Parameterized Model Checking by Network Invariants: the Asynchronous Case

Notwithstanding the significant progress of model checking techniques, the interesting problem of checking a specification φ against a parameterized family F of finite-state models {Mn} is still a challenge. Although for certain kind of systems parameterized model checking is of no practical interest, some systems can be scaled up to unboudedly many communicating processes. It is often the case that one checks an instance Mk of F and then informally reasons that the results hold true for any model Mi of F . This intuition sometimes can be supported formally (cf. [EN95]), giving a rigorous argument. It is well-known that the parameterized model checking problem is undecidable in general [AK86], even in the case of rings, communication graphs of which can seem to be simple [EN95]. Nevertheless, sometimes the problem can be solved for certain classes of parameterized families, or by providing a sound but incomplete procedure. In order to verify an infinite family F one has to capture it by a finite description, for instance, by describing a regular structure of inter-process communication. The framework of network invariants is an example of such approach [WL90, SG90, MG91, CGJ95, CGJ97]; for further references, see [KZ10]. To apply it one describes the family F in terms of a network grammar G and then tries to detect invariant models among instances of this family. In this paper we extend the framework for the case when processes respect the asynchronous (interleaving) semantics and communicate by synchronous message passing (rendezvous). This work has been reported previously in [ZK07, Kon10a, KZ10, Kon10b].