The spin on guided random search in verification

The bugbear of model checking is the explosion in the number of states as the number of processes increases. Industrial-sized problems are often intractable for model checkers. We modify the most popular model checker in use today, SPIN, by replacing its internal verification search engine by a guided, random-walk based simulator. The resulting tool is called RANSPIN. The guiding mechanism used in RANSPIN biases the random search. Unlike SPIN, RANSPIN cannot verify a model, but it can be much faster in locating errors in the state space. Guided RANSPIN uses less memory and finds shorter counter-examples than unguided RANSPIN, which in turn is faster, uses less memory and finds shorter counter-examples than SPIN itself. We demonstrate this with experiments on two small problems. We also compare the results from RANSPIN with results from a tool called GOLFER, developed by the authors in earlier work. Both tools use the same guided, random-walk algorithm but differ in the setting: the former is explicit-state, the latter is symbolic. Because RANSPIN is a simulator, and GOLFER a verifier, it is also interesting to see whether guided random-walk based search is equally effective in both.