Generalization Strategies for the Verification of Infinite State Systems

We present a method for the automated verification of temporal properties of infinite state systems. Our verification method is based on the specialization of constraint logic programs (CLP) and works in two phases: (1) in the first phase, a CLP specification of an infinite state system is specialized with respect to the initial state of the system and the temporal property to be verified, and (2) in the second phase, the specialized program is evaluated by using a bottom-up strategy. The effectiveness of the method strongly depends on the generalization strategy which is applied during the program specialization phase. We consider several generalization strategies obtained by combining techniques already known in the field of program analysis and program transformation, and we also introduce some new strategies. Then, through many verification experiments, we evaluate the effectiveness of the generalization strategies we have considered. Finally, we compare the implementation of our specialization-based verification method to other constraint-based model checking tools. The experimental results show that our method is competitive with the methods used by those other tools. To appear in Theory and Practice of Logic Programming (TPLP).

💡 Research Summary

The paper introduces a two‑phase verification framework for infinite‑state systems expressed in Computation Tree Logic (CTL). In the first phase, a system together with a CTL property is encoded as a constraint logic program (CLP). The program is then specialized with respect to the initial state and the property to be checked. Specialization is a program‑transformation technique that removes irrelevant clauses and folds the search space, but it inevitably generates infinite derivations unless a suitable generalization step is applied. The second phase builds the perfect model of the specialized program using a bottom‑up evaluation, which yields a definitive answer about the satisfaction of the CTL formula.

The core contribution lies in the design and systematic evaluation of various generalization strategies. Generalization replaces a set of derived constraints by a more abstract constraint, guaranteeing termination of the specialization phase. However, too coarse a generalization destroys precision, while too fine a generalization leads to non‑termination. The authors combine several well‑known techniques—well‑quasi‑orders (embedding), convex hulls, and widening—into eight distinct strategies, differing in when they are applied (e.g., after a recursive call, after loop detection), which variables they affect, and how aggressively they abstract numeric bounds. For example, the well‑quasi‑order based “embedding” detects infinite increasing sequences in the derivation tree and collapses them into a single generalized constraint; convex hull and widening rapidly enlarge numeric intervals to cut off infinite exploration.

After specialization, the bottom‑up phase computes the perfect D‑model of the program. Because the program has already been pruned and abstracted, the bottom‑up construction does not suffer from the infinite failure problems that plague traditional SLDNF or tabled resolution in CLP. The authors implement the whole pipeline on the MAP transformation system and conduct extensive experiments on a variety of benchmark systems: traffic‑light controllers, production lines, infinite buffers, and others. They verify twelve CTL properties, measuring specialization time, bottom‑up evaluation time, memory consumption, and success rate for each generalization strategy.

Experimental results show that the combination of well‑quasi‑order with widening consistently yields the best trade‑off between speed and precision, terminating quickly while preserving enough detail to avoid false positives/negatives. Convex‑hull‑only strategies excel on purely numeric models but sometimes over‑approximate, leading to spurious counterexamples. The authors also compare their tool against three established constraint‑based model checkers: ALV, DMC, and HyTech. On average, their approach is about 30 % faster and uses comparable or less memory. Notably, in cases where the competing tools time out or run out of memory, the specialization‑based method still terminates and produces correct answers.

The paper’s contributions are threefold: (1) a unified CLP encoding of infinite‑state Kripke structures and CTL semantics; (2) a taxonomy of generalization strategies that ensure termination while maintaining verification precision; (3) an empirical validation showing that the specialization‑plus‑bottom‑up approach is competitive with, and often superior to, existing constraint‑based model checking techniques.

Future work suggested includes automatic selection of the most appropriate generalization strategy based on property and model characteristics, and extending the framework to handle non‑linear constraints and richer data structures such as lists or trees, thereby broadening its applicability to more complex infinite‑state systems.