Presentation is loading. Please wait.

Presentation is loading. Please wait.

Automated Refinement Checking of Concurrent Systems Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University.

Published byKarli Peyser Modified over 9 years ago

Similar presentations

Presentation on theme: "Automated Refinement Checking of Concurrent Systems Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University."— Presentation transcript:

1 Automated Refinement Checking of Concurrent Systems Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University of California, San Diego

2 2 Power Perfor mance Area Hardware Design Methodology Algorithmic Description RTL Description Functionally Equivalent Behavior Description Functionally Equivalent Functionally Equivalent Controller S0 S1 S2S3 S4 f !f Data path …. x = a * b; c = a < b; if (c) then a = b – x; else a = b + x; a = a + x; b = b * x; ….  C/C++, SystemC  Verilog, VHDL High Level Synthesis

3 3 The Model Properties of interest: Concurrency Visible events Model both the specification and implementation Formal semantics Various modeling languages Process Algebra [CSP, CCS] Petri Nets SpecC/SystemC

4 4 The Problem CSP Program (Specification) Transformed CSP Program (Implementation) Refinements (Trace) Refinement Checker

5 5 Previous Work Manual Semi Automatic Fully Automatic Infinite Finite Level of Automation State Space Relational Approach [Josephs 88] FDR Model Checker [FDR 05, Roscoe 95] Interactive Theorem Provers [Dutertre 97] [Tej 97] [Isobe 05] Our Approach Inspired by translation validation [Necula 00] [Pnueli 98] Previous work in Refinement Checking of CSP programs

6 6 Outline 1.Motivation and Problem definition 2.Algorithms Checking Algorithm Inference Algorithm 3.Experiments and Results 4.Conclusion

7 7 An Example of Refinement left Link right Specification: v14*v1 v14*v1 2*v1 Implementation: sendrecv mid ack right left v1 2*v1

8 8 A relation R that matches a given program state in the implementation with the corresponding state in the specification. The simulation relation is a set of entries of the form (p 1, p 2, Ф). p 1 – program point in Specification p 2 – program point in Implementation Ф – formula that relates the data CFGs for the Example Specification left?a w:=a*4 right!w Link Implementation | left?x y:=x*2 ack?_ SendRecv mid!y mid?u z:=u*2 ack!1 right!z Split state space in two parts: control flow state, which is finite. => explored by traversing the CFG dataflow state, which may be infinite. => explored using Automated Theorem Prover (ATP) a == x True w == z Simulation Relation

9 9 Checking Algorithm Specification Implementation left?a w:=a*4 right!w Link | left?x y:=x*2 ack?_ SendRecv mid!y mid?u z:=u*2 ack!1 right!z C2: a == x C3: w == z C1: True SpecImpl C1: True left ? aleft ? x C2: a == x SpecImpl C2: a == x w = a*4 y = x*2 u = y (mid?u :: mid!y) z = u*2 C3: w == z SpecImpl C3: w == z right!wright!z left?a _ = 1 left?x C2: a == x ATP[C1 => WP(C2)] ATP[(C2) => WP(C3)] ATP[(C3) => WP(C2)]

10 10 Outline 1.Motivation and Problem definition 2.Algorithms Checking Algorithm Inference Algorithm 3.Experiments and Results 4.Conclusion

11 11 Inference Algorithm It works in two steps. Forward pass: collect local condition for externally visible events to be matched. Backward pass: propagate local conditions backward, using weakest preconditions. May not terminate Loops - iterate to a fixed point In practice it can find the required simulation relation.

12 12 Inference Algorithm: Forward Pass SpecImpl C1 -> C2 Specification left?a w:=a*4 right!w Link Implementation | left?x y:=x*2 ack?_ SendRecv mid!y mid?u z:=u*2 ack!1 right!z w = a*4 y = x*2 u = y z = u*2 right!wright!z left?a _ = 1 left?x left ? aleft ? x C1 C2 C3: w == z C2 -> C3 C3 -> C2

13 13 Inference Algorithm: Backward Pass SpecImpl Specification left?a w:=a*4 right!w Link Implementation | left?x y:=x*2 ack?_ SendRecv mid!y mid?u z:=u*2 ack!1 right!z w = a*4 y = x*2 u = y z = u*2 right!wright!z left?a _ = 1 left?x left ? aleft ? x C1: True C2: True C3: w == z C2: True C2: a == x C1: True C3: w == z ATP[C2 -> WP(C3)] C2: C2 & WP(C3) ATP[C3 -> WP(C2)] ATP[C1 -> WP(C2)]

