lecture 4 formal specifications ltl ctl
play

Lecture 4. Formal specifications: LTL, CTL ELEC-E8110 Automation - PowerPoint PPT Presentation

Aug 22, 2023 •181 likes •1.14k views

Lecture 4. Formal specifications: LTL, CTL ELEC-E8110 Automation Systems Synthesis and Analysis Igor Buzhinsky igor.buzhinskii@aalto.fi 2018 Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 1 / 37 State (reachability) graph of

  1. Lecture 4. Formal specifications: LTL, CTL ELEC-E8110 Automation Systems Synthesis and Analysis Igor Buzhinsky igor.buzhinskii@aalto.fi 2018 Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 1 / 37

  2. State (reachability) graph of a system Nodes: all reachable states of the system If the system is modular, then the state of the system consists of the state of all its modules Directed edges: one-step evolutions of the state Multiple outgoing edges are possible from each state, i.e. nondeterminism is common Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 2 / 37

  3. State graph: example NCES module (actually, a Petri net) Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 3 / 37

  4. State graph: example NCES module (actually, a Petri net) State graph, state = p 1 p 2 p 3 Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 3 / 37

  5. Kripke structures Formalization of a state graph Let AP be the a finite set of so-called atomic propositions Then M = ( S , I , T , L ) is a Kripke structure , where: S is a finite set of states I ⊂ S is a set of initial states T ⊂ S × S is a transition relation L : S → 2 AP is a labeling function No deadlock assumption: ∀ s ∈ S ∃ s ′ ∈ S : ( s , s ′ ) ∈ T Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 4 / 37

  6. State graph interpreted as a Kripke structure Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  7. State graph interpreted as a Kripke structure AP = Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  8. State graph interpreted as a Kripke structure AP = { “ p i = j ” | i = 1 .. 3 , j = 0 .. 2 } S : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  9. State graph interpreted as a Kripke structure AP = { “ p i = j ” | i = 1 .. 3 , j = 0 .. 2 } S : nodes of this graph I ⊂ S = Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  10. State graph interpreted as a Kripke structure AP = { “ p i = j ” | i = 1 .. 3 , j = 0 .. 2 } S : nodes of this graph I ⊂ S = { 101 } Note: in UPPAAL and NCES models there is always one initial state! T ⊂ S × S : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  11. State graph interpreted as a Kripke structure AP = { “ p i = j ” | i = 1 .. 3 , j = 0 .. 2 } S : nodes of this graph I ⊂ S = { 101 } Note: in UPPAAL and NCES models there is always one initial state! T ⊂ S × S : edges of the graph, e.g. (002 , 011), (011 , 002), ... L : S → 2 AP : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  12. State graph interpreted as a Kripke structure AP = { “ p i = j ” | i = 1 .. 3 , j = 0 .. 2 } S : nodes of this graph I ⊂ S = { 101 } Note: in UPPAAL and NCES models there is always one initial state! T ⊂ S × S : edges of the graph, e.g. (002 , 011), (011 , 002), ... L : S → 2 AP : token assignments (markings) in each state, e.g. L (020) = { “ p 0 = 0” , “ p 1 = 2” , “ p 3 = 0” } Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  13. State graph interpreted as a Kripke structure AP = { “ p i = j ” | i = 1 .. 3 , j = 0 .. 2 } S : nodes of this graph I ⊂ S = { 101 } Note: in UPPAAL and NCES models there is always one initial state! T ⊂ S × S : edges of the graph, e.g. (002 , 011), (011 , 002), ... L : S → 2 AP : token assignments (markings) in each state, e.g. L (020) = { “ p 0 = 0” , “ p 1 = 2” , “ p 3 = 0” } Specifications can be interpreted as predicates over Kripke structures Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 5 / 37

  14. Kripke structures / state graphs for UPPAAL models? Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 6 / 37

  15. Kripke structures / state graphs for UPPAAL models? AP: whether a state machine is in a certain state, whether a variable has a certain value S : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 6 / 37

  16. Kripke structures / state graphs for UPPAAL models? AP: whether a state machine is in a certain state, whether a variable has a certain value S : ( s 1 , ..., s k , v 1 , ..., v m ) ∈ S if it is a reachable combination of states and variable values I ⊂ S : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 6 / 37

  17. Kripke structures / state graphs for UPPAAL models? AP: whether a state machine is in a certain state, whether a variable has a certain value S : ( s 1 , ..., s k , v 1 , ..., v m ) ∈ S if it is a reachable combination of states and variable values I ⊂ S : single initial state ( s 01 , ..., s 0 k , v 01 , ..., v 0 m ) composed of initial individual states and variable values T ⊂ S × S : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 6 / 37

