Presentation is loading. Please wait.

Presentation is loading. Please wait.

Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop."— Presentation transcript:

1 Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop

2 -2- Formal Verification and Model Checking Traian Pop 2 of 20 11 Oct 2001 System Validation n System Validation Techniques o Simulation o Testing o Formal Verification o Model Checking

3 -3- Formal Verification and Model Checking Traian Pop 3 of 20 11 Oct 2001 Simulation n Based on executable model of the system n permits a quick and shallow evaluation of the design quality n not suitable for finding subtle errors

4 -4- Formal Verification and Model Checking Traian Pop 4 of 20 11 Oct 2001 Testing n based on the real implementation of the system not on a model n it is the only way of (partially) validating a design when: o the construction of a valid and reliable model of the system is difficult (due to complexity) o system parts cannot be formally modelled o the model is proprietary

5 -5- Formal Verification and Model Checking Traian Pop 5 of 20 11 Oct 2001 Formal Verification Formal Verification requires: n A model of the system n A specification method n A set of proof rules

6 -6- Formal Verification and Model Checking Traian Pop 6 of 20 11 Oct 2001 Formal Verification (cont’d) n Verification of sequential programs  pre- and post-conditions: {} S {} (Hoare’s triple) {} S {} is partially correct if any terminating computation S that starts in a state satisfying ,terminates in a state satisfying   {} S {} is totally correct if any computation S that starts in a state satisfying ,terminates and finishes in a state satisfying  

7 -7- Formal Verification and Model Checking Traian Pop 7 of 20 11 Oct 2001 Formal Verification (cont’d)

8 -8- Formal Verification and Model Checking Traian Pop 8 of 20 11 Oct 2001 Formal Verification (cont’d) n Formal verification of parallel systems introduces non-determinsm problems n Tools in formal verification o Proof assistants o Proof checkers o Theorem provers

9 -9- Formal Verification and Model Checking Traian Pop 9 of 20 11 Oct 2001 Model Checking n Automated technique n Verifies whether the required properties hold for a model

10 -10- Formal Verification and Model Checking Traian Pop 10 of 20 11 Oct 2001 Model Checking (cont’d) n Typical algorithm: exhaustive state-space search n Approaches (depending on requirement specificaton) o Heterogeneous (logic based) o Homogeneous (behavior based) n Bisimulation (A and B are bisimilar if A can simulate every step of B and vice-versa) n Two bisimilar models satisfy the same CTL formulas

11 -11- Formal Verification and Model Checking Traian Pop 11 of 20 11 Oct 2001 Computational Tree Logic (CTL) n Specification language for finite–state systems n Each formula describes properties of computation paths (which are infinite sequences of states) n Logical operators: NOT, AND n Operators for temporal relationships: X (next- state), G(global), U(until), F(future) n Path quantifiers: E, A

12 -12- Formal Verification and Model Checking Traian Pop 12 of 20 11 Oct 2001 Computational Tree Logic (cont’d) Descriptions n Xf holds for a path p iff it holds for succ(first(p)) n Gf =>f holds in all states of a computational path n Ff => f will hold sometime in the future n fUg holds for p if there exists a state s on p where g holds while f holds in all states preceding s n AXf holds in a state if f holds in all possible next states

13 -13- Formal Verification and Model Checking Traian Pop 13 of 20 11 Oct 2001 Binary Decision Diagrams (BDD) n Rooted, acyclic graphs representing boolean functions n Capture some of the regularities in the state- space n Total ordering on variables is needed n Support AND, OR, NOT and functional composition

14 -14- Formal Verification and Model Checking Traian Pop 14 of 20 11 Oct 2001 Model Checking with BDDs and CTL f V gBDD(f) V BDD(g) NOT fNOT BDD(f) BDD(EX, f, R)(v i )  v f [R(v i, v f )  BDD(f,R)(v f )] E[f U g] z = g V [f  EXz] EGf z = f  EXz

15 -15- Formal Verification and Model Checking Traian Pop 15 of 20 11 Oct 2001 Fairness n Fairness constraint = an arbitrary formula of the logic n A path is fair with respect to a set of fairness constraints if each constraint holds infinitely often along the path n CTL F – enhanced for dealing with fair paths n Ex. o Fair = EG true o EX f  EX(f  Fair) o EG f with B  Z = f  EX(E[Z U (Z  B)])

16 -16- Formal Verification and Model Checking Traian Pop 16 of 20 11 Oct 2001 Model Checking for RTS n Extend both the state-transition graph and the logical formulas, with quantitative timing information o TCTL (Timed CTL) – expresses desired behavior o Timed graphs – express possible behavior

17 -17- Formal Verification and Model Checking Traian Pop 17 of 20 11 Oct 2001 Timed CTL n E f U ~c g n A f U ~c g n ~{, , , , } n E f U  c g – for some computational path p there is an initial prefix of time less than c such that g holds at the last state and f holds in all intermediate states n ! No X operator for time in real domain R, as there is no unique next-state/next-time

18 -18- Formal Verification and Model Checking Traian Pop 18 of 20 11 Oct 2001 Timed graphs n Model finite-state RT systems n Composed of o Finite set of nodes o Finite set of clocks

19 -19- Formal Verification and Model Checking Traian Pop 19 of 20 11 Oct 2001 Model Checking for RTS (cont’d) n The problem consists of deciding whether a finite- state RTS modelled as a timed graph meets its specification given as a TCTL-formula  System model: G = (S, , s 0, E, C, , )  TCTL-structure: M G = (S x (G), ’, f) For a TCTL-formula f, G satisfies f iff ( M G,,(s 0,  0 )) satisfies f, where  0 (x) = 0,  x  C

20 -20- Formal Verification and Model Checking Traian Pop 20 of 20 11 Oct 2001 Model Checking - Conclusions n Advantages o General approach o Supports partial verification o Relatively easy to use (as compared to theorem provers) o Can provide a significant increase in the level of confidence of a system n Disadvantages o Appropriate mainly to control intensive applications o Verifies the model, not the system o Only stated requirements are checked o State-space explosion problem -> complexity issues

Download ppt "Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
1 Verification of Parameterized Systems Reducing Model Checking of the Few to the One. E. Allen Emerson, Richard J. Trefler and Thomas Wahl Junaid Surve.

1 Verification of Parameterized Systems Reducing Model Checking of the Few to the One. E. Allen Emerson, Richard J. Trefler and Thomas Wahl Junaid Surve.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
François Fages MPRI Bio-info 2006 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraints Group, INRIA.

François Fages MPRI Bio-info 2006 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraints Group, INRIA.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.

Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Similar presentations

Ads by Google