fond

jQuery Multi Level CSS Menu Css3Menu.com

Model Checking Contest 2023
13th edition, Paris, France, April 26, 2023 (at TOOLympics II)
Execution of r289-tall-167873941000862
Last Updated
May 14, 2023

About the Execution of Marcie for QuasiCertifProtocol-PT-02

Execution Summary
Max Memory
Used (MB)		 Time wait (ms) CPU Usage (ms) I/O Wait (ms) Computed Result Execution
Status
5451.720 7763.00 7923.00 107.80 TTTFTTTFFTTFTTFT normal

Execution Chart

We display below the execution chart for this examination (boot time has been removed).

Trace from the execution

Formatting '/data/fkordon/mcc2023-input.r289-tall-167873941000862.qcow2', fmt=qcow2 size=4294967296 backing_file=/data/fkordon/mcc2023-input.qcow2 cluster_size=65536 lazy_refcounts=off refcount_bits=16
Waiting for the VM to be ready (probing ssh)
..............
=====================================================================
Generated by BenchKit 2-5348
Executing tool marcie
Input is QuasiCertifProtocol-PT-02, examination is ReachabilityCardinality
Time confinement is 3600 seconds
Memory confinement is 16384 MBytes
Number of cores is 1
Run identifier is r289-tall-167873941000862
=====================================================================

--------------------
preparation of the directory to be used:
/home/mcc/execution
total 544K
-rw-r--r-- 1 mcc users 7.0K Feb 26 01:27 CTLCardinality.txt
-rw-r--r-- 1 mcc users 64K Feb 26 01:27 CTLCardinality.xml
-rw-r--r-- 1 mcc users 6.0K Feb 26 01:26 CTLFireability.txt
-rw-r--r-- 1 mcc users 46K Feb 26 01:26 CTLFireability.xml
-rw-r--r-- 1 mcc users 4.2K Jan 29 11:40 GenericPropertiesDefinition.xml
-rw-r--r-- 1 mcc users 6.8K Jan 29 11:40 GenericPropertiesVerdict.xml
-rw-r--r-- 1 mcc users 4.6K Feb 25 16:36 LTLCardinality.txt
-rw-r--r-- 1 mcc users 29K Feb 25 16:36 LTLCardinality.xml
-rw-r--r-- 1 mcc users 2.9K Feb 25 16:37 LTLFireability.txt
-rw-r--r-- 1 mcc users 19K Feb 25 16:37 LTLFireability.xml
-rw-r--r-- 1 mcc users 17K Feb 26 01:29 ReachabilityCardinality.txt
-rw-r--r-- 1 mcc users 149K Feb 26 01:29 ReachabilityCardinality.xml
-rw-r--r-- 1 mcc users 9.8K Feb 26 01:28 ReachabilityFireability.txt
-rw-r--r-- 1 mcc users 72K Feb 26 01:28 ReachabilityFireability.xml
-rw-r--r-- 1 mcc users 1.9K Feb 25 16:37 UpperBounds.txt
-rw-r--r-- 1 mcc users 4.1K Feb 25 16:37 UpperBounds.xml
-rw-r--r-- 1 mcc users 5 Mar 5 18:23 equiv_col
-rw-r--r-- 1 mcc users 3 Mar 5 18:23 instance
-rw-r--r-- 1 mcc users 6 Mar 5 18:23 iscolored
-rw-r--r-- 1 mcc users 55K Mar 5 18:23 model.pnml

--------------------
content from stdout:

=== Data for post analysis generated by BenchKit (invocation template)

The expected result is a vector of booleans
BOOL_VECTOR

here is the order used to build the result vector(from text file)
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-00
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-01
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-02
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-03
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-04
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-05
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-06
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-07
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-08
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-09
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-10
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-11
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-12
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-13
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-14
FORMULA_NAME QuasiCertifProtocol-PT-02-ReachabilityCardinality-15

=== Now, execution of the tool begins

BK_START 1678824818457

bash -c /home/mcc/BenchKit/BenchKit_head.sh 2> STDERR ; echo ; echo -n "BK_STOP " ; date -u +%s%3N
Invoking MCC driver with
BK_TOOL=marcie
BK_EXAMINATION=ReachabilityCardinality
BK_BIN_PATH=/home/mcc/BenchKit/bin/
BK_TIME_CONFINEMENT=3600
BK_INPUT=QuasiCertifProtocol-PT-02
Not applying reductions.
Model is PT
ReachabilityCardinality PT
timeout --kill-after=10s --signal=SIGINT 1m for testing only

Marcie built on Linux at 2019-11-18.
A model checker for Generalized Stochastic Petri nets

authors: Alex Tovchigrechko (IDD package and CTL model checking)

Martin Schwarick (Symbolic numerical analysis and CSL model checking)

Christian Rohr (Simulative and approximative numerical model checking)

marcie@informatik.tu-cottbus.de

called as: /home/mcc/BenchKit/bin//../marcie/bin/marcie --net-file=model.pnml --mcc-file=ReachabilityCardinality.xml --memory=6 --mcc-mode

parse successfull
net created successfully

Net: QuasiCertifProtocol_PT_02
(NrP: 86 NrTr: 56 NrArc: 223)

parse formulas
formulas created successfully
place and transition orderings generation:0m 0.001sec

net check time: 0m 0.000sec

init dd package: 0m 2.952sec


RS generation: 0m 0.019sec


-> reachability set: #nodes 1808 (1.8e+03) #states 1,029 (3)



starting MCC model checker
--------------------------

checking: EF [~ [Astart<=85]]
normalized: E [true U ~ [Astart<=85]]

abstracting: (Astart<=85)
states: 1,029 (3)
-> the formula is FALSE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-07 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.001sec

checking: EF [s6_2<=1]
normalized: E [true U s6_2<=1]

abstracting: (s6_2<=1)
states: 1,029 (3)
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-10 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.019sec

checking: EF [1<=SstopOK_1]
normalized: E [true U 1<=SstopOK_1]

abstracting: (1<=SstopOK_1)
states: 192
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-12 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.015sec

checking: AG [~ [[s5_2<=1 | Cstart_0<=1]]]
normalized: ~ [E [true U [s5_2<=1 | Cstart_0<=1]]]

abstracting: (Cstart_0<=1)
states: 1,029 (3)
abstracting: (s5_2<=1)
states: 1,029 (3)
-> the formula is FALSE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-08 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.004sec

checking: EF [~ [[n8_1_1<=1 & n9_2_0<=n8_1_1]]]
normalized: E [true U ~ [[n8_1_1<=1 & n9_2_0<=n8_1_1]]]

abstracting: (n9_2_0<=n8_1_1)
states: 912
abstracting: (n8_1_1<=1)
states: 1,029 (3)
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-09 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.010sec

