Departmental Papers (CIS)

Date of this Version

August 2000

Document Type

Conference Paper


Copyright ACM, 2000. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the 2000 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2000), pages 2-13.
Publisher URL:

A later, journal version of this paper may be found at


Network protocols are often analyzed using simulations. We demonstrate how to extend such simulations to check propositions expressing safety properties of network event traces in an extended form of linear temporal logic. Our technique uses the NS simulator together with a component of the Java MaC system to provide a uniform framework. We demonstrate its effectiveness by analyzing simulations of the Ad Hoc On-Demand Distance Vector (AODV) routing protocol for packet radio networks. Our analysis finds violations of significant properties, and we discuss the faults that cause them. Novel aspects of our approach include modest integration costs with other simulation objectives such as performance evaluation, greatly increased flexibility in specifying properties to be checked, and techniques for analyzing complex traces of alarms raised by the monitoring software.


Verisim, formal analysis, network, simulation, testing, routing, NS, MEDL, AODV, temporal logic, Ad Hoc networks, packet radio, meta-trace, tuning, population abstraction, packet-type abstraction



Date Posted: 17 March 2005

This document has been peer reviewed.