Degeneralization Algorithm for Generation of Büchi Automata Based on Contented Situation

Shan, Laixiang; Qin, Jun; Chen, Mingshi; Qin, Zheng

doi:https://doi.org/10.1155/2015/516104

Journal of Applied Mathematics

On this page

Abstract Introduction Preliminaries Experimental Results Conclusion References Copyright Related Articles

Research Article | Open Access

Volume 2015 | Article ID 516104 | https://doi.org/10.1155/2015/516104

Degeneralization Algorithm for Generation of Büchi Automata Based on Contented Situation

Laixiang Shan,¹Jun Qin,²Mingshi Chen,³and Zheng Qin¹

Academic Editor: Carlos Conca

Received07 Sept 2014

Revised15 Dec 2014

Accepted16 Dec 2014

Published10 Feb 2015

Abstract

We present on-the-fly degeneralization algorithm used to transform generalized Büchi automata (GBA) into Büchi Automata (BA) different from the standard degeneralization algorithm. Contented situation, which is used to record what acceptance conditions are satisfiable during expanding LTL formulae, is attached to the states and transitions in the BA. In order to get the deterministic BA, the Shannon expansion is used recursively when we expand LTL formulae by applying the tableau rules. On-the-fly degeneralization algorithm is carried out in each step of the expansion of LTL formulae. Ordered binary decision diagrams are used to represent the BA and simplify LTL formulae. The temporary automata are stored as syntax directed acyclic graph in order to save storage space. These ideas are implemented in a conversion algorithm used to build a property automaton corresponding to the given LTL formulae. We compare our method to previous work and show that it is more efficient for four sets of random formulae generated by LBTT.

1. Introduction

Model checking [1] is a formal verification technique used to check whether a model of the system verifies some desired properties for software or hardware systems. In order to verify whether the system satisfies some properties, a common method is to use linear temporal logic (LTL) model checking. When the given property is expressed in an LTL formula, the model checker usually transforms the negation of the LTL formula into a Büchi automaton (BA), builds the product of this BA with the system described as an automaton, and checks the emptiness of the product automaton. The size of the product automaton is usually exponential in the size of the system automaton and property automaton, because it is a Cartesian product of the system automaton and property automaton. If there are too many states and transitions, the product automaton will get too big to be verified in the available time. Generating a smaller and more deterministic property automaton in less time contributes to improving the efficiency of model checking.

There are many outstanding conversion tools that implement the translation from an LTL formula to a BA effectively. Babiak et al. [2] proposed a series of improvement measures to improve performance of the conversion algorithm presented by Gastin and Oddoux [3] and implemented a new conversion tool, LTL3BA, which translates an LTL formula into a very weak alternating automaton (VWAA) with a co-Büchi accepting condition. VWAA is then translated into a transition based generalized Büchi automata (TGBA). Finally, TGBA is degeneralized into a BA. The time complexity of the alternation removal is , which is the same magnitude as alternation removal of tableau-based algorithm [4]. Duret-Lutz [5] introduced many improvements to improve performance of the algorithm proposed by Couvreur [6]. These improvements have been applied in Spot, which is a C++ library for model checking. Spot uses TGBA to express LTL formulae into automata. Gerth et al. [7] proposed a classic algorithm that translates an LTL formula into a generalized Büchi automaton (GBA). This algorithm is a tableau-based translation method in on-the-fly fashion and has been applied in Spin [8].

In order to obtain a BA from the given LTL formula, [2, 3, 5, 7] involve the intermediate automata (GBA or TGBA), perform simplification on the intermediate automata, and transform the intermediate automata into BA finally. Clarke et al. presented a standard degeneralization algorithm used to transform GBA into BA in Section 9.2.2 of [1]. This standard degeneralization algorithm is also adapted to transform a TGBA into a BA [3, 9]. Furthermore, Duret-Lutz proposed a better degeneralization algorithm based on the standard degeneralization algorithm in Section 4.2.2 of [5], which is related to the order in which the corresponding BDD variables were declared. Babiak et al. [10] presented the SCC-based degeneralization including many improvements to the standard degeneralization algorithm used to transform a TGBA into an equivalent BA. Chatterjee et al. [11] proposed the definition of the degeneralization index applied to transform the automaton with generalized Rabin pairs into a Rabin automaton.

