Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Bogor Model Checking Framework

Published byUlrik Madsen Modified over 4 years ago

Similar presentations

Presentation on theme: "The Bogor Model Checking Framework"— Presentation transcript:

1 The Bogor Model Checking Framework
Emily Gibson November 28, 2006

2 About Bogor Motivation: Domain-specific model checkers may be more effective (and cheaper) than general purpose model checkers SPIN, NuSMV, etc support fixed input langs, state-space representations, reduction & exploration algs Most existing tools don’t directly support OO lang features Solution: customizable & easily extensible model checking framework

3 Modularity

4 Basic Features Java, eclipse plug-in or command line
Customized text editor Syntax highlighting Highlights errors in model/properties Modes: Model Checking -- explore all possible paths Random Simulation User-guided Simulation

5 Features Supports unbounded dynamic thread and heap object creation with automatic garbage collection Canonical heap representation (based on dSpin) so heaps are observationally equivalent Only keep state in BIR vars, semantics can be implemented in Java and kept separate from model Customization can improve space and time requirements by over three orders of magnitude!

6 BIR: Bogor Input Representation
Primitive types double, int, bool, enum thread IDs, others -- extensible Default values like spin No coercion -- need explicit casts Non-primitive types record, array, string, lock, extensions Type Aliases -- compact names for types Fun[ction] types -- like SML

7 BIR Cont’d Scope: functions and threads have own namespace, but can’t hide with global declarations Locations: control pts in threads Annotated with live vars (if empty, bogor calcs; vars not in set reset to default vals) Jump and Catch statements Actions: assign, assert, assume, lock, throw, exit

8 BIR: High or Low Level Syntax?
Used for automatic model extraction Interleavings only happen between locations (atomic by default) Basic syntax: loc[ation], live, do, when, visible, goto, catch, return High level Used for manual model construction Includes high-level programming constructs: atomic, while, if, elseif, else, try, catch, skip, return, choose Converted to low-level during model checking

9 Example: Choose syntax
High-level system ChooseExample { int i := 0; active[3] thread MAIN() { atomic choose when <i < 1> do i := i + 1; when <i < 2> do i := i + 2; else do i := i + 3; end }

10 Translated to Low-level
system ChooseExample { int i := 0; active [3] thread MAIN() { boolean temp$0; boolean temp$1; boolean temp$2; ANY_THROWABLE atomicCatch$Local; loc loc0: do { Atomic.beginAtomic(); } goto loc1; loc loc1: do invisible { temp$0 := i < 1; temp$1 := i < 2; temp$2 := !((temp$0 || temp$1)); } goto loc2; loc loc2: when temp$0 do invisible { } goto loc3; when temp$1 do invisible { } goto loc5; when temp$2 do invisible { } goto loc7; loc loc3: do { i := i + 1; } goto loc4; loc loc4: do { } goto loc9; loc loc5: do { i := i + 2; } goto loc6; loc loc6: do { } goto loc9; loc loc7: do { i := i + 3; } goto loc8; loc loc8: do { } goto loc9; loc loc9: do { Atomic.endAtomic(); } goto loc10; loc loc10: do { } return; loc atomicCatch: do { Atomic.endAtomic(); throw atomicCatch$Local; } goto atomicCatch; catch ANY_THROWABLE atomicCatch$Local at loc1, loc2, loc3, loc4, loc5, loc6, loc7, loc8 goto atomicCatch; } extension Atomic for edu.ksu.cis.bogor.projects.bogor.ext.atomicity.AtomicModule { actiondef beginAtomic (); actiondef endAtomic (); throwable record ANY_THROWABLE {} Translated to Low-level

11 Advanced Features The default distribution does not include the optimizations described in various publications --- it’s supposed to be “easily understood”. Features not included: symmetry reduction collapse compression partial order reduction Are available as separate extension modules through subversion:

12 References Bogor web site: http://bogor.projects.cis.ksu.edu/
Robby, Matthew Dwyer, John Hatcliff. “Bogor: A Flexible Framework for Creating Software Model Checkers.” In Proceedings of Testing: Academic & Industrial Conference - Practice And Research Techniques, June 2006. Matthew B. Dwyer, John Hatcliff, Matthew Hoosier, Robby. “Building Your Own Software Model Checker Using the Bogor Extensible Model Checking Framework.” In Proceedings of Computer-Aided Verification, January 2005.

