Cyber Physical System Verification with SAL
|
|
- Denis Eaton
- 5 years ago
- Views:
Transcription
1 Cyber Physical System Verification with July 22, 2013 Cyber Physical System Verification with
2 Outline Cyber Physical System Verification with
3 Table of Contents Cyber Physical System Verification with
4 Motivation Cyber Physical Systems (CPS) Systems that interact with the physical world Characterized by a mix of continuous and discrete behavior Often safety-critical Present in industries such as automotive, aerospace, health care, energy, etc. Formal Verification Dramatic improvement over the years Real-world systems have been verified Model-checkers require less user interaction Requires formal semantics of the system Cyber Physical System Verification with
5 Table of Contents Quartz Cyber Physical System Verification with
6 Quartz Framework for specification, verification and implementation of reactive systems Synchronous programming language Quartz Intermediate Format (AIF) Can be translated to C, Verilog, SystemC and others Cyber Physical System Verification with
7 Design Flow Quartz Cyber Physical System Verification with
8 Quartz Quartz Imperative Synchronous Language Program represented as a series of steps Paradigm of perfect synchrony Synchronous MoC For each step: Reads all the inputs I Computes all the outputs O for the present state Updates internal state S for the next step Hence: S I S O Cyber Physical System Verification with
9 Perfect Synchrony Quartz Macro steps are separated by the command pause All statements in a micro step execute in zero time Concurrent threads run in lockstep Immediate assignment x = 1; pause; y = x; x = 2; pause; Delayed assignment x = 1; next(x) = 2; pause; y = x; pause; Cyber Physical System Verification with
10 Variable Declarations Quartz Data types Integers, booleans, natural numbers, arrays, tuples, bitvectors and more. Information flow Variables can be classified as input, output or inout. Storage type Event and memorized variables. Cyber Physical System Verification with
11 Synchronous Guarded Actions Quartz Quartz programs are compiled to a set of guarded actions Guarded actions are pairs of the form (γ, C) Boolean guard γ Atomic commands C All enabled guarded actions executed in parallel Can be easily translated to transition systems Cyber Physical System Verification with
12 ABRO Quartz Example module ABRO(event?a,?b,?r,!o){ loop abort { {wa: await(a) wb: await(b);} emit(o); wr: await(r); } when(r); } satisfies { property1 : assert A G (o -> a b); property2 : assert A G (o -> X!o); } Cyber Physical System Verification with
13 Table of Contents Cyber Physical System Verification with
14 Symbolic Analysis Laboratory () Framework for performing abstraction, program analysis, theorem proving and model checking Intermediate language for specification of transition systems Philosophy: One language, many tools Cyber Physical System Verification with
15 language The language was constructed based on the following principles: Generality Minimality Semantic Regularity Language Modularity Compositionality Cyber Physical System Verification with
16 language Context: Defines new types, modules, and assertions Module: Defines inputs, outputs, locals, globals, transitions, etc Transitions: Defined either via definitions or guarded commands Composition: Modules can be composed asynchronously or synchronously M 1 M 1 M 1 []M 2 Cyber Physical System Verification with
17 Types Finite types: booleans, finite arrays, records, tuples, finite ranges on Z Infinite type: naturals (N), integers (Z) Cyber Physical System Verification with
18 Transitions Definitions x = expression x = expression Guarded Command Let γ be a be a boolean guard and D a set of definitions: γ D Where D is of the form x = expression Non-determinism If more than one transition can be chosen at the same time, one of them is chosen non-deterministically! Cyber Physical System Verification with
19 Property Specification Language Defined by the keyword THEOREM Supports LTL and a subset of CTL Typical Operators G(p): states that p is always true. F(p): states that p will be eventually true. U(p,q): states that p holds until a state is reached where q holds. X(p): states that p is true in the next state. Past Operators Past temporal operators are not supported. Cyber Physical System Verification with
20 Property Specification Language Further Operators AG(p): states that p is globally true. EG(p): states that there is a path where p is continuously true. AF(p): states that for all paths p is eventually true. EF(p): states that there is a path where p is eventually true. AU(p,q): states that in all paths p holds until a state is reached where q holds. EU(p,q): states that there is a path where p holds until a state is reached where q holds. AX(p): states that p holds in all successor states. EX(p): states that there is a successor state where p holds. Cyber Physical System Verification with
