Homepage: http://www.daxc.de/eth

Experimental Results

Contents

1. Obligation Formulas
2. Experimental Evaluation
   1. Experiment 1: Comparing Automata Sizes of LTL to Automata Translators
   2. Experiment 2: Performance for Finite State Model Checking

Obligation Formulas

Experimental Evaluation

For both experiments we used a computer with an Intel Pentium 4 processor with 3GHz and with 4GBytes of main memory.

Used LTL to Automata Translators:

Experiment 1: Comparing Automata Sizes of LTL to Automata Translators

Each row corresponds to the i-th formula in patterns40_spin.txt. The numbers denote the sizes of the resulting automata.

Experiment 2: Performance for Finite State Model Checking

1. bopdb

A detailed description can be found at http://anna.fi.muni.cz/models/cgi/model_info.cgi?name=bopdp

Specification:

• [] ( (p0 /\ p1) -> ((! p1) V (p0 \/ (! p1))) )

Automata generated by the translators:

• Spin: spec_spin.pm
• TMP: spec_tmp.pm
• LTL2BA: spec_ltl2ba.pm
• MODELLA: spec_modella.pm
• WDBA: spec_wdba.pm

Models:

• The model with parameters (MAX_AP_INTS=7, MAX_LSL_INTS=7): bopdp.7.pm
• The model with parameters (MAX_AP_INTS=14, MAX_LSL_INTS=14): bopdp.14.pm
• The model with parameters (MAX_AP_INTS=28, MAX_LSL_INTS=28): bopdp.28.pm
• The model with parameters (MAX_AP_INTS=56, MAX_LSL_INTS=56): bopdp.56.pm

2. elevator2

A detailed description can be found at http://anna.fi.muni.cz/models/cgi/model_info.cgi?name=elevator2

Specification (SPIN syntax):

• ( [] (r0 -> (!p0 U (p0 U (!p0 U (p0 U (p0 /\ co)))))) )

Automata generated by the translators:

• Spin: spec4_spin.pm
• TMP: spec4_tmp.pm
• LTL2BA: spec4_ltl2ba.pm
• MODELLA: spec4_modella.pm
• WDBA + manual change*: spec4_wdba.pm

1. We negate the specification and push the negation inside the [] operator: "≤≥ ! (r0 -> (!p0 U (p0 U (!p0 U (p0 U (p0 /\ co))))))".
2. The formula after the [] operator is an obligation formula. We translate it to a WDBA
3. We add a new initial state q to the WDBA with transitions from q to q and from q to the old initial state of the WDBA

Models:

• The model with parameters (CONTROL=clever, N=4): elevator2.1.pm
• The model with parameters (CONTROL=naive, N=10): elevator2.2.pm
• The model with parameters (CONTROL=clever, N=13): elevator2.3.pm
• The model with parameters (CONTROL=clever, N=14): elevator2.4.pm
• The model with parameters (CONTROL=clever, N=15): elevator2.5.pm

3. giop

A detailed description can be found in [bib].

Specifications (SPIN syntax):

• ( [] ( ! t -> ( ( ! p U t ) \/ [] ! p ) ) )

Automata generated by the translators:

• Spin: spec1_spin.pm
• TMP: spec1_tmp.pm
• LTL2BA: spec1_ltl2ba.pm
• MODELLA: spec1_modella.pm
• WDBA: spec1_wdba.pm

The model:

• giop3.pm

4. signarch

A detailed description can be found in [bib].

The specifications:

• ( (((! g1) U (u1 || [] ! g1)) /\ []( o1 -> ((! g1) U (u1 || [] ! g1)))) )
• ( (((! g1) U (u1 || [] ! g1)) /\ []( o1 -> ((! g1) U (u1 || [] ! g1)))) /\ (((! g2) U (u2 || [] ! g2)) /\ []( o2 -> ((! g2) U (u2 || [] ! g2)))) )

Automata generated by the translators:

• Spin: spec1_spin.pm, spec2_spin.pm
• TMP: spec1_tmp.pm, spec2_tmp.pm
• LTL2BA: spec1_ltl2ba.pm, spec2_ltl2ba.pm
• MODELLA: spec1_modella.pm, spec2_modella.pm
• WDBA: spec1_wdba.pm, spec2_wdba.pm

The model:

• signarch.pm