Response property checking via distributed state space exploration
Size: px
Start display at page:

Download "Response property checking via distributed state space exploration"

Transcription

1 Response property checking via distributed state space exploration Brad Bingham and Mark Greenstreet {binghamb, Department of Computer Science University of British Columbia, Canada October 24, 2014 FMCAD 2014

2 Motivation: Liveness + Explicit-State High-Level Models: use Murϕ to describe a system Liveness: nice to verify, but challenging in practice Distributed Model Checking: memory and speed scalability Explicit-State: easy to distribute/parallelize (Also outperforms symbolic methods for certain models) Our Goal: Attack a practical liveness property called response with distributed, explicit-state model checking Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

3 Outline 1 Response and Fairness 2 High Level Algorithm 3 Our Implementation Distributed MC for Safety Adaptation for Response One Optimization (of many) 4 Results Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

4 Response Properties init p reachable q Will there always be a response? Does every fair path from each reachable p-state lead to a q-state? p request issued ; q request granted In LTL: fair (p q) Most common/simplest notion of liveness Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

5 Response Properties init p reachable q UNFAIR UNFAIR Will there always be a response? Does every fair path from each reachable p-state lead to a q-state? p request issued ; q request granted In LTL: fair (p q) Most common/simplest notion of liveness Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

6 Response and Strongly Connected Components (SCCs) init p reachable pending q SCC SCC pending states where the request is outstanding The question fair (p q)? Is equivalent to asking Is there a fair SCC within pending? Terminology: fair SCC FSCC Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

7 Fairness In practice, we use fairness assumptions that reflect the underlying implementation Excludes unrealistic counterexamples We use action-based fairness: An action a is a set of system transitions a is called strongly-fair (aka compassionate; a C) if [a enabled -often] [a fires -often] a is called weakly-fair (aka just; a J ) if [a presistently enabled] [a fires] Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

8 Fairness In practice, we use fairness assumptions that reflect the underlying implementation Excludes unrealistic counterexamples We use action-based fairness: An action a is a set of system transitions a is called strongly-fair (aka compassionate; a C) if [a enabled -often] [a fires -often] a is called weakly-fair (aka just; a J ) if [a presistently enabled] [a fires] Note: verifying fair (p q) with standard Büchi automata LTL MC approach will blow up i.e., property automata with size exponential in C J Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

9 Outline 1 Response and Fairness 2 High Level Algorithm 3 Our Implementation Distributed MC for Safety Adaptation for Response One Optimization (of many) 4 Results Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

10 FSCCs Both green actions and pink actions are strongly fair a b c f h pending e d g Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

11 FSCCs Both green actions and pink actions are strongly fair a b c FSCC f h pending e d g Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

12 Algorithm Example Both green actions and pink actions are strongly fair a b c f h pending e d g Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

13 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

14 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Idea: find unfair states by looking at previous actions within MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

15 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Idea: find unfair states by looking at previous actions within MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

16 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Idea: find unfair states by looking at previous actions within MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

17 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Idea: find unfair states by looking at previous actions within MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

18 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Idea: find unfair states by looking at previous actions within MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

19 Algorithm Example Both green actions and pink actions are strongly fair Purple Blob MaybeFair a b c f h pending e d g Idea: find unfair states by looking at previous actions within MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

20 Definition: Predecessor Actions (PAs) Suppose H pending. Let H be the subgraph of the transition graph induced by H The Predecessor Actions for state s H, are actions appearing on some path that 1 is contained within H ; and 2 ends at s Observe: If s lies on a FSCC in H, then all enabled strongly-fair actions at s are PAs Contrapositive: If there a strongly-fair action enabled at s that isn t a PA, then s does NOT lie on a FSCC in H Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

21 Definition: Predecessor Actions (PAs) Suppose H pending. Let H be the subgraph of the transition graph induced by H The Predecessor Actions for state s H, are actions appearing on some path that 1 is contained within H ; and 2 ends at s Observe: If s lies on a FSCC in H, then all enabled strongly-fair actions at s are PAs Contrapositive: If there a strongly-fair action enabled at s that isn t a PA, then s does NOT lie on a FSCC in H...and remove s from consideration! Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

22 Outline 1 Response and Fairness 2 High Level Algorithm 3 Our Implementation Distributed MC for Safety Adaptation for Response One Optimization (of many) 4 Results Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

23 Distributed MC[SD97] Overview Simple approach to distributing explicit-state model checking (for safety) Use uniform random hash function owner : States PIDs PID i only stores states s such that owner(s) = i. Each PID maintains two data structures: V: Set of (owned) states visited so far WQ: List of states waiting to be expanded Start: compute initial states and send to their owners Iterate: state sucessors are sent to their respective owners Termination: when each WQ is empty and no messages are in flight Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

24 Message Flow WORKER PROCESS i V : {s 1,..., s k } (visited states) state s where owner(s) = i LAN/NoC to other Processes

25 Message Flow WORKER PROCESS i V : {s 1,..., s k } {s} (visited states) if s V discard s if s / V add s to V state s where owner(s) = i LAN/NoC to other Processes

26 Message Flow WORKER PROCESS i V : {s 1,..., s k } {s} (visited states) if s V discard s if s / V add s to V compute sucessors of s s 1,..., s r state s where owner(s) = i s 1,..., s r owner(s 1 ),..., owner(s r ) LAN/NoC to other Processes Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

27 Hash Table Considerations For safety: use a Murϕ hash table implementation that stores visited states as 40-bit values Chance of a missed state, but typically it s a tiny chance ( ) Once a state is inserted, it can t be recovered from its hash value For response: necessary to track extra information about states, for example Is it a pending-state? Is it in MaybeFair? What are its predecessor actions, relative to MaybeFair? We use 16 + C J extra bits per state Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