21 Example Properties Example 1 th1 : THEOREM main - AG( request => AF( state = busy )); Example 2 th2 : THEOREM main - G( request => F( state = busy )); Example 3 th3 : THEOREM main - ltllib! responds_to ( state = busy, request ); Cyber Physical System Verification with
22 Transitions as definitions Example 1 short : CONTEXT = BEGIN State : TYPE = { ready, busy }; main : MODULE = BEGIN INPUT request : BOOLEAN OUTPUT state : State INITIALIZATION state = ready TRANSITION state IN IF ( state = ready ) AND request THEN { busy } ELSE { ready, busy } ENDIF END ; END Cyber Physical System Verification with
23 Transitions as guarded commands Example 2 meter : CONTEXT = BEGIN m : MODULE = BEGIN INPUT temp : INTEGER LOCAL high : BOOLEAN, ctr : NATURAL OUTPUT danger : BOOLEAN DEFINITION high = temp > 100 INITIALIZATION ctr = 0; danger = FALSE TRANSITION [ ctr > 3 --> danger = danger OR high [] ctr <= 3 AND high --> ctr = ctr + 1 [] ELSE --> ctr = 0 ] END ; END thm1 : THEOREM main - G ( high => F( danger )) Cyber Physical System Verification with
24 Tools sal-wfc: Well-formedness Checker sal-deadlock-checker: Deadlock Checker sal-smc: Symbolic Model Checker sal-bmc: Bounded Model Checker sal-inf-bmc: Infinite Bounded Model Checker sal-path-finder: Random trace generator sal-sim: Simulator (front end) Cyber Physical System Verification with
25 Table of Contents Cyber Physical System Verification with
26 Translating Quartz to Issues: Storage type (reaction to absence) Immediate and delayed assignments Non-determinism in transitions Representing macro steps Cyber Physical System Verification with
27 Handling event variables EX01 : CONTEXT = BEGIN main : MODULE = BEGIN... TRANSITION [... --> ev0 = true ; [] ELSE --> ev0 = false; ] END ; END Cyber Physical System Verification with
28 Immediate and delayed assignments... TRANSITION gcimm: [ a and b --> o = true ; ] gcnxt: [ a and b --> o = true ; ]... Cyber Physical System Verification with
29 Conflicting guarded commands EX02 : CONTEXT = BEGIN main : MODULE = BEGIN... TRANSITION [ st --> wa = true ; [] st --> wb = true ;... ] END ; END property : THEOREM main - AG ( o => a b); Cyber Physical System Verification with
30 Solution to conflicting guarded commands EX02 : CONTEXT = BEGIN main : MODULE = BEGIN... TRANSITION [ en0 & st --> wa = true ; en0 = false; en1 = true; [] en1 & st --> wb = true ; en1 = false; endstep = true;... ] END ; END property : THEOREM main - endstep => AG ( o => a b); Cyber Physical System Verification with
31 Proposed approach Create a new module representing each label and output The newly created module has all labels and inputs as input (except itself) The newly created module has a single output, namely the variable itself Synchronous composition of all the generated modules Cyber Physical System Verification with
32 output wam : MODULE = BEGIN INPUT a, b, r, st, wb, wr : BOOLEAN OUTPUT wa : BOOLEAN INITIALIZATION wa = FALSE ; TRANSITION [ st --> wa = TRUE ; [] ( NOT (r) AND wa AND NOT (a)) OR (r AND wr) OR (r AND (wr OR wa OR wb)) --> wa = TRUE ; [] ELSE --> wa = FALSE ; ] END ; Guarded action!r&!r&wa &!a r&wr r&( wr wa wb) => next (wa) = True Cyber Physical System Verification with
33 output BEGIN stm : MODULE =... wam : MODULE =... wam : MODULE =... wrm : MODULE =... om : MODULE =... main : MODULE = stm wam wbm wrm om; END Cyber Physical System Verification with
34 Table of Contents Cyber Physical System Verification with
35 The ABRO program was successfully translated and verified with the proposed approach Automatic translation is possible Quartz guarded commands are simple but powerful provides a very complete environment for specification, verification and analysis qrz2sal? Cyber Physical System Verification with
Using Different Representations of Synchronous Systems in SAL
Using Different Representations of Synchronous Systems in SAL Manuel Gesell, Felipe Bichued, and Klaus Schneider TU Kaiserslautern gesell@cs.uni-kl.de bichued@rhrk.uni-kl.de schneider@cs.uni-kl.de Abstract
More informationTemporal Refinement Using SMT and Model Checking with an Application to Physical-Layer Protocols
Temporal Refinement Using SMT and Model Checking with an Application to Physical-Layer Protocols Lee Pike (Presenting), Galois, Inc. leepike@galois.com Geoffrey M. Brown, Indiana University geobrown@cs.indiana.edu
