MITL_0,infinity bounded model checking tool
(c) 2011-2013 Roland Kindermann
kindermann.roland@gmail.com
http://users.ics.aalto.fi/kindermann


For a description of the technique employed refer to

Roland Kindermann, Tommi A. Junttila, Ilkka Niemel. Bounded Model Checking of
an MITL Fragment for Timed Automata. ACSD 2013.

The tool can be executed using the script mitlbmc.sh giving the maximum bound as
an argument.

The tool uses  Python Lex-Yacc library PLY (http://www.dabeaz.com/ply/) for
parsing. PLY is developed by David M. Beazley and published under the
BSD-license (cf. PLY-README.txt). Note that PLY generates files needed for
parsing the first time ATMOC is executed, which may result in a higher execution
time than usual.


INSTALLATION

The tool is implemented in Python 2. Version 2.5 or later is required.
Compatibility with Python 3.X has not been tested but is somewhat unlikely.

The tool has been developed and tested exclusively on Linux.

The tool uses the SMT-solver Yices. Before ATMOC can be used, Yices needs to be
added. For this purpose, download Yices 1 (not Yices 2) from
http://yices.csl.sri.com/
At the time this document was written, there were multiple versions available for
download. It is important that the version used contains the files "libyices.so"
and "yices_c.h". The correct version could be reached via "Download Yices 1"
->"Other distributions can be downloaded here"->"Yices with GMP dynamically
linked" on the Yices website at the time this document was written. Yices version
1.0.37 was used for development and experiments.

On a 32 bit system the .tar.gz file containing yices has to be put into the
yices32 folder and on a 64 bit system into the yices64. Afterwards, the yices
buildings can be compiled using the makefile.

IMPORTANT: In order to find the yices wrapper module, LD_LIBRARY_PATH needs to
contain "." on unix systems.



INPUT FORMAT

The input format is based on the input format of the model checker NuSMV
(http://nusmv.fbk.eu/). Essentially, a subset of the NuSMV syntax is extended
by clock variables. A clock variable can be added using
	<var-name> : clock(<reset-condition>);
to the variable section. Such clock variables can the be compared to integer
constants using "<", "<=", "=", ">=" and ">". The format is the same used by the
ATMOC tool.

For the precise semantics, refer to the description of symbolic timed transition
systems in
Roland Kindermann, Tommi A. Junttila, Ilkka Niemel. Modeling for Symbolic
Analysis of Safety Instrumented Systems with Clocks. ACSD 2011, pages 185-194,
IEEE 2011.
The initial constraint of a system is specified using the "INIT" keyword, the
invariant using "INVAR" and the (discrete-step) transition relation using
"TRANS".


HOW TO RUN

After installing Yices and compiling the Yices bindings, the MITL_0,infty BMC
can be executed using the command
./mitlbmc <filename> <bound>
In case there is more than one property in the model, the property may selected
as follows (the properties are numbered starting from 0)
./mitlbmc <filename> <bound> -n <property-number>