  18. Kripke structures / state graphs for UPPAAL models? AP: whether a state machine is in a certain state, whether a variable has a certain value S : ( s 1 , ..., s k , v 1 , ..., v m ) ∈ S if it is a reachable combination of states and variable values I ⊂ S : single initial state ( s 01 , ..., s 0 k , v 01 , ..., v 0 m ) composed of initial individual states and variable values T ⊂ S × S : valid state transitions L : S → 2 AP : Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 6 / 37

  19. Kripke structures / state graphs for UPPAAL models? AP: whether a state machine is in a certain state, whether a variable has a certain value S : ( s 1 , ..., s k , v 1 , ..., v m ) ∈ S if it is a reachable combination of states and variable values I ⊂ S : single initial state ( s 01 , ..., s 0 k , v 01 , ..., v 0 m ) composed of initial individual states and variable values T ⊂ S × S : valid state transitions L : S → 2 AP : individual states and variable values Note: we ignore timed capabilities of UPPAAL by now Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 6 / 37

  20. System behaviors are paths in Kripke structures Infinite paths are common in formal verification. This is the reason why deadlocks are undesirable Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 7 / 37

  21. System behaviors are paths in Kripke structures Infinite paths are common in formal What happens in terms of the verification. This is the reason why original system? deadlocks are undesirable Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 7 / 37

  22. Single behavior view Assume that now we have only two atomic propositions: p and q All possible behaviors are infinite sequences over 2 { p , q } Example: { p , q } , { p } , {} , cycle( { q } , { p , q } ) Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 8 / 37

  23. Single behavior view Assume that now we have only two atomic propositions: p and q All possible behaviors are infinite sequences over 2 { p , q } Example: { p , q } , { p } , {} , cycle( { q } , { p , q } ) Boolean logic is able to characterize single elements of such sequences Can we somehow introduce predicates over infinite sequences of atomic propositions? For example, to formulate a specification: each p is followed by ¬ p on the next step (which is false for the example) Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 8 / 37

  24. Linear temporal logic (LTL) Formal language which extends the usual propositional Boolean logic Variables: atomic propositions, e.g. p and q Usual Boolean operators are allowed, e.g. p → q (i.e. ¬ p ∨ q ) is an LTL formula, but it refers to the first element of an infinite sequence Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 9 / 37

  25. Linear temporal logic (LTL) Formal language which extends the usual propositional Boolean logic Variables: atomic propositions, e.g. p and q Usual Boolean operators are allowed, e.g. p → q (i.e. ¬ p ∨ q ) is an LTL formula, but it refers to the first element of an infinite sequence Temporal operators Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 9 / 37

  26. Linear temporal logic (LTL) Formal language which extends the usual propositional Boolean logic Variables: atomic propositions, e.g. p and q Usual Boolean operators are allowed, e.g. p → q (i.e. ¬ p ∨ q ) is an LTL formula, but it refers to the first element of an infinite sequence Temporal operators G : g lobally (always), e.g. G ( p → q ) means “in each element of the sequence, p → q holds” Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 9 / 37

  27. Linear temporal logic (LTL) Formal language which extends the usual propositional Boolean logic Variables: atomic propositions, e.g. p and q Usual Boolean operators are allowed, e.g. p → q (i.e. ¬ p ∨ q ) is an LTL formula, but it refers to the first element of an infinite sequence Temporal operators G : g lobally (always), e.g. G ( p → q ) means “in each element of the sequence, p → q holds” F : in the f uture, e.g. F ( p → q ) means “for some element of the sequence, p → q holds” Igor Buzhinsky Lecture 4. Formal specifications: LTL, CTL 2018 9 / 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Types of Formal Specifications for Assertions Concurrent and Reactive Systems Assertions

Types of Formal Specifications for Assertions Concurrent and Reactive Systems Assertions

Outline Formal specifications CISC422/853: Formal Methods Types of formal specifications: in Software Engineering: assertions invariants Computer-Aided Verification safety and liveness properties How to express safety

226 views • 22 slides
15-150 Fall 2020 Stephen Brookes Lecture 3 Patterns and specifications Patterns and

15-150 Fall 2020 Stephen Brookes Lecture 3 Patterns and specifications Patterns and

15-150 Fall 2020 Stephen Brookes Lecture 3 Patterns and specifications Patterns and specifications Patterns and specifications Advice After class, study slides and lecture notes. Start homework early, plan to finish on time.

