MCTL — An extension of CTL for modular verification of concurrent systems

We are interested in modular specification and verification of digital circuits. Hence we asked for an appropriate description logic. In [MC85,BCDM85] the temporal logic CTL has successfully been used to verify some circuits. This logic was choosen as it has a linear model checking algorithm, and thus proving specifications in models consisting of hundreds or thousands of states can be done efficiently. But, unfortunately, CTL does not support modular specification and verification. As other logics as CTL* or PTL, which are suitable for modular verification, have exponential model checking algorithms we looked for an extension of CTL which allows modular specifications and whose model checking algorithm is faster than that of CTL*. In this paper we present such a logic, called MCTL. Formulae of MCTL are given by two parts, one describing a property of a module — this is done by a CTL formula — and one describing some assumptions on the environment — this is done by a special kind of path formulae. The interpretation of such a formula is in such a way that the assumptions restrict the paths which are relevant for the path quantifiers in the CTL formula. We show how this logic can be used in a modular verification system using proof principles given in [Pn85].