# Symbolic Model Checking Revision Slides Dr. Eng. Amr T. Abdel-Hamid NETW 703 Winter 2012 Network Protocols Slides based on slides of: Jim Kurose, Keith.

## Presentation on theme: "Symbolic Model Checking Revision Slides Dr. Eng. Amr T. Abdel-Hamid NETW 703 Winter 2012 Network Protocols Slides based on slides of: Jim Kurose, Keith."— Presentation transcript:

Symbolic Model Checking Revision Slides Dr. Eng. Amr T. Abdel-Hamid NETW 703 Winter 2012 Network Protocols Slides based on slides of: Jim Kurose, Keith Ross, “Computer Networking: A Top Down Approach Featuring the Internet”, 2nd edition, Addison-Wesley, July 2002. Jiangchuan (JC) Liu, Assistant Professor, SFU & others

Dr. Amr Talaat Netw 703 Network Protocols Functionals  Now, we can think of all temporal operators also as functions fr om sets of states to sets of states  For example: or if we use the set notation AX p = (S - EX(S - p)) LogicSet p  q p  q p  q p  q  p S – p False  TrueS

Dr. Amr Talaat Netw 703 Network Protocols Fixpoint Characterizations Fixpoint CharacterizationEquivalences AG p = y. p  AX y AG p = p  AX AG p EG p = y. p  EX y EG p = p  EX EG p AF p =  y. p  AX y AF p = p  AX AF p EF p =  y. p  EX y EF p = p  EX EF p A(pUq) =  y. q  A (p  X (y)) A(pUq)=q  (p  AX (p AU q)) E(pUq) =  y. q  E (p  X (y)) E(pUq) = q  (p  EX (p EU q))

Dr. Amr Talaat Netw 703 Network Protocols EF Fixpoint Computation EF p =  y. p  EX y is the limit of the sequence: , p  EX , p  EX(p  EX  ), p  EX(p  EX(p  EX  )),... which is equivalent to , p, p  EX p, p  EX (p  EX (p) ),...

Dr. Amr Talaat Netw 703 Network Protocols EF Fixpoint Computation s2s1s4s3 p p Start  1 st iteration p  EX  = {s1,s4}  EX(  )= {s1,s4}   ={s1,s4} 2 nd iteration p  EX(p  EX  ) = {s1,s4}  EX({s1,s4})= {s1,s4}  {s3}={s1,s3,s4} 3 rd iteration p  EX(p  EX(p  EX  )) = {s1,s4}  EX({s1,s3,s4})= {s1,s4}  {s2,s3,s4}={s1,s2,s3,s4} 4 th iteration p  EX(p  EX(p  EX(p  EX  ))) = {s1,s4}  EX({s1,s2,s3,s4})= {s1,s4}  {s1,s2,s3,s4} = {s1,s2,s3,s4}

Dr. Amr Talaat Netw 703 Network Protocols EF Fixpoint Computation p EF(p)states that can reach p p EX(p) EX(EX(p))... EF(p)  states that can reach p  p  EX(p)  EX(EX(p)) ... EF(p)

Dr. Amr Talaat Netw 703 Network Protocols Greatest Fixpoint Given a monotonic function F, its greatest fixpoint is the least upp er bound (lub) of all the extensive elements: y. F y =  { y | F y  y } The greatest fixpoint y. F y is the limit of the following sequenc e (assuming F is  -continuous): S, F S, F 2 S, F 3 S,... If S is finite, then we can compute the greatest fixpoint using the above sequence

Dr. Amr Talaat Netw 703 Network Protocols EG Fixpoint Computation Similarly, EG p = y. p  EX y is the limit of the sequence: S, p  EX S, p  EX(p  EX S), p  EX(p  EX (p  EX S)),... which is equivalent to S, p, p  EX p, p  EX (p  EX (p) ),...

Dr. Amr Talaat Netw 703 Network Protocols EG Fixpoint Computation s2s1s4s3 pp p Start S = {s1,s2,s3,s4} 1 st iteration p  EX S = {s1,s3,s4}  EX({s1,s2,s3,s4})= {s1,s3,s4}  {s1,s2,s3,s4}={s1,s3,s4} 2 nd iteration p  EX(p  EX S) = {s1,s3,s4}  EX({s1,s3,s4})= {s1,s3,s4}  {s2,s3,s4}={s3,s4} 3 rd iteration p  EX(p  EX(p  EX S)) = {s1,s3,s4}  EX({s3,s4})= {s1,s3,s4}  {s2,s3,s4}={s3,s4}

Dr. Amr Talaat Netw 703 Network Protocols EG Fixpoint Computation EG(p) EG(p) states that can avoid reaching  pp EX(p) EX(EX(p))... EG(p)  states that can avoid reaching  p  p  EX(p)  EX(EX(p)) ...

Dr. Amr Talaat Netw 703 Network Protocols Example 11/80 1 2 3 4 5 6 a,b c b,c a dc For the FSM below, formally check the following properties, using Fixpoint Theorm: AG(a ∨c ∨b) AF(a  b) If failed show the subset of the design the property holds for as well as the counter example S = {1,2,3,4,5,6}, AP = {a,b,c,d}, R = {(1,2), (1,3),(2,3), (3,4), (4,4), (4,5), (5,2), (2,6), (6,1)} L(1) = {a,b}, L(2) = {c}, L(3) = {b,c}, L(4) = {a}, L(5) = {c}, L(6) = {d}

Dr. Amr Talaat Netw 703 Network Protocols Example (cont.)  Remember that:  H(a ∪ b) = H(a) ∪ H(b) ∪ H(c) ={1,4} ∪ {2,3,5} ∪ {1,3} = {1,2,3,4,5}  AG(a ∨ c ∨ b) = AG p = y. p  AX y = y. p  AX y  AX p =  EX(  p)  I0  S = {1,2,3,4,5,6}  I1  {1,2,3,4,5} ∩ S = {1,2,3,4,5} ∩ {1,3,4,5,6} = {1,2,3,4,5}  I2  {1,2,3,4,5} ∩ AX(1,2,3,4,5) = {1,2,3,4,5} ∩ {1,3,4,5,6} = {1,3,4,5}  This is because that : AX(1,2,3,4,5) =  EX(  (1,2,3,4,5)) =  EX(6) =  (2) = S- {2 } = {1,3,4,5,6}  I3  {1,2,3,4,5} ∩ AX(1,3,4,5) = {1,3,4,5}  This is because that : AX(1,3,4,5) =  EX(  (1,3,4,5)) = ****  I3 = I2  H(AG(a ∨ b ∨ c)) = {1,3,4,5}  The property does not hold, except for the above states, and it is clear that s tates {2,6} can be considered as counter examples.  state 6 does not contain neither a,c,b and state 2 does not have a proceedin g one on one of its pathes path (2,6) 12/80

Dr. Amr Talaat Netw 703 Network Protocols Example (AF(ab)) 13/80

Download ppt "Symbolic Model Checking Revision Slides Dr. Eng. Amr T. Abdel-Hamid NETW 703 Winter 2012 Network Protocols Slides based on slides of: Jim Kurose, Keith."

Similar presentations