outline
play

Outline Introduction Modeling Specifying properties and - PowerPoint PPT Presentation

Sep 07, 2023 •410 likes •928 views

Outline Introduction Modeling Specifying properties and Verification An example Project assignment References, links Shangzhu Weng Labeled Transition System Analyzer (LTSA) Animate and check the behavior of the overall

  1. Outline • Introduction • Modeling • Specifying properties and Verification • An example • Project assignment • References, links Shangzhu Weng

  2. Labeled Transition System Analyzer (LTSA) • Animate and check the behavior of the overall system before it is implemented • focus on an aspect of interest - concurrency • model animation to visualise a behaviour • mechanical verification of properties (safety & progress) • by Jeff Magee and Jeff Kramer Shangzhu Weng

  3. The Modeling Approach • Equivalent graphical and textual representations • State machines • LTS – Labeled Transition Systems • Process algebra • FSP – Finite State Processes Shangzhu Weng

  4. FSP – action prefix and recursion on SWITCH = OFF, A switch OFF = (on -> ON), 0 1 ON = (off-> OFF). off Substituting to get a more succinct definition: SWITCH = OFF, OFF = (on ->(off->OFF)). And again: SWITCH = (on->off->SWITCH). Shangzhu Weng

  5. FSP – action prefix and recursion on SWITCH = OFF, A switch OFF = (on -> ON), 0 1 ON = (off-> OFF). off If x is an action and P a process then (x-> P) describes a process that initially engages in the action x and then behaves exactly as described by P . Shangzhu Weng

  6. FSP – choice DRINKS = (red->coffee->DRINKS |blue->tea->DRINKS ). blue red A drinks dispensing 0 1 2 machine coffee Shangzhu Weng tea

  7. FSP – choice If x and y are actions then (x-> P | y-> Q) describes a DRINKS = (red->coffee->DRINKS process that initially engages in either of the actions x or |blue->tea->DRINKS y . After the first action has occurred, the subsequent ). behaviour is described by P if the first action was x and Q if the first action was y . blue Who or what makes the red choice? 0 1 2 Is there a difference between input and output actions? coffee tea Shangzhu Weng

  8. FSP – nondeterministic choice COIN = (toss->HEADS|toss->TAILS), toss HEADS= (heads->COIN), toss TAILS= (tails->COIN). Tossing a coin 0 1 2 heads Who makes the choice? tails Process (x-> P | x -> Q) describes a process which engages in x and then behaves as either P or Q. Shangzhu Weng

  9. FSP – indexed processes & actions Single slot buffer that inputs a value in the range 0 to 3 and then outputs that value: BUFF = (in[i:0..3]->out[i]-> BUFF). equivalent to BUFF = (in[0]->out[0]->BUFF |in[1]->out[1]->BUFF |in[2]->out[2]->BUFF |in[3]->out[3]->BUFF ). or using a process parameter with default value: BUFF(N=3) = (in[i:0..N]->out[i]-> BUFF). Shangzhu Weng

  10. FSP – constant & range declaration in.1.1 Using index expressions in.1.0 in.0.1 to model calculation: in.0.0 0 1 2 3 const N = 1 out.0 range T = 0..N out.1 range R = 0..2*N out.2 SUM = (in[a:T][b:T]->TOTAL[a+b]), TOTAL[s:R] = (out[s]->SUM). Shangzhu Weng

  11. FSP – guarded actions COUNT (N=3) = COUNT[0], COUNT[i:0..N] = (when(i<N) inc->COUNT[i+1] |when(i>0) dec->COUNT[i-1] ). inc inc inc 0 1 2 3 dec dec dec The choice (when B x -> P | y -> Q) means that when the guard B is true then the actions x and y are both eligible to be chosen, otherwise if B is false then the action x cannot be chosen. Shangzhu Weng

  12. FSP – guarded actions What is the following FSP process equivalent to? const False = 0 P = (when (False) doanything->P). Answer: STOP Shangzhu Weng