checking: EF [sum(n6_1, n6_2, n6_0)<=malicious_reservoir]
normalized: E [true U sum(n6_1, n6_2, n6_0)<=malicious_reservoir]

abstracting: (sum(n6_1, n6_2, n6_0)<=malicious_reservoir)
states: 411
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-02 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.040sec

checking: EF [[[n5_0<=SstopOK_1 & [[n9_0_0<=n1_0 | n8_0_0<=0] | n5_0<=n3_1]] | ~ [s2_1<=1]]]
normalized: E [true U [~ [s2_1<=1] | [[[n9_0_0<=n1_0 | n8_0_0<=0] | n5_0<=n3_1] & n5_0<=SstopOK_1]]]

abstracting: (n5_0<=SstopOK_1)
states: 957
abstracting: (n5_0<=n3_1)
states: 957
abstracting: (n8_0_0<=0)
states: 807
abstracting: (n9_0_0<=n1_0)
states: 861
abstracting: (s2_1<=1)
states: 1,029 (3)
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-13 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.006sec

checking: EF [~ [sum(n1_1, n1_0, n1_2)<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]
normalized: E [true U ~ [sum(n1_1, n1_0, n1_2)<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]

abstracting: (sum(n1_1, n1_0, n1_2)<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 973
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-00 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.034sec

checking: EF [[~ [[AstopOK<=n8_2_1 & ~ [[[n7_2_2<=0 | [n7_2_0<=n7_0_2 | ~ [n8_2_2<=0]]] & [[[1<=SstopOK_2 & ~ [s6_1<=n9_1_0]] & 1<=n8_0_2] | n6_2<=0]]]]] & ~ [CstopOK_1<=SstopOK_2]]]
normalized: E [true U [~ [CstopOK_1<=SstopOK_2] & ~ [[~ [[[[[~ [s6_1<=n9_1_0] & 1<=SstopOK_2] & 1<=n8_0_2] | n6_2<=0] & [[~ [n8_2_2<=0] | n7_2_0<=n7_0_2] | n7_2_2<=0]]] & AstopOK<=n8_2_1]]]]

abstracting: (AstopOK<=n8_2_1)
states: 860
abstracting: (n7_2_2<=0)
states: 893
abstracting: (n7_2_0<=n7_0_2)
states: 940
abstracting: (n8_2_2<=0)
states: 807
abstracting: (n6_2<=0)
states: 463
abstracting: (1<=n8_0_2)
states: 222
abstracting: (1<=SstopOK_2)
states: 192
abstracting: (s6_1<=n9_1_0)
states: 885
abstracting: (CstopOK_1<=SstopOK_2)
states: 1,029 (3)
-> the formula is FALSE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-11 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.005sec

checking: EF [~ [[~ [n9_0_2<=0] & [~ [[s3_0<=CstopOK_2 & SstopAbort<=1]] & [[~ [[n7_0_0<=n1_0 | [n7_1_1<=n7_1_1 & 1<=CstopOK_1]]] & n8_1_2<=n8_2_1] | [[n8_0_1<=n1_2 & ~ [[a1<=1 | 1<=n8_2_0]]] | n8_0_0<=n9_0_2]]]]]]
normalized: E [true U ~ [[[[[[~ [[a1<=1 | 1<=n8_2_0]] & n8_0_1<=n1_2] | n8_0_0<=n9_0_2] | [~ [[[n7_1_1<=n7_1_1 & 1<=CstopOK_1] | n7_0_0<=n1_0]] & n8_1_2<=n8_2_1]] & ~ [[s3_0<=CstopOK_2 & SstopAbort<=1]]] & ~ [n9_0_2<=0]]]]

abstracting: (n9_0_2<=0)
states: 861
abstracting: (SstopAbort<=1)
states: 1,029 (3)
abstracting: (s3_0<=CstopOK_2)
states: 945
abstracting: (n8_1_2<=n8_2_1)
states: 885
abstracting: (n7_0_0<=n1_0)
states: 893
abstracting: (1<=CstopOK_1)
states: 24
abstracting: (n7_1_1<=n7_1_1)
states: 1,029 (3)
abstracting: (n8_0_0<=n9_0_2)
states: 807
abstracting: (n8_0_1<=n1_2)
states: 807
abstracting: (1<=n8_2_0)
states: 222
abstracting: (a1<=1)
states: 1,029 (3)
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-15 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.005sec

checking: AG [[~ [[[79<=sum(s4_1, s4_2, s4_0) | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=98] | Astart<=sum(s2_1, s2_2, s2_0)]] & [[~ [[~ [[[AstopOK<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) | sum(s2_1, s2_2, s2_0)<=8] & ~ [sum(n4_0, n4_2, n4_1)<=76]]] & ~ [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=Astart]]] | CstopAbort<=13] | AstopAbort<=sum(n4_0, n4_2, n4_1)]]]
normalized: ~ [E [true U ~ [[[[~ [[~ [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=Astart] & ~ [[~ [sum(n4_0, n4_2, n4_1)<=76] & [AstopOK<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) | sum(s2_1, s2_2, s2_0)<=8]]]]] | CstopAbort<=13] | AstopAbort<=sum(n4_0, n4_2, n4_1)] & ~ [[[79<=sum(s4_1, s4_2, s4_0) | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=98] | Astart<=sum(s2_1, s2_2, s2_0)]]]]]]

abstracting: (Astart<=sum(s2_1, s2_2, s2_0))
states: 1,025 (3)
abstracting: (sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=98)
states: 1,029 (3)
abstracting: (79<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (AstopAbort<=sum(n4_0, n4_2, n4_1))
states: 666
abstracting: (CstopAbort<=13)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=8)
states: 1,029 (3)
abstracting: (AstopOK<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 937
abstracting: (sum(n4_0, n4_2, n4_1)<=76)
states: 1,029 (3)
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=Astart)
states: 666
-> the formula is FALSE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-03 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.176sec

