Model Checking Finite State Finite State Model Checking Finite - - PDF document

▶

Mar 11, 2024 295 likes •641 views

Model Checking Finite State Finite State Model Checking Finite State Systems Informationsteknologi System Description A No! Debugging Information TOOL TOOL Yes, Requirement F Prototypes C T L Executable Code Test sequences Tools:

SLIDE 1

Finite State Model Checking

SLIDE 2

Informationsteknologi

UC UCb

Finite State Model Checking

TOOL TOOL

System Description A Requirement F

Yes,

Prototypes Executable Code Test sequences

No!

Debugging Information

Tools: visualSTATE, SPI N,

Statemate, Verilog, Formalcheck,...

Finite State Systems

C T L

SLIDE 3

Informationsteknologi

UC UCb

From Programs to Net wor ks Net wor ks

P1 :: while True do T1 : wait(turn=1) C1 : turn:=0 endwhile || P2 :: while True do T2 : wait(turn=0) C2 : turn:=1 endwhile P1 :: while True do T1 : wait(turn=1) C1 : turn:=0 endwhile || P2 :: while True do T2 : wait(turn=0) C2 : turn:=1 endwhile Mutual Exclusion Program

SLIDE 4

Informationsteknologi

UC UCb

From Net wor k

Net wor k Models to

Kripke Structures

I 1 I 2 t= 0 T1 I 2 t= 0 T1 T2 t= 0 I 1 T2 t= 0 I 1 C2 t= 0 T1 C2 t= 0 C1 I 2 t= 1 T1 T2 t= 1 C1 T2 t= 1 T1 I 2 t= 1 I 1 T2 t= 1 I 1 I 2 t= 1

SLIDE 5

Informationsteknologi

UC UCb

CTL Models = Kripke Structures

SLIDE 6

Informationsteknologi

UC UCb

Com putation Tree Logic, CTL

Clarke & Em erson 1 9 8 0 Syntax

SLIDE 7

Informationsteknologi

UC UCb

Path

p p p

s s1 s2 s3...

The set of path starting in s

SLIDE 8

Informationsteknologi

UC UCb

Form al Sem antics

( )

SLIDE 9

Informationsteknologi

UC UCb

CTL, Derived Operators

. . . . . . . . . . . . p p p AF p . . . . . . . . . . . . p EF p

possible inevitable

SLIDE 10

Informationsteknologi

UC UCb

CTL, Derived Operators

p p p . . . . . . . . . . . . AG p p p p p p p . . . . . . . . . . . . EG p p

always potentially always

SLIDE 11

Informationsteknologi

UC UCb

Theorem

All operators are derivable from

EX f
EG f
E[ f U g ]

and boolean connectives All operators are derivable from

EX f
EG f
E[ f U g ]

and boolean connectives

[ ]

( )

[ ]

g g f g g f ¬ ¬ ∧ ¬ ∧ ¬ ¬ ¬ ≡ EG U E U A

SLIDE 12

Informationsteknologi

UC UCb

Exam ple

p p q p,q

EX p

1 2 3 4

SLIDE 13

Informationsteknologi

UC UCb

Exam ple

p p q p,q

AX p

1 2 3 4

SLIDE 14

Informationsteknologi

UC UCb

Properties of MUTEX exam ple ?

I 1 I 2 t= 0 T1 I 2 t= 0 T1 T2 t= 0 I 1 T2 t= 0 I 1 C2 t= 0 T1 C2 t= 0 C1 I 2 t= 1 T1 T2 t= 1 C1 T2 t= 1 T1 I 2 t= 1 I 1 T2 t= 1 I 1 I 2 t= 1

[ ] [ ] ( ) [ ] [ ]

C U C A C U C A C AG C EG AF(C T AG[ C (C AG

2 1 1 1 1 1 1 1 2 1

¬ ∧ ¬ ⇒ ¬ ⇒ ∧ ¬ )] )

HOW to DECI DE I N GENERAL

SLIDE 15

CTL Model Checking Algorithm s

SLIDE 16

Informationsteknologi

UC UCb

Fixpoint Characterizations

p p p EF EX EF ∨ ≡

r let A be the set of states satisfying

EF p then

A EX A ∨ ≡ p

in fact A is the smallest such set (the least fixpoint)

SLIDE 17

Informationsteknologi

UC UCb

Exam ple

p q p,q

EF q

A EX ∨ q

1 2 3 4

SLIDE 18

Informationsteknologi

UC UCb

Fixed points of m onotonic functions

Let τ be a function 2S → 2S Say τ is monotonic when Fixed point of τ is y such that If τ monotonic, then it has

