Research Article
Counterexample-Preserving Reduction for Symbolic Model Checking
Algorithm 2
Framework of the PDR algorithm.
| Input: The components , , of the model ; a safety property . | | Output: The affirmative answer if is safe w.r.t. ; otherwise, a counterexample witnessing that is reachable. | | (1) let ; | | (2) let ; | | (3) let ; /* is a priority queue */ | | (4) repeat | | (5) while there exists s.t. do | | (6) add to the head of ; | | (7) if strengthen fails then | | (8) return counterexample extracted from ; | | (9) end | | (10) propagate; | | (11) if there exists some s.t. then | | (12) return “M is safe from ”; | | (13) end | | (14) let ; | | (15) ; | | (16) end | | (17) until ; |
|
