A Comparison of Modular Verification Techniques* Henrik Reif Andersen Jcrgen Staunstrup Niels Maretti Department of Information Technology, Building 344, Technical University of Denmark, DK-2800 Lyngby, Denmark. Abstract. This paper presents and compares three techniques for mechanized ver- ification of state-oriented design descriptions. The goat of this work is to gain insight into quantitative aspects of different modular verification techniques. One of the three verification techniques presented here is a traditional forward generation of a fixed point characterizing the reachable states. This does not utilize any modular- ity provided by the designer, and therefore it forms the basis for the comparison, whereas the two others do utilize such a modularity. One requires a substantial manual effort by the designer, but is computationally very efficient, while the other requires almost no manual assistance with a much better performance than the simple forward generation. The performance of the three techniques is compared on a set of examples. 1 Introduction Verification is an important part of any non-trivial design project. It covers a wide range of techniques for uncovering errors, and ideally one would like to do an exhaustive check, where all behaviors of the design are exercised. How- ever, this is seldomly possible in practice. The common practise is to test a sample of the behaviors by execution and/or simulation. Recently, advances in algorithms, data structures, and design languages have provided formal (ex- haustive) verification techniques which are powerful enough to handle some significant practical examples [12,13]. In order to use the formal techniques, both the intended and actual behavior must be expressed in formal nota- tion, e.g., as a program in a programming language or as a logic formula. Although these techniques have been demonstrated to work on significant examples, scaling is often difficult. The reason is that the modularity found in most large-scale practical designs has been difficult to exploit in an efficient way in formal verification. The goal of this work is to gain insight into quantitative aspects of differ- ent modular verification techniques. One of the three verification techniques presented here is a traditional forward generation of a fixed point character- izing the reachable states. This does not utilize any modularity provided by * Work supported by the Danish Technical Research Council, project Codesign. E-mail and WW%V addresses of the first two authors: {hra,jst}@it.dtu.dk, http : //www. it. dtu. dk/{~hra, ~j st}.