How to check properties on models with huge numbers of behaviours

[Eduard Laitin]

Hello,

In my specification at each Next step I have something like:

\E i \in Set where the set can have up to 1000 elements (no symmetry)

This causes a lot of branching so there are too many states for the model checker to find even if I let it run for years.

Is there any TLA+/TLC trick to solve this? If not do you know any model checker that could handle this? (l have heard about translating TLA+ to B to check with ProB but I'm not sure if it would help)

Thank you,

Edi

[Igor Konnov]

Hi Edi,

You could try Apalache: https://apalache.informal.systems/

However, if you have 1000 elements, your specification is probably large as well. It’s hard to tell without seeing your TLA+ specification. Usually, one has to apply abstraction to deal with very large state spaces and specs.


Best regards,
Igor

> --
> You received this message because you are subscribed to the Google Groups "tlaplus" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to tlaplus+u...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/tlaplus/68d2e11a-0ca9-43a3-bb0a-8d6051d6c4d8n%40googlegroups.com.

[Leslie Lamport]

While large sets can cause performance problems, it's rare for an algorithm to be correct for a set of 3 elements and not for a set of 1000 elements.

Leslie