On-the-Fly Verification using CADP Radu Mateescu INRIA Rhne-Alpes - - PowerPoint PPT Presentation

▶

Jan 15, 2023 642 likes •800 views

On-the-Fly Verification using CADP Radu Mateescu INRIA Rhne-Alpes / VASY 655, avenue de lEurope F-38330 Montbonnot Saint Martin, France http://www.inrialpes.fr/vasy INRIA Rhne-Alpes http://www.inrialpes.fr Created in December

SLIDE 1

On-the-Fly Verification using CADP

Radu Mateescu

INRIA Rhône-Alpes / VASY 655, avenue de l’Europe F-38330 Montbonnot Saint Martin, France http://www.inrialpes.fr/vasy

SLIDE 2

FMICS'03 (Roeros, Norway, June 5-7, 2003) 2

INRIA Rhône-Alpes

http://www.inrialpes.fr

Created in December 1992

– 19 research projects – Experimental technological platforms (PC clusters, high- speed networks, robotics, virtual reality studio)

Knowledge dissemination

– Over 130 doctoral candidates – University courses (Inst. Nat. Polytechnique Grenoble,

Univ. Joseph Fourier, Ecole Normale Sup. de Lyon)
Technology transfer

– Cooperations with Bull and W3C – 6 start-up companies

SLIDE 3

FMICS'03 (Roeros, Norway, June 5-7, 2003) 3

The VASY team (Validation of Systems)

http://www.inrialpes.fr/vasy

Leader: Hubert Garavel
2 INRIA researchers: Radu Mateescu, Frédéric Lang
1 Bull engineer: Solofo Ramangalahy
1 post-doc, 1 PhD student, 3 expert engineers
Scientific areas of interest:

– Formal methods and specification languages – Model-based verification technologies – Industrial case-studies and applications

Software tools:

– The CADP verification toolbox – The TRAIAN compiler (E-LOTOS)

SLIDE 4

FMICS'03 (Roeros, Norway, June 5-7, 2003) 4

The CADP toolbox

http://www.inrialpes.fr/vasy/cadp

Input languages

– ISO formal description techniques (LOTOS, E-LOTOS) – Networks of communicating automata

Functionalities

– Compilation, rapid prototyping, interactive simulation – Equivalence checking, model checking – Compositional verification, test generation

Applications: 65 case studies, 13 research tools
OPEN/CAESAR [Garavel-98]

– CADP generic environment for state space manipulation – Implicit state space representation (successor function)

SLIDE 5

FMICS'03 (Roeros, Norway, June 5-7, 2003) 5

Motivation

On-the-fly verification

– Builds the state space incrementally – Allows to detect errors in large systems

Practical needs

– Easy construction of on-the-fly verification tools – Generic software components for verification

Boolean Equation Systems (BES)

– Technology for equivalence checking and model checking – On-the-fly resolution and diagnostic generation

Goal: provide generic software (libraries)

SLIDE 6

FMICS'03 (Roeros, Norway, June 5-7, 2003) 6

Alternation-free BES

x1 =µ x2 ∨ x3 x2 =µ x3 ∨ x4 x3 =µ x2 ∧ x7

x4 =µ x5 ∨ x6 x5 =µ x8 ∨ x9 x6 =µ F

x7 =ν x8 ∧ x9 x8 =ν T x9 =ν F

SLIDE 7

FMICS'03 (Roeros, Norway, June 5-7, 2003) 7

On-the-fly resolution

x1 =µ x2 ∨ x3 x2 =µ x3 ∨ x4 x3 =µ x2 ∧ x7

x4 =µ x5 ∨ x6 x5 =µ x8 ∨ x9 x6 =µ F

x7 =ν x8 ∧ x9 x8 =ν T x9 =ν F

SLIDE 8

FMICS'03 (Roeros, Norway, June 5-7, 2003) 8

Boolean graphs

[Andersen-94]

BES (µ-block) boolean graph x1 =µ x2 ∨ x3 x2 =µ F x3 =µ x4 ∨ x5 x4 =µ T x5 =µ x1 : ∨-variables : ∧-variables

1 4 2 3 5

SLIDE 9

FMICS'03 (Roeros, Norway, June 5-7, 2003) 9

Resolution algorithms

[TACAS 2003]

A1 (DFS, general)

– Memory complexity O (|V|+|E|)

A2 (BFS, general)

– Small-depth diagnostics Time – Memory complexity O (|V|+|E|) complexity

A3 (DFS, acyclic)

O (|V|+|E|) – Memory complexity O (|V|)

A4 (DFS, disjunctive / conjunctive)

– Memory complexity O (|V|)

SLIDE 10

FMICS'03 (Roeros, Norway, June 5-7, 2003) 10

CAESAR_SOLVE library

OPEN/CAESAR libraries CAESAR_SOLVE library (A1 … A4 & diagnostic)

Implicit graph (successor function)

BES (boolean graph) diagnostic (boolean subgraph) variable value

Implicit graph (successor function)