checking: AG [[[[[s2_2<=n9_0_2 | [[AstopAbort<=1 & [AstopAbort<=0 | ~ [1<=n5_0]]] | [~ [[~ [s4_2<=malicious_reservoir] | n9_1_2<=n7_1_2]] | [~ [1<=SstopAbort] & n5_0<=0]]]] & [[a5<=n8_2_2 | 1<=s3_2] | [[~ [[~ [1<=n5_1] & ~ [n9_0_2<=n6_2]]] & [[Cstart_0<=0 & [SstopOK_0<=n9_0_2 & CstopOK_0<=1]] | [[n7_0_2<=0 & 1<=n6_1] | s5_2<=0]]] | ~ [[[n7_2_1<=0 | n7_1_2<=n1_2] | [s4_0<=Sstart_2 & 1<=n9_2_1]]]]]] | [[[[[~ [[a5<=0 & s5_0<=1]] & 1<=n7_2_1] | n6_2<=0] | [[c1_1<=s5_0 | ~ [n8_2_2<=n2_0]] | CstopAbort<=s5_2]] & ~ [1<=n6_2]] & [n8_2_2<=n7_2_0 & ~ [[n5_2<=n9_0_0 & s6_2<=0]]]]] & ~ [a5<=SstopAbort]]]
normalized: ~ [E [true U ~ [[[[[[~ [[[s4_0<=Sstart_2 & 1<=n9_2_1] | [n7_2_1<=0 | n7_1_2<=n1_2]]] | [[[[n7_0_2<=0 & 1<=n6_1] | s5_2<=0] | [[SstopOK_0<=n9_0_2 & CstopOK_0<=1] & Cstart_0<=0]] & ~ [[~ [n9_0_2<=n6_2] & ~ [1<=n5_1]]]]] | [a5<=n8_2_2 | 1<=s3_2]] & [[[[~ [1<=SstopAbort] & n5_0<=0] | ~ [[~ [s4_2<=malicious_reservoir] | n9_1_2<=n7_1_2]]] | [[~ [1<=n5_0] | AstopAbort<=0] & AstopAbort<=1]] | s2_2<=n9_0_2]] | [[~ [[n5_2<=n9_0_0 & s6_2<=0]] & n8_2_2<=n7_2_0] & [~ [1<=n6_2] & [[[~ [n8_2_2<=n2_0] | c1_1<=s5_0] | CstopAbort<=s5_2] | [[~ [[a5<=0 & s5_0<=1]] & 1<=n7_2_1] | n6_2<=0]]]]] & ~ [a5<=SstopAbort]]]]]

abstracting: (a5<=SstopAbort)
states: 863
abstracting: (n6_2<=0)
states: 463
abstracting: (1<=n7_2_1)
states: 136
abstracting: (s5_0<=1)
states: 1,029 (3)
abstracting: (a5<=0)
states: 710
abstracting: (CstopAbort<=s5_2)
states: 840
abstracting: (c1_1<=s5_0)
states: 717
abstracting: (n8_2_2<=n2_0)
states: 807
abstracting: (1<=n6_2)
states: 566
abstracting: (n8_2_2<=n7_2_0)
states: 840
abstracting: (s6_2<=0)
states: 885
abstracting: (n5_2<=n9_0_0)
states: 957
abstracting: (s2_2<=n9_0_2)
states: 975
abstracting: (AstopAbort<=1)
states: 1,029 (3)
abstracting: (AstopAbort<=0)
states: 638
abstracting: (1<=n5_0)
states: 72
abstracting: (n9_1_2<=n7_1_2)
states: 861
abstracting: (s4_2<=malicious_reservoir)
states: 985
abstracting: (n5_0<=0)
states: 957
abstracting: (1<=SstopAbort)
states: 513
abstracting: (1<=s3_2)
states: 84
abstracting: (a5<=n8_2_2)
states: 784
abstracting: (1<=n5_1)
states: 72
abstracting: (n9_0_2<=n6_2)
states: 973
abstracting: (Cstart_0<=0)
states: 585
abstracting: (CstopOK_0<=1)
states: 1,029 (3)
abstracting: (SstopOK_0<=n9_0_2)
states: 1,005 (3)
abstracting: (s5_2<=0)
states: 738
abstracting: (1<=n6_1)
states: 566
abstracting: (n7_0_2<=0)
states: 893
abstracting: (n7_1_2<=n1_2)
states: 893
abstracting: (n7_2_1<=0)
states: 893
abstracting: (1<=n9_2_1)
states: 168
abstracting: (s4_0<=Sstart_2)
states: 963
-> the formula is FALSE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-14 FALSE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.024sec

checking: EF [~ [[~ [[[[AstopAbort<=70 | ~ [a2<=malicious_reservoir]] & [[~ [sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [2<=sum(n4_0, n4_2, n4_1) | [sum(s3_2, s3_0, s3_1)<=a1 & sum(CstopOK_2, CstopOK_1, CstopOK_0)<=74]]] & 17<=sum(n1_1, n1_0, n1_2)]] | sum(s2_1, s2_2, s2_0)<=36]] | [[[[SstopAbort<=13 & 47<=a2] | [~ [[[sum(s5_2, s5_1, s5_0)<=19 & 74<=sum(n2_2, n2_1, n2_0)] | [84<=sum(n1_1, n1_0, n1_2) | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=a3]]] | ~ [66<=AstopAbort]]] | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=sum(n4_0, n4_2, n4_1)] & [[[[AstopAbort<=93 | ~ [SstopAbort<=56]] & [~ [[SstopAbort<=99 & 48<=a3]] | sum(n3_2, n3_1, n3_0)<=42]] & [~ [[sum(s4_1, s4_2, s4_0)<=sum(SstopOK_2, SstopOK_0, SstopOK_1) & AstopAbort<=36]] & sum(n4_0, n4_2, n4_1)<=a5]] & [~ [[sum(s2_1, s2_2, s2_0)<=13 | ~ [AstopAbort<=87]]] & ~ [sum(n5_2, n5_1, n5_0)<=a2]]]]]]]
normalized: E [true U ~ [[[[[[~ [[sum(s4_1, s4_2, s4_0)<=sum(SstopOK_2, SstopOK_0, SstopOK_1) & AstopAbort<=36]] & sum(n4_0, n4_2, n4_1)<=a5] & [[sum(n3_2, n3_1, n3_0)<=42 | ~ [[SstopAbort<=99 & 48<=a3]]] & [~ [SstopAbort<=56] | AstopAbort<=93]]] & [~ [[sum(s2_1, s2_2, s2_0)<=13 | ~ [AstopAbort<=87]]] & ~ [sum(n5_2, n5_1, n5_0)<=a2]]] & [[[~ [[[84<=sum(n1_1, n1_0, n1_2) | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=a3] | [sum(s5_2, s5_1, s5_0)<=19 & 74<=sum(n2_2, n2_1, n2_0)]]] | ~ [66<=AstopAbort]] | [SstopAbort<=13 & 47<=a2]] | sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=sum(n4_0, n4_2, n4_1)]] | ~ [[[[~ [a2<=malicious_reservoir] | AstopAbort<=70] & [17<=sum(n1_1, n1_0, n1_2) & [~ [sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [[sum(s3_2, s3_0, s3_1)<=a1 & sum(CstopOK_2, CstopOK_1, CstopOK_0)<=74] | 2<=sum(n4_0, n4_2, n4_1)]]]] | sum(s2_1, s2_2, s2_0)<=36]]]]]

