1 Carnegie Mellon UniversitySPINFlavio Lerda 15-398 SPIN An explicit state model checker.

Slides:



Advertisements
Similar presentations
Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.
Advertisements

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.
A Survey of Runtime Verification Jonathan Amir 2004.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
1 Generalized Buchi automaton. 2 Reminder: Buchi automata A=  Alphabet (finite). S: States (finite).  : S x  x S ) S is the transition relation. I.
Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.
CS 290C: Formal Models for Web Software Lecture 4: Implementing and Verifying Statecharts Specifications Using the Spin Model Checker Instructor: Tevfik.
© 2011 Carnegie Mellon University SPIN: Part /614 Bug Catching: Automated Program Verification Sagar Chaki April 21, 2014.
Promela/SPIN Acknowledgements: These notes used some of the material presented by Flavio Lerda as part of Ed Clarke’s model-checking course.
Carnegie Mellon University Java PathFinder and Model Checking of Programs Guillaume Brat, Dimitra Giannakopoulou, Klaus Havelund, Mike Lowry, Phil Oh,
© 2011 Carnegie Mellon University SPIN: Part /614 Bug Catching: Automated Program Verification Sagar Chaki April 21, 2014.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
PSWLAB S PIN Search Algorithm from “THE SPIN MODEL CHECKER” by G Holzmann Presented by Hong,Shin 9 th Nov SPIN Search Algorithm.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
S. Ramesh Model-Checking Distributed Software S. Ramesh IIT Bombay.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Digitaalsüsteemide verifitseerimise kursus1 Formal verification: Property checking Property checking.
Bandera: Extracting Finite-state Models from Java Source Code James C. Corbett (Hawai’i) Matthew B. Dwyer, John Hatcliff, Shawn Laubach, Corina S. Păsăreanu,
© 2011 Carnegie Mellon University SPIN: Part Bug Catching: Automated Program Verification and Testing Sagar Chaki November 2, 2011.
© 2011 Carnegie Mellon University SPIN: Part Bug Catching: Automated Program Verification and Testing Sagar Chaki October 31, 2011.
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.
Temporal Logic Model- checking with SPIN COMP6004 Stéphane Lo Presti Part 4: Specifications.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Property-Based Test Generation Li Tan, Oleg Sokolsky, and Insup Lee University of Pennsylvania.
Witness and Counterexample Li Tan Oct. 15, 2002.
OOTI Workshop on Model Checking and Static Analysis Day 2 Dragan Bošnački Eindhoven University of Technology The Netherlands.
Witness and Counterexample Li Tan Oct. 15, 2002.
Automata and Formal Lanugages Büchi Automata and Model Checking Ralf Möller based on slides by Chang-Beom Choi Provable Software Lab, KAIST.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
1 Translating from LTL to automata. 2 Why translating? Want to write the specification in some logic. Want to check that an automaton (or a Kripke structure)
The Model Checker SPIN Written by Gerard J. Holzmann Presented by Chris Jensen.
LTL – model checking Jonas Kongslund Peter Mechlenborg Christian Plesner Kristian Støvring Sørensen.
Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.
1 Carnegie Mellon UniversitySPINFlavio Lerda Bug Catching SPIN An explicit state model checker.
Model Checking and Related Techniques
Jun. Sun Singapore University of Technology and Design Songzheng Song and Yang Liu National University of Singapore.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
15-820A 1 LTL to Büchi Automata Flavio Lerda A 2 LTL to Büchi Automata LTL Formulas Subset of CTL* –Distinct from CTL AFG p  LTL  f  CTL. f.
Parallel and Distributed Computing in Model Checking Diana DUBU (UVT) Dana PETCU (IeAT, UVT)
Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.
Scientific Computing By: Fatima Hallak To: Dr. Guy Tel-Zur.
Programming Lifecycle
CIS 842: Specification and Verification of Reactive Systems Lecture Specifications: LTL Model Checking Copyright , Matt Dwyer, John Hatcliff,
Quality Driven SystemC Design By Nasir Mahmood. Hybrid Approach The idea here is to combine the strengths of simulation – namely the ability to handle.
MODEL CHECKING WITH SPIN MODELING AND VERIFICATION WITH SPIN ANDREA ORLANDINI – ISTC (CNR) TexPoint fonts used in EMF. Read the TexPoint manual before.
1 CSEP590 – Model Checking and Automated Verification Lecture outline for August 6, 2003.
Author: Alex Groce, Daniel Kroening, and Flavio Lerda Computer Science Department, Carnegie Mellon University Pittsburgh, PA Source: R. Alur and.
Models of Computation. Computation: Computation is a general term for any type of information processing information processing CPU memory.
HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
String Analysis for JavaScript Programs Serena KingDr.Lu Yves Engelmann.
FUNCTIONAL PROGRAMING AT WORK - HASKELL AND DOMAIN SPECIFIC LANGUAGES Dr. John Peterson Western State Colorado University.
Carnegie Mellon Vadim Zaliva, Franz Franchetti Carnegie Mellon University Department of Electrical and Computer Engineering Funded by the DARPA I2O HACMS.
Today’s Agenda  Quiz 4  Temporal Logic Formal Methods in Software Engineering1.
Symbolic Model Checking of Software Nishant Sinha with Edmund Clarke, Flavio Lerda, Michael Theobald Carnegie Mellon University.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
IWFST 2005 Formal Specification and Verification of a Communication Protocol Ho Jung Bang Sung Deok Cha.
15-820A 1 LTL Model Checking A Flavio Lerda.
Presentation Title 2/4/2018 Software Verification using Predicate Abstraction and Iterative Refinement: Part Bug Catching: Automated Program Verification.
CIS 842: Specification and Verification of Reactive Systems
An explicit state model checker
IOA Code Generator (Making IOA Run)
Verification Environment for Distributed Control Applications
CSE 503 – Software Engineering
Presentation transcript:

1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker

2 Carnegie Mellon UniversitySPINFlavio Lerda How does Spin work? We already saw: –The Algorithm –The Promela Language We need to see how we does the tool work.

3 Carnegie Mellon UniversitySPINFlavio Lerda High Level Organization LTL Translator Buchi Translator Pan VerifierC Compiler C Generator Automata Generator Promela Parser LTL formulaPromela Model Buchi Automaton Abstract Syntax Tree Automata C Code Verification Result The Buchi automaton is turned into a Promela process and composed with the rest of the system. The generated verifier is specific to the model and property we started with.

4 Carnegie Mellon UniversitySPINFlavio Lerda Command Line Tools Spin –Generates the Promela code for the LTL formula ~$ spin –f “[]<>p” The proposition in the formula must correspond to #defines –Generates the C source code ~$ spin –a source.pro The property must be included in the source Pan –Performs the verification Has many compile time options to enable different features Optimized for performance

5 Carnegie Mellon UniversitySPINFlavio Lerda Xspin GUI for Spin

6 Carnegie Mellon UniversitySPINFlavio Lerda Simulator Spin can also be used as a simulator –Simulated the Promela program It is used as a simulator when a counterexample is generated –Steps through the trace –The trace itself is not “readable” Can be used for random and manually guided simulation as well

7 Carnegie Mellon UniversitySPINFlavio Lerda Comments DFS does not necessarily find the shortest counterexample There might be a very short counterexample but the verification might go out of memory If we don’t finish we might still have some sort of a result (coverage metrics)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.