28 Tracking Predecessor Actions Suppose C = {a 1,...a k } Tag each hash table entry with PAs, which is a subset of C (plus a few other bookkeeping bits) For states in s MaybeFair: initialize PA(s) to Message Passing: Expand state s: if (s, s ) a i, send msg [s, PA(s) {a i }] to owner(s ) Receive msg [s, F ]: PA(s ) := PA(s ) F ; expand state s if PA(s ) changed. Continue until no further expansions. Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

29 Tracking Predecessor Actions Suppose C = {a 1,...a k } Tag each hash table entry with PAs, which is a subset of C (plus a few other bookkeeping bits) For states in s MaybeFair: initialize PA(s) to Message Passing: Expand state s: if (s, s ) a i, send msg [s, PA(s) {a i }] to owner(s ) Receive msg [s, F ]: PA(s ) := PA(s ) F ; expand state s if PA(s ) changed. Continue until no further expansions. (A similar idea works for weakly-fair actions) Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

30 PA Propagation Example b a 4 taken PA: {a 1, a 5 } c a 7 taken e PA: {a 2, a 3, a 5, a 7 } a 1 taken PA: d PA: {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

31 PA Propagation Example b Expand! {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } c a 7 taken e {a 2, a 3, a 5, a 7 } d a 1 taken {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

32 PA Propagation Example b {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } c a 7 taken e Expand! {a 2, a 3, a 5, a 7 } d a 1 taken {a 1, a 4, a 5 } {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

33 PA Propagation Example b {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } Expand! a c 7 taken {a 2, a 3, a 5, a 7 } {a 2, a 3, a 5, a 7 } a 1 taken e {a 1, a 4, a 5 } d {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

34 PA Propagation Example b {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } a c 7 taken {a 2, a 3, a 5, a 7 } {a 2, a 3, a 5, a 7 } d a 1 taken e Expand! {a 1, a 4, a 5 } {a 1, a 2, a 4, a 5, a 7 } {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

35 PA Propagation Example b {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } c {a 2, a 3, a 5, a 7 } Expand! d a 7 taken {a 2, a 3, a 5, a 7 } a 1 taken {a 1, a 2, a 7 } e {a 1, a 4, a 5 } {a 1, a 2, a 4, a 5, a 7 } {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

36 PA Propagation Example b {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } c {a 2, a 3, a 5, a 7 } d a 7 taken {a 2, a 3, a 5, a 7 } a 1 taken e {a 1, a 4, a 5 } {a 1, a 2, a 7 } {a1, a2, a4, a5, a7} No change, no expand needed {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

37 PA Propagation Example b {a 1, a 5 } a 4 taken {a 1, a 4, a 5 } c {a 2, a 3, a 5, a 7 } d a 7 taken {a 2, a 3, a 5, a 7 } a 1 taken e {a 1, a 4, a 5 } {a 1, a 2, a 7 } {a1, a2, a4, a5, a7} No change, no expand needed {a 2, a 7 } Strongly-fair actions C = {a 1,..., a 7 } (once PAs reach a fixpoint, remove unfair states from MaybeFair, clear the PAs and compute them again) Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

38 Optimization: The Kernel Idea: save set of states K to disk so that MaybeFair can be generated through reachability starting with K Call K a kernel if MaybeFair Reach(K) i.e., MaybeFair is reachable starting from K Note: both initial states I and p-states are kernels for all subsets of pending To maintain K: Initialize K to p-states; If s K is removed from MaybeFair, then Remove s from K; Insert successors(s) MaybeFair into K Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

39 Kernel Optimization p pending Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

40 Kernel Optimization MaybeFair kernel Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

41 Kernel Optimization pending MaybeFair kernel Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

42 Kernel Optimization pending MaybeFair kernel Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

43 Kernel Optimization pending kernel MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

44 Kernel Optimization pending kernel MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

45 Kernel Optimization pending kernel MaybeFair Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

46 Kernel Optimization pending Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

47 Outline 1 Response and Fairness 2 High Level Algorithm 3 Our Implementation Distributed MC for Safety Adaptation for Response One Optimization (of many) 4 Results Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

48 Performance model runtime states pending exp/state german5 sf german6 sf peterson6 wf peterson7 wf snoop2 sf saw20 sf gbn3 2 sf swp4 2 sf intelsmall sf intelmed sf 1, intelbig sf 13, runtime is in seconds; state counts in millions Blue: 40 processes running on 20 Core i7 machines (UBC) Green: 16 processes running on Xeon machines (Intel) Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

49 Take-Away Our Goal: Attack a practical liveness property called response with distributed, explicit-state model checking Result: An efficient implementation for response property verification, applicable to very large state spaces Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

50 Take-Away Our Goal: Attack a practical liveness property called response with distributed, explicit-state model checking Result: An efficient implementation for response property verification, applicable to very large state spaces Our approach does well in practice expands each state a small number of times (modest overhead compared with safety ) (in the worst case, could expand each state O(mn 2 ) times where m is # of fair rules and n number of states) Optimizations improve the performance by more than a factor of 2 on average Our tool is massively scalable can use on industrial problems Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

51 Take-Away Our Goal: Attack a practical liveness property called response with distributed, explicit-state model checking Result: An efficient implementation for response property verification, applicable to very large state spaces Our approach does well in practice expands each state a small number of times (modest overhead compared with safety ) (in the worst case, could expand each state O(mn 2 ) times where m is # of fair rules and n number of states) Optimizations improve the performance by more than a factor of 2 on average Our tool is massively scalable can use on industrial problems Thank-you! Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

52 Take-Away Our Goal: Attack a practical liveness property called response with distributed, explicit-state model checking Result: An efficient implementation for response property verification, applicable to very large state spaces Our approach does well in practice expands each state a small number of times (modest overhead compared with safety ) (in the worst case, could expand each state O(mn 2 ) times where m is # of fair rules and n number of states) Optimizations improve the performance by more than a factor of 2 on average Our tool is massively scalable can use on industrial problems Thank-you! Questions? Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

53 References I U. Stern and D. L. Dill, Parallelizing the murphi verifier, International Conference on Computer Aided Verification, 1997, pp Bingham/Greenstreet (UBC) Response property checking October 24/ / 21

Similar documents

Timo Latvala. March 7, 2004

Timo Latvala. March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness Timo Latvala March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness 14-1 Safety Safety properties are a very useful subclass of specifications.