SLIDE 11

FMICS'03 (Roeros, Norway, June 5-7, 2003) 11

BISIMULATOR and EVALUATOR

LTS1 LTS2 LTS formula BES translator BES translator implicit boolean graph & diagnostic interpreter (.c) implicit boolean graph & diagnostic interpreter (.c) BISIMULATOR EVALUATOR C compiler OPEN/CAESAR CAESAR_SOLVE executable diagnostic runtime environment true / false

SLIDE 12

FMICS'03 (Roeros, Norway, June 5-7, 2003) 12

Algorithm usage guidelines

A1 and A2 (diagnostic depth ↓)

– All equivalences and their preorders – Alternation-free µ-calculus formulas

A3 (memory ↓)

– Strong equivalence: one LTS acyclic – Safety and τ*.a: one LTS acyclic (τ-circuits allowed) – Branching and observational: both LTS acyclic – Acyclic LTS and µ-calculus formula (via reduction)

A4 (memory ↓)

– All equivalences: one LTS deterministic – CTL, ACTL, and PDL formulas

SLIDE 13

FMICS'03 (Roeros, Norway, June 5-7, 2003) 13

Ongoing and future work

New algorithms within CAESAR_SOLVE

– Single-scan & low-memory algorithms for trace-based verification (low-depth acyclic boolean graphs) – Further resolution strategies (combined DFS-BFS, random exploration, …)

New applications of CAESAR_SOLVE

– Detection of τ-confluent transitions [CAV 2003] – Test generation – Discrete controller synthesis – Horn clause resolution

Distributed resolution algorithms

On-the-Fly Verification using CADP

Radu Mateescu

INRIA Rhône-Alpes / VASY 655, avenue de l’Europe F-38330 Montbonnot Saint Martin, France http://www.inrialpes.fr/vasy

INRIA Rhône-Alpes

http://www.inrialpes.fr

– 19 research projects – Experimental technological platforms (PC clusters, high- speed networks, robotics, virtual reality studio)

– Over 130 doctoral candidates – University courses (Inst. Nat. Polytechnique Grenoble,

– Cooperations with Bull and W3C – 6 start-up companies

The VASY team (Validation of Systems)

http://www.inrialpes.fr/vasy

– Formal methods and specification languages – Model-based verification technologies – Industrial case-studies and applications

– The CADP verification toolbox – The TRAIAN compiler (E-LOTOS)

The CADP toolbox

http://www.inrialpes.fr/vasy/cadp

– ISO formal description techniques (LOTOS, E-LOTOS) – Networks of communicating automata

– Compilation, rapid prototyping, interactive simulation – Equivalence checking, model checking – Compositional verification, test generation

– CADP generic environment for state space manipulation – Implicit state space representation (successor function)

Motivation

– Builds the state space incrementally – Allows to detect errors in large systems

– Easy construction of on-the-fly verification tools – Generic software components for verification

– Technology for equivalence checking and model checking – On-the-fly resolution and diagnostic generation

Goal: provide generic software (libraries)

Alternation-free BES

x1 =µ x2 ∨ x3 x2 =µ x3 ∨ x4 x3 =µ x2 ∧ x7

x4 =µ x5 ∨ x6 x5 =µ x8 ∨ x9 x6 =µ F

x7 =ν x8 ∧ x9 x8 =ν T x9 =ν F

On-the-fly resolution

x1 =µ x2 ∨ x3 x2 =µ x3 ∨ x4 x3 =µ x2 ∧ x7

x4 =µ x5 ∨ x6 x5 =µ x8 ∨ x9 x6 =µ F

x7 =ν x8 ∧ x9 x8 =ν T x9 =ν F

Boolean graphs

[Andersen-94]

BES (µ-block) boolean graph x1 =µ x2 ∨ x3 x2 =µ F x3 =µ x4 ∨ x5 x4 =µ T x5 =µ x1 : ∨-variables : ∧-variables

Resolution algorithms

[TACAS 2003]

– Memory complexity O (|V|+|E|)

– Small-depth diagnostics Time – Memory complexity O (|V|+|E|) complexity

O (|V|+|E|) – Memory complexity O (|V|)

– Memory complexity O (|V|)

CAESAR_SOLVE library

BISIMULATOR and EVALUATOR

Algorithm usage guidelines

– All equivalences and their preorders – Alternation-free µ-calculus formulas

– Strong equivalence: one LTS acyclic – Safety and τ*.a: one LTS acyclic (τ-circuits allowed) – Branching and observational: both LTS acyclic – Acyclic LTS and µ-calculus formula (via reduction)

– All equivalences: one LTS deterministic – CTL, ACTL, and PDL formulas

Ongoing and future work

– Single-scan & low-memory algorithms for trace-based verification (low-depth acyclic boolean graphs) – Further resolution strategies (combined DFS-BFS, random exploration, …)

– Detection of τ-confluent transitions [CAV 2003] – Test generation – Discrete controller synthesis – Horn clause resolution

Distributed equivalence checking and model checking using diagnostic generation