  13. FSP – parallel composition Modeling concurrency: ITCH = (scratch->STOP). CONVERSE = (think->talk->STOP). ||CONVERSE_ITCH = (ITCH || CONVERSE). Commutative: (P||Q) = (Q||P) Associative: (P||(Q||R)) = ((P||Q)||R) = (P||Q||R). Shangzhu Weng

  14. FSP – action interleavings think talk scratch CONVERSE ITCH 0 1 2 0 1 3 states 2 states scratch scratch think talk scratch CONVERSE_ITCH 0 1 2 3 4 5 (0,0) (0,1) (0,2) (1,2) (1,1) (1,0) talk think from ITCH 2 x 3 states from CONVERSE Shangzhu Weng

  15. FSP – shared actions Modeling process interactions: MAKER synchronizes MAKER = (make->ready->MAKER). with USER USER = (ready->use->USER). when ready . ||MAKER_USER = (MAKER || USER). a composite process While unshared actions may be arbitrarily interleaved, a shared action must be executed at the same time by all processes that participate in the shared action. Shangzhu Weng

  16. FSP – process labeling Two instances of a switch process: SWITCH = (on->off->SWITCH). ||TWO_SWITCH = (a:SWITCH || b:SWITCH). a.on b.on a:SWITCH b:SWITCH 0 1 0 1 a.off b.off a:P prefixes each action label in the alphabet of P with a. Shangzhu Weng

  17. FSP – process labeling Two instances of a switch process: SWITCH = (on->off->SWITCH). ||TWO_SWITCH = (a:SWITCH || b:SWITCH). a.on b.on a:SWITCH b:SWITCH 0 1 0 1 a.off b.off An array of instances of the switch process: ||SWITCHES(N=3) = (forall[i:1..N] s[i]:SWITCH). ||SWITCHES(N=3) = (s[i:1..N]:SWITCH). Shangzhu Weng

  18. FSP – process labeling Processes may also be labelled by a set of prefix labels Process prefixing is useful for modeling shared resources: RESOURCE = (acquire->release->RESOURCE). USER = (acquire->use->release->USER). ||RESOURCE_SHARE = (a:USER || b:USER || {a,b}::RESOURCE). Shangzhu Weng

  19. FSP – process labeling a.acquire a.use b.acquire b.use a:USER b:USER 0 1 2 0 1 2 a.release b.release b.acquire a.acquire a.acquire {a,b}::RESOURCE RESOURCE_SHARE 0 1 b.acquire b.use a.use a.release b.release 0 1 2 3 4 RESOURCE = (acquire->release->RESOURCE). b.release USER = (acquire->use->release->USER). ||RESOURCE_SHARE = (a:USER || b:USER a.release || {a,b}::RESOURCE). Shangzhu Weng

  20. FSP – action relabling Relabeling to ensure that composed processes synchronize on particular actions. CLIENT = (call->wait->continue->CLIENT). SERVER = (request->service->reply->SERVER). ||CLIENT_SERVER = (CLIENT || SERVER) /{call/request, reply/wait}. call reply call service CLIENT SERVER 0 1 2 0 1 2 continue reply call service reply CLIENT_SERVER 0 1 2 3 Shangzhu Weng continue

  21. FSP – action hiding Abstraction to reduce complexity: When applied to a process P, the hiding operator \{a1..ax} removes the action names a1..ax from the alphabet of P and makes these concealed actions "silent". These silent actions are labeled tau. Silent actions in different processes are not shared. Sometimes it is more convenient to specify the set of labels to be exposed... When applied to a process P, the interface operator @{a1..ax} hides all actions in the alphabet of P not labeled in the set a1..ax. Shangzhu Weng

  22. FSP – action hiding The following definitions are equivalent: USER = (acquire->use->release->USER) \{use}. USER = (acquire->use->release->USER) @{acquire,release}. Minimization removes hidden tau actions to produce an acquire tau LTS with equivalent observable behavior. 0 1 2 acquire release 0 1 release Shangzhu Weng

  23. Deadlock analysis deadlocked state is one with no outgoing • transitions in FSP: STOP process • MOVE = (north->(south->MOVE|north->STOP)). north north MOVE 0 1 2 south Trace to DEADLOCK: Analysis using LTSA : north (shortest trace to STOP ) north Shangzhu Weng