− least fixed point μy. τ(y) − greatest fixed point νy. τ(y)

) ( ) ( implies y x y x τ τ ⊆ ⊆

y y = ) ( τ

SLIDE 19

Informationsteknologi

UC UCb

I teratively com puting fixed points

Suppose S is finite

− The least fixed point μy. τ(y) is the limit of − The greatest fixed point νy. τ(y) is the limit of

L ⊆ ⊆ ⊆ (false)) ( (false) false τ τ τ L ⊇ ⊇ ⊇ (true)) ( (true) true τ τ τ

Note, since S is finite, convergence is finite

SLIDE 20

Informationsteknologi

UC UCb

Exam ple: EF p

EF p is characterized by Thus, it is the limit of the increasing series...

) ( . y EX p y p EF ∨ = μ

p p ∨ EX p p ∨ EX(p ∨ EX p) . . .

SLIDE 21

Informationsteknologi

UC UCb

Exam ple: EG p

EG p is characterized by Thus, it is the limit of the decreasing series...

) ( . y EX p y p EG ∧ = ν

p ∧ EX p p p ∧ EX(p ∧ EX p) ...

SLIDE 22

Informationsteknologi

UC UCb

Exam ple, continued

p q p,q

EF q

p 1 2 3 4

} 3 , 2 , 1 { } 3 , 2 , 1 { } 3 , 2 {

3 2 1

= = = = A A A Ø A

) ( . y EX q y q EF ∨ = μ

SLIDE 23

Informationsteknologi

UC UCb

Rem aining operators

)) ( ( . ) ( )) ( ( . ) ( ) ( . ) ( . y AX p q y q U p A y EX p q y q U p E y AX p y p AG y AX p y p AF ∧ ∨ = ∧ ∨ = ∧ = ∨ = μ μ ν μ

SLIDE 24

Informationsteknologi

UC UCb

Properties of MUTEX exam ple ?

I 1 I 2 t= 0 T1 I 2 t= 0 T1 T2 t= 0 I 1 T2 t= 0 I 1 C2 t= 0 T1 C2 t= 0 C1 I 2 t= 1 T1 T2 t= 1 C1 T2 t= 1 T1 I 2 t= 1 I 1 T2 t= 1 I 1 I 2 t= 1

)] )]

1 1 1

AF(C AF(C T AG[ ⇒

SLIDE 25

Informationsteknologi

UC UCb

SLIDE 26

Informationsteknologi

UC UCb

SLIDE 27

Informationsteknologi

UC UCb )) ( } ' ) ' , '.( | ({ φ Sat Q s R s s s s ∩ ∈ ⇒ ∈ ∀

SLIDE 28

Informationsteknologi

UC UCb

p SCC SCC SCC

EG p

More Efficient Check

SLIDE 29

Informationsteknologi

UC UCb

Exam ple

p q p p,q

EG p

q p

SLIDE 30

Informationsteknologi

UC UCb

Exam ple

p p p,q

EG p

Reduced Model

SLIDE 31

Informationsteknologi

UC UCb

Exam ple

p p p

EG p

Non trivial Strongly Connected Component

SLIDE 32

Informationsteknologi

UC UCb

Properties of MUTEX exam ple ?

I 1 I 2 t= 0 T1 I 2 t= 0 T1 T2 t= 0 I 1 T2 t= 0 I 1 C2 t= 0 T1 C2 t= 0 C1 I 2 t= 1 T1 T2 t= 1 C1 T2 t= 1 T1 I 2 t= 1 I 1 T2 t= 1 I 1 I 2 t= 1

[ ]

C EG ¬

SLIDE 33

Informationsteknologi

UC UCb

Properties of MUTEX exam ple ?

I 1 I 2 t= 0 T1 I 2 t= 0 T1 T2 t= 0 I 1 T2 t= 0 I 1 C2 t= 0 T1 C2 t= 0 T1 T2 t= 1 T1 I 2 t= 1 I 1 T2 t= 1 I 1 I 2 t= 1

[ ]

C EG ¬

Reduced Model

which are the non-trivial SCC’s?

SLIDE 34

Informationsteknologi

UC UCb

Com plexity

However Ssys may be EXPONENTI AL in number of parallel components!

FI XPOI NT COMPUTATI ONS may be carried
ut using

ROBDD’s (Reduced Ordered Binary Decision Diagrams) Bryant, 86 However Ssys may be EXPONENTI AL in number of parallel components!

FI XPOI NT COMPUTATI ONS may be carried
ut using

ROBDD’s (Reduced Ordered Binary Decision Diagrams) Bryant, 86