## Paper: On the complexity of modular model checking (at LICS 1995)

Authors:**M.Y. Vardi**

### Abstract

In modular verification the specification of a module consists of two parts. One part describes the guaranteed behavior of the module. The other part describes the assumed behavior of the environment with which the module is interacting. This is called the assume-guarantee paradigm. Even when one specifies the guaranteed behavior of the module in a branching temporal logic, the assumption in the assume-guarantee pair concerns the interaction of the environment with the module along each computation, and is therefore often naturally expressed in linear temporal logic. In this paper we consider assume-guarantee specifications in which the assumption is given by an LTL formula and the guarantee is given by a CTL formula. Verifying modules with respect to such specifications is called the linear-branching model-checking problem. We apply automata-theoretic techniques to obtain a model-checking algorithm whose running time is linear in the size of the module and the size of the CTL guarantee, but doubly exponential in the size of the LTL assumption. We also show that the high complexity in the size of the LTL specification is inherent by proving that the problem is EXPSPACE-complete. The lower bound applies even if the branching temporal guarantee is restricted to be specified in /spl forall/CTL, the universal fragment of CTL.

### BibTeX

@InProceedings{Vardi-Onthecomplexityofmo, author = {M.Y. Vardi}, title = {On the complexity of modular model checking}, booktitle = {Proceedings of the Tenth Annual IEEE Symp. on Logic in Computer Science, {LICS} 1995}, year = 1995, editor = {Dexter Kozen}, month = {June}, pages = {101-111}, location = {San Diego, CA, USA}, publisher = {IEEE Computer Society Press} }