More information

Automata-based Verification - III

Automata-based Verification - III COMP30172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2009 Third Topic Infinite Word Automata Motivation Büchi Automata

More information

Formal Verification Techniques. Riccardo Sisto, Politecnico di Torino

Formal Verification Techniques. Riccardo Sisto, Politecnico di Torino Formal Verification Techniques Riccardo Sisto, Politecnico di Torino State exploration State Exploration and Theorem Proving Exhaustive exploration => result is certain (correctness or noncorrectness proof)

More information

Automata-based Verification - III

Automata-based Verification - III CS3172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20/22: email: howard.barringer@manchester.ac.uk March 2005 Third Topic Infinite Word Automata Motivation Büchi Automata

More information

IC3 and Beyond: Incremental, Inductive Verification

IC3 and Beyond: Incremental, Inductive Verification IC3 and Beyond: Incremental, Inductive Verification Aaron R. Bradley ECEE, CU Boulder & Summit Middle School IC3 and Beyond: Incremental, Inductive Verification 1/62 Induction Foundation of verification

More information

Sanjit A. Seshia EECS, UC Berkeley

Sanjit A. Seshia EECS, UC Berkeley EECS 219C: Computer-Aided Verification Explicit-State Model Checking: Additional Material Sanjit A. Seshia EECS, UC Berkeley Acknowledgments: G. Holzmann Checking if M satisfies : Steps 1. Compute Buchi

More information

An Incremental Approach to Model Checking Progress Properties

An Incremental Approach to Model Checking Progress Properties An Incremental Approach to Model Checking Progress Properties Aaron Bradley Fabio Somenzi Zyad Hassan Yan Zhang Department of Electrical, Computer, and Energy Engineering University of Colorado at Boulder

More information

THEORY OF SYSTEMS MODELING AND ANALYSIS. Henny Sipma Stanford University. Master class Washington University at St Louis November 16, 2006

THEORY OF SYSTEMS MODELING AND ANALYSIS. Henny Sipma Stanford University. Master class Washington University at St Louis November 16, 2006 THEORY OF SYSTEMS MODELING AND ANALYSIS Henny Sipma Stanford University Master class Washington University at St Louis November 16, 2006 1 1 COURSE OUTLINE 8:37-10:00 Introduction -- Computational model

More information

Transition Predicate Abstraction and Fair Termination

Transition Predicate Abstraction and Fair Termination Transition Predicate Abstraction and Fair Termination Andreas Podelski and Andrey Rybalchenko Max-Planck-Institut für Informatik Saarbrücken, Germany POPL 2005 ETH Zürich Can Ali Akgül 2009 Introduction

More information

Lecture 4 Model Checking and Logic Synthesis

Lecture 4 Model Checking and Logic Synthesis Lecture 4 Model Checking and Logic Synthesis Nok Wongpiromsarn Richard M. Murray Ufuk Topcu EECI, 18 March 2013 Outline Model checking: what it is, how it works, how it is used Computational complexity

More information

Automata-Theoretic LTL Model-Checking

Automata-Theoretic LTL Model-Checking Automata-Theoretic LTL Model-Checking Arie Gurfinkel arie@cmu.edu SEI/CMU Automata-Theoretic LTL Model-Checking p.1 LTL - Linear Time Logic (Pn 77) Determines Patterns on Infinite Traces Atomic Propositions

More information

Heuristic Search Algorithms

Heuristic Search Algorithms CHAPTER 4 Heuristic Search Algorithms 59 4.1 HEURISTIC SEARCH AND SSP MDPS The methods we explored in the previous chapter have a serious practical drawback the amount of memory they require is proportional

More information

Software Verification using Predicate Abstraction and Iterative Refinement: Part 1

Software Verification using Predicate Abstraction and Iterative Refinement: Part 1 using Predicate Abstraction and Iterative Refinement: Part 1 15-414 Bug Catching: Automated Program Verification and Testing Sagar Chaki November 28, 2011 Outline Overview of Model Checking Creating Models

More information

The State Explosion Problem

The State Explosion Problem The State Explosion Problem Martin Kot August 16, 2003 1 Introduction One from main approaches to checking correctness of a concurrent system are state space methods. They are suitable for automatic analysis

More information

Chapter 3: Linear temporal logic

Chapter 3: Linear temporal logic INFOF412 Formal verification of computer systems Chapter 3: Linear temporal logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 LTL: a specification

More information

Models for Efficient Timed Verification

Models for Efficient Timed Verification Models for Efficient Timed Verification François Laroussinie LSV / ENS de Cachan CNRS UMR 8643 Monterey Workshop - Composition of embedded systems Model checking System Properties Formalizing step? ϕ Model

More information

Information-Theoretic Lower Bounds on the Storage Cost of Shared Memory Emulation

Information-Theoretic Lower Bounds on the Storage Cost of Shared Memory Emulation Information-Theoretic Lower Bounds on the Storage Cost of Shared Memory Emulation Viveck R. Cadambe EE Department, Pennsylvania State University, University Park, PA, USA viveck@engr.psu.edu Nancy Lynch

