Summary: MOCHA: Modularity in Model Checking ?
R. Alur 1 , T.A. Henzinger 2 , F.Y.C. Mang 2 , S. Qadeer 2 , S.K. Rajamani 2 , and S. Tasiran 2
1 Computer & Information Science Department, University of Pennsylvania, Philadelphia, PA 19104.
Computing Science Research Center, Bell Laboratories, Murray Hill, NJ 07974.
2 Electrical Engineering & Computer Sciences Department, University of California, Berkeley, CA 94720.
We describe a new interactive verification environment called MOCHA for the modular verifi
cation of heterogeneous systems. MOCHA differs from many existing model checkers in three
-- For modeling, we replace unstructured statetransition graphs with the heterogeneous mod
eling framework of reactive modules [AH96]. The definition of reactive modules is inspired
by formalisms such as Unity [CM88], I/O automata [Lyn96], and Esterel [BG88], and al
lows complex forms of interaction between components within a single transition. Reac
tive modules provide a semantic glue that allows the formal embedding and interaction of
components with different characteristics. Some modules may be synchronous, others asyn
chronous, some may represent hardware, others software, some may be speedindependent,
-- For requirement specification, we replace the systemlevel specification languages of linear