Presentation is loading. Please wait.

Presentation is loading. Please wait.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design."— Presentation transcript:

1 Model Checking

2 Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design Specify critical correctness properties Validate the model w/r to the specifications

3 Create a FSM FSM languages focus on expressing concurrency, synchronization, and communication abstract details of internal computations must be precise and unambiguous (formally defined syntax and semantics) We will use Promela for giving system descriptions

4 Specify correctness properties Safety properties: Nothing “bad” ever happens Formalized using state invariants  execution never reaches a “bad” state Liveness properties: Something “good” eventually happens Formalized using temporal logic  special logic for describing sequences

5 Validate the model “Execute” the model to test it simulate executions of the system check satisfaction of safety properties along simulated executions Exhaustive analysis generate reachability graph to verify safety and liveness properties Generate counterexamples to illustrate failures

6 Home Heating System

7 Example properties Pump is never on unless Burner is also on Whenever Sensor calls resp-temp(LOW), eventually Controller becomes all-on

8 Reachability Graph Graph of global states that can be “reached” during execution global state contains a state for each concurrent “process” transitions show how an event or action transforms the global state Analyze global state space to verify safety properties Analyze paths through the RG to verify liveness properties

9 Promela The system description language of SPIN Designed for modeling data communication protocols System described as a collection of concurrent processes Processes communicate and synchronize via message channels and global variables

10 Promela Specify macro definitions #define signal 0 Declare symbolic constants mtype = { ON, OFF, LOW, OK } Declare a synchronous message channel chan pump_in = [0] of { mtype }

11 Promela Create a process instance active proctype pump ( ) { statements } Send a message pump_in!ON Receive a message pump_in?ON

12 Promela version of HHS

13

14

15 SPIN simulation of HHS SPIN automatically generates sequence diagrams to represent executions random guided interactive Automates tracing between system views sequence diagram Promela description state diagram textual execution traces

16 Verification of a safety property Pump is never on unless Burner is also on bool burner_is_on;

17 Verification of a liveness property Whenever Sensor calls resp-temp(LOW), eventually Controller becomes all-on

18 Verification of a liveness property

Download ppt "Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Part 3: Safety and liveness

Part 3: Safety and liveness
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.

Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
Verification of Graph Transformation Systems Arman Sheikholeslami

Verification of Graph Transformation Systems Arman Sheikholeslami
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Formal verification in SPIN Karthikeyan Bhargavan, Davor Obradovic CIS573, Fall 1999.

Formal verification in SPIN Karthikeyan Bhargavan, Davor Obradovic CIS573, Fall 1999.
/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct 2007 08:021PROMELA Semantics.

/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct :021PROMELA Semantics.
M INERVA (Metamodel-based Intuitive Editors with Reports and Visualizations of Analysis) Laura A. Campbell Advisor: Dr. Betty H.C. Cheng Software Engineering.

M INERVA (Metamodel-based Intuitive Editors with Reports and Visualizations of Analysis) Laura A. Campbell Advisor: Dr. Betty H.C. Cheng Software Engineering.
Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.

Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.
CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ 85287 Dr. Yann-Hang Lee

CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ Dr. Yann-Hang Lee
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
The Spin Model Checker Promela Introduction 50374 Nguyen Tuan Duc 50378 Shogo Sawai.

The Spin Model Checker Promela Introduction Nguyen Tuan Duc Shogo Sawai.
1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.

1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.

Similar presentations

Ads by Google