More information

Model Checking Algorithms

Model Checking Algorithms Model Checking Algorithms Bow-Yaw Wang Institute of Information Science Academia Sinica, Taiwan November 14, 2018 Bow-Yaw Wang (Academia Sinica) Model Checking Algorithms November 14, 2018 1 / 56 Outline

More information

State-Space Exploration. Stavros Tripakis University of California, Berkeley

State-Space Exploration. Stavros Tripakis University of California, Berkeley EE 144/244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2014 State-Space Exploration Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE

More information

PRISM An overview. automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation,

PRISM An overview. automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation, PRISM An overview PRISM is a probabilistic model checker automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation, Construction/analysis of probabilistic

More information

Efficient Büchi Universality Checking

Efficient Büchi Universality Checking Efficient Büchi Universality Checking Seth Fogarty and Moshe Y. Vardi Department of Computer Science, Rice University, Houston, TX {sfogarty,vardi}@cs.rice.edu Abstract. The complementation of Büchi automata,

More information

Automata, Logic and Games: Theory and Application

Automata, Logic and Games: Theory and Application Automata, Logic and Games: Theory and Application 1. Büchi Automata and S1S Luke Ong University of Oxford TACL Summer School University of Salerno, 14-19 June 2015 Luke Ong Büchi Automata & S1S 14-19 June

More information

Shannon-Fano-Elias coding

Shannon-Fano-Elias coding Shannon-Fano-Elias coding Suppose that we have a memoryless source X t taking values in the alphabet {1, 2,..., L}. Suppose that the probabilities for all symbols are strictly positive: p(i) > 0, i. The

More information

Abstractions and Decision Procedures for Effective Software Model Checking

Abstractions and Decision Procedures for Effective Software Model Checking Abstractions and Decision Procedures for Effective Software Model Checking Prof. Natasha Sharygina The University of Lugano, Carnegie Mellon University Microsoft Summer School, Moscow, July 2011 Lecture

More information

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège Temporal logics and explicit-state model checking Pierre Wolper Université de Liège 1 Topics to be covered Introducing explicit-state model checking Finite automata on infinite words Temporal Logics and

More information

CSE 311 Lecture 25: Relating NFAs, DFAs, and Regular Expressions. Emina Torlak and Kevin Zatloukal

CSE 311 Lecture 25: Relating NFAs, DFAs, and Regular Expressions. Emina Torlak and Kevin Zatloukal CSE 3 Lecture 25: Relating NFAs, DFAs, and Regular Expressions Emina Torlak and Kevin Zatloukal Topics From regular expressions to NFAs Theorem, algorithm, and examples. From NFAs to DFAs Theorem, algorithm,

More information

Algorithms for Data Science

Algorithms for Data Science Algorithms for Data Science CSOR W4246 Eleni Drinea Computer Science Department Columbia University Tuesday, December 1, 2015 Outline 1 Recap Balls and bins 2 On randomized algorithms 3 Saving space: hashing-based

More information

SAT-Based Verification with IC3: Foundations and Demands

SAT-Based Verification with IC3: Foundations and Demands SAT-Based Verification with IC3: Foundations and Demands Aaron R. Bradley ECEE, CU Boulder & Summit Middle School SAT-Based Verification with IC3:Foundations and Demands 1/55 Induction Foundation of verification

More information

Automatic Synthesis of Distributed Protocols

Automatic Synthesis of Distributed Protocols Automatic Synthesis of Distributed Protocols Rajeev Alur Stavros Tripakis 1 Introduction Protocols for coordination among concurrent processes are an essential component of modern multiprocessor and distributed

More information

Theory of Computer Science

Theory of Computer Science Theory of Computer Science E1. Complexity Theory: Motivation and Introduction Malte Helmert University of Basel May 18, 2016 Overview: Course contents of this course: logic How can knowledge be represented?

More information

Theory of Computer Science. Theory of Computer Science. E1.1 Motivation. E1.2 How to Measure Runtime? E1.3 Decision Problems. E1.

Theory of Computer Science. Theory of Computer Science. E1.1 Motivation. E1.2 How to Measure Runtime? E1.3 Decision Problems. E1. Theory of Computer Science May 18, 2016 E1. Complexity Theory: Motivation and Introduction Theory of Computer Science E1. Complexity Theory: Motivation and Introduction Malte Helmert University of Basel

More information

Lecture Notes on Emptiness Checking, LTL Büchi Automata

Lecture Notes on Emptiness Checking, LTL Büchi Automata 15-414: Bug Catching: Automated Program Verification Lecture Notes on Emptiness Checking, LTL Büchi Automata Matt Fredrikson André Platzer Carnegie Mellon University Lecture 18 1 Introduction We ve seen

More information

Understanding IC3. Aaron R. Bradley. ECEE, CU Boulder & Summit Middle School. Understanding IC3 1/55

Understanding IC3. Aaron R. Bradley. ECEE, CU Boulder & Summit Middle School. Understanding IC3 1/55 Understanding IC3 Aaron R. Bradley ECEE, CU Boulder & Summit Middle School Understanding IC3 1/55 Further Reading This presentation is based on Bradley, A. R. Understanding IC3. In SAT, June 2012. http://theory.stanford.edu/~arbrad

More information

Temporal Logic Model Checking

Temporal Logic Model Checking 18 Feb, 2009 Thomas Wahl, Oxford University Temporal Logic Model Checking 1 Temporal Logic Model Checking Thomas Wahl Computing Laboratory, Oxford University 18 Feb, 2009 Thomas Wahl, Oxford University

More information

Linear-time Temporal Logic

Linear-time Temporal Logic Linear-time Temporal Logic Pedro Cabalar Department of Computer Science University of Corunna, SPAIN cabalar@udc.es 2015/2016 P. Cabalar ( Department Linear oftemporal Computer Logic Science University