However, the standard degeneralization algorithm is used to transform a GBA or a TGBA into a BA, only when the expansion of LTL formulae is finished. We say that the standard degeneralization algorithm is a kind of postdegeneralization algorithm. The intermediate automata are needed to record the expansion of LTL formulae in the use of standard degeneralization algorithm. The standard degeneralization algorithm can transform a TGBA with states and acceptance conditions into an equivalent BA with one acceptance condition and at most states [12]. We have to search possible degeneralizations.

In this paper, we present on-the-fly degeneralization algorithm that is used to transform a GBA or a TGBA into an equivalent BA during expanding LTL formulae. We circumvent the intermediate automata and translate an LTL formula to a BA directly. Our method differs from the previous translation algorithms [2, 3, 5, 7] in two ways.(1)The contented situation, which is a set of acceptance conditions, is attached to the states and transitions in the BA. According to the contented situation, we can determine which acceptance conditions are satisfied in the current state or transition.(2)The process of degeneralization is carried out in each step of the expansion of LTL formulae. LTL formulae can be translated to the BA directly. The intermediate automata are no longer needed.

Our research focuses on an efficient conversion algorithm producing a BA corresponding to an LTL formula directly. The contented situation is attached to the states and transitions in the BA in order to track whether the acceptance condition is satisfiable. The BA is described by ordered binary decision diagrams (OBDDs) and stored as syntax directed acyclic diagram (DAG). On-the-fly degeneralization algorithm is used in order to degeneralize GBA into BA during the expansion. The BA simplification is adopted in the algorithm in order to gain reduction on the size of the result automaton. In order to get the deterministic BA, the Shannon expansion is used recursively when we expand LTL formulae by applying the tableau rules. These measures cause a lot of improvement on the efficiency of the algorithm, especially when expanding the formulae containing a large amount of -subformulae.

The rest of this paper is organized as follows. In Section 2, we provide preliminary notions used in this paper. Then, we describe the main ideas of our approach in Section 3. Overview of the algorithm is introduced in Section 4. In Section 5, a comparison between our method and previous works is presented. Finally, Section 6 closes the paper with conclusions.

2. Preliminaries

LTL is usually used to describe system constraints in formal method, which is a modal temporal logic with modalities referring to time. Let represent a finite set of atomic propositions. Let represent the set of subsets of . Let represent the set of propositional formulae induced by .

Definition 1 (syntax of LTL formulae). An LTL formula is usually composed of atomic propositions (), proposition constants ( (True) and (False)), the logical operators ( (not), (and), and (or)), and the temporal modal operators ( (Next), (Until), (Release), (Always), and (Eventually)). Formally, the syntax of LTL formulae is defined inductively as follows:(i), , and are LTL formulae, respectively;(ii), , , , , , , and are LTL formulae, if and are LTL formulae, respectively.
-formula is the dual of -formula. , , -formula can be translated to -formula by the following identities:(i);(ii);(iii).

Definition 2 (Kripke structure). A Kripke structure is a tuple where is a finite set of states. is , a transition relation between states. is , labeling of the states.

Definition 3 (semantics of LTL formulae). Let be a Kripke structure, and let be an infinite word in . denotes the suffix starting at letter . The semantics of LTL formulae is defined inductively as follows:(i);(ii) iff , for ;(iii) iff ;(iv) iff and ;(v) iff or ;(vi) iff ;(vii) iff , ;(viii) iff , ;(ix) iff , and , ;(x) iff , and , and .

Remark 4. Every LTL formula can be rewritten as an equivalent LTL formula in negation normal form (NNF), where operator occurs only immediately in front of atomic propositions and , , and are the only allowed Boolean connectives. In this paper, we consider only such formulae. The NNF formula can be translated to an equivalent LTL formula by the following identities:

Definition 5 (Büchi automata). Büchi automaton is a kind of -automata in which acceptance conditions are carried by the states. It is also called state-based Büchi automata that is a tuple , where is a finite set of states. is a finite input alphabet, . is a transition function. is a set of initial states. is a set of acceptance states. Let be an infinite word of . An infinite sequence is a run of , where is an initial state and for all . denotes the set of all runs of . Let Inf denote the set of states that appear infinitely often in . The run is accepted by , if and only if with Inf. An infinite word is accepted by , if some run of over is accepted.

