executable formal models in rewriting logic
play

Executable Formal Models in Rewriting Logic Carolyn Talcott RTA - PowerPoint PPT Presentation

Apr 06, 2024 •152 likes •669 views

Executable Formal Models in Rewriting Logic Carolyn Talcott RTA 2015 1 Formal Executable Models For design, prototyping, analysis. To clarify ideas, squash insidious bugs early on many bugs / flaws can be found by just formalizing

  1. Executable Formal Models in Rewriting Logic Carolyn Talcott RTA 2015 1

  2. Formal Executable Models • For design, prototyping, analysis. • To clarify ideas, squash insidious bugs early on • many bugs / flaws can be found by just formalizing • To build models to test initial ideas • watch it run, poke it, find unexpected order of execution • check simple properties by search, symbolic search, model checking 2

  3. Plan • About formal systems and Rewriting Logic • Maude’s formal tools and environments • Sample formal models • in brief • in detail • Wrapup 3

  4. Formal Modeling 4

  5. Modeling 101 • What questions do you want the model answer? • What can you observe/measure? • What questions do you really want the model answer? • What does that mean? • Explain it to a computer! • Need a formal representation system 5

  6. Formal Modeling Methodology data Curator/model builder � model asking questions Impact S |= Φ model checking state space rapid search prototyping 6

  7. A formal model needs a formal system • Language: to describe things and properties • Semantics: thing satisfies property • Reasoning principles: proving/disproving properties of things • Reflection: to model and reason about models and reasoning • Executable formal models (model train, airplane, ...) • System state: collections of entities • State transition rules • Execution: application of rules • Properties of states (P ,Q) and executions • ( ϕ : P until Q, eventually P) • Watch it run, poke it, analyze it 7

  8. Symbolic analysis -- answering questions • Forward collection -- upper bound on possible states • Backward collection -- initial states leading to states of interest • Search -- for (symbolic) state of interest • Model checking -- do all executions satisfy ϕ , find counter example • Constraint solving -- steady state analysis 8

  9. About RWL and Maude � A formal representation system and execution environment 9

  10. Rewriting Logic & Maude • Rewriting logic is a simple logic designed to model concurrent and distributed systems, • System states described by equational theories, behavior described by local rules • Maude is modeling environment based on rewriting logic, featuring • high speed rewriting modulo axioms • built in search, model-checking, unification • reflection • variant generation and variant narrowing • rewriting modulo constraints 10

  11. What is Rewriting Logic? • A logic for executable specification and analysis of systems, that may be concurrent, distributed, or even mobile. • A logic to specify other logics or languages • An extension of equational logic with local rewrite rules to express: concurrent change over time / inference rules: Dual use of rewrite rules • A rewrite theory plus a term describes a state transition system • states can have rich algebraic structure • transitions are local and possibly concurrent • The equational part of a rewrite theory is similar to a term rewriting system (modulo ACI axioms), BUT • It is usually desirable for equations to be CR and terminating • Rewrite rules are often non-deterministic and non-terminating 11

  12. Example: A Vending Machine 12

  13. Model of a Vending Machine mod VENDING-MACHINE is � $ sorts Coin Item Place Marking . � subsorts Coin Item < Place < Marking . � op null : -> Marking . � *** empty marking � ops $ q : -> Coin . � Buy-c Buy-a change ops a c : -> Item . � op _ _ : Marking Marking -> Marking � 4 [assoc comm id: null] . � q *** multiset � c a rl[buy-c]: $ => c . � rl[buy-a]: $ => a q . � rl[change]: q q q q => $ . � endm 13

  14. Using the vending machine model: execution and search • What is one way to use 3 $s? • Maude> rew $ $ $ . • result: Marking: a q c c • How can I get 2 apples with 3 $s? • Maude> search $ $ $ =>! a a M:Marking • Solution 1 (state 8): M:Marking --> q q c • Solution 2 (state 9): M:Marking --> q q q a 14

