# Probabilistic abstraction for model checking: an approach based on property testing

## Abstract

The goal of model checking is to verify the correctness of a given program, on all its inputs. The main obstacle, in many cases, is the intractably large size of the program's transition system. Property testing is a randomized method to verify whether some fixed property holds on individual inputs, by looking at a small random part of that input. We join the strengths of both approaches by introducing a new notion of probabilistic abstraction, and by extending the framework of model checking to include the use of these abstractions. Our abstractions map transition systems associated with large graphs to small transition systems associated with small random subgraphs. This reduces the original transition system to a family of small, even constant-size, transition systems. We prove that with high probability, “sufficiently” incorrect programs will be rejected (-robustness). We also prove that under a certain condition (exactness), correct programs will never be rejected (soundness). Our work applies to programs for graph properties such as bipartiteness, ${\displaystyle k}$-colorabilityor any ${\displaystyle \exists \forall }$ first order graph properties. Our main contribution is to show how to apply the ideas of property testing to syntactic programs for such properties. We give a concrete example of an abstraction for a program for bipartiteness. Finally, we show that the relaxation of the test alone does not yield transition systems small enough to use the standard model checking method. More specifically, we prove, using methods from communication complexity, that the OBDD size remains exponential for approximate bipartiteness.

## Bibtex (lrde.bib)

```@Article{	  laplante.07.tocl,
author	= {Sophie Laplante and Richard Lassaigne and Fr\'ed\'eric
Magniez and Sylvain Peyronnet and Michel de Rougemont},
title		= {Probabilistic abstraction for model checking: an approach
based on property testing},
journal	= {ACM Transactions on Computational Logic},
year		= 2007,
month		= aug,
volume	= 8,
number	= 4,
abstract	= {The goal of model checking is to verify the correctness of
a given program, on all its inputs. The main obstacle, in
many cases, is the intractably large size of the program's
transition system. Property testing is a randomized method
to verify whether some fixed property holds on individual
inputs, by looking at a small random part of that input. We
join the strengths of both approaches by introducing a new
notion of probabilistic abstraction, and by extending the
framework of model checking to include the use of these
abstractions. Our abstractions map transition systems
associated with large graphs to small transition systems
associated with small random subgraphs. This reduces the
original transition system to a family of small, even
constant-size, transition systems. We prove that with high
probability, ``sufficiently'' incorrect programs will be
rejected (\$\eps\$-robustness). We also prove that under a
certain condition (exactness), correct programs will never
be rejected (soundness). Our work applies to programs for
graph properties such as bipartiteness, \$k\$-colorability,
or any \$\exists\forall\$ first order graph properties. Our
main contribution is to show how to apply the ideas of
property testing to syntactic programs for such properties.
We give a concrete example of an abstraction for a program
for bipartiteness. Finally, we show that the relaxation of
the test alone does not yield transition systems small
enough to use the standard model checking method. More
specifically, we prove, using methods from communication
complexity, that the OBDD size remains exponential for
approximate bipartiteness.}
}```