relation to be generated, but instead executes the concrete transitions while storing abstract versions of the concrete states, as specified by a set of abstraction predicates. For each explored transition the method checks, with the help of a theorem prover, whether there is any loss of precision introduced by abstraction. The results of these checks are used to decide termination or to refine the abstraction by generating new abstraction predicates. If the (possibly infinite) concrete system under analysis has a finite bisimulation quotient, then the method is guaranteed to eventually explore an equivalent finite bisimilar structure. We illustrate the application of the approach for checking concurrent programs.