  15. Using the vending machine model: model checking Starting with 5 $s, can we get 6 apples without accumulating more than 4 quarters? � Model check the assertion that we can't. � Maude> red modelCheck(vm($ $ $ $ $),[]~(lte4Q U nApples(6))) . result ModelCheckResult: counterexample( {vm($ $ $ $ $),'buy-a} {vm($ $ $ $ q a),'buy-a} {vm($ $ $ q q a a),'buy-a} {vm($ $ q q q a a a),'buy-a} {vm($ q q q q a a a a),'change} {vm($ $ a a a a),'buy-a} {vm($ q a a a a a), 'buy-a}, {vm(q q a a a a a a),deadlock}) 15

  16. Rewriting Logic is Reflective! • A reflective logic is a logic in which important aspects of its metatheory (entailment relation, theories, proofs) can be represented at the object level in a consistent way. • This has many applications: • Transforming, combining rewrite theories • Execution / proof strategies • Meta tools: theorem provers, coherence checkers ... • Language extensions: object-oriented, real-time, ... • Higher-order capabilities in a first-order framework • Model of reflection for concurrent objects • Domain specific assistants 16

  17. Reflection example: A simple strategy interpreter Simple strategy: a list of rule (ids) to apply, in order. � fmod METAREWRITE-LIST is inc MY-META . var M : Module . vars T T’: Term . var res : Result4Tuple? . var rid : Qid . var ql : QidList . � op metaRewList : Module QidList Term -> Term . eq metaRewList(M,nil,T) = T . ceq metaRewList(M,rid ql,T) = metaRewList(M,ql,T') if res := metaXapply(M,T,rid,none,0,unbounded,0) /\ T' := if res :: Result4Tuple then getTerm(res) else T fi . endfm 17

  18. Reflection: Using the simple strategy interpreter Maude> red metaRewList(['VENDING-MACHINE], 'change 'buy-a, '__['q.Coin,'q.Coin,'q.Coin,'q.Coin]) . � result GroundTerm: '__['q.Coin,'a.Item] � � Maude> red metaRewList(['VENDING-MACHINE], 'buy-a 'change, '__['q.Coin,'q.Coin,'q.Coin,'q.Coin]) . � result Constant: '$.Coin � 18

  19. A sampling of formal environments and tools 19

  20. The Maude Formal Environment (MFE) • Integrates tools for reasoning aboutMaude specifications: � • Maude Termination Tool (MTT), � • Church-Rosser Checker (CRC), � • Coherence Checker (ChC), � • Sufficient Completeness Checker (SCC), � • Maude's Inductive Theorem Prover (ITP). � • http://maude.lcc.uma.es/MFE/ 20

  21. Real time Maude • A language and tool for formal specification and analysis of real-time and hybrid systems. • Implemented in (full) Maude • timed rewriting and search • time-bounded and unbounded LTL and timed CTL (TCTL) model checking. • Time sampling strategies for execution and analysis proved sound for a large class of specifications. • Ptolemy II: graphical modeling/simulation tool for embedded systems • RT Maude is a fully integrated plugin • Synchronous AADL (industry standard for embedded systems modeling) • Eclipse plug-in for OSATE AADL modeling environment • http://heim.ifi.uio.no/peterol/RealTimeMaude/ 21

  22. The K framework • A framework for formal language definition (syntax and semantics) and automatic generation of language specific tools • Parser, Interpreter, Compiler Deduc&ve( TestDcase( program( genera&on ( Parser ( verifier ( • Semantic debugger Interpreter ( Formal(Language(Defini&on(( Model( (Syntax(and(Seman&cs)( • Test-case generation checker ( Compiler ( • Symbolic Execution Symbolic( (seman&c)( execu&on ( Debugger ( • Model checker • Deductive program verifier • Application to C, Java, JavaScript, Python, .... • http://www.kframework.org/ 22

  23. Maude NPA • A tool for reasoning about cryptographic protocols • If Bob finished did Alice also finish? • Did Eve learn the secret? • User definable (in Maude) • crypto algebra • honest player moves (strands) • attacker model, attack patterns • Backwards narrowing from attack allows unbounded sessions • Search pruning techniques for managing state space. • http://maude.cs.uiuc.edu/tools/Maude-NPA/ 23

