Finite State Model Checking

Similar documents
Computation Tree Logic

Finite state automata

Model checking, verification of CTL. One must verify or expel... doubts, and convert them into the certainty of YES [Thomas Carlyle]

Principles. Model (System Requirements) Answer: Model Checker. Specification (System Property) Yes, if the model satisfies the specification

CTL, the branching-time temporal logic

p,egp AFp EFp ... p,agp

Model Checking with CTL. Presented by Jason Simas

Temporal Logic Model Checking

Symbolic Model Checking

Lecture 16: Computation Tree Logic (CTL)

3. Temporal Logics and Model Checking

A brief history of model checking. Ken McMillan Cadence Berkeley Labs

Model Checking: An Introduction

Verification Using Temporal Logic

Explicit State Model Checking Algorithm for CTL. CSE 814 CTL Explicit-State Model Checking Algorithm

Computation Tree Logic

Comp487/587 - Boolean Formulas

DRAFT - do not circulate

Model Checking I. What are LTL and CTL? dack. and. dreq. and. q0bar

Using BDDs to Decide CTL

What is Temporal Logic? The Basic Paradigm. The Idea of Temporal Logic. Formulas

Verification. Arijit Mondal. Dept. of Computer Science & Engineering Indian Institute of Technology Patna

Model Checking for the -calculus. Paolo Zuliani , Spring 2011

Model Checking I. What are LTL and CTL? dack. and. dreq. and. q0bar

Summary. Computation Tree logic Vs. LTL. CTL at a glance. KM,s =! iff for every path " starting at s KM," =! COMPUTATION TREE LOGIC (CTL)

Overview. overview / 357

ESE601: Hybrid Systems. Introduction to verification

Double Header. Model Checking. Model Checking. Overarching Plan. Take-Home Message. Spoiler Space. Topic: (Generic) Model Checking

Computation Tree Logic

Memoryfull Branching-Time Logic

Guest lecturer: Prof. Mark Reynolds, The University of Western Australia

Finite-State Verification or Model Checking. Finite State Verification (FSV) or Model Checking

Chapter 6: Computation Tree Logic

Topics in Verification AZADEH FARZAN FALL 2017

Model Checking Algorithms

x 2 a mod m. has a solution. Theorem 13.2 (Euler s Criterion). Let p be an odd prime. The congruence x 2 1 mod p,

Computation Tree Logic (CTL)

Periodic scheduling 05/06/

Computation Tree Logic (CTL)

Chapter 4: Computation tree logic

Model checking (III)

CTL Model checking. 1. finite number of processes, each having a finite number of finite-valued variables. Model-Checking

Game Specification in the Trias Politica

CS357: CTL Model Checking (two lectures worth) David Dill

Model checking the basic modalities of CTL with Description Logic

Model for reactive systems/software

On the Chvatál-Complexity of Knapsack Problems

SAT based Abstraction-Refinement using ILP and Machine Learning Techniques

Model Checking. Temporal Logic. Fifth International Symposium in Programming, volume. of concurrent systems in CESAR. In Proceedings of the

Computation Tree Logic (CTL) & Basic Model Checking Algorithms

Thorough Checking Revisited

Model Checking in the Propositional µ-calculus

SMV the Symbolic Model Verifier. Example: the alternating bit protocol. LTL Linear Time temporal Logic

The Logic of Compound Statements. CSE 2353 Discrete Computational Structures Spring 2018

MODEL CHECKING. Arie Gurfinkel

Probabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford

Alternating Time Temporal Logics*

An Introduction To Range Searching

1/25/2018 LINEAR INDEPENDENCE LINEAR INDEPENDENCE LINEAR INDEPENDENCE LINEAR INDEPENDENCE

Temporal & Modal Logic. Acronyms. Contents. Temporal Logic Overview Classification PLTL Syntax Semantics Identities. Concurrency Model Checking

PSPACE-completeness of LTL/CTL model checking

Boolean decision diagrams and SAT-based representations

3-Valued Abstraction-Refinement

A Brief Introduction to Model Checking

Limitations of Algorithm Power

Simplifications to Conservation Equations

Software Verification using Predicate Abstraction and Iterative Refinement: Part 1

Lecture Notes on Model Checking

Introduction to Temporal Logic. The purpose of temporal logics is to specify properties of dynamic systems. These can be either

Learning to Verify Branching Time Properties

Guest lecturer: Mark Reynolds, The University of Western Australia

Model Checking. Boris Feigin March 9, University College London

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

MODEL-CHECKING IN DENSE REAL-TIME SHANT HARUTUNIAN

Introduction. Pedro Cabalar. Department of Computer Science University of Corunna, SPAIN 2013/2014

Symbolic Trajectory Evaluation (STE): Orna Grumberg Technion, Israel

CDH/DDH-Based Encryption. K&L Sections , 11.4.

Approximating min-max k-clustering

Revising Specifications with CTL Properties using Bounded Model Checking

18.312: Algebraic Combinatorics Lionel Levine. Lecture 12

Theorem Proving beyond Deduction

The Euler Phi Function

Crash course Verification of Finite Automata CTL model-checking

NPTEL Phase-II Video course on. Design Verification and Test of. Dr. Santosh Biswas Dr. Jatindra Kumar Deka IIT Guwahati

Lecture 7: Introduction to syntax-based MT

Database Theory VU , SS Complexity of Query Evaluation. Reinhard Pichler

Numerical Linear Algebra

Introduction to Model Checking

FORMAL METHODS LECTURE V: CTL MODEL CHECKING

How Vacuous is Vacuous?

