Debugging Unrealizable Specifications with Model-Based Diagnosis

  • Robert Könighofer
  • Georg Hofferek
  • Roderick Bloem
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6504)


Creating a formal specification for a reactive system is difficult and mistakes happen frequently. Yet, aids for specification debugging are rare. In this paper, we show how model-based diagnosis can be applied to localize errors in unrealizable specifications of reactive systems. An implementation of the system is not required. Our approach identifies properties and signals that can be responsible for unrealizability. By reduction to unrealizability, it can also be used to debug specifications which forbid desired behavior. We analyze specifications given as one set of properties, as well as specifications consisting of assumptions and guarantees. For GR(1) specifications we describe how realizability and unrealizable cores can be computed quickly, using approximations. This technique is not specific to GR(1), though. Finally, we present experimental results where the error localization precision is almost doubled when compared to the presentation of just unrealizable cores.


Error Localization Minimization Algorithm Realizability Check Winning Region Diagnosis Approach 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bloem, R., Cimatti, A., Greimel, K., Hofferek, G., Könighofer, R., Roveri, M., Schuppan, V., Seeber, R.: RATSY – A new requirements analysis tool with synthesis. In: Touili, T., Cook, B., Jackson, P. (eds.) CAV 2010. LNCS, vol. 6174, pp. 425–429. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Bloem, R., Galler, S., Jobstmann, B., Piterman, N., Pnueli, A., Weiglhofer, M.: Automatic hardware synthesis from specifications: A case study. In: DATE, pp. 1188–1193. ACM, New York (2007)Google Scholar
  3. 3.
    Bloem, R., Galler, S., Jobstmann, B., Piterman, N., Pnueli, A., Weiglhofer, M.: Specify, compile, run: Hardware from PSL. Electronic Notes in Theoretical Computer Science 190(4), 3–16 (2007)CrossRefGoogle Scholar
  4. 4.
    Chockler, H., Kupferman, O., Kurshan, R.P., Y. Vardi, M.: A practical approach to coverage in model checking. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 66–78. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Cimatti, A., Roveri, M., Schuppan, V., Tchaltsev, A.: Diagnostic information for realizability. In: Logozzo, F., Peled, D.A., Zuck, L.D. (eds.) VMCAI 2008. LNCS, vol. 4905, pp. 52–67. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Claessen, K.: A coverage analysis for safety property lists. In: FMCAD, pp. 139–145. IEEE, Los Alamitos (2007)Google Scholar
  7. 7.
    Console, L., Friedrich, G., Theseider Dupré, D.: Model-based diagnosis meets error diagnosis in logic programs. In: IJCAI, pp. 1494–1499. Morgan Kaufmann, San Francisco (1993)Google Scholar
  8. 8.
    Das, S., Banerjee, A., Basu, P., Dasgupta, P., Chakrabarti, P.P., Mohan, C.R., Fix, L.: Formal methods for analyzing the completeness of an assertion suite against a high-level fault model. In: VLSI Design, pp. 201–206. IEEE, Los Alamitos (2005)Google Scholar
  9. 9.
    de Kleer, J., Williams, B.C.: Diagnosing multiple faults. Artificial Intelligence 32(1), 97–130 (1987)CrossRefzbMATHGoogle Scholar
  10. 10.
    Dellacherie, S.: Automatic bus-protocol verification using assertions. In: Global Signal Processing Expo Conference, GSPx (2004)Google Scholar
  11. 11.
    Filiot, E., Jin, N., Raskin, J.-F.: An antichain algorithm for LTL realizability. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 263–277. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Fisman, D., Kupferman, O., Seinvald, S., Vardi, M.Y.: A framework for inherent vacuity. In: Chockler, H., Hu, A.J. (eds.) HVC 2008. LNCS, vol. 5394, pp. 7–22. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  13. 13.
    Hoskote, Y.V., Kam, T., Ho, P.-H., Zhao, X.: Coverage estimation for symbolic model checking. In: DAC, pp. 300–305 (1999)Google Scholar
  14. 14.
    Jobstmann, B., Bloem, R.: Optimizations for LTL synthesis. In: FMCAD, pp. 117–124. IEEE, Los Alamitos (2006)Google Scholar
  15. 15.
    Katz, S., Grumberg, O., Geist, D.: "Have I written enough properties?" - A method of comparison between specification and implementation. In: Pierre, L., Kropf, T. (eds.) CHARME 1999. LNCS, vol. 1703, pp. 280–297. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  16. 16.
    Könighofer, R.: Debugging formal specifications with simplified counterstrategies. Master’s thesis, IAIK, Graz University of Technology, Inffeldgasse 16a, A-8010 Graz, Austria (2009)Google Scholar
  17. 17.
    Könighofer, R., Hofferek, G., Bloem, R.: Debugging formal specifications using simple counterstrategies. In: FMCAD, pp. 152–159. IEEE, Los Alamitos (2009)Google Scholar
  18. 18.
    Kozen, D.: Results on the propositional μ-calculus. Theoretical Computer Science 27, 333–354 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Kupferman, O., Vardi, M.Y.: Safraless decision procedures. In: FOCS, pp. 531–542. IEEE, Los Alamitos (2005)Google Scholar
  20. 20.
    Morgenstern, A., Schneider, K.: Exploiting the temporal logic hierarchy and the non-confluence property for efficient LTL synthesis. CoRR abs/1006.1408 (2010)Google Scholar
  21. 21.
    Peischl, B., Wotawa, F.: Automated source-level error localization in hardware designs. IEEE Design and Test of Computers 23, 8–19 (2006)CrossRefGoogle Scholar
  22. 22.
    Pill, I., Semprini, S., Cavada, R., Roveri, M., Bloem, R., Cimatti, A.: Formal analysis of hardware requirements. In: DAC, pp. 821–826. ACM, New York (2006)Google Scholar
  23. 23.
    Piterman, N., Pnueli, A., Sa’ar, Y.: Synthesis of reactive(1) designs. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 364–380. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Pnueli, A., Rosner, R.: On the synthesis of a reactive module. In: POPL, pp. 179–190 (1989)Google Scholar
  25. 25.
    Reiter, R.: A theory of diagnosis from first principles. Artificial Intelligence 32(1), 57–95 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  26. 26.
    Stumptner, M., Wotawa, F.: Debugging functional programs. In: IJCAI, pp. 1074–1079. Morgan Kaufmann, San Francisco (1999)Google Scholar
  27. 27.
    Wotawa, F.: Debugging VHDL designs using model-based reasoning. Artificial Intelligence in Engineering 14(4), 331–351 (2000)CrossRefGoogle Scholar
  28. 28.
    Zeller, A., Hildebrandt, R.: Simplifying and isolating failure-inducing input. IEEE Transactions on Software Engineering 28(2), 183–200 (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Robert Könighofer
    • 1
  • Georg Hofferek
    • 1
  • Roderick Bloem
    • 1
  1. 1.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyAustria

Personalised recommendations