14 14 Outline 1.Motivation and Problem definition 2.Algorithms Checking Algorithm Inference Algorithm 3.Experiments and Results 4.Conclusion

15 15 Prototype Implementation - ARCCoS CSP Specification CSP Specification Front End Parser Specification (CFG) CSP Implementation CSP Implementation Implementation (CFG) Automated Theorem Prover (Simplify) ARCCoSARCCoS Simulation Relation Simulation Relation Inference Engine Partial Order Reduction Engine Checking Engine

16 16 Results from ARCCoS Descriptions#ProcessTime (no PO) (min:sec) Time (PO) (min:sec) SpecImplTotal Simple buffer34700:00 Simple vending machine11200:00 Cyclic scheduler33601:0100:49 College student tracking system12300:01 Single communication link381100:01 2 parallel communication links6121801:2800:04 3 parallel communication links91625514:5200:21 4 parallel communication links122032DNT01:11 5 parallel communication links152439DNT02:32 6 parallel communication links182846DNT08:29 7 parallel communication links213253DNT37:28 Hardware refinement35800:00 EP2 System12301:5101:47

17 17 Outline 1.Motivation and Problem definition 2.Algorithms Checking Algorithm Inference Algorithm 3.Experiments and Results 4.Conclusion

18 18 Conclusion and Future Directions We have presented an automated algorithm for checking trace refinement of CSP programs that has infinite state spaces. Checking Algorithm Inference Algorithm The work presented here is only the first step in a broader research plan whose goal is to check the refinement of SystemC.

19 19 Thank You

Download ppt "Automated Refinement Checking of Concurrent Systems Sudipta Kundu, Sorin Lerner, Rajesh Gupta Department of Computer Science and Engineering, University."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
Sugar 2.0 Formal Specification Language D ana F isman 1,2 Cindy Eisner 1 1 IBM Haifa Research Laboratory 1 IBM Haifa Research Laboratory 2 Weizmann Institute.

Sugar 2.0 Formal Specification Language D ana F isman 1,2 Cindy Eisner 1 1 IBM Haifa Research Laboratory 1 IBM Haifa Research Laboratory 2 Weizmann Institute.
Technische universität dortmund fakultät für informatik informatik 12 Discrete Event Models Peter Marwedel TU Dortmund, Informatik 12 Germany 2012 11 06.

Technische universität dortmund fakultät für informatik informatik 12 Discrete Event Models Peter Marwedel TU Dortmund, Informatik 12 Germany
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Technische universität dortmund fakultät für informatik informatik 12 Discrete Event Models Jian-Jia Chen (slides are based on Peter Marwedel) TU Dortmund,

Technische universität dortmund fakultät für informatik informatik 12 Discrete Event Models Jian-Jia Chen (slides are based on Peter Marwedel) TU Dortmund,
Lecture 24 MAS 714 Hartmut Klauck

Lecture 24 MAS 714 Hartmut Klauck
EECE **** Embedded System Design

EECE **** Embedded System Design
ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.
Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.

Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.
Applying Petri Net Unfoldings for Verification of Mobile Systems Apostolos Niaouris Joint work with V. Khomenko, M. Koutny MOCA ‘06.

Applying Petri Net Unfoldings for Verification of Mobile Systems Apostolos Niaouris Joint work with V. Khomenko, M. Koutny MOCA ‘06.
SpecC and SpecCharts Reviewed and Presented by Heemin Park and Eric Kwan EE202A - Fall 2001 Professor Mani Srivastava.

SpecC and SpecCharts Reviewed and Presented by Heemin Park and Eric Kwan EE202A - Fall 2001 Professor Mani Srivastava.
Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.

Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.
Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.

Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.
6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.

6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.
1 Towards formal manipulations of scenarios represented by High-level Message Sequence Charts Loïc Hélouet Claude Jard Benoît Caillaud IRISA/PAMPA (INRIA/CNRS/Univ.

1 Towards formal manipulations of scenarios represented by High-level Message Sequence Charts Loïc Hélouet Claude Jard Benoît Caillaud IRISA/PAMPA (INRIA/CNRS/Univ.
Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.

Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.
Automated Soundness Proofs for Dataflow Analyses and Transformations via Local Rules Sorin Lerner* Todd Millstein** Erika Rice* Craig Chambers* * University.

Automated Soundness Proofs for Dataflow Analyses and Transformations via Local Rules Sorin Lerner* Todd Millstein** Erika Rice* Craig Chambers* * University.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Similar presentations

Ads by Google