Definition 6 (transition based generalized Büchi automata). Transition based generalized Büchi automaton (TGBA) is a Büchi automaton in which the set of subsets of acceptance conditions are carried by the transitions. It can be defined as a tuple , where is a finite set of states. is a finite set of atomic propositions. is a transition relation, where each transition is labeled by a Boolean formula and a set of acceptance conditions. is a set of initial states. is a finite set of acceptance conditions, is the number of acceptance conditions, and is the set of the subsets of acceptance conditions. An infinite sequence is a run of , where , , , and for all . denotes the set of all runs of . Let Inf denote the set of transitions that appear infinitely often in . The run is accepted by , if and only if , with Inf. The accepting runs of visit each acceptance set infinitely often.

3. Details of Our Approach

In this section, we introduce our ideas and the details of our approach. The next section gives an overview of the algorithm implementation.

3.1. Tableau Rules

Tableau rules [7] are often used to translate an LTL formula into a BA. The process of translation is as follows. First, an LTL formula , which is rewritten as NNF, is defined as the labeling of the initial state. Then, is expanded by applying the tableau rules recursively until no -subformulae occur at the top level. The expansion of the formula is rewritten as a cover by computing its disjunctive normal form (DNF). Each disjunct of the cover represents a state of the automaton. All propositional literals represent the label of the states, which are the acceptance conditions satisfied in this state. The -formulae represent the label of the next state and determine the transitions outcoming from the current state. The transition is given by connecting each state to its successors. The tableau rules for LTL formulae are listed in Table 1. The automata constructed by the tableau rules are state-based Büchi automata.

For instance, the expansions of and are showed as (2). In the cover of , there are two propositional literals and one -formula. Consider By observing the expansion of , we find that either (i) holds and is satisfied or (ii) holds and should be verified next, until has to be satisfied. Obviously, (ii) is infinite path probably. The expansion of is similar to . Intuitively, and product infinite path also.

Although the method based on tableau rules can work well, the only challenging problem is how to avoid the unwanted infinite path. Because tableau rules cannot fully characterize -formulae, each infinite path cannot identify models of the formula according to a graph which is constructed by the sole expansion law. In order to cope with the infinite path, the promise has been presented in [13]. In this paper, a new approach, contented situation, is presented. We attach contented situation to the states and transitions in the automata during expanding LTL formulae. Although a sequence of BA is infinite probably, it is accepted as long as the formula is satisfied infinite often along the sequence. We record the acceptance conditions that are satisfied along the sequence. If all the acceptance conditions are satisfied, then we arrive at the final state. It guarantees the sequence of the -formulae cannot be postponed infinitely.

3.2. Contented Situation

The contented situation is a set of acceptance conditions that are satisfiable along the path of a BA. The contented situation differs from the promise in two ways: the definition and the purpose. The promise is the opposite of the acceptance conditions [13], while the contented situation is the set of the satisfying acceptance conditions. The promise is attached to the transitions only, while the contented situation is attached to the states or transitions. According to the promise, we can determine which acceptance conditions are not satisfied in the current transition. According to the contented situation, we can determine which acceptance conditions are satisfied in the current state or transition.

Definition 7 (contented situation). A function is defined to express the contented situation that is a mapping relationship from the states and transitions to the set of acceptance conditions. The formalized definition of is as follows: where is a finite set of states, represents a set of the acceptance conditions, and is a finite set of transitions.
indicates which acceptance conditions are satisfiable along a run of the automata. of the initial state is defined as (() of Algorithm 1). is the th state and is the th transition in the automata. The recursive calculation of and is shown as ()-() in Algorithm 1, where represents the eventualities that should be satisfied along the sequence starting from . Let be a run in the automata. If and , then . represents the label of the transition .
For example, the expansion of is showed in Figure 1. The contented situations (in the curly braces) are attached to the states and transitions. and . of the transition is , because cannot satisfy . , because . The formula is expanded recursively until ; that is, the final state is reached.