  24. Deadlock analysis – the Dining Philosopher example Deadlock may arise from the parallel composition of 3 2 2 interacting processes. 1 3 4 1 4 0 0 Shangzhu Weng

  25. Deadlock analysis – the Dining Philosophy example FORK = (get -> put -> FORK). PHIL = (sitdown ->right.get->left.get ->eat ->right.put->left.put ->arise->PHIL). Table of philosophers: ||DINERS(N=5)= forall [i:0..N-1] (phil[i]:PHIL || {phil[i].left,phil[((i-1)+N)%N].right}::FORK). Shangzhu Weng

  26. Deadlock analysis – the Dining Philosophy example Trace to DEADLOCK: phil.0.sitdown phil.0.right.get phil.1.sitdown phil.1.right.get phil.2.sitdown phil.2.right.get phil.3.sitdown phil.3.right.get phil.4.sitdown phil.4.right.get This system deadlocks!! Shangzhu Weng

  27. Deadlock analysis – the Dining Philosophy example Introduce an PHIL(I=0) asymmetry into our = (when (I%2==0) sitdown definition of ->left.get->right.get philosophers. ->eat ->left.put->right.put Use the identity I of ->arise->PHIL a philosopher to make |when (I%2==1) sitdown even numbered ->right.get->left.get philosophers get ->eat their left forks first, ->left.put->right.put odd their right first. ->arise->PHIL Other strategies? ). Shangzhu Weng

  28. Safety properties Safety properties Nothing bad happens • In the model: No reachable ERROR/STOP state • command ACTUATOR =(command->ACTION -1 0 1 |respond->ERROR), ACTION respond =(respond->ACTUATOR command |command->ERROR). Shangzhu Weng

  29. Safety properties Safety properties Nothing bad happens • In the model: No reachable ERROR/STOP state • command property SAFE_ACTUATOR = (command -1 0 1 -> respond -> SAFE_ACTUATOR respond respond ). command In complex systems, it is usually better to specify safety properties by stating directly what is required Shangzhu Weng

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ins Domingues Breast Cancer Workshop April 7th 2015 Outline Outline Outline Outline

Ins Domingues Breast Cancer Workshop April 7th 2015 Outline Outline Outline Outline

An automatic mammogram system: from screening to diagnosis Ins Domingues Breast Cancer Workshop April 7th 2015 Outline Outline Outline Outline Outline Outline Outline Outline Outline Outline Outline Outline Pectoral muscle

589 views • 45 slides
Presentation Preparation Outline Speech Outline Template ***Use this outline to guide you in

Presentation Preparation Outline Speech Outline Template ***Use this outline to guide you in

Presentation Preparation Outline Speech Outline Template ***Use this outline to guide you in preparing for your presentation; this outline is required. Title: I. Introduction (The speech actually starts here.) A. Attention Getter:

479 views • 3 slides
PT1 TMP Presentation Outline 1 Group Members: ___________________________________ Use this outline

PT1 TMP Presentation Outline 1 Group Members: ___________________________________ Use this outline

PT1 TMP Presentation Outline 1 Group Members: ___________________________________ Use this outline to organize your argument to create a logical flow of information and plan your presentation layout. This outline is worth a group grade (one copy

506 views • 3 slides
1 Web Application Development 2 3 Web Application Development CSS Outline An outline is a

1 Web Application Development 2 3 Web Application Development CSS Outline An outline is a

1 Web Application Development 2 3 Web Application Development CSS Outline An outline is a line that is drawn around elements, OUTSIDE the borders, to make the element &quot;stand out&quot;. CSS has the following outline properties:

1.76k views • 117 slides
Outline Outline Background of the Network Vision Vision Aims Activities

Outline Outline Background of the Network Vision Vision Aims Activities

Asia Pacific Adaptation Network (APAN)- A k A key regional Initiative i l I iti ti Puja Sawhney Coordinator, APAN , Institute for Global Environmental Strategies Thimpu, Bhutan p 16 th November, 2011 Outline Outline Background of the

