new developments around the crl tool set
play

New Developments around the CRL Tool Set Stefan Blom, Jan Friso - PowerPoint PPT Presentation

Jan 13, 2023 •164 likes •454 views

New Developments around the CRL Tool Set Stefan Blom, Jan Friso Groote Izak van Langevelde, Bert Lisser Jaco van de Pol Centrum voor Wiskunde en Informatica Specification and Analysis of Embedded Systems Theme leader: Wan Fokkink

  1. New Developments around the µ CRL Tool Set Stefan Blom, Jan Friso Groote Izak van Langevelde, Bert Lisser Jaco van de Pol Centrum voor Wiskunde en Informatica Specification and Analysis of Embedded Systems Theme leader: Wan Fokkink Amsterdam, The Netherlands

  2. O V E R V I E W • Introduction • Symbolic verification – Linear processes, Static Analysis – Confluence – Symbolic Model Checking • Explicit state verification – Distributed implementation – On-the-fly via Open/Cæsar – Visualization • Some Applications Jaco van de Pol FMICS, June 2003 – 2

  3. µ CRL Tool Set well−formedness µ CRL type checking Linearization simulation Optimization invariants control flow analysis Linear process confluence symbolic model checking Generation Minimization visualization simulation LTS model checking equivalence checking Jaco van de Pol FMICS, June 2003 – 3

  4. µ CRL = process algebra + abstract data types µ CRL inherits from abstract data types: • sorts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Nat, List, Bool • function symbols . . . . . . . . . . . . . . . . . . . . .and: Bool × Bool → Bool • equations . . . . . . . . . . . . . . . . . . . . length(cons(x,l)) = succ(length(l)) µ CRL inherits from ACP style process algebra : • atomic actions with synchronization . . . . . . . read | write = comm • abstraction, encapsulation, renaming . . . . . . . . . . . . . . . . . . . . τ, δ, · · · • process operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , · , || • recursive process equations . . . . . . . . . . . . . . . . . . . X = a.c.X + b.X Jaco van de Pol FMICS, June 2003 – 4

  5. µ CRL = + integration · · · µ CRL provides connections between data and processes: atomic actions have data labels: . . . . . . . . send ( frame ( x , y )) conditions on data: . . . . finish ⊳ empty ( buffer ) ⊲ continue choice over data: . . . . . . . . . . . . . . . � x : Nat rd ( x ) .wr ( Suc ( x )) parameterized recursion: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . � X ( prev : Nat ) = read ( next ) .send ( prev ) .X ( next ) next : Nat Jaco van de Pol FMICS, June 2003 – 5

  6. Outline of our Verification Process System specification Compilation Optimization Intermediate symbolic format Facts Analysis Generation On the fly reduction Finite state space Jaco van de Pol FMICS, June 2003 – 6

  7. Optimizations Various optimizations are implemented • Compiler techniques (control + data flow analysis) – replace unchanged variables by constants – remove variables that are not used – reset variables when temporarily not used • Automated theorem prover based – invariant generation/checking – reachability analysis – Partial-order-like reduction based on ∗ Confluence detection (static) ∗ Confluence-based state space reduction (on-the-fly) Jaco van de Pol FMICS, June 2003 – 7

  8. Linear process format � X ( d : D ) = c 1 ( d, e 1 ) ⇒ a 1 ( d, e 1 ) .X ( g 1 ( d, e 1 )) e 1 : E + · · · � + c n ( d, e n ) ⇒ a n ( d, e n ) .X ( g n ( d, e n )) e n : E • d is a vector of state variables • e i is the vector of local variables for summand i • c i is the enabling condition for summand i • a i is the (visible/invisible) actions for summand i • g i is the next-state function for summand i a → X ( d ′ ) iff for some i , X ( d ) − ∃ e i . c i ( d, e i ) ∧ d ′ = g i ( d, e i ) ∧ a = a i ( d, e i ) Jaco van de Pol FMICS, June 2003 – 8

