ABSTRACT
Model checking is an automatic verification technique for finite-state concurrent and reactive systems. In model checking, digital circuits or software designs under study are modeled as state transition systems, and desired properties are specified with temporal logic formulas. NuSMV allows for asynchronous system modeling. It is possible to define a collection of parallel processes, whose actions are interleaved, following an asynchronous model of concurrency. Testing and simulation are the two most common approaches to ensure software correctness. Software testing involves the execution of a software component or system component to evaluate one or more properties of interest. The input language of NuSMV supports data of Boolean type, enumerative type, bounded integers, and finite arrays. An SMV program can consist of more than one module. In each SMV specification there must be a module main.