More informationOverview of SRI s. Lee Pike. June 3, 2005 Overview of SRI s. Symbolic Analysis Laboratory (SAL) Lee Pike
June 3, 2005 lee.s.pike@nasa.gov Model-Checking 101 Model-checking is a way automatically to verify hardware or software. For a property P, A Model-checking program checks to ensure that every state on
More informationCS 267: Automated Verification. Lecture 13: Bounded Model Checking. Instructor: Tevfik Bultan
CS 267: Automated Verification Lecture 13: Bounded Model Checking Instructor: Tevfik Bultan Remember Symbolic Model Checking Represent sets of states and the transition relation as Boolean logic formulas
More informationSystem Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements
System Correctness EEC 421/521: Software Engineering A Whirlwind Intro to Software Model Checking A system is correct when it meets its requirements a design without requirements cannot be right or wrong,
More informationDistributed Systems Programming (F21DS1) Formal Verification
Distributed Systems Programming (F21DS1) Formal Verification Andrew Ireland Department of Computer Science School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Overview Focus on
More informationClock refinement in imperative synchronous languages
Gemünde et al. EURASIP Journal on Embedded Systems 2013, 2013:3 REVIEW OpenAccess Clock refinement in imperative synchronous languages Mike Gemünde *, Jens Brandt and Klaus Schneider Abstract The synchronous
More informationSynchronous Statecharts. Christian Motika
Execution (KlePto) Esterel to transformation (KIES) Synchronous Statecharts for executing Esterel with Ptolemy Christian Motika Real-Time Systems and Embedded Systems Group Department of Computer Science
More informationPromela and SPIN. Mads Dam Dept. Microelectronics and Information Technology Royal Institute of Technology, KTH. Promela and SPIN
Promela and SPIN Mads Dam Dept. Microelectronics and Information Technology Royal Institute of Technology, KTH Promela and SPIN Promela (Protocol Meta Language): Language for modelling discrete, event-driven
More informationReinhard v. Hanxleden 1, Michael Mendler 2, J. Aguado 2, Björn Duderstadt 1, Insa Fuhrmann 1, Christian Motika 1, Stephen Mercer 3 and Owen Brian 3
Sequentially Constructive Concurrency * A conservative extension of the Synchronous Model of Computation Reinhard v. Hanxleden, Michael Mendler 2, J. Aguado 2, Björn Duderstadt, Insa Fuhrmann, Christian
More informationCyber Physical System Verification Seminar: Event-B
Cyber Physical System Verification Seminar: Event-B Sebastian Schumb University of Kaiserslautern Embedded Systems Group s schumb10@cs.uni-kl.de 1 Introduction A Cyber-physical systems is a system of computer
More informationFormal Methods in Software Engineering. Lecture 07
Formal Methods in Software Engineering Lecture 07 What is Temporal Logic? Objective: We describe temporal aspects of formal methods to model and specify concurrent systems and verify their correctness
More informationModel checking pushdown systems
Model checking pushdown systems R. Ramanujam Institute of Mathematical Sciences, Chennai jam@imsc.res.in Update Meeting, IIT-Guwahati, 4 July 2006 p. 1 Sources of unboundedness Data manipulation: integers,
More informationSeparate Translation of Synchronous Programs to Guarded Actions
Separate Translation of Synchronous Programs to Guarded Actions Jens Brandt and Klaus Schneider Embedded Systems Group Department of Computer Science University of Kaiserslautern http://es.cs.uni-kl.de
More informationProgramming Embedded Systems
Programming Embedded Systems Lecture 10 An introduction to Lustre Wednesday Feb 15, 2012 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/34 Course topic: programming lang. Which language to
More informationComputer Lab 1: Model Checking and Logic Synthesis using Spin (lab)
Computer Lab 1: Model Checking and Logic Synthesis using Spin (lab) Richard M. Murray Nok Wongpiromsarn Ufuk Topcu Calornia Institute of Technology AFRL, 25 April 2012 Outline Spin model checker: modeling
More informationAn Introduction to Lustre
An Introduction to Lustre Monday Oct 06, 2014 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/35 ES Programming languages Which language to write embedded software in? Traditional: low-level
More informationTo be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 COPYRIGHT 2011 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
To be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 Introduction SDN research directions as outlined in IRTF RG outlines i) need for more flexibility and programmability
More informationThe SPIN Model Checker
