Download presentation

Presentation is loading. Please wait.

Published byDestiny Quinn Modified over 4 years ago

1
Software Verification 2 Automated Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

2
Slide 2 H. Schlingloff, SS2012: SWV 2 CTL model checking For each LTS/model there is exactly one computation tree CTL model checking works directly on the model (no need to extract computation sequences) For all subformulas of a formula and all states of a given model, mark whether the state satisfies the subformula iteration on formulas according to their inductive definition if p is an atomic proposition, then p M = I(p) M ={} (φ ψ) M = (M-φ M +ψ M ) (EXφ) M = {w | w (wRw w φ M )} (AXφ) M = {w | Aw (wRw w φ M )} 5.7.2012

3
Slide 3 H. Schlingloff, SS2012: SWV 2 Symbolic Representation Modelchecking algorithm deals with sets of states and with relations (sets of pairs of states) Need an efficient representation BDD of the set {x | x >12 or even} x 1 &x 2 | !x 4 5.7.2012

4
Slide 4 H. Schlingloff, SS2012: SWV 2 Calculation of BDDs 5.7.2012

5
Slide 5 H. Schlingloff, SS2012: SWV 2 The Influence of Variable Ordering Heuristics: keep dependent variables close together! 5.7.2012

6
Slide 6 H. Schlingloff, SS2012: SWV 2 Operations on BDDs Negation: easy (exchange T and F) Falsum: trivial and, or: Shannon expansion (φ OP ψ) = x (φ{x:=T} OP ψ{x:=T}) ¬ x (φ{x:= } OP ψ{x:= }) (φ ψ) = (x (φ{x:=T} ψ{x:=T})) (¬ x (φ{x:= } ψ{x:= })) BDD realization? 12.4.2012

7
Slide 7 H. Schlingloff, SS2012: SWV 2 BDD-implies 12.4.2012

8
Slide 8 H. Schlingloff, SS2012: SWV 2 Transitive Closure Each finite (transition) relation can be represented as a boolean formula / BDD The transitive closure of a relation R is defined recursively by Thus, transitive closure be calculated by an iteration on BDDs Logical operations (,, ) can be directly performed on BDDs 5.7.2012

9
Slide 9 H. Schlingloff, SS2012: SWV 2 Reachability State s is reachable iff s 0 R*s, where s 0 S 0 is an initial state and R is the transition relation Reachability is one of the most important properties in verification most safety properties can be reduced to it in a search algorithm, is the goal reachable? Can be arbitrarily hard for infinite state systems undecidable Can be efficiently calculated with BDDs 5.7.2012

10
Slide 10 H. Schlingloff, SS2012: SWV 2 Intuitively, xR*y iff there is a sequence w 0 w 1... w n of nodes connecting x with y In a finite model, this sequence must be smaller than the number of states. In practice, usually a few dozen steps are sufficient 5.7.2012

11
Slide 11 H. Schlingloff, SS2012: SWV 2 Reflection What has been achieved Vorläufige Vorlesungsplanung - Einführung - Modellierung von Systemen - Temporale Logik - Modellprüfung - Symbolische Repräsentation - Abstraktion - Realzeit Where this is relevant HW design (IEEE 1850 PSL) Safety-critical SW design Embedded systems design 5.7.2012

12
Slide 12 H. Schlingloff, SS2012: SWV 2 Feedback 5.7.2012

Similar presentations

OK

6.5.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

6.5.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

© 2018 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google