  24. Application sampling 24

  25. Uncovering security flaws in GUI logic • Formalization of GUI logic and user interaction invariants • abstract document trees • abstract interaction sequences • Based on in depth study of browser code • Systematic exploration lead to identifying • 9 status bar spoofing patterns • 4 address bar spoofing patterns • All confirmed by IE developers (and fixed) 25

  26. Analysis of active network protocols Active Error Recovery / Nominee based Congestion Avoidance (AER/NCA) a suite of protocols to achieve adaptive reliable multicast � Key AER/NCA components • (RS) Repair Service: ensure that each packet is eventually received by each receiver in the multicast group. • (RC) Rate Control: adjust packet sending rate, according to loss rate • (NOM) NOMinee receiver: tries to find the worst receiver, based on the loss rates and the distance to the sender. Modeling challenges: • Time-sensitive behavior, timers, ordering sender repair server • Delay and delay estimation • Resource-sensitive behavior, resource contention lossy • Capacity, latency, congestion/cross-traffic, buffering link • Analyze • correctness and performance as critical metrics receivers ! • component-wise and aggregate behavior 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An Executable Rewriting Logic Semantics for Concurrent Haskell Patrick Bahr

An Executable Rewriting Logic Semantics for Concurrent Haskell Patrick Bahr

Introduction Rewriting Logic Semantics of Haskell Conclusion An Executable Rewriting Logic Semantics for Concurrent Haskell Patrick Bahr s0404888@inf.tu-dresden.de Technische Universitt Dresden January 11, 2008 Patrick Bahr An Executable

1.01k views • 75 slides
On Formal Analysis of OO Languages using Rewriting Logic: Designing for Performance Mark Hills

On Formal Analysis of OO Languages using Rewriting Logic: Designing for Performance Mark Hills

Outline Rewriting Logic Semantics and KOOL Analysis in KOOL with Rewriting Logic Improving Performance Conclusion On Formal Analysis of OO Languages using Rewriting Logic: Designing for Performance Mark Hills and Grigore Ro su { mhills,

969 views • 58 slides
Rewriting Logic and Maude I: An Approach to Formal Modeling and Analysis Carolyn Talcott SRI

Rewriting Logic and Maude I: An Approach to Formal Modeling and Analysis Carolyn Talcott SRI

Rewriting Logic and Maude I: An Approach to Formal Modeling and Analysis Carolyn Talcott SRI International Ancona, April 2007 Plan About rewriting logic Maude features Using Maude Specifying data types Specifying

907 views • 58 slides
THEY DIDNT KNOW THEY WERE DOING MATHEMATICS INTRODUCING FORMAL METHODS USING REWRITING

THEY DIDNT KNOW THEY WERE DOING MATHEMATICS INTRODUCING FORMAL METHODS USING REWRITING

THEY DIDNT KNOW THEY WERE DOING MATHEMATICS INTRODUCING FORMAL METHODS USING REWRITING LOGIC Peter Olveczky University of Oslo FMfun19, December 3, 2019 OUTLINE How to introduce formal methods to undergraduates? Fun!

1.95k views • 171 slides
CPSC 121: Models of Computation Module 6: Rewriting predicate logic statements Module 6:

CPSC 121: Models of Computation Module 6: Rewriting predicate logic statements Module 6:

CPSC 121: Models of Computation Module 6: Rewriting predicate logic statements Module 6: Rewriting predicate logic statements Pre-class quiz #7 is due Wednesday October 24 th at 19:00. Assigned reading for the quiz: Epp, 4 th edition: 4.1, 4.6,

509 views • 30 slides
The Rewriting Logic Semantics Project and its Maude Implementation Jos e Meseguer University

The Rewriting Logic Semantics Project and its Maude Implementation Jos e Meseguer University

The Rewriting Logic Semantics Project and its Maude Implementation Jos e Meseguer University of Illinois at Urbana-Champaign Summer School on Language Frameworks, Sinaia, July 2012 Meseguer Rewriting Logic Semantics The Rewriting Logic