The SPIN Model Checker Metodi di Verifica del Software Andrea Corradini Lezione 1 2013 Slides liberamente adattate da Logic Model Checking, per gentile concessione di Gerard J. Holzmann http://spinroot.com/spin/doc/course/
More informationBy: Chaitanya Settaluri Devendra Kalia
By: Chaitanya Settaluri Devendra Kalia What is an embedded system? An embedded system Uses a controller to perform some function Is not perceived as a computer Software is used for features and flexibility
More informationFormal Specification and Verification
Formal Specification and Verification Introduction to Promela Bernhard Beckert Based on a lecture by Wolfgang Ahrendt and Reiner Hähnle at Chalmers University, Göteborg Formal Specification and Verification:
More informationNuSMV Hands-on introduction
NuSMV Hands-on introduction F. Mallet fmallet@unice.fr Université Nice Sophia Antipolis NuSMV 1 was an extension of SMV NuSMV 2 SMV : first BDD-based symbolic model-checker [McMillan, 90] NuSMV 2 Combines
More informationVerification Condition Generation for Hybrid Systems described by Synchronous Languages
UNIVERSITY OF KAISERSLAUTERN Verification Condition Generation for Hybrid Systems described by Synchronous Languages by Marcel Heer A thesis submitted in partial fulfillment for the degree of Master of
More informationDesign and Analysis of Distributed Interacting Systems
Design and Analysis of Distributed Interacting Systems Lecture 5 Linear Temporal Logic (cont.) Prof. Dr. Joel Greenyer May 2, 2013 (Last Time:) LTL Semantics (Informally) LTL Formulae are interpreted on
More informationINF672 Protocol Safety and Verification. Karthik Bhargavan Xavier Rival Thomas Clausen
INF672 Protocol Safety and Verication Karthik Bhargavan Xavier Rival Thomas Clausen 1 Course Outline Lecture 1 [Today, Sep 15] Introduction, Motivating Examples Lectures 2-4 [Sep 22,29, Oct 6] Network
More informationSoftware Model Checking: Theory and Practice
Software Model Checking: Theory and Practice Lecture: Specification Checking - Specification Patterns Copyright 2004, Matt Dwyer, John Hatcliff, and Robby. The syllabus and all lectures for this course
More informationSoftware Engineering using Formal Methods
Software Engineering using Formal Methods Introduction to Promela Wolfgang Ahrendt & Richard Bubel & Reiner Hähnle & Wojciech Mostowski 31 August 2011 SEFM: Promela /GU 110831 1 / 35 Towards Model Checking
More informationHow Different are Esterel and SystemC?
How Different are Esterel and SystemC? Jens Brandt and Klaus Schneider Reactive Systems Group Department of Computer Science University of Kaiserslautern http://rsg.informatik.uni-kl.de Abstract In this
More informationResearch Collection. Formal background and algorithms. Other Conference Item. ETH Library. Author(s): Biere, Armin. Publication Date: 2001
Research Collection Other Conference Item Formal background and algorithms Author(s): Biere, Armin Publication Date: 2001 Permanent Link: https://doi.org/10.3929/ethz-a-004239730 Rights / License: In Copyright
More informationCSC410 Tutorial. An Introduction to NuSMV. Yi Li Nov 6, 2017
CSC410 Tutorial An Introduction to NuSMV Yi Li Nov 6, 2017 An Overview of NuSMV NuSMV is a symbolic model checker developed by FBK-IRST Uses a structured language to model finite-state systems Allows to
More informationCSC2108: Automated Verification Assignment 1 - Solutions
8 CSC218: Automated Verification Assignment 1 - Solutions 1. Solve the following problem: Use the definition of between states and CTL formulas to explain why means that is true infinitely often along
More information4/6/2011. Model Checking. Encoding test specifications. Model Checking. Encoding test specifications. Model Checking CS 4271
Mel Checking LTL Property System Mel Mel Checking CS 4271 Mel Checking OR Abhik Roychoudhury http://www.comp.nus.edu.sg/~abhik Yes No, with Counter-example trace 2 Recap: Mel Checking for mel-based testing
More informationA Verification Approach for GALS Integration of Synchronous Components
GALS 2005 Preliminary Version A Verification Approach for GALS Integration of Synchronous Components F. Doucet, M. Menarini, I. H. Krüger and R. Gupta 1 Computer Science and Engineering University of California,
More informationCopyright 2008 CS655 System Modeling and Analysis. Korea Advanced Institute of Science and Technology
The Spin Model Checker : Part I Copyright 2008 CS655 System Korea Advanced Institute of Science and Technology System Spec. In Promela Req. Spec. In LTL Overview of the Spin Architecture Spin Model pan.c
More informationA Simple Tutorial on NuSMV
NuSMV-tutorial 1 A Simple Tutorial on NuSMV Chenyi Zhang March 28, 2007 For a comprehensive tutorial, please visit the site http://nusmv.irst.itc.it/ NuSMV-tutorial 2 Introduction History SMV is the first