More information

Probabilistic Model Checking and Strategy Synthesis for Robot Navigation

Probabilistic Model Checking and Strategy Synthesis for Robot Navigation Probabilistic Model Checking and Strategy Synthesis for Robot Navigation Dave Parker University of Birmingham (joint work with Bruno Lacerda, Nick Hawes) AIMS CDT, Oxford, May 2015 Overview Probabilistic

More information

Bounded Model Checking with SAT/SMT. Edmund M. Clarke School of Computer Science Carnegie Mellon University 1/39

Bounded Model Checking with SAT/SMT. Edmund M. Clarke School of Computer Science Carnegie Mellon University 1/39 Bounded Model Checking with SAT/SMT Edmund M. Clarke School of Computer Science Carnegie Mellon University 1/39 Recap: Symbolic Model Checking with BDDs Method used by most industrial strength model checkers:

More information

Binary Decision Diagrams

Binary Decision Diagrams Binary Decision Diagrams Literature Some pointers: H.R. Andersen, An Introduction to Binary Decision Diagrams, Lecture notes, Department of Information Technology, IT University of Copenhagen Tools: URL:

More information

A Framework for Automated Competitive Analysis of On-line Scheduling of Firm-Deadline Tasks

A Framework for Automated Competitive Analysis of On-line Scheduling of Firm-Deadline Tasks A Framework for Automated Competitive Analysis of On-line Scheduling of Firm-Deadline Tasks Krishnendu Chatterjee 1, Andreas Pavlogiannis 1, Alexander Kößler 2, Ulrich Schmid 2 1 IST Austria, 2 TU Wien

More information

Causal Consistency for Geo-Replicated Cloud Storage under Partial Replication

Causal Consistency for Geo-Replicated Cloud Storage under Partial Replication Causal Consistency for Geo-Replicated Cloud Storage under Partial Replication Min Shen, Ajay D. Kshemkalyani, TaYuan Hsu University of Illinois at Chicago Min Shen, Ajay D. Kshemkalyani, TaYuan Causal

More information

SETH FOGARTY AND MOSHE Y. VARDI

SETH FOGARTY AND MOSHE Y. VARDI BÜCHI COMPLEMENTATION AND SIZE-CHANGE TERMINATION SETH FOGARTY AND MOSHE Y. VARDI Department of Computer Science, Rice University, Houston, TX e-mail address: sfogarty@gmail.com Department of Computer

More information

Computation Tree Logic (CTL) & Basic Model Checking Algorithms

Computation Tree Logic (CTL) & Basic Model Checking Algorithms Computation Tree Logic (CTL) & Basic Model Checking Algorithms Martin Fränzle Carl von Ossietzky Universität Dpt. of Computing Science Res. Grp. Hybride Systeme Oldenburg, Germany 02917: CTL & Model Checking

More information

Controller Synthesis with UPPAAL-TIGA. Alexandre David Kim G. Larsen, Didier Lime, Franck Cassez, Jean-François Raskin

Controller Synthesis with UPPAAL-TIGA. Alexandre David Kim G. Larsen, Didier Lime, Franck Cassez, Jean-François Raskin Controller Synthesis with UPPAAL-TIGA Alexandre David Kim G. Larsen, Didier Lime, Franck Cassez, Jean-François Raskin Overview Timed Games. Algorithm (CONCUR 05). Strategies. Code generation. Architecture

More information

Abelian Square-Free Dithering and Recoding for Iterated Hash Functions

Abelian Square-Free Dithering and Recoding for Iterated Hash Functions Abelian Square-Free Dithering and Recoding for Iterated Hash Functions Ronald L. Rivest MIT CSAIL ECRYPT Hash Function Conference June 23, 2005 Outline Dean/Kelsey/Schneier Attacks Square-Free Sequences

More information

Lecture 7 Synthesis of Reactive Control Protocols

Lecture 7 Synthesis of Reactive Control Protocols Lecture 7 Synthesis of Reactive Control Protocols Richard M. Murray Nok Wongpiromsarn Ufuk Topcu California Institute of Technology AFRL, 25 April 2012 Outline Review: networked control systems and cooperative

More information

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 96

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 96 Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 96 Teknillisen korkeakoulun tietojenkäsittelyteorian laboratorion tutkimusraportti 96 Espoo 2005 HUT-TCS-A96

More information

Computer-Aided Program Design

Computer-Aided Program Design Computer-Aided Program Design Spring 2015, Rice University Unit 3 Swarat Chaudhuri February 5, 2015 Temporal logic Propositional logic is a good language for describing properties of program states. However,

More information

Inference in Bayesian Networks

Inference in Bayesian Networks Andrea Passerini passerini@disi.unitn.it Machine Learning Inference in graphical models Description Assume we have evidence e on the state of a subset of variables E in the model (i.e. Bayesian Network)

More information

SAT Modulo Monotonic Theories

SAT Modulo Monotonic Theories SAT Modulo Monotonic Theories Sam Bayless, Noah Bayless, Holger H. Hoos, Alan J. Hu University of British Columbia Point Grey Secondary School Sam Bayless (UBC) SAT Modulo Monotonic Theories / 0 Procedural

More information

Analysis of a Boost Converter Circuit Using Linear Hybrid Automata

Analysis of a Boost Converter Circuit Using Linear Hybrid Automata Analysis of a Boost Converter Circuit Using Linear Hybrid Automata Ulrich Kühne LSV ENS de Cachan, 94235 Cachan Cedex, France, kuehne@lsv.ens-cachan.fr 1 Introduction Boost converter circuits are an important