abstracting: (sum(s2_1, s2_2, s2_0)<=36)
states: 1,029 (3)
abstracting: (2<=sum(n4_0, n4_2, n4_1))
states: 32
abstracting: (sum(CstopOK_2, CstopOK_1, CstopOK_0)<=74)
states: 1,029 (3)
abstracting: (sum(s3_2, s3_0, s3_1)<=a1)
states: 843
abstracting: (sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 666
abstracting: (17<=sum(n1_1, n1_0, n1_2))
states: 0
abstracting: (AstopAbort<=70)
states: 1,029 (3)
abstracting: (a2<=malicious_reservoir)
states: 1,026 (3)
abstracting: (sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)<=sum(n4_0, n4_2, n4_1))
states: 576
abstracting: (47<=a2)
states: 0
abstracting: (SstopAbort<=13)
states: 1,029 (3)
abstracting: (66<=AstopAbort)
states: 0
abstracting: (74<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (sum(s5_2, s5_1, s5_0)<=19)
states: 1,029 (3)
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=a3)
states: 666
abstracting: (84<=sum(n1_1, n1_0, n1_2))
states: 0
abstracting: (sum(n5_2, n5_1, n5_0)<=a2)
states: 877
abstracting: (AstopAbort<=87)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=13)
states: 1,029 (3)
abstracting: (AstopAbort<=93)
states: 1,029 (3)
abstracting: (SstopAbort<=56)
states: 1,029 (3)
abstracting: (48<=a3)
states: 0
abstracting: (SstopAbort<=99)
states: 1,029 (3)
abstracting: (sum(n3_2, n3_1, n3_0)<=42)
states: 1,029 (3)
abstracting: (sum(n4_0, n4_2, n4_1)<=a5)
states: 973
abstracting: (AstopAbort<=36)
states: 1,029 (3)
abstracting: (sum(s4_1, s4_2, s4_0)<=sum(SstopOK_2, SstopOK_0, SstopOK_1))
states: 876
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-06 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.378sec

checking: EF [[[~ [[[sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(n5_2, n5_1, n5_0) & ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=malicious_reservoir]] & ~ [[[sum(s3_2, s3_0, s3_1)<=sum(s4_1, s4_2, s4_0) | sum(n2_2, n2_1, n2_0)<=malicious_reservoir] & [57<=sum(c1_2, c1_1, c1_0) & [[AstopAbort<=sum(n2_2, n2_1, n2_0) | 55<=AstopAbort] | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=59]]]]]] | [[[~ [malicious_reservoir<=malicious_reservoir] & [[[[33<=sum(s4_1, s4_2, s4_0) & a2<=26] & ~ [AstopOK<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] & ~ [[SstopAbort<=sum(n4_0, n4_2, n4_1) | malicious_reservoir<=39]]] | a2<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] | [38<=a1 | [a1<=SstopAbort | [[[sum(s3_2, s3_0, s3_1)<=99 | 88<=SstopAbort] | [a4<=sum(c1_2, c1_1, c1_0) & sum(s2_1, s2_2, s2_0)<=19]] | [[Astart<=68 | malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [19<=sum(s4_1, s4_2, s4_0) & sum(n5_2, n5_1, n5_0)<=63]]]]]] | AstopOK<=86]] | 36<=sum(s6_2, s6_1, s6_0)]]
normalized: E [true U [36<=sum(s6_2, s6_1, s6_0) | [[AstopOK<=86 | [[38<=a1 | [a1<=SstopAbort | [[[19<=sum(s4_1, s4_2, s4_0) & sum(n5_2, n5_1, n5_0)<=63] & [Astart<=68 | malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] | [[a4<=sum(c1_2, c1_1, c1_0) & sum(s2_1, s2_2, s2_0)<=19] | [sum(s3_2, s3_0, s3_1)<=99 | 88<=SstopAbort]]]]] | [[a2<=sum(CstopOK_2, CstopOK_1, CstopOK_0) | [~ [[SstopAbort<=sum(n4_0, n4_2, n4_1) | malicious_reservoir<=39]] & [~ [AstopOK<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [33<=sum(s4_1, s4_2, s4_0) & a2<=26]]]] & ~ [malicious_reservoir<=malicious_reservoir]]]] | ~ [[~ [[[57<=sum(c1_2, c1_1, c1_0) & [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=59 | [AstopAbort<=sum(n2_2, n2_1, n2_0) | 55<=AstopAbort]]] & [sum(s3_2, s3_0, s3_1)<=sum(s4_1, s4_2, s4_0) | sum(n2_2, n2_1, n2_0)<=malicious_reservoir]]] & [sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(n5_2, n5_1, n5_0) & ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=malicious_reservoir]]]]]]]

abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=malicious_reservoir)
states: 750
abstracting: (sum(SstopOK_2, SstopOK_0, SstopOK_1)<=sum(n5_2, n5_1, n5_0))
states: 663
abstracting: (sum(n2_2, n2_1, n2_0)<=malicious_reservoir)
states: 979
abstracting: (sum(s3_2, s3_0, s3_1)<=sum(s4_1, s4_2, s4_0))
states: 897
abstracting: (55<=AstopAbort)
states: 0
abstracting: (AstopAbort<=sum(n2_2, n2_1, n2_0))
states: 666
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=59)
states: 1,029 (3)
abstracting: (57<=sum(c1_2, c1_1, c1_0))
states: 0
abstracting: (malicious_reservoir<=malicious_reservoir)
states: 1,029 (3)
abstracting: (a2<=26)
states: 1,029 (3)
abstracting: (33<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (AstopOK<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 802
abstracting: (malicious_reservoir<=39)
states: 1,029 (3)
abstracting: (SstopAbort<=sum(n4_0, n4_2, n4_1))
states: 558
abstracting: (a2<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 1,025 (3)
abstracting: (88<=SstopAbort)
states: 0
abstracting: (sum(s3_2, s3_0, s3_1)<=99)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=19)
states: 1,029 (3)
abstracting: (a4<=sum(c1_2, c1_1, c1_0))
states: 1,025 (3)
abstracting: (malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 831
abstracting: (Astart<=68)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=63)
states: 1,029 (3)
abstracting: (19<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (a1<=SstopAbort)
states: 1,021 (3)
abstracting: (38<=a1)
states: 0
abstracting: (AstopOK<=86)
states: 1,029 (3)
abstracting: (36<=sum(s6_2, s6_1, s6_0))
states: 0
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-01 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.409sec