More informationSoftware Engineering using Formal Methods
Software Engineering using Formal Methods Introduction to Promela Wolfgang Ahrendt 03 September 2015 SEFM: Promela /GU 150903 1 / 36 Towards Model Checking System Model Promela Program byte n = 0; active
More informationThe Spin Model Checker : Part I/II
The Spin Model Checker : Part I/II Moonzoo Kim CS Dept. KAIST Korea Advanced Institute of Science and Technology Motivation: Tragic Accidents Caused by SW Bugs 2 Cost of Software Errors June 2002 Software
More informationProperty-based design with HORUS / SYNTHORUS
Property-based design with HORUS / SYNTHORUS Dominique Borrione, Negin Javaheri, Katell Morin-Allory, Yann Oddos, Alexandre Porcher Radboud University, Nijmegen 1 March 27, 2013 Functional specifications
More informationApplication: Programming Language Semantics
Chapter 8 Application: Programming Language Semantics Prof. Dr. K. Madlener: Specification and Verification in Higher Order Logic 527 Introduction to Programming Language Semantics Programming Language
More informationCover Page. The handle holds various files of this Leiden University dissertation
Cover Page The handle http://hdl.handle.net/1887/22891 holds various files of this Leiden University dissertation Author: Gouw, Stijn de Title: Combining monitoring with run-time assertion checking Issue
More informationFinite State Verification. CSCE Lecture 14-02/25/2016
Finite State Verification CSCE 747 - Lecture 14-02/25/2016 So, You Want to Perform Verification... You have a property that you want your program to obey. Great! Let s write some tests! Does testing guarantee
More informationCIS 1.5 Course Objectives. a. Understand the concept of a program (i.e., a computer following a series of instructions)
By the end of this course, students should CIS 1.5 Course Objectives a. Understand the concept of a program (i.e., a computer following a series of instructions) b. Understand the concept of a variable
More informationOverview. Discrete Event Systems - Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?
Computer Engineering and Networks Overview Discrete Event Systems - Verification of Finite Automata Lothar Thiele Introduction Binary Decision Diagrams Representation of Boolean Functions Comparing two
More informationTranslating AADL into BIP Application to the Verification of Real time Systems
Toulouse, France (in conjunction with MODELS 2008) 1st International Workshop on Model Based Architecting and Construction of Embedded Systems (ACESMB 2008) Translating AADL into BIP Application to the
More informationMonitoring Interfaces for Faults
Monitoring Interfaces for Faults Aleksandr Zaks RV 05 - Fifth Workshop on Runtime Verification Joint work with: Amir Pnueli, Lenore Zuck Motivation Motivation Consider two components interacting with each
More informationECE 587 Hardware/Software Co-Design Lecture 12 Verification II, System Modeling
ECE 587 Hardware/Software Co-Design Spring 2018 1/20 ECE 587 Hardware/Software Co-Design Lecture 12 Verification II, System Modeling Professor Jia Wang Department of Electrical and Computer Engineering
More informationModel checking Timber program. Paweł Pietrzak
Model checking Timber program Paweł Pietrzak 1 Outline Background on model checking (spam?) The SPIN model checker An exercise in SPIN - model checking Timber Deriving finite models from Timber programs
More informationSeminar Software Quality and Safety
Seminar Software Quality and Safety SCADE a model-driven Software Development Environment by Dominik Protte Software Engineering Group Universität Paderborn Motivation Many safety-critical components in
More informationNuSMV 2.2 Tutorial. Roberto Cavada, Alessandro Cimatti, Gavin Keighren, Emanuele Olivetti, Marco Pistore and Marco Roveri
NuSMV 2.2 Tutorial Roberto Cavada, Alessandro Cimatti, Gavin Keighren, Emanuele Olivetti, Marco Pistore and Marco Roveri IRST - Via Sommarive 18, 38055 Povo (Trento) Italy Email: nusmv@irst.itc.it Contents
More informationFinite State Verification. CSCE Lecture 21-03/28/2017
Finite State Verification CSCE 747 - Lecture 21-03/28/2017 So, You Want to Perform Verification... You have a property that you want your program to obey. Great! Let s write some tests! Does testing guarantee
More informationSEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION
CHAPTER 5 SEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION Alessandro Artale UniBZ - http://www.inf.unibz.it/ artale/ SECTION 5.5 Application: Correctness of Algorithms Copyright Cengage Learning. All
More informationM. De Wulf, L. Doyen,J.-F. Raskin Université Libre de Bruxelles Centre Fédéré en Vérification