More information

Cryptographic Hash Functions

Cryptographic Hash Functions Cryptographic Hash Functions Çetin Kaya Koç koc@ece.orst.edu Electrical & Computer Engineering Oregon State University Corvallis, Oregon 97331 Technical Report December 9, 2002 Version 1.5 1 1 Introduction

More information

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford Probabilistic Model Checking Michaelmas Term 2011 Dr. Dave Parker Department of Computer Science University of Oxford Probabilistic model checking System Probabilistic model e.g. Markov chain Result 0.5

More information

Algorithms. Grad Refresher Course 2011 University of British Columbia. Ron Maharik

Algorithms. Grad Refresher Course 2011 University of British Columbia. Ron Maharik Algorithms Grad Refresher Course 2011 University of British Columbia Ron Maharik maharik@cs.ubc.ca About this talk For those incoming grad students who Do not have a CS background, or Have a CS background

More information

Event Operators: Formalization, Algorithms, and Implementation Using Interval- Based Semantics

Event Operators: Formalization, Algorithms, and Implementation Using Interval- Based Semantics Department of Computer Science and Engineering University of Texas at Arlington Arlington, TX 76019 Event Operators: Formalization, Algorithms, and Implementation Using Interval- Based Semantics Raman

More information

UPPAAL tutorial What s inside UPPAAL The UPPAAL input languages

UPPAAL tutorial What s inside UPPAAL The UPPAAL input languages UPPAAL tutorial What s inside UPPAAL The UPPAAL inut languages 1 UPPAAL tool Develoed jointly by Usala & Aalborg University >>8,000 downloads since 1999 1 UPPAAL Tool Simulation Modeling Verification 3

More information

6.842 Randomness and Computation Lecture 5

6.842 Randomness and Computation Lecture 5 6.842 Randomness and Computation 2012-02-22 Lecture 5 Lecturer: Ronitt Rubinfeld Scribe: Michael Forbes 1 Overview Today we will define the notion of a pairwise independent hash function, and discuss its

More information

How to deal with uncertainties and dynamicity?

How to deal with uncertainties and dynamicity? How to deal with uncertainties and dynamicity? http://graal.ens-lyon.fr/ lmarchal/scheduling/ 19 novembre 2012 1/ 37 Outline 1 Sensitivity and Robustness 2 Analyzing the sensitivity : the case of Backfilling

More information

MAD. Models & Algorithms for Distributed systems -- 2/5 -- download slides at

MAD. Models & Algorithms for Distributed systems -- 2/5 -- download slides at MAD Models & Algorithms for Distributed systems -- /5 -- download slides at http://people.rennes.inria.fr/eric.fabre/ 1 Today Runs/executions of a distributed system are partial orders of events We introduce

More information

Quantum Computing Lecture 8. Quantum Automata and Complexity

Quantum Computing Lecture 8. Quantum Automata and Complexity Quantum Computing Lecture 8 Quantum Automata and Complexity Maris Ozols Computational models and complexity Shor s algorithm solves, in polynomial time, a problem for which no classical polynomial time

More information

Reactive Synthesis. Swen Jacobs VTSA 2013 Nancy, France u

Reactive Synthesis. Swen Jacobs VTSA 2013 Nancy, France u Reactive Synthesis Nancy, France 24.09.2013 u www.iaik.tugraz.at 2 Property Synthesis (You Will Never Code Again) 3 Construct Correct Systems Automatically Don t do the same

More information

Introduction to Model Checking

Introduction to Model Checking Introduction to Model Checking Fabio Somenzi Department of Electrical, Computer, and Energy Engineering University of Colorado at Boulder July 25, 2009 Outline 1 Introduction 2 Modeling Systems and Properties

More information

Algorithm Design Strategies V

Algorithm Design Strategies V Algorithm Design Strategies V Joaquim Madeira Version 0.0 October 2016 U. Aveiro, October 2016 1 Overview The 0-1 Knapsack Problem Revisited The Fractional Knapsack Problem Greedy Algorithms Example Coin

More information

6.852: Distributed Algorithms Fall, Class 10

6.852: Distributed Algorithms Fall, Class 10 6.852: Distributed Algorithms Fall, 2009 Class 10 Today s plan Simulating synchronous algorithms in asynchronous networks Synchronizers Lower bound for global synchronization Reading: Chapter 16 Next:

More information

1 Probability Review. CS 124 Section #8 Hashing, Skip Lists 3/20/17. Expectation (weighted average): the expectation of a random quantity X is:

1 Probability Review. CS 124 Section #8 Hashing, Skip Lists 3/20/17. Expectation (weighted average): the expectation of a random quantity X is: CS 24 Section #8 Hashing, Skip Lists 3/20/7 Probability Review Expectation (weighted average): the expectation of a random quantity X is: x= x P (X = x) For each value x that X can take on, we look at

More information

Advanced topic: Space complexity

Advanced topic: Space complexity Advanced topic: Space complexity CSCI 3130 Formal Languages and Automata Theory Siu On CHAN Chinese University of Hong Kong Fall 2016 1/28 Review: time complexity We have looked at how long it takes to

More information

Graph-based codes for flash memory

Graph-based codes for flash memory 1/28 Graph-based codes for flash memory Discrete Mathematics Seminar September 3, 2013 Katie Haymaker Joint work with Professor Christine Kelley University of Nebraska-Lincoln 2/28 Outline 1 Background

More information

Symmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago

Symmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago Symmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago Model-Checking Concurrent PGM Temporal SPEC Model Checker Yes/No Counter Example Approach Build the global state graph Algorithm

More information

Verifying Computations in the Cloud (and Elsewhere) Michael Mitzenmacher, Harvard University Work offloaded to Justin Thaler, Harvard University

Verifying Computations in the Cloud (and Elsewhere) Michael Mitzenmacher, Harvard University Work offloaded to Justin Thaler, Harvard University Verifying Computations in the Cloud (and Elsewhere) Michael Mitzenmacher, Harvard University Work offloaded to Justin Thaler, Harvard University Goals of Verifiable Computation Provide user with correctness

More information

Controlling probabilistic systems under partial observation an automata and verification perspective

Controlling probabilistic systems under partial observation an automata and verification perspective Controlling probabilistic systems under partial observation an automata and verification perspective Nathalie Bertrand, Inria Rennes, France Uncertainty in Computation Workshop October 4th 2016, Simons

More information

THE COMMUNICATIONS COMPLEXITY HIERARCHY IN DISTRIBUTED COMPUTING. J. B. Sidney + and J. Urrutia*

THE COMMUNICATIONS COMPLEXITY HIERARCHY IN DISTRIBUTED COMPUTING. J. B. Sidney + and J. Urrutia* THE COMMUNICATIONS COMPLEXITY HIERARCHY IN DISTRIBUTED COMPUTING J. B. Sidney + and J. Urrutia* 1. INTRODUCTION Since the pioneering research of Cook [1] and Karp [3] in computational complexity, an enormous

More information

Model Checking: An Introduction

Model Checking: An Introduction Model Checking: An Introduction Meeting 3, CSCI 5535, Spring 2013 Announcements Homework 0 ( Preliminaries ) out, due Friday Saturday This Week Dive into research motivating CSCI 5535 Next Week Begin foundations

More information

SDS developer guide. Develop distributed and parallel applications in Java. Nathanaël Cottin. version

SDS developer guide. Develop distributed and parallel applications in Java. Nathanaël Cottin. version SDS developer guide Develop distributed and parallel applications in Java Nathanaël Cottin sds@ncottin.net http://sds.ncottin.net version 0.0.3 Copyright 2007 - Nathanaël Cottin Permission is granted to

More information

Algorithms for Model Checking (2IW55)

Algorithms for Model Checking (2IW55) Algorithms for Model Checking (2IW55) Lecture 2 Fairness & Basic Model Checking Algorithm for CTL and fair CTL based on strongly connected components Chapter 4.1, 4.2 + SIAM Journal of Computing 1(2),

More information

Causal Broadcast Seif Haridi

Causal Broadcast Seif Haridi Causal Broadcast Seif Haridi haridi@kth.se Motivation Assume we have a chat application Whatever written is reliably broadcast to group If you get the following output, is it ok? [Paris] Are you sure,

More information

A Symbolic Approach to Safety LTL Synthesis

A Symbolic Approach to Safety LTL Synthesis A Symbolic Approach to Safety LTL Synthesis Shufang Zhu 1 Lucas M. Tabajara 2 Jianwen Li Geguang Pu 1 Moshe Y. Vardi 2 1 East China Normal University 2 Rice Lucas M. Tabajara (Rice University) 2 University

More information

Methods for the specification and verification of business processes MPB (6 cfu, 295AA)

Methods for the specification and verification of business processes MPB (6 cfu, 295AA) Methods for the specification and verification of business processes MPB (6 cfu, 295AA) Roberto Bruni http://www.di.unipi.it/~bruni 20 - Workflow modules 1 Object We study Workflow modules to model interaction

More information

Lecture 9 Synthesis of Reactive Control Protocols

Lecture 9 Synthesis of Reactive Control Protocols Lecture 9 Synthesis of Reactive Control Protocols Nok Wongpiromsarn Singapore-MIT Alliance for Research and Technology Richard M. Murray and Ufuk Topcu California Institute of Technology EECI, 16 May 2012

More information

Timing Results of a Parallel FFTsynth

Timing Results of a Parallel FFTsynth Purdue University Purdue e-pubs Department of Computer Science Technical Reports Department of Computer Science 1994 Timing Results of a Parallel FFTsynth Robert E. Lynch Purdue University, rel@cs.purdue.edu

More information

Tecniche di Specifica e di Verifica. Automata-based LTL Model-Checking

Tecniche di Specifica e di Verifica. Automata-based LTL Model-Checking Tecniche di Specifica e di Verifica Automata-based LTL Model-Checking Finite state automata A finite state automaton is a tuple A = (Σ,S,S 0,R,F) Σ: set of input symbols S: set of states -- S 0 : set of

More information

LTL Model Checking. Wishnu Prasetya.

LTL Model Checking. Wishnu Prasetya. LTL Model Checking Wishnu Prasetya wishnu@cs.uu.nl www.cs.uu.nl/docs/vakken/pv Overview This pack : Abstract model of programs Temporal properties Verification (via model checking) algorithm Concurrency

More information

Methods for the specification and verification of business processes MPB (6 cfu, 295AA)

Methods for the specification and verification of business processes MPB (6 cfu, 295AA) Methods for the specification and verification of business processes MPB (6 cfu, 295AA) Roberto Bruni http://www.di.unipi.it/~bruni 20 - Workflow modules 1 Object We study Workflow modules to model interaction

More information

Introduction to Randomized Algorithms III

Introduction to Randomized Algorithms III Introduction to Randomized Algorithms III Joaquim Madeira Version 0.1 November 2017 U. Aveiro, November 2017 1 Overview Probabilistic counters Counting with probability 1 / 2 Counting with probability

More information

CS246: Mining Massive Datasets Jure Leskovec, Stanford University

CS246: Mining Massive Datasets Jure Leskovec, Stanford University CS246: Mining Massive Datasets Jure Leskovec, Stanford University http://cs246.stanford.edu 2/26/2013 Jure Leskovec, Stanford CS246: Mining Massive Datasets, http://cs246.stanford.edu 2 More algorithms

More information

Computation Theory Finite Automata

Computation Theory Finite Automata Computation Theory Dept. of Computing ITT Dublin October 14, 2010 Computation Theory I 1 We would like a model that captures the general nature of computation Consider two simple problems: 2 Design a program