1.34k views • 98 slides
Specifications and formal program development in-the-large What are specifications for? For

Specifications and formal program development in-the-large What are specifications for? For

Specifications and formal program development in-the-large What are specifications for? For the system user: specification captures the properties of the system the user can rely on. For the system developer: specification captures all the

297 views • 26 slides
Formal and Incremental Verification of SysML Specifications for the Design of Component-Based

Formal and Incremental Verification of SysML Specifications for the Design of Component-Based

Formal and Incremental Verification of SysML Specifications for the Design of Component-Based Systems Oscar Carrillo Dpartement dInformatique des Systmes Complexes (DISC), Femto-ST UMR 6174 CNRS Encadrement : Hassan Mountassir et Samir

972 views • 65 slides
On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive

On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive

On the Horizontal Dimension of Software Architecture in Formal Specifications of Reactive Systems Mika Katara, Reino Kurki-Suonio and Tommi Mikkonen Institute of Software Systems Tampere University of Technology Finland Outline 1.

1.03k views • 21 slides
Marktoberdorf NATO Summer School 2016, Lecture 1 Assurance and Formal Methods John Rushby

Marktoberdorf NATO Summer School 2016, Lecture 1 Assurance and Formal Methods John Rushby

Marktoberdorf NATO Summer School 2016, Lecture 1 Assurance and Formal Methods John Rushby Computer Science Laboratory SRI International Menlo Park, CA Marktoberdorf 2016, Lecture 1 John Rushby, SRI 1 Requirements, Assumptions, Specifications

425 views • 24 slides
Lessons learned Techniques Limitations of formal specifications Cost of technical staff

Lessons learned Techniques Limitations of formal specifications Cost of technical staff

CRIM Lessons learned Techniques Limitations of formal specifications Cost of technical staff training Ease of communication between different system stakeholders by using object- oriented modeling techniques and OMT as notational

302 views • 9 slides
Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien Signoles 2 1 TrustInSoft 2 CEA LIST, Software Reliability and Security Laboratory LOPSTR 2017, Namur, Belgium 1 Code Analysis Tools Effective enough

575 views • 35 slides
Lecture Outline 1. The lecturer 2. Introduction to Formal Methods DD2452 Formal Methods 3.

Lecture Outline 1. The lecturer 2. Introduction to Formal Methods DD2452 Formal Methods 3.

Lecture Outline 1. The lecturer 2. Introduction to Formal Methods DD2452 Formal Methods 3. Course syllabus 4. Course objectives Introductory Lecture 5. Course organization 1. Lecturer 2. Formal Methods Name: Dilian Gurov Formal

56 views • 3 slides
Teaching Transition Systems and Formal Specifications with TLA + Philippe Qu Philippe Mauran

Teaching Transition Systems and Formal Specifications with TLA + Philippe Qu Philippe Mauran

Teaching Transition Systems and Formal Specifications with TLA + Philippe Qu Philippe Mauran einnec Xavier Thirioux Universit e de Toulouse, France Institut de Recherche en Informatique de Toulouse { mauran,queinnec,thirioux } @enseeiht.fr

606 views • 19 slides
Lecture 6: Specifications & Testing (Sections 4.9, 9.5) CS 1110 Introduction to Computing

Lecture 6: Specifications & Testing (Sections 4.9, 9.5) CS 1110 Introduction to Computing

http://www.cs.cornell.edu/courses/cs1110/2020sp Lecture 6: Specifications & Testing (Sections 4.9, 9.5) CS 1110 Introduction to Computing Using Python Orange text indicates updates made after lecture [E. Andersen, A. Bracy, D. Fan, D.

410 views • 38 slides
Comparative Study of Eight Formal Specifications of the Message Authenticator Algorithm Hubert

Comparative Study of Eight Formal Specifications of the Message Authenticator Algorithm Hubert

Comparative Study of Eight Formal Specifications of the Message Authenticator Algorithm Hubert Garavel Lina Marsso Inria Grenoble LIG Universit Grenoble Alpes http://convecs.inria.fr Outline The Message Authenticator Algorithm (MAA)

741 views • 39 slides
Specifications & Testing Announcements For This Lecture Last Call Assignment 1 Acad.

Specifications & Testing Announcements For This Lecture Last Call Assignment 1 Acad.