Systematic Implementation of Real-Time Models M. De Wulf, L. Doyen,J.-F. Raskin Université Libre de Bruxelles Centre Fédéré en Vérification Model-based Development for Controllers Make a model of the environment
More informationSérgio Campos, Edmund Clarke
Sérgio Campos, Edmund 1 / 23 Model checking is a technique that relies on building a finite model of a system and checking that a desired property holds in that model. The check is performed by an exhaustive
More informationEE382N.23: Embedded System Design and Modeling
EE382N.23: Embedded System Design and Modeling Lecture 3 Language Semantics Andreas Gerstlauer Electrical and Computer Engineering University of Texas at Austin gerstl@ece.utexas.edu Lecture 3: Outline
More informationReasoning About Imperative Programs. COS 441 Slides 10
Reasoning About Imperative Programs COS 441 Slides 10 The last few weeks Agenda reasoning about functional programming It s very simple and very uniform: substitution of equal expressions for equal expressions
More informationSymbolic Trajectory Evaluation - A Survey
Automated Verification Symbolic Trajectory Evaluation - A Survey by Mihaela Gheorghiu Department of Computer Science University of Toronto Instructor: Prof. Marsha Chechik January 3, 24 Motivation Simulation
More informationTool demonstration: Spin
Tool demonstration: Spin 1 Spin Spin is a model checker which implements the LTL model-checking procedure described previously (and much more besides). Developed by Gerard Holzmann of Bell Labs Has won
More informationFormal Verification by Model Checking
Formal Verication by Model Checking Jonathan Aldrich Carnegie Mellon University Based on slides developed by Natasha Sharygina 17-654/17-754: Analysis of Software Artacts Spring 2006 1 CTL Model Checking
More informationThe UPPAAL Model Checker. Julián Proenza Systems, Robotics and Vision Group. UIB. SPAIN
The UPPAAL Model Checker Julián Proenza Systems, Robotics and Vision Group. UIB. SPAIN The aim of this presentation Introduce the basic concepts of model checking from a practical perspective Describe
More informationResource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems
Resource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems Insup Lee 1, Oleg Sokolsky 1, Anna Philippou 2 1 RTG (Real-Time Systems Group) Department of
More informationApplications of Formal Verification
Applications of Formal Verification Model Checking: Introduction to PROMELA Bernhard Beckert Mattias Ulbrich SS 2017 KIT INSTITUT FÜR THEORETISCHE INFORMATIK KIT University of the State of Baden-Württemberg
More informationDistributed Systems Programming (F21DS1) SPIN: Formal Analysis II
Distributed Systems Programming (F21DS1) SPIN: Formal Analysis II Andrew Ireland Department of Computer Science School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Overview Introduce
More informationFormal Analysis and Verification of a Communication Protocol
Proceedings of the 5th WSEAS Int. Conference on Information Security and Privacy, Venice, Italy, November 20-22, 2006 103 Formal Analysis and Verification of a Communication Protocol XIN BEN LI, DE CHAO
More informationWritten Presentation: JoCaml, a Language for Concurrent Distributed and Mobile Programming
Written Presentation: JoCaml, a Language for Concurrent Distributed and Mobile Programming Nicolas Bettenburg 1 Universitaet des Saarlandes, D-66041 Saarbruecken, nicbet@studcs.uni-sb.de Abstract. As traditional
More informationFormal Verification: Practical Exercise Model Checking with NuSMV
Formal Verification: Practical Exercise Model Checking with NuSMV Jacques Fleuriot Daniel Raggi Semester 2, 2017 This is the first non-assessed practical exercise for the Formal Verification course. You
More informationCOMP 763. Eugene Syriani. Ph.D. Student in the Modelling, Simulation and Design Lab School of Computer Science. McGill University
Eugene Syriani Ph.D. Student in the Modelling, Simulation and Design Lab School of Computer Science McGill University 1 OVERVIEW In the context In Theory: Timed Automata The language: Definitions and Semantics
More informationXuandong Li. BACH: Path-oriented Reachability Checker of Linear Hybrid Automata
BACH: Path-oriented Reachability Checker of Linear Hybrid Automata Xuandong Li Department of Computer Science and Technology, Nanjing University, P.R.China Outline Preliminary Knowledge Path-oriented Reachability
More informationParameterized Verification of Deadlock Freedom in Symmetric Cache Coherence Protocols
Parameterized Verification of Deadlock Freedom in Symmetric Cache Coherence Protocols Brad Bingham 1 Jesse Bingham 2 Mark Greenstreet 1 1 University of British Columbia, Canada 2 Intel Corporation, U.S.A.
