Using Abstraction to Guide the Search for Long Error Traces

Model checking is a formal method for verifying whether the system satisfies a user-defined specification. Compared to simulation, model checking is restricted in capacity. On the other hand, simulation is weak in detecting bugs that require long and complex sequences of events to be exposed. This paper combines model checking and simulation in an abstraction-refinement scheme to mitigate the problems of both methods. Abstraction refinement iteratively constructs a simplified model to verify the original model. While a simplified model mitigates the weakness of model checking, the set of simplified error traces model helps guide simulation toward deep bugs. In abstraction refinement, concretization-a process of deriving an error trace in the original model from the abstract ones-is used to invalidate spurious abstract error traces or to refute a property. In this paper, we describe a novel concretization algorithm that combines simulation with satisfiability to efficiently refute properties with very long error traces.