Lecture 6 Specifications & Testing Announcements For This Lecture Last Call Assignment 1 Acad. Integrity Quiz Posted on web page Take it by tomorrow Due Wed, Sep. 19 th Todays lab will help Also remember survey

600 views • 28 slides
Lecture Outline 1. Course summary 2. Beyond the course DD2452 Formal Methods 3. Exam

Lecture Outline 1. Course summary 2. Beyond the course DD2452 Formal Methods 3. Exam

Lecture Outline 1. Course summary 2. Beyond the course DD2452 Formal Methods 3. Exam preparation 4. Course evaluation Concluding Lecture 1. Course Summary Formal Verification Formal methods : Two possibilities : correctness by

498 views • 3 slides
PDDL PDDL Introduction Introduction WordPad WordPad PDDL PDDL

PDDL PDDL Introduction Introduction WordPad WordPad PDDL PDDL

FORMAL SPECIFICATIONS FORMAL SPECIFICATIONS USING USING PDDL PDDL Introduction Introduction WordPad WordPad PDDL PDDL Formal Specification INTRO Formal Specification INTRO We can describe a system using

542 views • 28 slides
Announcements Lecture 4 Specifications Leah Perlmutter / Summer 2018 Announcements

Announcements Lecture 4 Specifications Leah Perlmutter / Summer 2018 Announcements

CSE 331 Software Design and Implementation Announcements Lecture 4 Specifications Leah Perlmutter / Summer 2018 Announcements Weaker/Stronger Statements HW1 Due tonight Question from last lecture... Why is {sum = sum(1..n) }

646 views • 15 slides
Introduction to Model Checking Debdeep Mukhopadhyay IIT Madras How good can you fight bugs?

Introduction to Model Checking Debdeep Mukhopadhyay IIT Madras How good can you fight bugs?

Introduction to Model Checking Debdeep Mukhopadhyay IIT Madras How good can you fight bugs? Comprising of three parts Formal Verification techniques consist of three parts: 1. A framework for modeling systems some kind of

799 views • 53 slides
Generic Infinite Traces and Path-Based Coalgebraic Temporal Logics Corina C rstea School

Generic Infinite Traces and Path-Based Coalgebraic Temporal Logics Corina C rstea School

Generic Infinite Traces and Path-Based Coalgebraic Temporal Logics Corina C rstea School of Electronics and Computer Science University of Southampton Overview several known path-based temporal specification logics: CTL* on

457 views • 24 slides
Model Checking Finite State Finite State Model Checking Finite State Systems

Model Checking Finite State Finite State Model Checking Finite State Systems

Model Checking Finite State Finite State Model Checking Finite State Systems Informationsteknologi System Description A No! Debugging Information TOOL TOOL Yes, Requirement F Prototypes C T L Executable Code Test sequences Tools:

637 views • 34 slides
Methodology for Standard Cell Compliance and Detailed Placement for Triple Patterning Lithography

Methodology for Standard Cell Compliance and Detailed Placement for Triple Patterning Lithography

Methodology for Standard Cell Compliance and Detailed Placement for Triple Patterning Lithography Bei Yu Xiaoqing Xu Jhih-Rong Gao David Z. Pan Department of Electrical & Computer Engineering University of Texas at Austin, TX USA Nov.

275 views • 25 slides
Design Verification Model/Property Checking: Computation Tree Logic Virendra Singh Associate

Design Verification Model/Property Checking: Computation Tree Logic Virendra Singh Associate

Design Verification Model/Property Checking: Computation Tree Logic Virendra Singh Associate Professor C omputer A rchitecture and D ependable S ystems L ab Department of Electrical Engineering Indian Institute of Technology Bombay

317 views • 28 slides
Model Checking Lecture #14: Fairness [Baier & Katoen, Chapter 3.5, 5.1.6, 6.5] Joost-Pieter

Model Checking Lecture #14: Fairness [Baier & Katoen, Chapter 3.5, 5.1.6, 6.5] Joost-Pieter

Model Checking Lecture #14: Fairness [Baier & Katoen, Chapter 3.5, 5.1.6, 6.5] Joost-Pieter Katoen Software Modeling and Verification Group Model Checking Course, RWTH Aachen, WiSe 2019/2020 Joost-Pieter Katoen Lecture#14 1/62 Overview

2.33k views • 102 slides
Symbolic Logic Appendix E Computer Security: Art and Science, 2 nd Edition Version 1.1 Slide E-1

Symbolic Logic Appendix E Computer Security: Art and Science, 2 nd Edition Version 1.1 Slide E-1

Symbolic Logic Appendix E Computer Security: Art and Science, 2 nd Edition Version 1.1 Slide E-1 Outline Propositional logic Mathematical induction Predicate logic Temporal logic systems CTL Computer Security: Art and

466 views • 29 slides
Partial Order Reductions for Temporal, Epistemic, and Strategy Logics Everything you always

Partial Order Reductions for Temporal, Epistemic, and Strategy Logics Everything you always

Partial Order Reductions for Temporal, Epistemic, and Strategy Logics Everything you always wanted to know about POR .... but were afraid to ask for Wojciech Penczek Institute of Computer Sciences, PAS, Warsaw, Poland WG2.2 Meeting, Vienna,

649 views • 46 slides

More recommend