Recipes for State Space Reduction Arend Rensink, University of Twente Dutch Model Checking Day, May 2014.

Slides:



Advertisements
Similar presentations
Enter. The Scene Type text here Choice A1 Text for decisions Guidelines Guideline text Click on A, B or C A B C Choice B1 Choice C1 Click on A, B or C.
Advertisements

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
Guy Golan-GuetaTel-Aviv University Nathan Bronson Stanford University Alex Aiken Stanford University G. Ramalingam Microsoft Research Mooly Sagiv Tel-Aviv.
Planning with Non-Deterministic Uncertainty (Where failure is not an option) R&N: Chap. 12, Sect (+ Chap. 10, Sect 10.7)
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
50.530: Software Engineering Sun Jun SUTD. Week 10: Invariant Generation.
1 1 Regression Verification for Multi-Threaded Programs Sagar Chaki, SEI-Pittsburgh Arie Gurfinkel, SEI-Pittsburgh Ofer Strichman, Technion-Haifa Originally.
Game-theoretic simulation checking tool Peter Bulychev, Vladimir Zakharov, Igor Konnov Moscow State University.
Zhiguo Ge, Weng-Fai Wong, and Hock-Beng Lim Proceedings of the Design, Automation, and Test in Europe Conference, 2007 (DATE’07) April /4/17.
CS 484. Discrete Optimization Problems A discrete optimization problem can be expressed as (S, f) S is the set of all feasible solutions f is the cost.
Formal Conformance Testing of Systems with Refused Inputs and Forbidden Actions Igor Burdonov, Alexander Kossatchev, Victor Kuliamin ISP RAS, Moscow.
Goal and Scenario Validation: a Fluent Combination Chin-Yi Tsai.
Iterative Context Bounding for Systematic Testing of Multithreaded Programs Madan Musuvathi Shaz Qadeer Microsoft Research.
Chapter 6 Concurrency: Deadlock and Starvation
Minority Games A Complex Systems Project. Going to a concert… But which night to pick? Friday or Saturday? You want to go on the night with the least.
Introduction to Computability Theory
Model checking dynamic states in GROOVE Arend Rensink Formal Methods and Tools University of Twente.
Abstractions. Outline Informal intuition Why do we need abstraction? What is an abstraction and what is not an abstraction A framework for abstractions.
30 March 2005, IPA lentedagen, BredaGraph-Based State Spaces1 Graph Transformation for Model Transformation Arend Rensink University of Twente.
Denotational Semantics Syntax-directed approach, generalization of attribute grammars: –Define context-free abstract syntax –Specify syntactic categories.
1 IFM 2005 – November 30, 2005 EXP.OPEN 2.0 A flexible tool integrating partial order, compositional, and on-the-fly verification methods Frédéric Lang.
Blind Search-Part 2 Ref: Chapter 2. Search Trees The search for a solution can be described by a tree - each node represents one state. The path from.
1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.
Operational Semantics Semantics with Applications Chapter 2 H. Nielson and F. Nielson
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
Formal verification Marco A. Peña Universitat Politècnica de Catalunya.
Behaviour-Preserving Model Transformation Arend Rensink, University of Twente IPA Spring Days, 18 April 2012.
Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.
4 Steps to Problem Solving.. UNDERSTANDING THE PROBLEM Can you state the problem in your own words? What are you trying to find or do? What are the unknowns?
Why Model? By the way …. A model is a representation, abstraction, or a simulation of a phenomenon that we are trying to understand.
Reactive systems – general
Generative Programming. Automated Assembly Lines.
CIS 842: Specification and Verification of Reactive Systems Lecture Specifications: LTL Model Checking Copyright , Matt Dwyer, John Hatcliff,
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Software Verification, Validation and Testing.
Analysis of Concurrent Software Models Using Partial Order Views Qiang Sun, Yuting Chen,
1 Bisimulations as a Technique for State Space Reductions.
1 Graph-Based State Spaces Arend Rensink, University of Twente CamPaM 2012 April 2012Graph-Based State Spaces.
4 March 2005, NVTI day, UtrechtGraph-Based State Spaces1 Arend Rensink University of Twente.
Model construction and verification for dynamic programming languages Radu Iosif
I-Neighbourhood Abstraction in Graph Transformation Arend Rensink University of Twente Based on work with: Jörg Bauer, Iovka Boneva, Dino Distefano, Marcus.
1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.
Verification of obstruction-free algorithm with contention management Niloufar Shafiei.
Semantics Preserving Transformation: An Impossible Dream? Arend Rensink, University of Twente BX Position Statement.
Symbolic Execution with Abstract Subsumption Checking Saswat Anand College of Computing, Georgia Institute of Technology Corina Păsăreanu QSS, NASA Ames.
What can BX make from Sense? Arend Rensink, University of Twente Banff, December 2013.
Model Checking Linearizability via Refinement 1 ICFEM 2008 Model Checking Linearizability via Refinement Yang LIU, Wei CHEN, Yanhong A. LIU, and Jun SUN.
Problem Reduction So far we have considered search strategies for OR graph. In OR graph, several arcs indicate a variety of ways in which the original.
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
Static Techniques for V&V. Hierarchy of V&V techniques Static Analysis V&V Dynamic Techniques Model Checking Simulation Symbolic Execution Testing Informal.
Review: Monitor Semantics If P does X.wait() and later Q does X.signal(): –Hoare Semantics: Q blocks yielding the monitor immediately to P –Mesa Semantics:
3-Valued Abstraction and 3-Valued Model-Checking.
Process Algebra (2IF45) Basic Process Algebra Dr. Suzana Andova.
Model Generation for Distributed Java Programs Rabéa Boulifa Eric Madelaine Oasis Team INRIA, Sophia-Antipolis France, I3S, UNSA Luxembourg, November 28,
29 th May 2012 Waingels College. Aims To explain the role of literacy in PE Demonstrate and share ideas to support the impact of literacy in PE Recognise.
Diagnostic Information for Control-Flow Analysis of Workflow Graphs (aka Free-Choice Workflow Nets) Cédric Favre(1,2), Hagen Völzer(1), Peter Müller(2)
Discovering Models for State-based Processes M.L. van Eck, N. Sidorova, W.M.P. van der Aalst.
Outline Objective for today: Formal treatment of deadlock.
Formal methods: Lecture
SS 2017 Software Verification Bounded Model Checking, Outlook
What piecewise function represents the graph?
Warm-up Test Review.
Graph-Based Operational Semantics
Space-Reduction Strategies for Model Checking Dynamic Software
Paper Reading Group:. Language-Based Information-Flow Security. A
Informatics 121 Software Design I
Life Transitions 20 DECISION MAKING.
Programming Languages and Compilers (CS 421)
Programming Languages and Compilers (CS 421)
Determining the Function Obtained from a Series of Transformations.
Test Generation with Abstraction and Concretization
Presentation transcript:

Recipes for State Space Reduction Arend Rensink, University of Twente Dutch Model Checking Day, May 2014

Example (believe it or not): Dining Philosophers 9 May 2014Recipes for State Space Reduction 2 Start configuration First grab left fork First grab right fork Then grab left fork Then grab right fork Release both forks Demo

Raise atomicity level: Grab both forks 9 May 2014Recipes for State Space Reduction 3 Suppose were not interested in deadlock or starvation E.g., study average philosopher load under assumption of liveness Essentially, we want to change the grain of atomicity Define transactions on top of existing transition system: recipe leftThenRight() { grab1left; grab2right; } recipe rightThenLeft() { grab1right; grab2left; } or even recipe grabBoth() { choice { grab1left; grab2right; } or { grab1right; grab2left; } } Intuition Abstracted system has single (recipe-labelled) transition (only) where original system has terminating trace of recipe Demo

What is this presentation about? Transition systems can grow very large Too expensive to generate (time/memory) Too large to analyse Countermeasures State space reduction (partial order, symmetry, …) Abstraction (collapsing similar states) Coarse-grained atomicity (doing more in one step) Context: graph transformation as a modelling formalism Transformation steps reflect the dynamics of a system GTSs analysed e.g., through model checking 4 9 May 2014Recipes for State Space Reduction

Recipe semantics Example: recipe c() { a; b; } Challenging cases: Refusal behaviour: recipe c() { try a1;b1 else a2; b2; } Looping behaviour: recipe c() { alap { a1;b1 } } Exploration strategy: Local DFS within recipe body 5 9 May 2014Recipes for State Space Reduction a b b c a b a b c c dd c c a d a bb

Message What are recipes good for? State space reduction Coarse-grained transitions Useful when state space used for further analysis Performance gain Quantified rules are evaluated faster Contribution Atomicity through composition (on top of existing LTS) Also unbounded behaviour Compare: action refinement Combination with refusals (try, as-long-as-possible) 6 9 May 2014Recipes for State Space Reduction

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.