Download presentation

Presentation is loading. Please wait.

Published byWendy Cummings Modified over 5 years ago

1
Review of topics Final exam : -May 2nd to May 7 th - Projects due on May 7th

2
Modeling Finite-state models (Kripke structures) Symbolic modeling of transition systems: – Boolean variables – Transitions described logically – Semantics of the Kripke structure generated Modeling recursive Boolean programs

3
Specification logics Reachability: – Solving reachability explicitly (DFS/BFS) Computation Tree Logic (CTL) – Syntax and semantics – Ability to write CTL specs given English spec – Ability to interpret CTL specs

4
Symbolic approach Boolean decision diagrams (BDDs) The representation of a function using a BDD BDD canonical given ordering Importance of ordering variables Operations on BDDs: – AND, OR, NOT – EXISTS

5
Symbolic model-checking Reachability algorithms using BDDs Symbolic CTL model-checking Using NuSMV to symbolically model-check reachability and CTL.

6
Specification logics contd. Automata on infinite words (Buchi automata) Linear temporal logic Converting linear temporal logic to Buchi Automata Automata-theoretic method for model checking LTL

7
Bounded model-checking Formulating bounded model-checking as a SAT formula (encoding initial and final conditions, the transitions functions and k-step reachability)

8
Dataflow analysis Generic setup of dataflow problems – Set of dataflow facts and lattice – Flow functions The maximal-fixpoint (MFP) and meet-over-all-paths (MOP) formulations Kill-gen functions, distributive flows

9
Dataflow Analysis Lattices and fixed points Tarski’s thm: existence of least fixed point for monotonic functions on a lattice Difference between MFP and MOP – MFP = MOP for distributive flows

10
Dataflow analysis Chaotic iteration to solve MFP problems for lattices where there are no infinite ascending chains. Automata-based analysis for MOP problems where the dataflow lattice is finite

11
Reachability in pushdown systems Games on finite graphs – Solving games using the attractor method Reachability of pushdown systems – Reduction to games on finite graphs.

12
Analysis of programs with function calls Reducing interprocedural MOP analysis to reachability in pushdown systems

13
Floyd’s framework of verification Floyd’s framework – Notion of interpretations – Logic to express invariants – Checking pre-post invariants to establish safety properties – Using ranking functions to prove that programs terminate

14
Preconditions and postconditions Definition of strongest postconditions and weakest pre-conditions Deriving the strongest post-condition for all standard operations (assignment, etc.) – Using existential quantification

15
Preconditions and postconditions Deriving the weakest pre-condition for all standard operations (assignment, etc.) – Without using existential quantification (see Graf-Saidi) Equivalence: strongest-postcondition(P) => Q P => weakest-precondition(Q)

16
Proving programs correct Ability to find invariants and prove programs correct using Floyd’s framework

17
Predicate abstraction – Building the abstract program using precondition checks – Ability to manually abstract a program with respect to a set of predicates (and hence prove a property) – No testing of formal notation of abstract interpretation

18
Symbolic evaluation Ability to write down the constraints to check feasibility of a control-path of a program No formalisms; but must be able to do examples

Similar presentations

© 2020 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google