(1) ; (*)
(2) if with and then

else
;
endif (**)
(3) if with ) and then

else
;
endif; (***)

3.3. Computing Deterministic Covers

As said in Section 3.1, the covers of LTL formulae are computed based on the recursive application of the tableau rules and on the subsequent computation of the DNF of the resulting formula. The determinism of the BA can be improved using a trick on the Shannon expansion during the expansion.

For example, the cover of is showed in (4). The BA corresponding to this cover has four successor states , , , and with labels , , , and , respectively. The states, , , and , are nondeterministic decision states. Consider

The states, , , and , can be expanded by applying the Shannon expansion. The expansions of , , and are showed in (5). According to the identical equation , we know , , and :

By combining the same items according to (5), (4) can be rewritten as (6). The BA corresponding to the cover in (6) has four successor states , , , and with labels , , , and , respectively. The states, , , , and , are deterministic decision states. Consequently, deterministic covers give rise to deterministic automata. The TGBA corresponding to is showed in Figure 2(a):

(a) TGBA corresponding to

(b) Degeneralization of the TGBA

(c) BA corresponding to

There are labels to be considered during the expansion by applying the Shannon expansion over atomic propositions in a BA. However, we remove the invalid nodes and combine equivalent states during the expansion of LTL formulae. It helps to ignore the useless labels. In the practical application, is usually small enough so that the slowdown incurred by this method has little effect.

3.4. On-the-Fly Degeneralization

The degeneralization is a simple translation from a GBA to a BA. The standard degeneralization algorithm is presented by Clarke et al. [1]. This standard degeneralization algorithm can be used to translate a TGBA into a BA [2, 3, 5]. However, the standard algorithm is a kind of postdegeneralization algorithm; that is to say, it is used to translate a GBA or a TGBA to a BA, only when the expansion of LTL formulae is finished. The intermediate automata (GBA or TGBA) are needed to record the expansion of LTL formulae. For a TGBA, there are possible degeneralizations by applying this algorithm. It takes a lot of time and storage space to complete the degeneralization.

The degeneralization of by applying the standard degeneralization algorithm is showed in Figure 2. The details are introduced in Section 4.2.2 of [5]. The TGBA corresponding to , which is showed in Figure 2(a), has two acceptance conditions that are indicated using colored marker (the blue dot and the red dot) per set. In Figure 2(b), in addition to the first level, the states in each level satisfy at least one acceptance condition. The states in the last level satisfy all the acceptance conditions. In Figure 2(b), all states in level 1 satisfy ; all states in level 2 satisfy . For example, in level 1 satisfies , and in level 2 satisfies in Figure 2(b).

All transitions are added to the degeneralized automata according to which acceptance conditions are satisfied in the current state. In order not to lose the transition, the TGBA is cloned in levels. The number of transitions in the degeneralized automata is three times the ones of TGBA. This setup guarantees that any accepting run in the degeneralized automata will correspond to an infinite run that visits all acceptance conditions infinitely often in the TGBA. The BA corresponding to is generated by removing the invalid states and transitions from degeneralized automata in Figure 2(c). The standard degeneralization algorithm generates many invalid states and transitions (see Figure 2(b)). It takes a lot of time to generate the degeneralized automata and remove the invalid states and transitions. A lot of storage space has to be used to save the temporal data.

In this paper, we present on-the-fly degeneralization algorithm used to translate a GBA or a TGBA to a BA during the expansion of LTL formulae. The degeneralized automata are no longer needed in on-the-fly degeneralization algorithm. Our idea is that the degeneralization is carried out in each step of the expansion. As described in Section 3.2, the contented situation is attached to all states in the BA. According to the contented situation, we know which acceptance conditions are satisfiable in each state. We can add the transitions to the BA according to which acceptance conditions are satisfied in the current state; that is to say, the outgoing transitions that carry the acceptance condition are redirected to the next state in which is satisfiable. The outgoing transitions that carry are redirected to the initial state. This setup guarantees that any accepting run can see all acceptance conditions infinitely often in the automata.