  9. Example: linearization of lossy channel � � � K ( a : Nat ) = 0 in ( a, d ) · 1 τ · 2 loss + τ · 3 out ( a, d ) · 0 K ( a ) d K (17) is linearized by introducing a program counter: � K ( a, x, pc ) = pc = 0 ⇒ in ( a, d ) · K ( a, d, 1) proc d + pc = 1 ⇒ τ · K ( a, x, 2) + pc = 1 ⇒ τ · K ( a, x, 3) + pc = 2 ⇒ loss · K ( a, x, 0) + pc = 3 ⇒ out ( a, x ) · K ( a, x, 0) K (17 , ⊥ , 0) init Parallel composition and hiding can be defined directly on linear processes. In practice, no problematic blow-up occurs. Jaco van de Pol FMICS, June 2003 – 9

  10. Example: linearization of lossy channel � � � K ( a : Nat ) = 0 in ( a, d ) · 1 τ · 2 loss + τ · 3 out ( a, d ) · 0 K ( a ) d K (17) is linearized by introducing a program counter: � K ( a, x, pc ) = pc = 0 ⇒ in ( a, d ) · K ( a, d, 1) proc d + pc = 1 ⇒ τ · K ( a, x, 2) + pc = 1 ⇒ τ · K ( a, x, 3) + pc = 2 ⇒ loss · K ( a, x, 0) + pc = 3 ⇒ out ( a, x ) · K ( a, x, 0) K (17 , ⊥ , 0) init Parallel composition and hiding are defined directly on linear processes. In practice, no problematic blow-up occurs. Jaco van de Pol FMICS, June 2003 – 10

  11. Example: linearization of lossy channel � � � K ( a : Nat ) = 0 in ( a, d ) · 1 τ · 2 loss + τ · 3 out ( a, d ) · 0 K ( a ) d The linear process can be optimized in various places: � K ( a, x, pc ) = pc = 0 ⇒ in ( a, d ) · K ( a, d, 1) proc d + pc = 1 ⇒ τ · K ( a, x, 2) + pc = 1 ⇒ τ · K ( a, x, 3) + pc = 2 ⇒ loss · K ( a, x, 0) + pc = 3 ⇒ out ( a, x ) · K ( a, x, 0) K (17 , ⊥ , 0) init Parallel composition and hiding can be defined directly on linear processes. In practice, no problematic blow-up occurs. Jaco van de Pol FMICS, June 2003 – 11

  12. Example: linearization of lossy channel � � � K ( a : Nat ) = 0 in ( a, d ) · 1 τ · 2 loss + τ · 3 out ( a, d ) · 0 K ( a ) d The optimized linear process will be: � K ( a,x, pc ) = pc = 0 ⇒ in (17 , d ) · K ( a,d, 1) proc d + pc = 1 ⇒ τ · K ( a, ⊥ , 2) + pc = 1 ⇒ τ · K ( a,x, 3) + pc = 2 ⇒ loss · K ( a, ⊥ , 0) + pc = 3 ⇒ out (17 , x ) · K ( a, ⊥ , 0) K (17 , ⊥ , 0) init Parallel composition and hiding can be defined directly on linear processes. In practice, no problematic blow-up occurs. Jaco van de Pol FMICS, June 2003 – 12

  13. Correctness of static analysis tools • most optimization tools yield state mappings on LPOs • state mappings on LPOs yield functional bisimulations on LTSs • invariants can be used to verify state mappings • state mappings preserve invariants (in two directions) • the Focus and Cones method provides matching criteria to prove that two linear processes are branching bisimilar • LPO meta-theory has been completely verified in PVS • mcrl2pvs : individual specifications can be translated to PVS automatically, and verified by interactive theorem proving Jaco van de Pol FMICS, June 2003 – 13

  14. State Space Reduction by Confluence An LTS can be reduced, by exploiting confluence properties. τ a strong commutation: τ a a τ b a τ c b τ state space reduction: � τ τ We will study subsets − − → ⊆ − − → . Jaco van de Pol FMICS, June 2003 – 14

  15. Confluence Notions � τ τ − − → ⊆ − − → is step/reduce confluent in an LTS iff: � τ SC a a � τ � τ RC a a � τ Note: SC ⇒ RC Jaco van de Pol FMICS, June 2003 – 15

  16. Reduction based on Confluence Information A representation map replaces each state by its representative, which must be unique in the final strongly connected components. � τ − → is a visible step, − → are − − → steps. Representation maps can be computed on-the-fly by an adaptation of Tarjan’s algorithm. � τ Theorem: if − − → is RC and φ is a representation map, then L ↔ b L φ . Jaco van de Pol FMICS, June 2003 – 16