checking: AG [[[sum(n6_1, n6_2, n6_0)<=79 & [[[[[[~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(n5_2, n5_1, n5_0)] | [45<=sum(n2_2, n2_1, n2_0) | sum(s4_1, s4_2, s4_0)<=79]] & sum(n4_0, n4_2, n4_1)<=95] | a5<=AstopOK] | [[~ [[sum(s5_2, s5_1, s5_0)<=AstopOK & Astart<=38]] | 13<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)] | [7<=AstopOK & [[89<=SstopAbort | sum(s3_2, s3_0, s3_1)<=90] | a3<=sum(n5_2, n5_1, n5_0)]]]] | sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=36] | ~ [[[[sum(s4_1, s4_2, s4_0)<=AstopOK & a2<=a3] | [sum(n5_2, n5_1, n5_0)<=57 & [10<=sum(n1_1, n1_0, n1_2) & [sum(s2_1, s2_2, s2_0)<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) | sum(n2_2, n2_1, n2_0)<=92]]]] & [[[78<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) & ~ [SstopAbort<=53]] | 71<=sum(n2_2, n2_1, n2_0)] & [62<=SstopAbort & [[99<=sum(n5_2, n5_1, n5_0) & 68<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & a2<=21]]]]]]] | [sum(n3_2, n3_1, n3_0)<=sum(Cstart_2, Cstart_0, Cstart_1) | [[[sum(n5_2, n5_1, n5_0)<=a5 & [sum(s4_1, s4_2, s4_0)<=62 | [sum(s2_1, s2_2, s2_0)<=malicious_reservoir & [~ [sum(n5_2, n5_1, n5_0)<=sum(n1_1, n1_0, n1_2)] & [a5<=80 & a1<=sum(n1_1, n1_0, n1_2)]]]]] | ~ [[~ [sum(s2_1, s2_2, s2_0)<=sum(Cstart_2, Cstart_0, Cstart_1)] & [sum(Sstart_2, Sstart_0, Sstart_1)<=sum(n2_2, n2_1, n2_0) | [[sum(s4_1, s4_2, s4_0)<=15 & sum(Cstart_2, Cstart_0, Cstart_1)<=72] | [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=sum(s4_1, s4_2, s4_0) & a4<=a2]]]]]] | [[sum(Cstart_2, Cstart_0, Cstart_1)<=a1 & ~ [[[[53<=a1 & 15<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] & [71<=sum(n3_2, n3_1, n3_0) | sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=85]] | [~ [Astart<=16] & [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=54 & 30<=sum(SstopOK_2, SstopOK_0, SstopOK_1)]]]]] & ~ [80<=sum(Cstart_2, Cstart_0, Cstart_1)]]]]]]
normalized: ~ [E [true U ~ [[[sum(n3_2, n3_1, n3_0)<=sum(Cstart_2, Cstart_0, Cstart_1) | [[~ [80<=sum(Cstart_2, Cstart_0, Cstart_1)] & [sum(Cstart_2, Cstart_0, Cstart_1)<=a1 & ~ [[[[sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=54 & 30<=sum(SstopOK_2, SstopOK_0, SstopOK_1)] & ~ [Astart<=16]] | [[71<=sum(n3_2, n3_1, n3_0) | sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=85] & [53<=a1 & 15<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]]]]] | [~ [[[sum(Sstart_2, Sstart_0, Sstart_1)<=sum(n2_2, n2_1, n2_0) | [[sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=sum(s4_1, s4_2, s4_0) & a4<=a2] | [sum(s4_1, s4_2, s4_0)<=15 & sum(Cstart_2, Cstart_0, Cstart_1)<=72]]] & ~ [sum(s2_1, s2_2, s2_0)<=sum(Cstart_2, Cstart_0, Cstart_1)]]] | [sum(n5_2, n5_1, n5_0)<=a5 & [sum(s4_1, s4_2, s4_0)<=62 | [sum(s2_1, s2_2, s2_0)<=malicious_reservoir & [[a5<=80 & a1<=sum(n1_1, n1_0, n1_2)] & ~ [sum(n5_2, n5_1, n5_0)<=sum(n1_1, n1_0, n1_2)]]]]]]]] | [sum(n6_1, n6_2, n6_0)<=79 & [~ [[[[62<=SstopAbort & [a2<=21 & [99<=sum(n5_2, n5_1, n5_0) & 68<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]] & [71<=sum(n2_2, n2_1, n2_0) | [78<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) & ~ [SstopAbort<=53]]]] & [[sum(n5_2, n5_1, n5_0)<=57 & [10<=sum(n1_1, n1_0, n1_2) & [sum(s2_1, s2_2, s2_0)<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0) | sum(n2_2, n2_1, n2_0)<=92]]] | [sum(s4_1, s4_2, s4_0)<=AstopOK & a2<=a3]]]] | [sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=36 | [[[7<=AstopOK & [a3<=sum(n5_2, n5_1, n5_0) | [89<=SstopAbort | sum(s3_2, s3_0, s3_1)<=90]]] | [13<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0) | ~ [[sum(s5_2, s5_1, s5_0)<=AstopOK & Astart<=38]]]] | [a5<=AstopOK | [sum(n4_0, n4_2, n4_1)<=95 & [[45<=sum(n2_2, n2_1, n2_0) | sum(s4_1, s4_2, s4_0)<=79] | ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(n5_2, n5_1, n5_0)]]]]]]]]]]]]

abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(n5_2, n5_1, n5_0))
states: 750
abstracting: (sum(s4_1, s4_2, s4_0)<=79)
states: 1,029 (3)
abstracting: (45<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (sum(n4_0, n4_2, n4_1)<=95)
states: 1,029 (3)
abstracting: (a5<=AstopOK)
states: 710
abstracting: (Astart<=38)
states: 1,029 (3)
abstracting: (sum(s5_2, s5_1, s5_0)<=AstopOK)
states: 546
abstracting: (13<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 0
abstracting: (sum(s3_2, s3_0, s3_1)<=90)
states: 1,029 (3)
abstracting: (89<=SstopAbort)
states: 0
abstracting: (a3<=sum(n5_2, n5_1, n5_0))
states: 997
abstracting: (7<=AstopOK)
states: 0
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=36)
states: 1,029 (3)
abstracting: (a2<=a3)
states: 1,025 (3)
abstracting: (sum(s4_1, s4_2, s4_0)<=AstopOK)
states: 891
abstracting: (sum(n2_2, n2_1, n2_0)<=92)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0))
states: 921
abstracting: (10<=sum(n1_1, n1_0, n1_2))
states: 0
abstracting: (sum(n5_2, n5_1, n5_0)<=57)
states: 1,029 (3)
abstracting: (SstopAbort<=53)
states: 1,029 (3)
abstracting: (78<=sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0))
states: 0
abstracting: (71<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (68<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 0
abstracting: (99<=sum(n5_2, n5_1, n5_0))
states: 0
abstracting: (a2<=21)
states: 1,029 (3)
abstracting: (62<=SstopAbort)
states: 0
abstracting: (sum(n6_1, n6_2, n6_0)<=79)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=sum(n1_1, n1_0, n1_2))
states: 877
abstracting: (a1<=sum(n1_1, n1_0, n1_2))
states: 1,025 (3)
abstracting: (a5<=80)
states: 1,029 (3)
abstracting: (sum(s2_1, s2_2, s2_0)<=malicious_reservoir)
states: 933
abstracting: (sum(s4_1, s4_2, s4_0)<=62)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=a5)
states: 925
abstracting: (sum(s2_1, s2_2, s2_0)<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=72)
states: 1,029 (3)
abstracting: (sum(s4_1, s4_2, s4_0)<=15)
states: 1,029 (3)
abstracting: (a4<=a2)
states: 1,025 (3)
abstracting: (sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)<=sum(s4_1, s4_2, s4_0))
states: 666
abstracting: (sum(Sstart_2, Sstart_0, Sstart_1)<=sum(n2_2, n2_1, n2_0))
states: 1,005 (3)
abstracting: (15<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 0
abstracting: (53<=a1)
states: 0
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=85)
states: 1,029 (3)
abstracting: (71<=sum(n3_2, n3_1, n3_0))
states: 0
abstracting: (Astart<=16)
states: 1,029 (3)
abstracting: (30<=sum(SstopOK_2, SstopOK_0, SstopOK_1))
states: 0
abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=54)
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=a1)
states: 534
abstracting: (80<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 0
abstracting: (sum(n3_2, n3_1, n3_0)<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 1,029 (3)
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-04 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 0.872sec