More informationPrinciples of Real-Time Programming
Principles of Real-Time Programming Christoph M. Kirsch Department of Electrical Engineering and Computer Sciences University of California, Berkeley cm@eecs.berkeley.edu Abstract. Real-time programming
More informationIntroduction to Linear-Time Temporal Logic. CSE 814 Introduction to LTL
Introduction to Linear-Time Temporal Logic CSE 814 Introduction to LTL 1 Outline Motivation for TL in general Types of properties to be expressed in TL Structures on which LTL formulas are evaluated Syntax
More informationLecture1: Symbolic Model Checking with BDDs. Edmund M. Clarke, Jr. Computer Science Department Carnegie Mellon University Pittsburgh, PA 15213
Lecture: Symbolic Model Checking with BDDs Edmund M Clarke, Jr Computer Science Department Carnegie Mellon University Pittsburgh, PA 523 Temporal Logic Model Checking Specification Language: A propositional
More informationApplications of Formal Verification
Applications of Formal Verification Model Checking: Introduction to PROMELA Prof. Dr. Bernhard Beckert Dr. Vladimir Klebanov SS 2010 KIT INSTITUT FÜR THEORETISCHE INFORMATIK KIT University of the State
More informationApplications of Formal Verification
Applications of Formal Verification Model Checking: Introduction to PROMELA Prof. Dr. Bernhard Beckert Dr. Vladimir Klebanov SS 2012 KIT INSTITUT FÜR THEORETISCHE INFORMATIK KIT University of the State
More informationSpecifying circuit properties in PSL. (Some of this material is due to Cindy Eisner and Dana Fisman, with thanks) See also the Jasper PSL Quick Ref.
Specifying circuit properties in PSL (Some of this material is due to Cindy Eisner and Dana Fisman, with thanks) See also the Jasper PSL Quick Ref. Background: Model Checking property G(p -> F q) yes MC
More informationLecture 6. Abstract Interpretation
Lecture 6. Abstract Interpretation Wei Le 2014.10 Outline Motivation History What it is: an intuitive understanding An example Steps of abstract interpretation Galois connection Narrowing and Widening
More informationThe alternator. Mohamed G. Gouda F. Furman Haddix
Distrib. Comput. (2007) 20:21 28 DOI 10.1007/s00446-007-0033-1 The alternator Mohamed G. Gouda F. Furman Haddix Received: 28 August 1999 / Accepted: 5 July 2000 / Published online: 12 June 2007 Springer-Verlag
More informationAction Language Verifier, Extended
Action Language Verifier, Extended Tuba Yavuz-Kahveci 1, Constantinos Bartzis 2, and Tevfik Bultan 3 1 University of Florida 2 Carnegie Mellon University 3 UC, Santa Barbara 1 Introduction Action Language
More informationProving liveness. Alexey Gotsman IMDEA Software Institute
Proving liveness Alexey Gotsman IMDEA Software Institute Safety properties Ensure bad things don t happen: - the program will not commit a memory safety fault - it will not release a lock it does not hold
More informationAn Introduction to UPPAAL. Purandar Bhaduri Dept. of CSE IIT Guwahati
An Introduction to UPPAAL Purandar Bhaduri Dept. of CSE IIT Guwahati Email: pbhaduri@iitg.ernet.in OUTLINE Introduction Timed Automata UPPAAL Example: Train Gate Example: Task Scheduling Introduction UPPAAL:
More informationModel Checking. Automatic Verification Model Checking. Process A Process B. when not possible (not AI).
Sérgio Campos scampos@dcc.ufmg.br Why? Imagine the implementation of a complex hardware or software system: A 100K gate ASIC perhaps 100 concurrent modules; A flight control system dozens of concurrent
More informationIntroduction to NuSMV
Introduction to NuSMV p. 1/26 Introduction to NuSMV Hao Zheng zheng@cse.usf.edu Computer Science and Engineering University of South Florida Introduction to NuSMV p. 2/26 NuSMV NuSMV is a symbolic model
More informationMore on Verification and Model Checking
More on Verification and Model Checking Wednesday Oct 07, 2015 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/60 Course fair! 2/60 Exam st October 21, 8:00 13:00 If you want to participate,
More informationOpenVera Assertions. March Synopsys, Inc.
OpenVera Assertions March 2003 2003 Synopsys, Inc. Introduction The amount of time and manpower that is invested in finding and removing bugs is growing faster than the investment in creating the design.