  17. Confluence detection on LPO • Mark all τ -summands that commute with all other summands. • Invariants can be used to prove commutation. � τ • − − → := the transitions generated from marked τ -summands. � τ τ • Then − − → is an SC, and hence RC, subset of − − → , so it can be used for on-the-fly reduction. • Confluence marking is preserved by state mappings • All meta-theory on confluence has been verified in PVS. Jaco van de Pol FMICS, June 2003 – 17

  18. Confluence Formula Generation � c a ( d, e a ) ⇒ a ( d, e a ) .X ( g a ( d, e a )) e a � c τ ( d, e τ ) ⇒ τ.X ( g τ ( d, e τ )) e τ The commutation formula for this ( a, τ ) -pair is: ∀ d, e a , e τ . c a ( d, e a ) ∧ c τ ( d, e τ ) → c τ ( g a ( d, e a ) , e τ ) c a ( g τ ( d, e τ ) , e τ ) ∧ a ( d, e a ) = a ( g τ ( d, e τ ) , e a ) ∧ g a ( g τ ( d, e τ ) , e a ) = g τ ( g a ( d, e a ) , e τ ) ∧ Jaco van de Pol FMICS, June 2003 – 18

  19. Special-purpose theorem prover • The µ CRL toolset comes with a special-purpose automated theorem prover. • It handles q.f.f. Boolean formulas over an abstract data type. • It is based on EQ-BDDs, an extension of BDDs with equations and function symbols (Groote, vdP). • Other applications are: – inductive invariant checking – removal of “dead” summands – enhance static analysis tools – Future: check user provided state mappings Jaco van de Pol FMICS, June 2003 – 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CARTA (Cube Analysis and Rendering Tool for Astronomy) Developments, features, and demo Kuo-Song

CARTA (Cube Analysis and Rendering Tool for Astronomy) Developments, features, and demo Kuo-Song

CARTA (Cube Analysis and Rendering Tool for Astronomy) Developments, features, and demo Kuo-Song Wang on behalf of the CARTA team EA ALMA/45m/ASTE Users Meeting 2018 2018/12/26 @ NAOJ The mission of CARTA CARTA is the Cube Analysis and

356 views • 14 slides
Smooth Modes as a Tool for Operational Modal Analysis: New Developments Rubens Sampaio PUC-Rio

Smooth Modes as a Tool for Operational Modal Analysis: New Developments Rubens Sampaio PUC-Rio

Smooth Modes as a Tool for Operational Modal Analysis: New Developments Rubens Sampaio PUC-Rio rsampaio@puc-rio.br PUC-Rio Rubens Sampaio (PUC-Rio rsampaio@puc-rio.br) Smooth Orthogonal Decomposition 1 / 39 Outline Review of Karhunen-Lo`

665 views • 40 slides
SynAthina Onli line Tools 1. . A mapping tool 2. A Community Tool 3. An Archive Tool 3. An

SynAthina Onli line Tools 1. . A mapping tool 2. A Community Tool 3. An Archive Tool 3. An

SynAthina Onli line Tools 1. . A mapping tool 2. A Community Tool 3. An Archive Tool 3. An Archive Tool 4. A Booking Tool 5. A Connecting Tool 5. A Connecting Tool 6. A Crowdsourcing Tool 7. A Data Collection Tool 7. A Data Collection

313 views • 14 slides
Workflow Plus Signature Capture Tool for Synergy Enterprise What is This Tool ? This tool

Workflow Plus Signature Capture Tool for Synergy Enterprise What is This Tool ? This tool

Workflow Plus Signature Capture Tool for Synergy Enterprise What is This Tool ? This tool allows 10 signatures to be captured within a single workflow request Example How Can I Use This Tool ? Create a workflow, and in the definition

247 views • 8 slides
Com m ission (CRC) Feedback on Com m unity of Interest (COI) Tool Name for the tool

Com m ission (CRC) Feedback on Com m unity of Interest (COI) Tool Name for the tool

Com m ission (CRC) Feedback on Com m unity of Interest (COI) Tool Name for the tool Questions to explain the Communities of Interest in tool Requested user information Desired language translation options SWDB Reporting and