More information

Nondeterministic finite automata

Nondeterministic finite automata Lecture 3 Nondeterministic finite automata This lecture is focused on the nondeterministic finite automata (NFA) model and its relationship to the DFA model. Nondeterminism is an important concept in the

More information

Causality & Concurrency. Time-Stamping Systems. Plausibility. Example TSS: Lamport Clocks. Example TSS: Vector Clocks

Causality & Concurrency. Time-Stamping Systems. Plausibility. Example TSS: Lamport Clocks. Example TSS: Vector Clocks Plausible Clocks with Bounded Inaccuracy Causality & Concurrency a b exists a path from a to b Brad Moore, Paul Sivilotti Computer Science & Engineering The Ohio State University paolo@cse.ohio-state.edu

More information

Semantic Equivalences and the. Verification of Infinite-State Systems 1 c 2004 Richard Mayr

Semantic Equivalences and the. Verification of Infinite-State Systems 1 c 2004 Richard Mayr Semantic Equivalences and the Verification of Infinite-State Systems Richard Mayr Department of Computer Science Albert-Ludwigs-University Freiburg Germany Verification of Infinite-State Systems 1 c 2004

More information

Linear Temporal Logic and Büchi Automata

Linear Temporal Logic and Büchi Automata Linear Temporal Logic and Büchi Automata Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 Yih-Kuen Tsay (SVVRL @ IM.NTU) Linear Temporal Logic and Büchi Automata

More information

Aside: Golden Ratio. Golden Ratio: A universal law. Golden ratio φ = lim n = 1+ b n = a n 1. a n+1 = a n + b n, a n+b n a n

Aside: Golden Ratio. Golden Ratio: A universal law. Golden ratio φ = lim n = 1+ b n = a n 1. a n+1 = a n + b n, a n+b n a n Aside: Golden Ratio Golden Ratio: A universal law. Golden ratio φ = lim n a n+b n a n = 1+ 5 2 a n+1 = a n + b n, b n = a n 1 Ruta (UIUC) CS473 1 Spring 2018 1 / 41 CS 473: Algorithms, Spring 2018 Dynamic

More information

Notes on Finite Automata

Notes on Finite Automata Notes on Finite Automata Turing machines are widely considered to be the abstract proptotype of digital computers; workers in the field, however, have felt more and more that the notion of a Turing machine

More information

Complexity and NP-completeness

Complexity and NP-completeness Lecture 17 Complexity and NP-completeness Supplemental reading in CLRS: Chapter 34 As an engineer or computer scientist, it is important not only to be able to solve problems, but also to know which problems

More information

COMPRESSED STATE SPACE REPRESENTATIONS - BINARY DECISION DIAGRAMS

COMPRESSED STATE SPACE REPRESENTATIONS - BINARY DECISION DIAGRAMS QUALITATIVE ANALYIS METHODS, OVERVIEW NET REDUCTION STRUCTURAL PROPERTIES COMPRESSED STATE SPACE REPRESENTATIONS - BINARY DECISION DIAGRAMS LINEAR PROGRAMMING place / transition invariants state equation

More information

Proofs, Strings, and Finite Automata. CS154 Chris Pollett Feb 5, 2007.

Proofs, Strings, and Finite Automata. CS154 Chris Pollett Feb 5, 2007. Proofs, Strings, and Finite Automata CS154 Chris Pollett Feb 5, 2007. Outline Proofs and Proof Strategies Strings Finding proofs Example: For every graph G, the sum of the degrees of all the nodes in G

More information

Course Runtime Verification

Course Runtime Verification Course Martin Leucker (ISP) Volker Stolz (Høgskolen i Bergen, NO) INF5140 / V17 Chapters of the Course Chapter 1 Recall in More Depth Chapter 2 Specification Languages on Words Chapter 3 LTL on Finite

More information

Synthesis weakness of standard approach. Rational Synthesis

Synthesis weakness of standard approach. Rational Synthesis 1 Synthesis weakness of standard approach Rational Synthesis 3 Overview Introduction to formal verification Reactive systems Verification Synthesis Introduction to Formal Verification of Reactive Systems

More information

A brief history of model checking. Ken McMillan Cadence Berkeley Labs

A brief history of model checking. Ken McMillan Cadence Berkeley Labs A brief history of model checking Ken McMillan Cadence Berkeley Labs mcmillan@cadence.com Outline Part I -- Introduction to model checking Automatic formal verification of finite-state systems Applications

More information

Lecture 14 - P v.s. NP 1

Lecture 14 - P v.s. NP 1 CME 305: Discrete Mathematics and Algorithms Instructor: Professor Aaron Sidford (sidford@stanford.edu) February 27, 2018 Lecture 14 - P v.s. NP 1 In this lecture we start Unit 3 on NP-hardness and approximation

More information

Chapter 4: Computation tree logic

Chapter 4: Computation tree logic INFOF412 Formal verification of computer systems Chapter 4: Computation tree logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 CTL: a specification

More information

Robust Controller Synthesis in Timed Automata

Robust Controller Synthesis in Timed Automata Robust Controller Synthesis in Timed Automata Ocan Sankur LSV, ENS Cachan & CNRS Joint with Patricia Bouyer, Nicolas Markey, Pierre-Alain Reynier. Ocan Sankur (ENS Cachan) Robust Control in Timed Automata

More information

IC3, PDR, and Friends

IC3, PDR, and Friends IC3, PDR, and Friends Arie Gurfinkel Department of Electrical and Computer Engineering University of Waterloo arie.gurfinkel@uwaterloo.ca Abstract. We describe the IC3/PDR algorithms and their various

More information
2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback