Finite countermodels for safety verification of parameterized tree systems

In this paper we deal with verification of safety properties of parameterized systems with a tree topology. The verification problem is translated to a purely logical problem of finding a finite countermodel for a first-order formula, which further resolved by a generic finite model finding procedure. A finite countermodel method is shown is at least as powerful as regular tree model checking and as the methods based on monotonic abstraction and backwards symbolic reachability. The practical efficiency of the method is illustrated on a set of examples taken from the literature. 1 Finite Countermodel Method The development of general automated methods for the verification of infinitestate and parameterized systems poses a major challenge. In general, such problems are undecidable, so one cannot hope for the ultimate solution and the development should focus on the restricted classes of systems and properties. In this paper we deal with a very general method for verification of safety properties of infinite-state systems which is based on a simple idea. If an evolution of a computational system is faithfully modeled by a derivation in a classical first-order logic then safety verification (non-reachability of unsafe states) can be reduced to the disproving of a first-order formula. The latter task can be (partially, at least) tackled by generic automated procedures searching for finite countermodels. Such an approach to verification was originated in the research on formal verification of security protocols ([23,22,9,11,10]) and later has been extended to the wider classes of infinite-state and parameterized verification tasks. Completeness of the approach for particular classes of systems (lossy channel systems) and relative completeness with respect to general method of regular model checking has been established in [17] and [18] respectively. The method has also been applied to the verification of safety properties of general term rewriting systems and its relative completeness with respect to the tree completion techniques has been shown in [19]. In this paper we continue investigation of applicability of the method and show its power in the context of verification of safety properties of parameterized tree-like systems. We show the relative completeness of FMC methods with respect to regular tree model checking [3] and with respect to the methods based on monotonic abstraction and symbolic backwards reachability analysis [5].