On-the-fly degeneralization is a process in which the degeneralization process is carried out during the expansion of LTL formulae. Therefore, we can translate an LTL formula to a BA directly. The time used to generate the degeneralized automata and remove redundant states and transitions is saved. In Figure 3, we translate to a BA directly by applying on-the-fly degeneralization. The contented situation is attached to the states and transitions. The contented situation of the transition is equal to the contented situation of the destination state of this transition. For example, the outgoing transitions that carry the acceptance condition are redirected to the next state in which is satisfiable. The outgoing transitions that carry the acceptance condition are redirected to the next state in which is satisfiable. The outgoing transitions that carry the acceptance condition are redirected to the next state in which is satisfiable. On-the-fly degeneralization is a process in which the standard degeneralization algorithm is carried out in each step of expansion. The BA in Figure 3 is equivalent to the BA in Figure 2(c).

Although the BA in Figure 3 is different from the BA in Figure 2(c), they both guarantee that any accepting run visits all acceptance conditions infinitely often in the automata with the same number of states and transitions.

3.5. Representing a BA by OBDD

The BA can be represented by applying ordered binary decision diagrams (OBDDs) [14]. OBDD is a binary decision diagram that has an ordering for some list of variables. For example, we represent the BA corresponding to in Figure 1 by applying OBDDs. OBDDs representation is showed in Figure 4.

(a) The BA corresponding to

(b) Representing the BA by applying OBDD

OBDDs can be regarded as a compressed representation of sets or relations. The checking equivalence is reduced to checking isomorphism between BDDs, when OBDDs are used to represent the BA. If the two Boolean functions have isomorphic representations in OBDDs, they are logically equivalent and can be merged. OBDD is a more concise representation for the cover by merging isomorphic subtrees.

OBDD, which is a rooted, directed acyclic graph, can be stored as a syntax directed acyclic diagram (DAG). The use of a DAG has two advantages. First, less space is needed to store the automata. Second, if the result of computing each subtree is cached, there will be concomitant time savings. Sharing of subformulae also can work across multiple formulae. Because each subformula is unique, a cache is used to record the formula when we are travelling multiple formulae in order to speed up the algorithm. The running time is reduced by applying this kind of data structure.

4. Overview of Algorithm

In the current, many kinds of state-of-the-art algorithm used to translate an LTL formula to a BA can be divided into four main phases: simplifying the formulae, translating an LTL formula to a BA, the BA simplification, and degeneralization of the BA.

In this paper, we focus on phase 2 and phase 3. According to the new approach proposed in the previous section, we have conceived and implemented a new translation tool, called ltltoba, which builds a BA from an LTL formula. The contented situation and on-the-fly degeneralization algorithm are used in these tools. Our method differs from the previous translation algorithms [2, 3, 5, 7] in two steps.(1)Our algorithm circumvents the intermediate automata and translates an LTL formula to a BA directly.(2)On-the-fly degeneralization is used in our algorithm. Phase 4 is not needed.

4.1. The Data Structure

The basic data structure that the automata graph construction algorithm manipulates is the Node, which contains the following fields: NodeSet, the set of the unprocessed states; DisjunctSet, the set of the disjuncts of the cover; , the input LTL formulae; , the state of the automata; t, the transition of the automata; src, source node of a transition; dst, destination node of a transition; , the label of the state or transition; , the set of the acceptance conditions.

In order to describe the BA, the class is defined as shown in Algorithm 2.

class

public:
void initialize_state ; // the initial node is defined as , the contented situation is .
void add_state ; adding a state to the BA. If a BA has not the state , is added to
the BA directly. If a BA has a state with , then and is discarded.
void add_trans ; adding a transition to the BA. If a BA has not the
transition , is added to the BA directly. If a BA has a transition with ,
and , then and is discarded.
string search_state Searching the state in the BA.
If , then already exists in the BA and return .
Otherwise, return .
string s.t. Searching the transition in the BA. If
and , then already exists in the BA and return . Otherwise, return .