More informationModeling a Cache Coherence Protocol with the Guarded Action Language
Modeling a Cache Coherence Protocol with the Guarded Action Language Quentin Meunier, Yann Thierry-Mieg, Emmanuelle Encrenaz Laboratoire d Informatique de Paris 6, Sorbonne Université, Paris. The TeraScale
More informationOperational Semantics. One-Slide Summary. Lecture Outline
Operational Semantics #1 One-Slide Summary Operational semantics are a precise way of specifying how to evaluate a program. A formal semantics tells you what each expression means. Meaning depends on context:
More informationStateClock: a Tool for Timed Reactive Modules
StateClock: a Tool for Timed Reactive Modules Jonathan S. Ostroff Department Of Computer Science, York University, Toronto, Canada, M3J 1P3. Email: jonathan@yorku.ca Abstract: We provide an overview of
More informationAutomated Reasoning Lecture 3: The NuSMV Model Checker
Automated Reasoning Lecture 3: The NuSMV Model Checker Jacques Fleuriot jdf@inf.ed.ac.uk Recap Previously: Model Checking Introduction Linear Temporal Logic This time: An implementation of LTL Model Checking
More informationFormal Methods for Software Development
Formal Methods for Software Development Model Checking with Temporal Logic Wolfgang Ahrendt 21st September 2018 FMSD: Model Checking with Temporal Logic /GU 180921 1 / 37 Model Checking Check whether a
More informationChecking the Realizability of BPMN 2.0 Choreographies
Checking the Realizability of PMN 2.0 Choreographies Gwen Salaün Grenoble INP, INRI, France joint work with Pascal Poizat LRI, University of Evry, France 1 Realizability of Choreographies Interactions
More informationDesign and Implementation of an Abstract Interpreter for VHDL
Design and Implementation of an Abstract Interpreter for VHDL STIX, Charles Hymans École Polytechnique, 91128 Palaiseau, France charles.hymans@polytechnique.fr Abstract. We describe the design by abstract
More informationPrincipia lingua SystemJ
The Department of Electrical & Computer Engineering The University of Auckland New Zealand Principia lingua SystemJ Avinash Malik January 2010 Supervisor: Co-Supervisor: Prof. Zoran Salcic Dr. Partha S.
More informationDouble Header. Two Lectures. Flying Boxes. Some Key Players: Model Checking Software Model Checking SLAM and BLAST
Model Checking #1 Double Header Two Lectures Model Checking Software Model Checking SLAM and BLAST Flying Boxes It is traditional to describe this stuff (especially SLAM and BLAST) with high-gloss animation
More informationModeling Asynchronous Circuits in ACL2 Using the Link-Joint Interface
Modeling Asynchronous Circuits in ACL2 Using the Link-Joint Interface Cuong Chau ckcuong@cs.utexas.edu Department of Computer Science The University of Texas at Austin April 19, 2016 Cuong Chau (UT Austin)
More informationCompilation of Imperative Synchronous Programs with Refined Clocks
Compilation of Imperative Synchronous Programs with Refined Clocks Mike Gemünde, Jens Brandt and Klaus Schneider Embedded Systems Group Department of Computer Science University of Kaiserslautern, Germany
More informationFormal Analysis of the ACE Specification for Cache Coherent Systems-On-Chip
Formal Analysis of the ACE Specification for Cache Coherent Systems-On-Chip Abderahman KRIOUILE PhD student, STMicroelectronics Inria Rhône-Alpes LIG Wendelin SERWE Research scientist, Inria Rhône-Alpes
More informationComplete Instantiation of Quantified Formulas in Satisfiability Modulo Theories. ACSys Seminar
Complete Instantiation of Quantified Formulas in Satisfiability Modulo Theories Yeting Ge Leonardo de Moura ACSys Seminar 2008.12 Motivation SMT solvers have been successful Quantified smt formulas are
More informationLecture 2. The SCADE Language Data Flow Kernel. Daniel Kästner AbsInt GmbH 2012
Lecture 2 The SCADE Language Data Flow Kernel Daniel Kästner AbsInt GmbH 2012 2 Synchronous Programming Two simple ways of implementing reactive systems: Event-driven Foreach input_event
More informationVerification Finite-state process modeling and reachability analysis
Verification Finite-state process modeling and reachability analysis Topics: Finite-state process modeling Verification through interactive simulation Concurrent composition of processes Verification through
More informationComposition of State Machines
Chapter 5 Composition of State Machines Hongwei Zhang http://www.cs.wayne.edu/~hzhang/ Ack.: this lecture is prepared in part based on slides of Lee, Sangiovanni-Vincentelli, Seshia. Outline Concurrent
More informationModel-based Analysis of Event-driven Distributed Real-time Embedded Systems
Model-based Analysis of Event-driven Distributed Real-time Embedded Systems Gabor Madl Committee Chancellor s Professor Nikil Dutt (Chair) Professor Tony Givargis Professor Ian Harris University of California,
More information