13 Demo… Dining Philosophers

14 Note to self… Select the configuration! (Highlight when model checking)

Download ppt "The Bogor Model Checking Framework"

Similar presentations

Objects and Classes David Walker CS 320. Advanced Languages advanced programming features –ML data types, exceptions, modules, objects, concurrency,...

Objects and Classes David Walker CS 320. Advanced Languages advanced programming features –ML data types, exceptions, modules, objects, concurrency,...
Programming Languages and Paradigms

Programming Languages and Paradigms
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.

Automated Software Verification with a Permission-Based Logic 20 th June 2014, Zürich Malte Schwerhoff, ETH Zürich.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.

1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.
Chapter 9 Subprogram Control Consider program as a tree- –Each parent calls (transfers control to) child –Parent resumes when child completes –Copy rule.

Chapter 9 Subprogram Control Consider program as a tree- –Each parent calls (transfers control to) child –Parent resumes when child completes –Copy rule.
George Blank University Lecturer. CS 602 Java and the Web Object Oriented Software Development Using Java Chapter 4.

George Blank University Lecturer. CS 602 Java and the Web Object Oriented Software Development Using Java Chapter 4.
1 BOGOR – A Flexible Framework For Creating Model Checkers Presented by : Roli Shrivastava 20 March 2007.

1 BOGOR – A Flexible Framework For Creating Model Checkers Presented by : Roli Shrivastava 20 March 2007.
Denotational Semantics Syntax-directed approach, generalization of attribute grammars: –Define context-free abstract syntax –Specify syntactic categories.

Denotational Semantics Syntax-directed approach, generalization of attribute grammars: –Define context-free abstract syntax –Specify syntactic categories.
1 A Modular Checker for Multithreaded Programs Cormac Flanagan HP Systems Research Center Joint work with Shaz Qadeer Sanjit A. Seshia.

1 A Modular Checker for Multithreaded Programs Cormac Flanagan HP Systems Research Center Joint work with Shaz Qadeer Sanjit A. Seshia.
CSC 8310 Programming Languages Meeting 2 September 2/3, 2014.

CSC 8310 Programming Languages Meeting 2 September 2/3, 2014.
Language Evaluation Criteria

Language Evaluation Criteria
Programming Language C++ Xulong Peng CSC415 Programming Languages.

Programming Language C++ Xulong Peng CSC415 Programming Languages.
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.

Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
CIS 842: Specification and Verification of Reactive Systems Lecture INTRO-Bogor-Simulation: Executing (Simulating) Concurrent Systems in Bogor Copyright.

CIS 842: Specification and Verification of Reactive Systems Lecture INTRO-Bogor-Simulation: Executing (Simulating) Concurrent Systems in Bogor Copyright.
Model construction and verification for dynamic programming languages Radu Iosif

Model construction and verification for dynamic programming languages Radu Iosif
An extensible and highly-modular model checking framework SAnToS Laboratory, Kansas State University, USA Matt Dwyer.

An extensible and highly-modular model checking framework SAnToS Laboratory, Kansas State University, USA Matt Dwyer.
1 CSEP590 – Model Checking and Automated Verification Lecture outline for August 6, 2003.

1 CSEP590 – Model Checking and Automated Verification Lecture outline for August 6, 2003.
Adapting Side-Effects Analysis for Modular Program Model Checking M.S. Defense Oksana Tkachuk Major Professor: Matthew Dwyer Support US National Science.

Adapting Side-Effects Analysis for Modular Program Model Checking M.S. Defense Oksana Tkachuk Major Professor: Matthew Dwyer Support US National Science.

Similar presentations

Ads by Google