Received: 4 April 2016 Revised: 16 April 2017 Accepted: 12 July 2017
SPECIAL ISSUE PAPER
Formal verification of probabilistic SystemC models with
statistical model checking
Van Chan Ngo
Computer Science Department, Carnegie
Mellon University, Pittsburgh, PA 15213, USA
Inria Rennes - Bretagne Atlantique, Rennes,
Van Chan Ngo, Computer Science Department,
Carnegie Mellon University, Pittsburgh, PA
Transaction-level modeling with SystemC has been very successful in describing the behavior of
embedded systems by providing high-level executable models, in which many of them have inher-
ent probabilistic behaviors, eg, random data and unreliable components. It is thus crucial to have
both quantitative and qualitative analysis of the probabilities of system properties.
Such analysis can be conducted by constructing a formal model of the system under verification
and using Probabilistic Model Checking. However, this method is infeasible for large systems, due
to the state space explosion. In this article, we demonstrate the successful use of statistical model
checking to conduct such analysis directly from large SystemC models and allow designers to
express a wide range of useful properties.
The first contribution of this work is a framework to verify properties expressed in Bounded Linear
Temporal Logic for SystemC models with both timed and probabilistic characteristics.
Second, the framework allows users to expose a rich set of user code primitives as atomic propo-
sitions in Bounded Linear Temporal Logic. Moreover, users can define their own fine-grained time
resolution rather than the boundary of clock cycles in the SystemC simulation.
The third contribution is an implementation of a statistical model checker. It contains an automatic
monitor generation for producing execution traces of the model-under-verification, the mech-
anism for automatically instrumenting the model-under-verification, and the interaction with
statistical model checking algorithms.
probabilistic temporal assertion, program verification, runtime verification, statistical model
checking, SystemC models
Transaction-level modeling with SystemC has become increasingly prominent in describing the behavior of embedded systems,
eg, System on Chips
(SoCs). Complex electronic components and software control units can be combined into a single model, enabling simulation of the whole system
at once. In many cases, models have probabilistic and nondeterministic characteristics, eg, random data and reliability of the system's components.
Hence, it is crucial to evaluate the quantitative and qualitative analysis of the probabilities of system properties.
We consider a safety-critical system, eg, a control system for an air-traffic, automotive, or medical device. The reliability and availability of the
system can be modeled as a stochastic process, in which it exhibits both timed and probabilistic characteristics. For instance, the reliability and
availability model of an embedded control system
that contains an input processor connected to groups of sensors, an output processor connected
to groups of actuators, and a main processor that communicates with the I/O processors through a bus. Suppose that the sensors, actuators, and
processors can fail and the I/O processors have transient and permanent faults. When a transient fault occurs in a processor, rebooting the processor
repairs the fault. The times to failure and the delay of reboot are exponentially distributed. Thus, the reliability of the system can be modeled by a
Continuous-Time Markov Chain (CTMC)
(a special case of a discrete-state stochastic process in which the probability distribution of the next state
J Softw Evol Proc. 2018;30:e1890. wileyonlinelibrary.com/journal/smr Copyright © 2017 John Wiley & Sons, Ltd. 1of17