External-memory BDD tools for symbolic model checking lack native support for relational product operations and struggle with large state spaces due to memory bottlenecks. Method: This paper extends the Adiar library to fully implement monotonic variable substitution and relational product within an external-memory BDD framework, integrating existential quantification merging and disk-aware depth-first traversal. It introduces I/O-optimized designs ensuring runtime near-independence from available RAM. Contribution/Results: Experiments demonstrate speedups of several orders of magnitude over CAL; up to 47% faster on small-scale tasks; and successful verification of models far exceeding conventional in-memory BDD capacity limits. The approach significantly enhances both feasibility and efficiency of large-scale symbolic model checking.

We extend the external memory BDD package Adiar with support for monotone variable substitution. Doing so, it now supports the relational product operation at the heart of symbolic model checking. We also identify additional avenues for merging variable substitution fully and the conjunction operation partially inside the relational product's existential quantification step. For smaller BDDs, these additional ideas improve the running of Adiar for model checking tasks up to 47%. For larger instances, the computation time is mostly unaffected as it is dominated by the existential quantification. Adiar's relational product is about one order of magnitude slower than conventional depth-first BDD implementations. Yet, its I/O-efficiency allows its running time to be virtually independent of the amount of internal memory. This allows it to compute on BDDs with much less internal memory and potentially to solve model checking tasks beyond the reach of conventional implementations. Compared to the only other external memory BDD package, CAL, Adiar is several orders of magnitude faster when computing on larger instances.