Departmental Papers (CIS)

Date of this Version

April 2005

Document Type

Journal Article


Games are useful in modular specification and anlysis of systems where the distinction among choices controlled by different components (for instance, the system and its environment) is made explicit. In this paper, we formulate and compare various symbolic computational techniques for deciding existence of winning strategies. The game structure is given implicitly, and the winning condition is either a reachability game of the form "p until q" (for state predicates p and q) or a safety game of the form "Always p".

For reachability games, the first technique employs symbolic fixed-point computation using ordered binary decision diagrams[9]. The second technique checks for the existence of strategies that ensure winning within k steps, for a user specified bound k, by reduction to the satisfiability of quantified boolean formulas. Finally, the bounded case can also be solved by reduction to satisfiability of ordinary boolean formulas, and we discuss two techniques, one based on encoding the strategy tree and one based on encoding a witness subgraph, for reduction to SAT. We also show how some of these techniques can be adopted to solve safety games. We compare the various approaches by evaluating them on two examples for reachability games, and on an interface synthesis example for a fragment of TinyOS [15] for safety games. We use existing tools such as MOCHA [4], MUCKE [7], SEMPROP [19], QUBE [12], and BERKMIN [13], and contrast the results.

Subject Area

CPS Formal Methods

Publication Source

International Journal on Software Tools for Technology Transfer





Start Page


Last Page




Copyright/Permission Statement

The original publication is available at


formal verification, games, symbolic model checking, QBF solving, bounded model checking



Date Posted: 15 November 2005

This document has been peer reviewed.