Introduction to Kleene Algebras

Computation Tree Logic

Logic in Automatic Verification

Alan Bundy. Automated Reasoning LTL Model Checking


CTL Model Checking. Wishnu Prasetya.

Automata-Theoretic Model Checking of Reactive Systems

STA 250: Statistics. Notes 7. Bayesian Approach to Statistics. Book chapters: 7.2

Finding Shortest Hamiltonian Path is in P. Abstract

22c:145 Artificial Intelligence

Transcription:

Finite State Model Checking

Finite State Model Checking Finite State Systems System Descrition A Requirement F CTL TOOL No! Debugging Information Yes, Prototyes Executable Code Test sequences Tools: visualstate, SPIN, Statemate, Verilog, Formalcheck,...

From Programs to Networks P1 P1 :: :: while True do do T1 T1 : wait(turn=1) C1 C1 : turn:=0 endwhile P2 P2 :: :: while True do do T2 T2 : wait(turn=0) C2 C2 : turn:=1 endwhile Mutual Exclusion Program

From Network Models to Krike Structures T1 I2 I1 I2 T1 T2 I1 T2 T1 C2 I1 C2 C1 I2 T1 I2 C1 T2 I1 I2 T1 T2 I1 T2

CTL Models = Krike Structures

Comutation Tree Logic, CTL Clarke & Emerson 1980 Syntax

Path s s 1 s 2 s 3... The set of ath starting in s

Formal Semantics ( )

ossible inevitable...... AF...... CTL, Derived Oerators EF............

otentially always always EG......... CTL, Derived Oerators AG...............

Theorem A All oerators are derivable from EX EX f f EG EG f f E[ E[ f f U g ] and boolean connectives [ f U g] E[ gu( f g) ] EG g

Examle 1 2 4,q q 3

Examle EX 1 2 4,q q 3

Examle EX 1 2 4,q q 3

Examle AX 1 2 4,q q 3

Examle AX 1 2 4,q q 3

Examle EG 1 2 4,q q 3

Examle EG 1 2 4,q q 3

Examle AG 1 2 4,q q 3

Examle AG 1 2 4,q q 3

Examle A[ U q ] 1 2 4,q q 3

Examle A[ U q ] 1 2 4,q q 3

Proerties of MUTEX examle? T1 I2 I1 I2 T1 T2 AG (C AG[ EG AG C I1 T2 T 1 C AF(C [ C1] [ A[ C U ( C A[ C U C ]) ] 1 1 I1 C2 2 ) 1 1 )] 1 C1 I2 1 T1 I2 2 HOW to DECIDE IN GENERAL I1 I2 T1 T2 I1 T2 T1 C2 C1 T2

CTL Model Checking Algorithms

Fixoint Characterizations EF EXEF or let A be the set of states satisfying A EX A in fact A is the smallest such set (the least fixoint) EF then

Examle 1 2,q q 3 EF q 4 A q EX A

Fixed oints of monotonic functions Let τ be a function 2 S 2 S Say τ is monotonic when Fixed oint of τ is y such that If τ monotonic, then it has x imlies least fixed oint μy. τ(y) greatest fixed oint νy. τ(y) y τ ( y ) = y τ ( x) τ ( y)

Iteratively comuting fixed oints Suose S is finite The least fixed oint μy. τ(y) is the limit of false τ (false) τ ( τ (false)) L The greatest fixed oint νy. τ(y) is the limit of true τ (true) τ ( τ (true)) L Note, since S is finite, convergence is finite

Examle: EF EF is characterized by EF = μy. ( EX y) Thus, it is the limit of the increasing series...... EX EX( EX )

Examle: EG EG is characterized by EG = ν y. ( EX y) Thus, it is the limit of the decreasing series...... EX( EX ) EX

Examle, continued EF q 1 2,q q 3 EF q = μy. ( q EX y) A A A A 0 1 2 3 = Ø 4 = {2,3} = {1,2,3} = {1,2,3}

Remaining oerators )) (.( ) ( )) (.( ) ( ).( ).( y AX q y U q A y EX q y U q E y AX y AG y AX y AF = = = = μ μ ν μ

Proerties of MUTEX examle? T1 I2 I1 I2 T1 T2 I1 T2 AG[ T1 AF(C AF(C )] I1 C2 1 1 C1 I2 )] T1 I2 I1 I2 T1 T2 I1 T2 T1 C2 C1 T2

({ s s '.( s, s ') R s ' Q } Sat ( φ ))

More Efficient Check EG SCC SCC SCC

Examle EG q,q q

Examle,q EG Reduced Model

Examle EG Non trivial Strongly Connected Comonent

Proerties of MUTEX examle? T1 I2 I1 I2 T1 T2 I1 T2 [ ] EG C 1 I1 C2 C1 I2 T1 I2 I1 I2 T1 T2 I1 T2 T1 C2 C1 T2

Proerties of MUTEX examle? T1 I2 I1 I2 T1 T2 I1 T2 [ ] EG C 1 I1 C2 T1 I2 I1 I2 T1 T2 I1 T2 T1 C2 Reduced Model which are the non-trivial SCC s?

Comlexity However SS sys may sys be beexponential in in number of ofarallel comonents! -- -- FIXPOINT COMPUTATIONS may be becarried out out using ROBDD s (Reduced Ordered Binary Decision Diagrams) Bryant, 86 86

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback