We illustrate how to employ metacircular assume/guarantee reasoning to reduce the verification complexity of finite instances of protocols for safety, using nothing more than an explicit state model checker. The formal underpinnings of our method are based on establishing a simulation relation between the given protocol M, and several overapproximations thereof, Mtilde1,..., Mtilde k. Each Mtildei simulates M, and represents one "view" of it. The Mtildeis depend on each other both to define the abstractions as well as to justify them. We show that in case of our hierarchical coherence protocol, its designer could easily construct each of the Mtildei in a counterexample guided manner. This approach is practical, considerably reduces the verification complexity, and has been successfully applied to a complex hierarchical multicore cache coherence protocol which could not be verified through traditional model checking
展开▼
机译:我们说明了如何使用亚圆假设/保证推理来减少安全性有限实例协议的验证复杂性,仅使用显式状态模型检查器即可。我们方法的形式化基础是建立在给定协议M及其几个近似值Mtilde 1 ,...,Mtilde k 之间的仿真关系。每个Mtilde i 都模拟M,并表示它的一个“视图”。 Mtilde i 相互依赖以定义抽象并证明它们的合理性。我们展示了在我们的分层一致性协议的情况下,其设计者可以轻松地以反例指导的方式构造每个Mtilde i 。这种方法是实用的,大大降低了验证的复杂性,并且已成功应用于无法通过传统模型检查进行验证的复杂的分层多核缓存一致性协议
展开▼