204 views • 5 slides
Using the Tool Information Requirements To complete this tool, you will need to have access to the

Using the Tool Information Requirements To complete this tool, you will need to have access to the

Using the Tool Information Requirements To complete this tool, you will need to have access to the following information: Your proposed output measure - the unit costing tool is available for 'hours' and 'places' measures. Refer to the

324 views • 13 slides
CAP Developments CAP Developments in Washington State in Washington State Don Miller

CAP Developments CAP Developments in Washington State in Washington State Don Miller

I nternational Telecom m unication Union ITU-T CAP Developments CAP Developments in Washington State in Washington State Don Miller Telecommunications and Warning S ystems Manager Washington S tate Emergency Management I TU-T/ OASI S W

430 views • 11 slides
General Tool Maintenance Oiling is the most important step in tool maintenance Blow out moisture

General Tool Maintenance Oiling is the most important step in tool maintenance Blow out moisture

General Tool Maintenance Oiling is the most important step in tool maintenance Blow out moisture in air line BEFORE connecting the tool Examine tool for loose bolts, nuts, handles, side-rods, retainers Check air connections / fittings for

553 views • 8 slides
Black Box Scanning Tool + White Box Testing Tool Toshis Black Box Scanning Tool Same

Black Box Scanning Tool + White Box Testing Tool Toshis Black Box Scanning Tool Same

Toshis Approach to Runtime Analysis Black Box Scanning Tool + White Box Testing Tool Toshis Black Box Scanning Tool Same approach as: Cenzic SPI Dynamics Watchfire Toshis tool is unique because: Built on Microsoft Visual Studio

583 views • 18 slides
EX-ANTE CARBON BALANCE TOOL PRESENTATION OF THE TOOL AND SOME APPLICATIONS JUNE 2020 EX-ACT

EX-ANTE CARBON BALANCE TOOL PRESENTATION OF THE TOOL AND SOME APPLICATIONS JUNE 2020 EX-ACT

EX-ANTE CARBON BALANCE TOOL PRESENTATION OF THE TOOL AND SOME APPLICATIONS JUNE 2020 EX-ACT FAO Regional Office for Africa Team LOUIS BOCKEL PADMINI GOPAL OUTLINE Presentation of the tool Role of the tool Why using EX-ACT?

974 views • 51 slides
Similix Sketch Tool The Similix Sketch Tool is A tool for making easy sketches of future

Similix Sketch Tool The Similix Sketch Tool is A tool for making easy sketches of future

Similix Sketch Tool The Similix Sketch Tool is A tool for making easy sketches of future installations in the utility network Enabling project managers, engineers, and designers to express initial design considerations and requirements

537 views • 8 slides
Welcome! Opening remarks/ Overview of current and emerging developments emerging developments

Welcome! Opening remarks/ Overview of current and emerging developments emerging developments

Telematics Industry Group (TIG) meeting Welcome! Opening remarks/ Overview of current and emerging developments emerging developments Chris Koniditsiotis Chief Executive Officer TCA About TCA A national government organisation

852 views • 72 slides
National Context Key developments in trade Key developments in trade I. FTA negotiations -

National Context Key developments in trade Key developments in trade I. FTA negotiations -

World Ceramic Tiles Forum National Context Key developments in trade Key developments in trade I. FTA negotiations - Overview II. TTIP, CETA III. Technical barriers and tariffs IV. WTO Trade Facilitation negotiations I. FTA

765 views • 8 slides
hfi factors international PERSONNEL LICENSING DEVELOPMENTS New Clues for I nvestigators hfi

hfi factors international PERSONNEL LICENSING DEVELOPMENTS New Clues for I nvestigators hfi

hfi human hfi factors international PERSONNEL LICENSING DEVELOPMENTS New Clues for I nvestigators hfi hfi Brief Outline ICAO Expert Panel for Annex 1 PEL Developments in Australia PEL Developments in New Zealand

789 views • 41 slides
MXCuBE-related developments at GPhL: their basis in GDA-related transferable developments Gerard

MXCuBE-related developments at GPhL: their basis in GDA-related transferable developments Gerard

