Presentation is loading. Please wait.

Presentation is loading. Please wait.

Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct."— Presentation transcript:

1 Specification Formalisms Book: Chapter 5

2 Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct. Spec. of reasonable size. Effective. Check that there are no contradictions. Check that the spec. is implementable. Check that the implementation satisfies spec. Expressive. May be used to generate initial code. Specifying the implementation or its properties?

3 A transition system A (finite) set of variables V. A set of states . A (finite) set of transitions T, each transition e  t has an enabling condition e and a transformation t. An initial condition I. Denote by R(s, s’) the fact that s’ is a successor of s.

4 The interleaving model An execution is a finite or infinite sequence of states s 0, s 1, s 2, … The initial state satisfies the initial condition, i.e., I(s 0 ). Moving from one state s i to s i+1 is by executing a transition e  t: e(s i ), i.e., s i satisfies e. s i+1 is obtained by applying t to s i.

5 LTL: Syntax  ::= (  ) | ¬  |  Æ   Ç  U   ¤  }  |O  | p ¤  Always  ( = “Henceforth  ”) }  Eventually  (= “  in the future”) O  “next-time  ”  U  “  until  ”  W  “  Waiting for  ”

6 Semantics ¤         }  O   U   W  U  Ç ¤ 

7 Combinations ¤} p “p will happen infinitely often” }¤ p “p will happen from some point forever”. ( ¤} p) --> ( ¤} q) “If p happens infinitely often, then q also happens infinitely often”.

8 A Spring Example s1s3s2 pull release extended malfunction r0 = s1 s2 s1 s2 s1 s2 s1 … r1 = s1 s2 s3 s3 s3 s3 s3 … r2 = s1 s2 s1 s2 s3 s3 s3 … …

9 LTL satisfaction by a single sequence malfunction s1s3s2 pull release extended r2 = s1 s2 s1 s2 s3 s3 s3 … r2 ² extended ?? r2 ² O extended ?? r2 ² O O extended ?? r2 ² } extended ?? r2 ² ¤ extended ?? r2 ² } ¤ extended ?? r2 ² } ¤ malfunction ?? r2 ² ¬ } ¤ extended ?? r2 ² (¬extended) U malfunction ?? r2 ² ¤ (¬extended ! O extended) ??

10 LTL satisfaction by a system malfunction s1s3s2 pull release extended A ² extended ?? A ² O extended ?? A ² O O extended ?? A ² } extended ?? A ² ¤ extended ?? A ² } ¤ extended ?? A ² } ¤ malfunction ?? A ² ¬ } ¤ extended ?? A ² (¬extended) U malfunction ?? A ² ¤ (¬extended->O extended) ?? A:

11 Automata over finite words A=  Alphabet (finite). S: States (finite).  : S x  x S ) S is the transition relation. I µ S are the Initial states. F µ S are the Final (accepting) states. A A B B S0 S1

12 Equivalently: A Kripke structure A convenient model for describing reactive systems There exists a 1-1 translation between a Kripke structure and an automaton A= S: States (finite).  µ S x S is the transition relation. I µ S are the Initial states. L: S ) 2 AP (where AP is a set of atomic propositions) S0 S1

13 The transition relation (S0, A, S0) (S0, B, S1) (S1, A, S0) (S1, B, S1) A A B B S0 S1

14 A run over a word A word over , e.g., ABAAB. A sequence of states, e.g. S0 S0 S1 S0 S0 S1. Starts with an initial state. Accepting if ends at accepting state. A A B B S0 S1

15 The language of an automaton The words that are accepted by the automaton. Includes AABBBA, ABBBBA. Does not include ABAB, ABBB. What is the language? A A B B S0 S1

16 Nondeterministic automaton Transitions: (S0,A,S0), (S0,B,S0), (S0,A,S1),(S1,A,S1). What is the language of this automaton? A,B A A S0 S1

17 Equivalent deterministic automaton A,B A A S0 S1 B A A S0 S1 B

18 Automata over infinite words Similar definition. Runs on infinite words over . Accepts when an accepting state occurs infinitely often in a run. A A B B S0 S1

19 Automata over infinite words Consider the word A B A B A B A B… There is a run S0 S0 S1 S0 S1 S0 S1 … This run is accepting, since S0 appears infinitely many times. A A B B S0 S1

20 Other runs For the word B B B B B… the run is S0 S1 S1 S1 S1… and is not accepting. For the word A A A B B B B B …, the run is S0 S0 S0 S0 S1 S1 S1 S1 … What is the run for A B A B B A B B B …? A A B B S0 S1

21 Nondeterministic automaton What is the language of this automaton? What is the LTL specification if B = (pc 0 =cr 0 ), A=¬B? A,B A A S0 S1