checking: EF [~ [[[[[94<=sum(n4_0, n4_2, n4_1) & [68<=sum(c1_2, c1_1, c1_0) | [~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(Sstart_2, Sstart_0, Sstart_1)] | 73<=sum(n3_2, n3_1, n3_0)]]] & [[22<=sum(n2_2, n2_1, n2_0) | ~ [[~ [sum(n2_2, n2_1, n2_0)<=sum(n6_1, n6_2, n6_0)] & [a2<=CstopAbort | sum(s3_2, s3_0, s3_1)<=SstopAbort]]]] & [sum(n6_1, n6_2, n6_0)<=sum(s4_1, s4_2, s4_0) | [sum(CstopOK_2, CstopOK_1, CstopOK_0)<=a3 & 24<=sum(n2_2, n2_1, n2_0)]]]] & [[[[[~ [malicious_reservoir<=61] | ~ [48<=sum(s2_1, s2_2, s2_0)]] | [[70<=sum(Cstart_2, Cstart_0, Cstart_1) | malicious_reservoir<=sum(Sstart_2, Sstart_0, Sstart_1)] | ~ [sum(n1_1, n1_0, n1_2)<=sum(n5_2, n5_1, n5_0)]]] | [[[sum(n3_2, n3_1, n3_0)<=98 & 90<=sum(s4_1, s4_2, s4_0)] | [6<=sum(n4_0, n4_2, n4_1) | sum(n2_2, n2_1, n2_0)<=40]] & [[SstopAbort<=sum(s5_2, s5_1, s5_0) & sum(s3_2, s3_0, s3_1)<=73] | ~ [86<=sum(s2_1, s2_2, s2_0)]]]] & [89<=a4 & [sum(s5_2, s5_1, s5_0)<=malicious_reservoir | [sum(n6_1, n6_2, n6_0)<=90 | [42<=sum(n5_2, n5_1, n5_0) | 25<=sum(s5_2, s5_1, s5_0)]]]]] & ~ [[94<=sum(s6_2, s6_1, s6_0) | [[[sum(n5_2, n5_1, n5_0)<=sum(s4_1, s4_2, s4_0) & sum(n6_1, n6_2, n6_0)<=26] | [sum(n4_0, n4_2, n4_1)<=47 & a5<=30]] & [[97<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & a5<=CstopAbort] | ~ [AstopOK<=74]]]]]]] & [[~ [[[[~ [sum(n5_2, n5_1, n5_0)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)] | [81<=sum(n5_2, n5_1, n5_0) | 4<=sum(n4_0, n4_2, n4_1)]] | malicious_reservoir<=12] | [[sum(s6_2, s6_1, s6_0)<=17 | sum(SstopOK_2, SstopOK_0, SstopOK_1)<=CstopAbort] | [[sum(n1_1, n1_0, n1_2)<=70 | CstopAbort<=sum(SstopOK_2, SstopOK_0, SstopOK_1)] | 30<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]]] | [[[[[a2<=28 & CstopAbort<=sum(s2_1, s2_2, s2_0)] | ~ [sum(Cstart_2, Cstart_0, Cstart_1)<=32]] | ~ [sum(Cstart_2, Cstart_0, Cstart_1)<=33]] & [~ [31<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)] | [[sum(n1_1, n1_0, n1_2)<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & sum(s2_1, s2_2, s2_0)<=84] & a1<=sum(s6_2, s6_1, s6_0)]]] & ~ [[~ [sum(s3_2, s3_0, s3_1)<=21] & [~ [29<=a5] & 83<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0)]]]]] & [sum(n6_1, n6_2, n6_0)<=20 | [malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0) | 90<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]]]]]
normalized: E [true U ~ [[[[sum(n6_1, n6_2, n6_0)<=20 | [malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0) | 90<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]] & [[~ [[[83<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0) & ~ [29<=a5]] & ~ [sum(s3_2, s3_0, s3_1)<=21]]] & [[[a1<=sum(s6_2, s6_1, s6_0) & [sum(n1_1, n1_0, n1_2)<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & sum(s2_1, s2_2, s2_0)<=84]] | ~ [31<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0)]] & [~ [sum(Cstart_2, Cstart_0, Cstart_1)<=33] | [~ [sum(Cstart_2, Cstart_0, Cstart_1)<=32] | [a2<=28 & CstopAbort<=sum(s2_1, s2_2, s2_0)]]]]] | ~ [[[[30<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0) | [sum(n1_1, n1_0, n1_2)<=70 | CstopAbort<=sum(SstopOK_2, SstopOK_0, SstopOK_1)]] | [sum(s6_2, s6_1, s6_0)<=17 | sum(SstopOK_2, SstopOK_0, SstopOK_1)<=CstopAbort]] | [malicious_reservoir<=12 | [[81<=sum(n5_2, n5_1, n5_0) | 4<=sum(n4_0, n4_2, n4_1)] | ~ [sum(n5_2, n5_1, n5_0)<=sum(CstopOK_2, CstopOK_1, CstopOK_0)]]]]]]] & [[~ [[94<=sum(s6_2, s6_1, s6_0) | [[~ [AstopOK<=74] | [97<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0) & a5<=CstopAbort]] & [[sum(n4_0, n4_2, n4_1)<=47 & a5<=30] | [sum(n5_2, n5_1, n5_0)<=sum(s4_1, s4_2, s4_0) & sum(n6_1, n6_2, n6_0)<=26]]]]] & [[89<=a4 & [sum(s5_2, s5_1, s5_0)<=malicious_reservoir | [sum(n6_1, n6_2, n6_0)<=90 | [42<=sum(n5_2, n5_1, n5_0) | 25<=sum(s5_2, s5_1, s5_0)]]]] & [[[~ [86<=sum(s2_1, s2_2, s2_0)] | [SstopAbort<=sum(s5_2, s5_1, s5_0) & sum(s3_2, s3_0, s3_1)<=73]] & [[6<=sum(n4_0, n4_2, n4_1) | sum(n2_2, n2_1, n2_0)<=40] | [sum(n3_2, n3_1, n3_0)<=98 & 90<=sum(s4_1, s4_2, s4_0)]]] | [[~ [sum(n1_1, n1_0, n1_2)<=sum(n5_2, n5_1, n5_0)] | [70<=sum(Cstart_2, Cstart_0, Cstart_1) | malicious_reservoir<=sum(Sstart_2, Sstart_0, Sstart_1)]] | [~ [48<=sum(s2_1, s2_2, s2_0)] | ~ [malicious_reservoir<=61]]]]]] & [[[sum(n6_1, n6_2, n6_0)<=sum(s4_1, s4_2, s4_0) | [sum(CstopOK_2, CstopOK_1, CstopOK_0)<=a3 & 24<=sum(n2_2, n2_1, n2_0)]] & [22<=sum(n2_2, n2_1, n2_0) | ~ [[[a2<=CstopAbort | sum(s3_2, s3_0, s3_1)<=SstopAbort] & ~ [sum(n2_2, n2_1, n2_0)<=sum(n6_1, n6_2, n6_0)]]]]] & [94<=sum(n4_0, n4_2, n4_1) & [68<=sum(c1_2, c1_1, c1_0) | [73<=sum(n3_2, n3_1, n3_0) | ~ [sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(Sstart_2, Sstart_0, Sstart_1)]]]]]]]]]