MXCuBE-related developments at GPhL: their basis in GDA-related transferable developments Gerard Bricogne, Claus Flensburg, Wlodek Paciorek, Peter Keller, Rasmus Fogh, Clemens Vonrhein Global Phasing Ltd., Cambridge, UK An underexploited

1.08k views • 30 slides
Update on 2010 Federal Tax Developments A Look Back to Federal Tax Developments During 2010 and

Update on 2010 Federal Tax Developments A Look Back to Federal Tax Developments During 2010 and

Update on 2010 Federal Tax Developments A Look Back to Federal Tax Developments During 2010 and What to Expect for 2011 December 7, 2010 Grand Oaks Conference Center About Todays Event Welcome Agenda Presentations Q-n-A

670 views • 56 slides
Notify Mailto method draft-ietf-sieve-notify-mailto-06.txt Most Ned's WGLC comments

Notify Mailto method draft-ietf-sieve-notify-mailto-06.txt Most Ned's WGLC comments

Notify Mailto method draft-ietf-sieve-notify-mailto-06.txt Most Ned's WGLC comments addressed, except: Handling of Received headers from the original message: Ned: Classify the Auto-submitted: field as a trace field and require

138 views • 13 slides
Introduction to Computer Vision for Robotics AE640A Autonomous Navigation 5 th March, 2019 Harsh

Introduction to Computer Vision for Robotics AE640A Autonomous Navigation 5 th March, 2019 Harsh

Introduction to Computer Vision for Robotics AE640A Autonomous Navigation 5 th March, 2019 Harsh Sinha Introduction to Computer Vision 1 Lecture Outline Introduction What is CV? Overview of the field A look at history

962 views • 51 slides
Introduction to Pattern Recognition Selim Aksoy Department of Computer Engineering Bilkent

Introduction to Pattern Recognition Selim Aksoy Department of Computer Engineering Bilkent

Introduction to Pattern Recognition Selim Aksoy Department of Computer Engineering Bilkent University saksoy@cs.bilkent.edu.tr CS 551, Spring 2019 CS 551, Spring 2019 2019, Selim Aksoy (Bilkent University) c 1 / 39 Human Perception

3.87k views • 39 slides
Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords

520 views • 38 slides
CSE 311: Foundations of Computing Lecture 24: Languages vs Representations: Limitations of Finite

CSE 311: Foundations of Computing Lecture 24: Languages vs Representations: Limitations of Finite

CSE 311: Foundations of Computing Lecture 24: Languages vs Representations: Limitations of Finite Automata and Regular Expressions Last time: NFA to DFA 0,1 0 a,b a 1 0 1 1 1 b c 0 1 b c 0 0 0 0,1 1 b,c a,b,c 0

945 views • 41 slides
What do we know about EnKF? David Kelly Kody Law Andrew Stuart Andrew Majda Xin Tong Courant

What do we know about EnKF? David Kelly Kody Law Andrew Stuart Andrew Majda Xin Tong Courant

What do we know about EnKF? David Kelly Kody Law Andrew Stuart Andrew Majda Xin Tong Courant Institute New York University New York, NY April 10, 2015 CAOS seminar, Courant . David Kelly (NYU) EnKF April 10, 2015 1 / 32 Talk outline 1

540 views • 32 slides
Lazy Automata Techniques for WS1S (TACAS17) s Fiedor 1 , 2 k 2 u 2 Tom a Luk a s

Lazy Automata Techniques for WS1S (TACAS17) s Fiedor 1 , 2 k 2 u 2 Tom a Luk a s

Lazy Automata Techniques for WS1S (TACAS17) s Fiedor 1 , 2 k 2 u 2 Tom a Luk a s Hol Petr Jank 1 Red Hat, Czech Republic al 2 , 3 s Vojnar 2 Ond rej Leng Tom a 2 Brno University of Technology, Czech Republic 3

1.33k views • 94 slides
Functional Reactive Programming in Games Elise Huard - CodeMesh 2015 What FRP Elerea

Functional Reactive Programming in Games Elise Huard - CodeMesh 2015 What FRP Elerea

Functional Reactive Programming in Games Elise Huard - CodeMesh 2015 What FRP Elerea https://github.com/cobbpg/elerea data Signal a Monad, Applicative, Functor t data SignalGen a Monad, Applicative, Functor, MonadFix The Salespitch game

498 views • 38 slides

More recommend