22 Specification using Automata Let each letter correspond to some propositional property. Example: A = P0 enters critical section B = P0 does not enter critical section. ¤ } pc 0 =cr 0 B A A B S0 S1

23 Mutual Exclusion ð ¬(pc 0 =cr 0 Æ pc 1 =cr 1 ) A: pc 0 =cr 0 Æ pc 1 =cr 1 B: ¬(pc 0 =cr 0 Æ pc 1 =cr 1 ) C: TRUE B A C S0 S1

24 L 0 :While True do nc 0 :wait (Turn=0); cr 0 :Turn=1 T0:pc 0 =L 0 ! pc 0: =nc 0 T1:pc 0 =nc 0 Æ Turn=0 ! pc 0 :=cr 0 T2:pc 0 =cr 0 ! (pc 0,Turn):=(L 0,1) T3:pc 1 =L 1 ! pc 1 =nc 1 T4:pc 1 =nc 1 Æ Turn=1 ! pc 1 :=cr 1 T5:pc 1 =cr 1 ! (pc 1,Turn):=(L 1,0) Initially: pc 0 =L 0 Æ pc 1 =L 1 L 1 :While True do nc 1 :wait (Turn=1); cr 1 :Turn=0 || Possible transitions:

25 The state space Turn=0 L 0,L 1 Turn=0 L 0,nc 1 Turn=0 nc 0,L 1 Turn=0 cr 0,nc 1 Turn=0 nc 0,nc 1 Turn=0 cr 0,L 1 Turn=1 L 0,cr 1 Turn=1 nc 0,cr 1 Turn=1 L 0,nc 1 Turn=1 nc 0,nc 1 Turn=1 nc 0,L 1 Turn=1 L 0,L 1

26 Turn=0 L 0,L 1 Turn=0 L 0,nc 1 Turn=0 nc 0,L 1 Turn=0 cr 0,nc 1 Turn=0 nc 0,nc 1 Turn=0 cr 0,L 1 Turn=1 L 0,cr 1 Turn=1 nc 0,cr 1 Turn=1 L 0,nc 1 Turn=1 nc 0,nc 1 Turn=1 nc 0,L 1 Turn=1 L 0,L 1 ð : (pc 0 =cr 0 Æ pc 1 =cr 1 )

27 Turn=0 L 0,L 1 Turn=0 L 0,nc 1 Turn=0 nc 0,L 1 Turn=0 cr 0,nc 1 Turn=0 nc 0,nc 1 Turn=0 cr 0,L 1 Turn=1 L 0,cr 1 Turn=1 nc 0,cr 1 Turn=1 L 0,nc 1 Turn=1 nc 0,nc 1 Turn=1 nc 0,L 1 Turn=1 L 0,L 1 ð (Turn=0 ! } Turn=1)

28 Correctness condition We want to find a correctness condition for a model to satisfy a specification. Language of a model: L(Model) Language of a specification: L(Spec). We need: L(Model)  L(Spec).

29 Correctness All sequences Sequences satisfying Spec Program executions

30 Incorrectness All sequences Sequences satisfying Spec Program executions Counter examples

Download ppt "Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct."

Similar presentations

Modeling Software Systems Lecture 2 Book: Chapter 4.

Modeling Software Systems Lecture 2 Book: Chapter 4.
Model Checking and Testing combined

Model Checking and Testing combined
Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.

Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.
Modeling issues Book: chapters 4.12, 5.4, 8.4, 10.1.

Modeling issues Book: chapters 4.12, 5.4, 8.4, 10.1.
Language and Automata Theory

Language and Automata Theory
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Part 3: Safety and liveness

Part 3: Safety and liveness
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
C O N T E X T - F R E E LANGUAGES ( use a grammar to describe a language) 1.

C O N T E X T - F R E E LANGUAGES ( use a grammar to describe a language) 1.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
1 Temporal Logic u Classical logic:  Good for describing static conditions u Temporal logic:  Adds temporal operators  Describe how static conditions.

1 Temporal Logic u Classical logic:  Good for describing static conditions u Temporal logic:  Adds temporal operators  Describe how static conditions.
Spin Tutorial (some verification options). Assertion is always executable and has no other effect on the state of the system than to change the local.

Spin Tutorial (some verification options). Assertion is always executable and has no other effect on the state of the system than to change the local.
Introduction to Computability Theory

Introduction to Computability Theory
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture # 11.

1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture # 11.
Infinite Automata -automata is an automaton that accepts infinite strings A Buchi automaton is similar to a finite automaton: S is a finite set of states,

Infinite Automata -automata is an automaton that accepts infinite strings A Buchi automaton is similar to a finite automaton: S is a finite set of states,
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.

CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.

Similar presentations

Ads by Google