abstracting: (sum(n7_1_2, n7_2_2, n7_0_1, n7_1_1, n7_2_1, n7_0_2, n7_0_0, n7_2_0, n7_1_0)<=sum(Sstart_2, Sstart_0, Sstart_1))
states: 750
abstracting: (73<=sum(n3_2, n3_1, n3_0))
states: 0
abstracting: (68<=sum(c1_2, c1_1, c1_0))
states: 0
abstracting: (94<=sum(n4_0, n4_2, n4_1))
states: 0
abstracting: (sum(n2_2, n2_1, n2_0)<=sum(n6_1, n6_2, n6_0))
states: 973
abstracting: (sum(s3_2, s3_0, s3_1)<=SstopAbort)
states: 939
abstracting: (a2<=CstopAbort)
states: 1,025 (3)
abstracting: (22<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (24<=sum(n2_2, n2_1, n2_0))
states: 0
abstracting: (sum(CstopOK_2, CstopOK_1, CstopOK_0)<=a3)
states: 981
abstracting: (sum(n6_1, n6_2, n6_0)<=sum(s4_1, s4_2, s4_0))
states: 431
abstracting: (malicious_reservoir<=61)
states: 1,029 (3)
abstracting: (48<=sum(s2_1, s2_2, s2_0))
states: 0
abstracting: (malicious_reservoir<=sum(Sstart_2, Sstart_0, Sstart_1))
states: 825
abstracting: (70<=sum(Cstart_2, Cstart_0, Cstart_1))
states: 0
abstracting: (sum(n1_1, n1_0, n1_2)<=sum(n5_2, n5_1, n5_0))
states: 973
abstracting: (90<=sum(s4_1, s4_2, s4_0))
states: 0
abstracting: (sum(n3_2, n3_1, n3_0)<=98)
states: 1,029 (3)
abstracting: (sum(n2_2, n2_1, n2_0)<=40)
states: 1,029 (3)
abstracting: (6<=sum(n4_0, n4_2, n4_1))
states: 0
abstracting: (sum(s3_2, s3_0, s3_1)<=73)
states: 1,029 (3)
abstracting: (SstopAbort<=sum(s5_2, s5_1, s5_0))
states: 768
abstracting: (86<=sum(s2_1, s2_2, s2_0))
states: 0
abstracting: (25<=sum(s5_2, s5_1, s5_0))
states: 0
abstracting: (42<=sum(n5_2, n5_1, n5_0))
states: 0
abstracting: (sum(n6_1, n6_2, n6_0)<=90)
states: 1,029 (3)
abstracting: (sum(s5_2, s5_1, s5_0)<=malicious_reservoir)
states: 522
abstracting: (89<=a4)
states: 0
abstracting: (sum(n6_1, n6_2, n6_0)<=26)
states: 1,029 (3)
abstracting: (sum(n5_2, n5_1, n5_0)<=sum(s4_1, s4_2, s4_0))
states: 937
abstracting: (a5<=30)
states: 1,029 (3)
abstracting: (sum(n4_0, n4_2, n4_1)<=47)
states: 1,029 (3)
abstracting: (a5<=CstopAbort)
states: 809
abstracting: (97<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 0
abstracting: (AstopOK<=74)
states: 1,029 (3)
abstracting: (94<=sum(s6_2, s6_1, s6_0))
states: 0
abstracting: (sum(n5_2, n5_1, n5_0)<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 877
abstracting: (4<=sum(n4_0, n4_2, n4_1))
states: 0
abstracting: (81<=sum(n5_2, n5_1, n5_0))
states: 0
abstracting: (malicious_reservoir<=12)
states: 1,029 (3)
abstracting: (sum(SstopOK_2, SstopOK_0, SstopOK_1)<=CstopAbort)
states: 771
abstracting: (sum(s6_2, s6_1, s6_0)<=17)
states: 1,029 (3)
abstracting: (CstopAbort<=sum(SstopOK_2, SstopOK_0, SstopOK_1))
states: 930
abstracting: (sum(n1_1, n1_0, n1_2)<=70)
states: 1,029 (3)
abstracting: (30<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 0
abstracting: (CstopAbort<=sum(s2_1, s2_2, s2_0))
states: 732
abstracting: (a2<=28)
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=32)
states: 1,029 (3)
abstracting: (sum(Cstart_2, Cstart_0, Cstart_1)<=33)
states: 1,029 (3)
abstracting: (31<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 0
abstracting: (sum(s2_1, s2_2, s2_0)<=84)
states: 1,029 (3)
abstracting: (sum(n1_1, n1_0, n1_2)<=sum(n8_2_2, n8_1_2, n8_0_1, n8_1_1, n8_2_1, n8_0_2, n8_0_0, n8_1_0, n8_2_0))
states: 973
abstracting: (a1<=sum(s6_2, s6_1, s6_0))
states: 997
abstracting: (sum(s3_2, s3_0, s3_1)<=21)
states: 1,029 (3)
abstracting: (29<=a5)
states: 0
abstracting: (83<=sum(n9_2_2, n9_1_2, n9_1_1, n9_0_1, n9_0_2, n9_2_1, n9_0_0, n9_2_0, n9_1_0))
states: 0
abstracting: (90<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 0
abstracting: (malicious_reservoir<=sum(CstopOK_2, CstopOK_1, CstopOK_0))
states: 831
abstracting: (sum(n6_1, n6_2, n6_0)<=20)
states: 1,029 (3)
-> the formula is TRUE

