Distributed Symbolic Model Checking

# Distributed Symbolic Model Checking

## Distributed Symbolic Model Checking

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
##### Presentation Transcript

1. Distributed Symbolic Model Checking Tamir Heyman Advisors Orna Grumberg and Assaf Schuster Technion Haifa

2. The Size Problem • Model Checking takes a model and a specification • This presentation focus on the sub problem known as reachability analysis (RA) • The number of states/vertices is exponential in the number of model variables

3. The Sequential Solution • Symbolic Model Checking • Computation is done over sets of states, usually represented as BDDs • Representation size may be polynomial • Memory requirements still a problem • limits model size to ~300 state variables (Bits)

4. Distributed Method • The goal is to solve verification problems that cannot fit into the memory of a single machine • We use a large cluster of nodes as if they were one big node. • Each node contributes a local memory and a processor

5. Distributed Challenges • What Distributed has to do with NP problems? • We keep the representation efficient as in the sequential algorithm therefore works on polynomial problems. • Why not a single node with larger memory? • The cluster’s memory capacity is proportional to the cluster CPU power. • What is required in order to handle any size? • Keep the efficiency while the system is growing.

6. W2 S W3 W1 Distributed Symbolic Method • A Complete set of window functions: W1…Wn, defines for each process the part of the state space it owns • S is partitioned to Si=S/\Wi • The parts Si are smaller than the whole set S

7. Elements of Distributed Symbolic Model Checking [HGGS CAV00] • Developed for reachability analysis, extended to full model checking • Slicing algorithm • Exchange algorithm • Balance algorithm

8. W2 W1 Slicing algorithm • Given a set S, the slicing algorithm computes window functions S

9. Slicing algorithm • Slicing S according to window functions S1 S2 P1 P2

10. S2 S2 S1 S1 Exchange algorithm • During a calculation, states may be found that belong to other window • Exchange a set according to window functions

11. S2 S1 S2 S1 S2 S2 S1 S1 Memory balance • During calculation, the sets that distributed based on current window function may be unbalanced • Balance window functions and exchange the set accordingly

12. What a Researcher Needs? • Get a Sequential model checker, implement message passing interface, implement transmission of objects, implement transmission of sets of states represented as BDDs Or • Use the Division system ,under construction. • By Tamir Heyman and Amnon Heyman

13. What is in the Division? • Open source • Platform for research • General system • Supporting distributed model checking • Special support in distributed symbolic model checking

14. The Division’s Structure Model Checking Mu-Calculus Basic Model Checking Operations Distributed Tool Kit Standard Building Blocks Infrastructure

15. Infrastructure • Operating system • Communication • Distributed files system

16. Standard Building Blocks • Message Passing Interface (MPI) • Standard Template Library (STL) • Symbolic Model Checker (SMC) • Interface implemented by the SMC MPI STL SMC Standard Building Blocks DTK Interface

17. Division tool kit • Collection of independent tools for: • Distributed computation • Distributed model checking • Distributed symbolic model checking

18. Basic Model Checking Operation • Exchange • Termination detection • Split

19. Model Checking Mu-calculus • Distributed fixpoint • Distributed Reachability analysis • Distributed Full Mu-Calculus

20. Focus on DTK Model Checking Mu-Calculus Basic Model Checking Operations Distributed Tool Kit Standard Building Blocks Infrastructure

21. DTK for distributed Algorithm • Distributed output • Collected from many processes • Filtered • Transmission of objects • Like in CORBA • Transmission of commands • Executing remote code

22. DTK for Model Checking • Interface for model checking engine • Simple, short, hid the complexity • Manager for Pool of processes • Response to partners requests • Collect Idle processes calls

23. DTK for Symbolic MC • Transmitting BDDs • Save/load BDD from Disk • Set of states that uses BDD • Implicit mark/release BDD • Implementation of operators: +,-,*,==,!,=

24. Results • Slicing is effective at least with 512 slices • Model checking is effective at least using 32 machines • Finds bugs that could not be found by single machine running the sequential algorithm

25. Future work • Massive parallelism using hundreds of nodes • Including known orthogonal optimizations to further reduce memory requirements • Improve speedup, by further optimizations

26. Future Development • Distributed Reorder • Force the same order in all process • Let Each process choose locally • Do something in between • New fixpoint algorithm • To better utilize O(100) nodes