401 views • 29 slides
Validation of Critical Systems Christiano Braga Instituto de Computao with Rewriting Logic

Validation of Critical Systems Christiano Braga Instituto de Computao with Rewriting Logic

2nd School of Theoretical Computer Science and Formal Methods Validation of Critical Systems Christiano Braga Instituto de Computao with Rewriting Logic in Maude Universidade Federal Fluminense s 0 n 1 n 2 start s 1 s 5 t 1 n 2 n 1 t 2 s 2

1.07k views • 72 slides
Term rewriting Equational logic Term rewriting systems Termination Confluence

Term rewriting Equational logic Term rewriting systems Termination Confluence

Term rewriting Equational logic Term rewriting systems Termination Confluence Rapid prototyping Summary and Exercises Equational logic Reflexivity t = t t 1 = t 2 Symmetry t 2 = t 1 t 1 = t 2 t 2 = t 3 Transitivity t 1 =

769 views • 52 slides
A Rewriting Logic Approach to Static Checking of Units of Measurement in C Mark Hills, Feng Chen,

A Rewriting Logic Approach to Static Checking of Units of Measurement in C Mark Hills, Feng Chen,

Outline Motivation CPF Unit Safety Related Work Conclusion A Rewriting Logic Approach to Static Checking of Units of Measurement in C Mark Hills, Feng Chen, and Grigore Ro su { mhills, fengchen, grosu } @cs.uiuc.edu Formal Systems

851 views • 39 slides
Formal Virtualization Reqs. Def: Machine State: S = &lt;E, M, P, R&gt; E executable

Formal Virtualization Reqs. Def: Machine State: S = &lt;E, M, P, R&gt; E executable

CPSC 410/611 : Operating Systems Formal Virtualization Reqs. Def: Machine State: S = &lt;E, M, P, R&gt; E executable storage M processor mode P program counter R relocation-bounds register Def:

361 views • 3 slides
Executable Categorical Gershom Bazerman / S&amp;P Global Market Models of Type Theory

Executable Categorical Gershom Bazerman / S&amp;P Global Market Models of Type Theory

NJPLS, Sept 2016 Executable Categorical Gershom Bazerman / S&amp;P Global Market Models of Type Theory Intelligence The Starting Point Curry-Howard : Type Theoretic/Computational Semantics of Logic Lawvere-Lambek : Categorical

323 views • 29 slides
Formal, Executable Semantics of Web Languages: JavaScript and PHP Sergio Ma ff eis Imperial

Formal, Executable Semantics of Web Languages: JavaScript and PHP Sergio Ma ff eis Imperial

Formal, Executable Semantics of Web Languages: JavaScript and PHP Sergio Ma ff eis Imperial College London In collaboration with: J. Mitchell (Stanford), A. Taly (Google), K. Bhargavan, M. Bodin, A. Charugeraud, A. Delignat-Lavaud, A. Schmitt

784 views • 26 slides
A Tool for Automated Inference of Executable Rule- Based Biological Models Chelsea Voss, Jean

A Tool for Automated Inference of Executable Rule- Based Biological Models Chelsea Voss, Jean

A Tool for Automated Inference of Executable Rule- Based Biological Models Chelsea Voss, Jean Yang, Walter Fontana Static Analysis in Systems Biology, 2017 The need for biological models executable models for in silico experimentation

969 views • 72 slides
Formal, Executable and Reusable Components for Syntax Specification L. Thomas van Binsbergen

Formal, Executable and Reusable Components for Syntax Specification L. Thomas van Binsbergen

Formal, Executable and Reusable Components for Syntax Specification L. Thomas van Binsbergen ltvanbinsbergen@acm.org http://hackage.haskell.org/package/gll Royal Holloway, University of London 25 May, 2018 Observation 1 Semantically different

442 views • 29 slides
There exists today a very elaborate system of formal logic, and specifically, of logic as

There exists today a very elaborate system of formal logic, and specifically, of logic as

There exists today a very elaborate system of formal logic, and specifically, of logic as applied to mathematics. This is a discipline with many good sides, but also with certain serious weaknesses. . . . Everybody who has worked in formal