FORMULA QuasiCertifProtocol-PT-02-ReachabilityCardinality-05 TRUE TECHNIQUES SEQUENTIAL_PROCESSING DECISION_DIAGRAMS UNFOLDING_TO_PT

MC time: 0m 1.091sec

totally nodes used: 75866 (7.6e+04)
number of garbage collections: 0
fire ops cache: hits/miss/sum: 31860 234239 266099
used/not used/entry size/cache size: 276778 66832086 16 1024MB
basic ops cache: hits/miss/sum: 34035 252614 286649
used/not used/entry size/cache size: 333080 16444136 12 192MB
unary ops cache: hits/miss/sum: 0 0 0
used/not used/entry size/cache size: 0 16777216 8 128MB
abstract ops cache: hits/miss/sum: 0 40094 40094
used/not used/entry size/cache size: 1 16777215 12 192MB
state nr cache: hits/miss/sum: 3932 16373 20305
used/not used/entry size/cache size: 16368 8372240 32 256MB
max state cache: hits/miss/sum: 0 0 0
used/not used/entry size/cache size: 0 8388608 32 256MB
uniqueHash elements/entry size/size: 67108864 4 256MB
0 67034449
1 73010
2 1375
3 22
4 3
5 2
6 3
7 0
8 0
9 0
>= 10 0

Total processing time: 0m 7.703sec


BK_STOP 1678824826220

--------------------
content from stderr:

check for maximal unmarked siphon
ok
check for constant places
ok
check if there are places and transitions
ok
check if there are transitions without pre-places
ok
check if at least one transition is enabled in m0
ok
check if there are transitions that can never fire
ok


initing FirstDep: 0m 0.000sec


iterations count:899 (16), effective:56 (1)

initing FirstDep: 0m 0.000sec


iterations count:56 (1), effective:0 (0)

iterations count:181 (3), effective:22 (0)

iterations count:56 (1), effective:0 (0)

iterations count:195 (3), effective:23 (0)

iterations count:83 (1), effective:4 (0)

iterations count:61 (1), effective:1 (0)

iterations count:57 (1), effective:1 (0)

iterations count:56 (1), effective:0 (0)

iterations count:56 (1), effective:0 (0)

iterations count:62 (1), effective:1 (0)

iterations count:56 (1), effective:0 (0)

iterations count:56 (1), effective:0 (0)

iterations count:56 (1), effective:0 (0)

Sequence of Actions to be Executed by the VM

This is useful if one wants to reexecute the tool in the VM from the submitted image disk.

set -x
# this is for BenchKit: configuration of major elements for the test
export BK_INPUT="QuasiCertifProtocol-PT-02"
export BK_EXAMINATION="ReachabilityCardinality"
export BK_TOOL="marcie"
export BK_RESULT_DIR="/tmp/BK_RESULTS/OUTPUTS"
export BK_TIME_CONFINEMENT="3600"
export BK_MEMORY_CONFINEMENT="16384"
export BK_BIN_PATH="/home/mcc/BenchKit/bin/"

# this is specific to your benchmark or test

export BIN_DIR="$HOME/BenchKit/bin"

# remove the execution directoty if it exists (to avoid increse of .vmdk images)
if [ -d execution ] ; then
rm -rf execution
fi

# this is for BenchKit: explicit launching of the test
echo "====================================================================="
echo " Generated by BenchKit 2-5348"
echo " Executing tool marcie"
echo " Input is QuasiCertifProtocol-PT-02, examination is ReachabilityCardinality"
echo " Time confinement is $BK_TIME_CONFINEMENT seconds"
echo " Memory confinement is 16384 MBytes"
echo " Number of cores is 1"
echo " Run identifier is r289-tall-167873941000862"
echo "====================================================================="
echo
echo "--------------------"
echo "preparation of the directory to be used:"

tar xzf /home/mcc/BenchKit/INPUTS/QuasiCertifProtocol-PT-02.tgz
mv QuasiCertifProtocol-PT-02 execution
cd execution
if [ "ReachabilityCardinality" = "ReachabilityDeadlock" ] || [ "ReachabilityCardinality" = "UpperBounds" ] || [ "ReachabilityCardinality" = "QuasiLiveness" ] || [ "ReachabilityCardinality" = "StableMarking" ] || [ "ReachabilityCardinality" = "Liveness" ] || [ "ReachabilityCardinality" = "OneSafe" ] || [ "ReachabilityCardinality" = "StateSpace" ]; then
rm -f GenericPropertiesVerdict.xml
fi
pwd
ls -lh

echo
echo "--------------------"
echo "content from stdout:"
echo
echo "=== Data for post analysis generated by BenchKit (invocation template)"
echo
if [ "ReachabilityCardinality" = "UpperBounds" ] ; then
echo "The expected result is a vector of positive values"
echo NUM_VECTOR
elif [ "ReachabilityCardinality" != "StateSpace" ] ; then
echo "The expected result is a vector of booleans"
echo BOOL_VECTOR
else
echo "no data necessary for post analysis"
fi
echo
if [ -f "ReachabilityCardinality.txt" ] ; then
echo "here is the order used to build the result vector(from text file)"
for x in $(grep Property ReachabilityCardinality.txt | cut -d ' ' -f 2 | sort -u) ; do
echo "FORMULA_NAME $x"
done
elif [ -f "ReachabilityCardinality.xml" ] ; then # for cunf (txt files deleted;-)
echo echo "here is the order used to build the result vector(from xml file)"
for x in $(grep '' ReachabilityCardinality.xml | cut -d '>' -f 2 | cut -d '<' -f 1 | sort -u) ; do
echo "FORMULA_NAME $x"
done
elif [ "ReachabilityCardinality" = "ReachabilityDeadlock" ] || [ "ReachabilityCardinality" = "QuasiLiveness" ] || [ "ReachabilityCardinality" = "StableMarking" ] || [ "ReachabilityCardinality" = "Liveness" ] || [ "ReachabilityCardinality" = "OneSafe" ] ; then
echo "FORMULA_NAME ReachabilityCardinality"
fi
echo
echo "=== Now, execution of the tool begins"
echo
echo -n "BK_START "
date -u +%s%3N
echo
timeout -s 9 $BK_TIME_CONFINEMENT bash -c "/home/mcc/BenchKit/BenchKit_head.sh 2> STDERR ; echo ; echo -n \"BK_STOP \" ; date -u +%s%3N"
if [ $? -eq 137 ] ; then
echo
echo "BK_TIME_CONFINEMENT_REACHED"
fi
echo
echo "--------------------"
echo "content from stderr:"
echo
cat STDERR ;