Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Temporal Logic-Overview FM Temporal Logic u Classical logic: Good for describing static conditions u Temporal logic: Adds temporal operators Describe.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Temporal Logic-Overview FM Temporal Logic u Classical logic: Good for describing static conditions u Temporal logic: Adds temporal operators Describe."— Presentation transcript:

1 1 Temporal Logic-Overview FM Temporal Logic u Classical logic: Good for describing static conditions u Temporal logic: Adds temporal operators Describe how static conditions change over time u Two main ways to represent temporal logic: Linear time: describes single possible time line  LTL (Linear Temporal Logic): Spin Branching time: describes all possible time lines  CTL (Computation Tree Logic): SMV

2 2 Temporal Logic-Overview FM What can you do with TL? u Use Automaton to describe system behavior Describes actions of system In terms of state sequences u Use temporal logic to describe property of state sequences u Use model checker to verify TL property Checks TL property against automaton Exhaustively checks the automaton Automatic checking

3 3 Temporal Logic-Overview FM Basic Idea of Temporal Logic u Truth changes over time u Must say when things are true, Not just what is true u Most model checking tools do not allow quantification Use propositional TLs (PTLs)

4 4 Temporal Logic-Overview FM Semantics of Temporal Logic u 4 basic operators: : always : sometime or eventually : next time or next step : until u Conceptual representation: Let S be a sequence of states S[0]: first state; S[j] : jth state S[j..] sequence starting from jth state S[j..k] sequence from j to k U

5 5 Temporal Logic-Overview FM More Formal Semantics u Classical Logic: S f: sequence S satisfies formula f S true: for any S S (f and g): S f and S g u Temporal Logic: S f : if for any j, S[j..] f S f : if for some j, S[j..] f Sf : if S[1..] f S f g : if for some k, S[k..] g,  and for any j < k, S[j..] f U

6 6 Temporal Logic-Overview FM Example u Automaton/machine produces state sequence: abcabcabcabc… u Sequence satisfies property:  (a  b) and It’s always the case that a implies that the next step will be b  (a  a)) It’s always the case that a implies that the next step will eventually be an a. ab c

7 7 Temporal Logic-Overview FM More Semantics of PTL u Next f: S[j] f iff S[j+1] f u Always f: S[j] f iff (  k: k  j  S[k] f) u Sometime f: S[j] f iff (  k: k  j  S[k] f) u f U g: S[j] f U g iff (  k: k  j  S[k] g)  (   l: j  l  k  S[l] f)

8 8 Temporal Logic-Overview FM Sample Specifications u Mutual Exclusion: (  inCsA  inCsB) u Response: (wantsInA  inCsA) u See CSE814 handouts for Promela codification.

9 9 Temporal Logic-Overview FM Computation Tree Logic u Most distributed, reactive systems are nondeterministic Cannot be represented by sequence of possible states or transitions Has a tree of possible computations u Can use CTL to represent these cases Computation Tree Logic

10 10 Temporal Logic-Overview FM CTL Syntax u Basic logic AND u Temporal expressions: Temporal operators are defined in pairs Path part:  A: means “all paths” (inevitably)  E: means “on some path” (possibly) Property part:  F : same as % For some  G : same as% Globally holds  X : same as% neXt  U : same as U u Sample expressions:  AGp : On all paths, property p always holds  EGp : On some paths, property p always holds

11 11 Temporal Logic-Overview FM Specification Patterns u Safety: bad thing never happens: AG (  bad-thing) u Liveness: good thing eventually happens AF good-thing u Bad thing could happen: EF bad-thing

12 12 Temporal Logic-Overview FM System satisfying EFp

13 13 Temporal Logic-Overview FM System satisfying EGp

14 14 Temporal Logic-Overview FM System satisfying AGp

15 15 Temporal Logic-Overview FM System satisfying AFp

16 16 Temporal Logic-Overview FM Sample Specification Patterns u Possible to get to started state, but ready does not hold EF(started)  (  ready)) u If a request occurs, then it will eventually be acknowledged AG (requested  AF acknowledged)  Process is enabled  infinitely often on every path AG (AF enabled) u Whatever happens, a certain process will eventually be permanently deadlocked: AF (AG deadlocked) u From any state, it is possible to get to a restart state AG (AF restart)

17 17 Temporal Logic-Overview FM Example Elevator u An elevator at the 2 nd floor traveling upward towards 5 th floor destination does not change its direction AG (floor = 2  direction = up  ButtonPressed5   A[direction = up  U floor 

18 18 Temporal Logic-Overview FM Tool Support u Model checkers: check that system satisfies property u Reachability analysis: describe paths of behavior of system u Each tool uses different algorithms for optimization purposes SPIN (Holzmann et al) SMV (Clarket et al) Nitpick (D. Jackson) COSPAN (Kurshan, mostly for HW) Verisoft FDR Etc.

Download ppt "1 Temporal Logic-Overview FM Temporal Logic u Classical logic: Good for describing static conditions u Temporal logic: Adds temporal operators Describe."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.

1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.
Tutorial I – An Introduction to Model Checking Peng WU INRIA Futurs LIX, École Polytechnique.

Tutorial I – An Introduction to Model Checking Peng WU INRIA Futurs LIX, École Polytechnique.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
Partial Order Reduction: Main Idea

Partial Order Reduction: Main Idea
Part 3: Safety and liveness

Part 3: Safety and liveness
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
François Fages MPRI Bio-info 2006 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraints Group, INRIA.

François Fages MPRI Bio-info 2006 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraints Group, INRIA.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.
CS6133 Software Specification and Verification

CS6133 Software Specification and Verification
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Model Checking Inputs: A design (in some HDL) and a property (in some temporal logic) Outputs: Decision about whether or not the property always holds.

Model Checking Inputs: A design (in some HDL) and a property (in some temporal logic) Outputs: Decision about whether or not the property always holds.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
卜磊 Transition System. Part I: Introduction  Chapter 0: Preliminaries  Chapter 1: Language and Computation Part II: Models  Chapter.

卜磊 Transition System. Part I: Introduction  Chapter 0: Preliminaries  Chapter 1: Language and Computation Part II: Models  Chapter.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar D D.

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar D D.

Similar presentations

Ads by Google