Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Slides:



Advertisements
Similar presentations
1 Verification by Model Checking. 2 Part 1 : Motivation.
Advertisements

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Part 3: Safety and liveness
Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
Verification of Graph Transformation Systems Arman Sheikholeslami
UPPAAL Introduction Chien-Liang Chen.
Formal verification in SPIN Karthikeyan Bhargavan, Davor Obradovic CIS573, Fall 1999.
/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct :021PROMELA Semantics.
© 2011 Carnegie Mellon University SPIN: Part /614 Bug Catching: Automated Program Verification Sagar Chaki April 21, 2014.
M INERVA (Metamodel-based Intuitive Editors with Reports and Visualizations of Analysis) Laura A. Campbell Advisor: Dr. Betty H.C. Cheng Software Engineering.
Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.
CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ Dr. Yann-Hang Lee
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
The Spin Model Checker Promela Introduction Nguyen Tuan Duc Shogo Sawai.
1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.
Tele Design of Reactive Systems Summer 2001 Prof. Dr. Stefan Leue Institute for Computer Science Albert-Ludwigs-Universität Freiburg
Spin Tutorial (some verification options). Assertion is always executable and has no other effect on the state of the system than to change the local.
Winter 2007SEG2101 Chapter 41 Chapter 4 SDL – Structure and Behavior.
Logic Based LSC Consistency Testing Presenter: Anup Niroula.
© 2011 Carnegie Mellon University SPIN: Part Bug Catching: Automated Program Verification and Testing Sagar Chaki October 31, 2011.
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.
Temporal Logic Model- checking with SPIN COMP6004 Stéphane Lo Presti Part 4: Specifications.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Temporal Logic of Actions (TLA) Leslie Lamport
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
Automating Checking of Models Built Using a Graphically Based Formal Language Robert John Walters.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
The Model Checker SPIN Written by Gerard J. Holzmann Presented by Chris Jensen.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Critical Systems Specification 3 Formal Specification.
Introduction to Software Testing Chapter 9.4 Model-Based Grammars Paul Ammann & Jeff Offutt
Correctness requirements. Basic Types of Claims Basic assertions End-state labels Progress-state labels Accept-state labels Never claims Trace assertions.
Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.
Scientific Computing By: Fatima Hallak To: Dr. Guy Tel-Zur.
Introduction to Formal Methods Based on Jeannette M. Wing. A Specifier's Introduction to Formal Methods. IEEE Computer, 23(9):8-24, September,
CIS 842: Specification and Verification of Reactive Systems Lecture Specifications: Sequencing Properties Copyright , Matt Dwyer, John Hatcliff,
Specifying and Verifying Event-based Fairness Enhanced Systems 1 ICFEM 2008 Specifying and Verifying Event-based Fairness Enhanced Systems Jun SUN, Yang.
Formal Verification Lecture 9. Formal Verification Formal verification relies on Descriptions of the properties or requirements Descriptions of systems.
Lecture51 Timed Automata II CS 5270 Lecture 5.
MODEL CHECKING WITH SPIN MODELING AND VERIFICATION WITH SPIN ANDREA ORLANDINI – ISTC (CNR) TexPoint fonts used in EMF. Read the TexPoint manual before.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.
1 CSEP590 – Model Checking and Automated Verification Lecture outline for August 6, 2003.
Temporal Logic Model-checking with SPIN
HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.
Modelling Reactive Systems 4 Professor Muffy Calder Dept. of Computing Science University of Glasgow
Lecture 4 Introduction to Promela. Promela and Spin Promela - process meta language G. Holzmann, Bell Labs (Lucent) C-like language + concurrency dyamic.
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
1 Temporal logic. 2 Prop. logic: model and reason about static situations. Example: Are there truth values that can be assigned to x,y simultaneously.
Model Checking Lecture 1. Model checking, narrowly interpreted: Decision procedures for checking if a given Kripke structure is a model for a given formula.
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
Winter 2007SEG2101 Chapter 121 Chapter 12 Verification and Validation.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Model Checking Lecture 1: Specification Tom Henzinger.
6/12/20161 a.a.2015/2016 Prof. Anna Labella Formal Methods in software development.
Copyright 1999 G.v. Bochmann ELG 7186C ch.1 1 Course Notes ELG 7186C Formal Methods for the Development of Real-Time System Applications Gregor v. Bochmann.
CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
Formal Specification.
Formal verification in SPIN
IS 2935: Developing Secure Systems
Formal Methods in software development
Formal Methods in software development
An explicit state model checker
CSE 503 – Software Engineering
Presentation transcript:

Cheng/Dillon-Software Engineering: Formal Methods Model Checking

Cheng/Dillon-Software Engineering: Model Checking Model Checking Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design Specify critical correctness properties Validate the model w/r to the specifications

Cheng/Dillon-Software Engineering: Model Checking Create a FSM FSM languages focus on expressing concurrency, synchronization, and communication abstract details of internal computations must be precise and unambiguous (formally defined syntax and semantics) We will use Promela for giving system descriptions

Cheng/Dillon-Software Engineering: Model Checking Specify correctness properties Safety properties: Nothing “bad” ever happens Formalized using state invariants  execution never reaches a “bad” state Liveness properties: Something “good” eventually happens Formalized using temporal logic  special logic for describing sequences

Cheng/Dillon-Software Engineering: Model Checking Validate the model “Execute” the model to test it simulate executions of the system check satisfaction of safety properties along simulated executions Exhaustive analysis generate reachability graph to verify safety and liveness properties Generate counterexamples to illustrate failures

Cheng/Dillon-Software Engineering: Model Checking Home Heating System

Cheng/Dillon-Software Engineering: Model Checking Example properties Pump is never on unless Burner is also on Whenever Sensor calls resp-temp(LOW), eventually Controller becomes all-on

Cheng/Dillon-Software Engineering: Model Checking Reachability Graph Graph of global states that can be “reached” during execution global state contains a state for each concurrent “process” transitions show how an event or action transforms the global state Analyze global state space to verify safety properties Analyze paths through the RG to verify liveness properties

Cheng/Dillon-Software Engineering: Model Checking Promela The system description language of SPIN Designed for modeling data communication protocols System described as a collection of concurrent processes Processes communicate and synchronize via message channels and global variables

Cheng/Dillon-Software Engineering: Model Checking Promela Specify macro definitions #define signal 0 Declare symbolic constants mtype = { ON, OFF, LOW, OK } Declare a synchronous message channel chan pump_in = [0] of { mtype }

Cheng/Dillon-Software Engineering: Model Checking Promela Create a process instance active proctype pump ( ) { statements } Send a message pump_in!ON Receive a message pump_in?ON

Cheng/Dillon-Software Engineering: Model Checking Promela version of HHS

Cheng/Dillon-Software Engineering: Model Checking Promela version of HHS

Cheng/Dillon-Software Engineering: Model Checking Promela version of HHS

Cheng/Dillon-Software Engineering: Model Checking SPIN simulation of HHS SPIN automatically generates sequence diagrams to represent executions random guided interactive Automates tracing between system views sequence diagram Promela description state diagram textual execution traces

Cheng/Dillon-Software Engineering: Model Checking Verification of a safety property Pump is never on unless Burner is also on

Cheng/Dillon-Software Engineering: Model Checking Verification of a liveness property Whenever Sensor calls resp-temp(LOW), eventually Controller becomes all-on

Cheng/Dillon-Software Engineering: Model Checking Verification of a liveness property

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.