AdamMC – A Model Checker for Petri Nets With Transits and Flow-LTL

This is an artifact prepared only for the replicability of the experimental results of the following paper accepted for the ATVA2019 conference

Bernd Finkbeiner, Manuel Gieseking, Jesko Hecking-Harbusch, and Ernst-Rüdiger Olderog
Model Checking Data Flows in Concurrent Network Updates

This artifact contains

• the input data for creating the results of Table 1 and Table 2,
  
• the complete results for the benchmark families and the case study of Table 1. Due to space limitation Table 1 of the paper is only a snapshot of this table.
  
• bash scripts to create the data of Table 1 and Table 2,
  
• the prototype itself,
  
• the debian packages necessary to run the scripts,
  
• the external tools which are used by the prototype.
  

This artifact is prepared to run on the virtual machine provided by the artifact evaluation team of the ATVA2019 conference. At the time of uploading the artifact, the VM is available here.

Please refer to the README for installation instruction, usage, and detailed information about the artifact.

Dependencies:

This artifact uses the following tools

• mchyper
  
• abc
  
• aigertools
  

the following libraries

• APT
  

and is integrated into the ADAM framework.

Background:

AdamMC is a model checker for Flow-LTL formulas on Petri nets with transits which are both new formalisms from our paper. Petri nets with transits allow us to differentiate the individual data flow of tokens in transitions with several tokens participating. For example, it is possible to exactly follow one token representing a packet in a network when it participates in transitions with other tokens. Flow-LTL is a corresponding logic for Petri nets with transits and extends LTL. On the one hand, it allows to express fairness and maximality assumptions of, e.g., the network behavior. On the other hand, dedicated expressions allow to specify the behavior of the data flow of individual tokens.

We encode concurrent updates to real-world topologies of software-defined networks in these Petri nets with transits and check whether they fulfill properties like connectivity, packet coherence, drop freedom, and loop
freedom expressed in Flow-LTL. Our tool shows promising results by verifying network topologies with up to 10 switches and falsifying network topologies with up to 38 switches.