4.2. The Main Algorithm

The main algorithm of ltltoba, which is described in Algorithm 3, is used to transform a given LTL formula to a BA. The idea is very clear; we expand an LTL formula recursively by applying the tableau rules. A simple depth-first-search strategy is used in the expansion operation. The resulting formula is rewritten into a cover by computing its DNF. For each disjunct of the cover, the contented situation of state or transition is calculated according to the calculation using ()-() of Algorithm 1. If the new states do not exist in the BA, they will be added to BA. The function tells us how to add a state to the BA. Then, the transitions are added to the BA by applying the on-the-fly degeneralization algorithm (Algorithm 3, lines (24)–(30)). If the has been reset to , the state is the final state. The details of the main algorithm are shown in Algorithm 3.

(1) Input: an LTL formula ;
(2) Output: a BA corresponding to ;
(3)
(4) procedure LTL_to_BA_translation
(5) ;
(6) BA.initialize_state;
(7) while do
(8) let ;
(9) ;
(10) ;
(11) for each at the top level in do
(12) ;
(13) simplify;
(14) end for
(15) DisjunctSet the DNF of ;
(16) for each do
(17) let ;
(18) (**);
(19) (***);
(20) if then
(21) ;
(22) NodeSet NodeSet ;
(23) end if
(24) if then
(25)
(26) else
(27) let ;
(28) ;
(29) ;
(30) end if
(31) end for
(32) end while
(33) return BA;
(34) End procedure

4.3. Preliminary Analysis on Complexity

The most time-consuming component in ltltoba is the process of calculating the cover of the formulae. In our work, we remove the redundant states and transitions in each step of expansion. The size of the resulting automata is smaller. Representing the cover by OBDDs contributes to merging equivalent formulae. The on-the-fly degeneralization algorithm contributes to reducing the running time. Therefore, the operation of the algorithm is more efficient and the running time becomes faster. The worst time complexity of the expansion algorithm is (where is the number of elements in ), because we have to travel all nodes in worst case. The average time complexity of our algorithm is much lower than .

5. Experimental Results

The main algorithm, which is described in Section 4, is an implementation in C++ by applying CUDD library. This algorithm implements translating an LTL formula to a BA and removing redundant state or transition of the resulting automata. On-the-fly degeneralization is used in this algorithm. It can be used as kernel of other phases.

In this section, we extensively tested ltltoba, in comparison with the two state-of-the-art tools, LTL3BA v1.0.2 and Spot v1.1.4. We consider the running time and the number of states and transitions of the resulting automata. For the comparison of the results, we use LBTT 1.2.1 which takes a set of translation tools for testing their running time as input. LBTT [15] is a randomized testbench tool which gives a series of randomly generated formulae to the testing algorithms.

We run all tests on a computer with processor Pentium Dual-Core CPU E5300 @2.6 GHz, 4 GB of memory. The operating system was Ubuntu 12.04 LTS. Ltltoba, Spot, and LTL3BA were compiled on this machine to achieve satisfactory results. For the purpose of tests, all programs were configured with the formula simplification enabled.

We compare those translators on four sets of random formulae generated by LBTT. Benchmark 1 and Benchmark 3 contain 300 formulae of the length 15–30 and their negation. The number of atomic propositions in Benchmark 1 is 3, and the other is 8. Benchmark 2 and Benchmark 4 contain 400 formulae of the length 25–40 and their negation. The number of atomic propositions in Benchmark 2 is 3, and the other is 8. Table 2 presents the cumulative results of translations of all formulae in the four sets. The table illustrates the gradual effect of modification of each of the translators. The automata produced by ltltoba are in sum slightly better than the automata produced by other tools.

6. Conclusion

In this paper, we presented a new approach to convert an LTL formula to a BA more efficiently. Because the size of the product automata will jump exponentially when we do the product operation, the smaller and more deterministic property automata can improve efficiency of model checking. In order to deal with the infinite path during the expansion of LTL formulae, we attach the contented situation to the state and transition in the automata. In each step of expansion, we remove the redundancy states and transitions. The on-the-fly degeneralization algorithm is presented in this paper. Compared with the standard degeneralization algorithm, the on-the-fly degeneralization algorithm is a more efficient method. A conversion tool, ltltoba, implements these ideas. Because the resulting automata are smaller during expansion, the algorithm of ltltoba is more efficient. After an extensive empirical test, ltltoba can reduce the running time and the number of states and transitions to some degree.

Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

References

E. M. Clarke, O. Grumberg, and D. A. Peled, Model Checking, MIT Press, 1999.
T. Babiak, M. Ketnsk, V. ehk et al., “LTL to Büchi automata translation: fast and more deterministic,” in Tools and Algorithms for the Construction and Analysis of Systems, vol. 7214, pp. 95–109, Springer, Berlin, Germany, 2012.
View at: Google Scholar
P. Gastin and D. Oddoux, “Fast LTL to Büchi automata translation,” in Computer Aided Verification, G. Berry, H. Comon, and A. Finkel, Eds., vol. 2102 of Lecture Notes in Computer Science, pp. 53–65, Springer, 2001.
View at: Publisher Site | Google Scholar
U. Boker, O. Kupferman, and A. Rosenberg, “Alternation removal in buchi automata,” in Automata, Languages and Programming, pp. 76–87, Springer, 2010.
View at: Google Scholar
A. Duret-Lutz, “Ltl translation improvements in spot,” in Proceedings of the 5th International Conference on Verification and Evaluation of Computer and Communication Systems (VECoS '11), pp. 72–83, British Computer Society, 2011.
View at: Google Scholar
J. M. Couvreur, “On-the-fly verification of linear temporal logic,” in FM99, Formal Methods, vol. 1708 of Lecture Notes in Computer Science, pp. 253–271, Springer, Berlin, Germany, 1999.
View at: Publisher Site | Google Scholar
R. Gerth, D. Peled, M. Y. Vardi, and P. Wolper, “Simple on-the-fly automatic verification of linear temporal logic,” in Proceedings of the 15th IFIP WG6 International Symposium on Protocol Specification, Testing and Verification (IFIP '95), 1995.
View at: Google Scholar
G. J. Holzmann, “The model checker SPIN,” IEEE Transactions on Software Engineering, vol. 23, no. 5, pp. 279–295, 1997.
View at: Publisher Site | Google Scholar
D. Giannakopoulou and F. Lerda, “From states to transitions: improving translation of LTL formulae to Büchi automata,” in Formal Techniques for Networked and Distributed Sytems—FORTE 2002, vol. 2529 of Lecture Notes in Computer Science, pp. 308–326, Springer, Berlin, Germany, 2002.
View at: Publisher Site | Google Scholar
T. Babiak, T. Badie, A. Duret-Lutz et al., “Compositional approach to suspension and other improvements to LTL translation,” in Model Checking Software, pp. 81–98, Springer, Berlin, Germany, 2013.
View at: Google Scholar
K. Chatterjee, A. Gaiser, and J. Ketnsk, “Automata with generalized Rabin pairs for probabilistic model checking and LTL synthesis,” in Computer Aided Verification, pp. 559–575, Springer, Berlin, Germany, 2013.
View at: Google Scholar
E. Renault, A. Duret-Lutz, F. Kordon, and D. Poitrenaud, “Three SCC-based emptiness checks for generalized Büchi automata,” in Logic for Programming, Artificial Intelligence, and Reasoning, vol. 8312 of Lecture Notes in Computer Science, pp. 668–682, Springer, Berlin, Germany, 2013.
View at: Publisher Site | Google Scholar
A. Duret-Lutz and D. Poitrenaud, “SPOT: an extensible model checking library using transition-based generalized Büchi automata,” in Proceedingsof the IEEE Computer Society's 12th Annual International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems, 2004. (MASCOTS '04), pp. 76–83, IEEE, 2004.
View at: Google Scholar
R. E. Bryant, “Graph-based algorithms for boolean funct ion manipulation,” IEEE Transactions on Computers, vol. C-35, no. 8, pp. 677–691, 1986.
View at: Publisher Site | Google Scholar
H. Tauriainen and K. Heljanko, “Testing LTL formula translation into Büchi automata,” International Journal on Software Tools for Technology Transfer, vol. 4, no. 1, pp. 57–70, 2002.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2015 Laixiang Shan et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

1471

Downloads

946

Citations