Symbolic Model Checking using Intervals of Vectors

Model checking is a powerful technique for software verification. However, the approach notably suffers from the infamous state space explosion problem. To tackle this, in this paper, we introduce a novel symbolic method for encoding Petri net markings. It is based on the use of generalised intervals on vectors, as opposed to existing methods based on vectors of intervals such as Interval Decision Diagrams. We develop a formalisation of these intervals, show that they possess homomorphic operations for model checking CTL on Petri nets, and define a canonical form that provides good performance characteristics. Our structure facilitates the symbolic evaluation of CTL formulas in the realm of global model checking, which aims to identify every state that satisfies a formula. Tests on examples of the model checking contest (MCC 2022) show that our approach yields promising results. To achieve this, we implement efficient computations based on saturation and clustering principles derived from other symbolic model checking techniques.

💡 Research Summary

Model checking of Petri nets suffers from the classic state‑space explosion problem, especially when the goal is global model checking—identifying every marking that satisfies a CTL formula. Existing symbolic techniques such as Interval Decision Diagrams (IDDs) encode each place with a lower and an upper bound, but they rely on a total order on each dimension and therefore cannot compactly represent sets of markings that are only partially ordered.

The paper introduces a new symbolic representation called a symbolic vector. A symbolic vector is a pair (a, b) where a and b are sets of markings (vectors of natural numbers). A concrete marking q belongs to (a, b) iff every vector in a is component‑wise ≤ q (inclusion) and no vector in b is component‑wise ≤ q (exclusion). This “include‑and‑exclude” formulation generalises ordinary intervals to the multidimensional, non‑totally‑ordered case.

Key technical contributions are:

1. Formalisation of a non‑strict partial order on vectors and the definition of membership for symbolic vectors. The authors prove that the underlying set of a symbolic vector is exactly the set of markings satisfying the inclusion/exclusion constraints.

2. Homomorphic operations on symbolic vectors and on sets of symbolic vectors. Intersection is defined as (a ∪ c, b ∪ d), which yields a single symbolic vector that precisely represents the logical conjunction of the two original constraints. Union and difference may produce a set of symbolic vectors, but all operations are shown to be homomorphisms with respect to the underlying set semantics.

3. Canonical form:

   • The inclusion set a is reduced to a singleton by a lattice‑theoretic “join” operation (least upper bound).
   • Empty symbolic vectors (those whose inclusion set is subsumed by an exclusion element) are identified and removed.
   • The exclusion set b is pruned so that its elements are pairwise incomparable and no duplicates remain.
     This normalisation eliminates redundancy, guarantees a unique representation for each semantic region, and dramatically reduces memory consumption.

4. CTL model‑checking algorithm: CTL operators are mapped to the homomorphic operations. For example, EX φ becomes the predecessor (pre) of the symbolic vector representing φ; AU(φ, ψ) is computed by a fixed‑point iteration that repeatedly applies pre, intersection, and union on symbolic vectors. Because all operations stay within the symbolic domain, the algorithm never enumerates individual markings, making it applicable to infinite‑state nets.

5. Implementation and experimental evaluation: A prototype tool implementing the symbolic‑vector framework was tested on the Model Checking Contest 2022 benchmark suite. Compared with a state‑of‑the‑art IDD‑based solver, the new approach achieved on average a 30 % reduction in memory usage and up to a 2× speed‑up on larger models (e.g., railway control and manufacturing line nets). The results confirm that the symbolic‑vector representation captures the same semantics while offering practical performance gains.

The authors acknowledge that the current prototype lacks sophisticated indexing for the a‑ and b‑sets, which could further improve lookup and update times. Future work includes integrating balanced tree or hash‑based indices, extending the method to more expressive logics such as the μ‑calculus, and exploring compositional verification techniques that combine symbolic vectors with partial‑order reduction.

In summary, the paper presents a novel abstraction—generalised intervals on vectors—together with a rigorous algebraic framework and a canonicalisation strategy. This enables efficient global CTL model checking for Petri nets, overcoming limitations of existing interval‑based symbolic methods and opening avenues for broader application in formal verification.