567 views • 46 slides
From Mathematics to Abstract Machine A formal derivation of an executable Krivine machine Wouter

From Mathematics to Abstract Machine A formal derivation of an executable Krivine machine Wouter

From Mathematics to Abstract Machine A formal derivation of an executable Krivine machine Wouter Swierstra Radboud University Nijmegen w.swierstra@cs.ru.nl This paper presents the derivation of an executable Krivine abstract machine from a

563 views • 15 slides
Disclosures PROBLEMS of THE NEONATAL PERIOD I have nothing to disclose (financially)

Disclosures PROBLEMS of THE NEONATAL PERIOD I have nothing to disclose (financially)

3/27/2013 Disclosures PROBLEMS of THE NEONATAL PERIOD I have nothing to disclose (financially) Susan Fisher-Owens, MD, MPH except appreciation to Colin Partridge, MD, MPH Associate Clinical Professor of Clinical Pediatrics for

330 views • 18 slides
Outline Motivation Answer Set Programming is a well-known declarative problem solving approach.

Outline Motivation Answer Set Programming is a well-known declarative problem solving approach.

Motivation Motivation Outline Motivation Answer Set Programming is a well-known declarative problem solving approach. Answer Set Programs with Queries over Subprograms 1 Motivation Christoph Redl The Saturation Technique and its

259 views • 10 slides
Relational Normalization Theory Chapter 6 1 Limitations of E-R Designs Provides a set of

Relational Normalization Theory Chapter 6 1 Limitations of E-R Designs Provides a set of

Relational Normalization Theory Chapter 6 1 Limitations of E-R Designs Provides a set of guidelines, does not result in a unique database schema Does not provide a way of evaluating alternative schemas Normalization theory

610 views • 33 slides
A Hybrid Approach to Linked Data Q er Pro essin Query Processing with ith Time Constraints e Co

A Hybrid Approach to Linked Data Q er Pro essin Query Processing with ith Time Constraints e Co

A Hybrid Approach to Linked Data Q er Pro essin Query Processing with ith Time Constraints e Co st a ts Steven Lynden , Isao Kojima, Akiyoshi Matono, Akihito y , j , y , Nakamura, Makoto Yui N National Institute of Advanced Industrial

489 views • 14 slides
Large Scale Knowledge Representation of Large Scale Knowledge Representation of Distributed

Large Scale Knowledge Representation of Large Scale Knowledge Representation of Distributed

Large Scale Knowledge Representation of Large Scale Knowledge Representation of Distributed Biomedical Information Distributed Biomedical Information Volker St mpflen mpflen Volker St Thorsten Barnickel Thorsten Barnickel Karamfilka

575 views • 28 slides
Regulatory circuits in discrete dynamics Elisabeth Remy (IML) Ecole thmatique Modlisation

Regulatory circuits in discrete dynamics Elisabeth Remy (IML) Ecole thmatique Modlisation

Regulatory circuits in discrete dynamics Elisabeth Remy (IML) Ecole thmatique Modlisation formelle de rseaux de rgulation biologique June 28, 2013 Modelling of biological networks Why? To gain better understanding To predict the

1.62k views • 145 slides
Equipe Mabios Math ematiques et Algorithmiques pour la Biologie des syst` emes Institut

Equipe Mabios Math ematiques et Algorithmiques pour la Biologie des syst` emes Institut

Equipe Mabios Math ematiques et Algorithmiques pour la Biologie des syst` emes Institut de Math ematiques de Marseille November 23, 2017 Math ematiques et Algorithmique pour la Biologie des Syst` emes (MABIOS) Team members Ana

846 views • 39 slides
Integrating Spirituality in Interdisciplinary Team Practice: Lessons from Palliative Care

Integrating Spirituality in Interdisciplinary Team Practice: Lessons from Palliative Care

10/22/2019 Integrating Spirituality in Interdisciplinary Team Practice: Lessons from Palliative Care National Association of Catholic Chaplains October 31, 2019 1 Inviting the Soul to Speak Presenters Woodruff English, MD Clinical lead,

305 views • 15 slides

More recommend