441 views • 9 slides
When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really

When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really

When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters Yogesh K. Ramadass, AnanthaGroup Microsystems Technology Laboratory Outline Outline Outline Outline

507 views • 36 slides
Presentation Outline Worksheet You can use part or all of this outline to help you. This is YOUR

Presentation Outline Worksheet You can use part or all of this outline to help you. This is YOUR

Presentation Outline Worksheet You can use part or all of this outline to help you. This is YOUR personal presentation so you can create it however you want. These are just suggestions to help you get started. The purpose is to educate your

618 views • 3 slides
Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation

Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation

ZSim Tutorial MICRO 2015 S TATS AND C ONFIGURATION Core Models Po-An Tsai Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation techniques ZSim core structure I1D I1I Simple IPC 1 core

1.96k views • 120 slides
Outline Outline Motivation Motivation 1 1. Email Speech Acts 2. Modeling textual intention

Outline Outline Motivation Motivation 1 1. Email Speech Acts 2. Modeling textual intention

Modeling Intention in Email : Speech Acts, Information Leaks and User Ranking Methods p g Vitor R. Carvalho Carnegie Mellon University William Cohen Ramnath a at Tom Tom Jon Jon Balasubramanyan Mitchell Elsas Outline Outline

1.09k views • 65 slides
Session Outline Course themes imperative problem solving (think: outline form) C

Session Outline Course themes imperative problem solving (think: outline form) C

Session Outline Course themes imperative problem solving (think: outline form) C programming (close to the machine) storage and processing of data Linux operating system control of robots Demo Course Web site

780 views • 9 slides
Outline : Outline : Our method to perform periodicity search Candidates of the next Geminga The

Outline : Outline : Our method to perform periodicity search Candidates of the next Geminga The

Periodicity Sear Periodicity Search of ch of the the Geming Geminga-lik -like Pulsar e Pulsars Lupin Chun-Che Lin () Institute of Astronomy, National Central University, Taiwan Outline : Outline : Our method to perform periodicity

654 views • 19 slides
Outline for St Outline for St Outline for

Outline for St Outline for St Outline for

Outline for St Outline for St Outline for St Outline for St Francis Participation Francis Participation Francis Participation Francis Participation St Francis Overview Current Work on

120 views • 10 slides
RDF Beyond RDF Beyond Outline Outline RDFa RDFa Microformat Schema.org S h RDFa

RDF Beyond RDF Beyond Outline Outline RDFa RDFa Microformat Schema.org S h RDFa

RDF Beyond RDF Beyond Outline Outline RDFa RDFa Microformat Schema.org S h RDFa RDFa RDFa RDFa RDFa: A collection of attributes and processing p g rules for extending XHTML to support RDF. HTML contains structured data,

768 views • 37 slides
Appendix J: Capstone Presentation Outline Revised Spring 2016 CAPSTONE PRESENTATION OUTLINE This

Appendix J: Capstone Presentation Outline Revised Spring 2016 CAPSTONE PRESENTATION OUTLINE This

Appendix J: Capstone Presentation Outline Revised Spring 2016 CAPSTONE PRESENTATION OUTLINE This is a suggested outline only. Students should work closely with their Faculty Advisors to adapt this format the presentation to the needs of the

418 views • 4 slides
1 Course Outline Course Outline Course Outline Course Outline 3D Graphics Pipeline 3D

1 Course Outline Course Outline Course Outline Course Outline 3D Graphics Pipeline 3D

Goals Goals Foundations of Computer Graphics Foundations of Computer Graphics Systems: Write complex 3D graphics programs (Spring 2010) (Spring 2010) (real-time in OpenGL, offline raytracer, animation) CS 184, Lecture 1: Overview and

176 views • 5 slides
Outline Outline 1. About Cambodia 1. About Cambodia 2. Overview of disaster Hazards &amp;

Outline Outline 1. About Cambodia 1. About Cambodia 2. Overview of disaster Hazards &amp;

Sophak PHOEUN, National DRR Forum Coordinat or &amp; Executive Assistant to Vice President of NCDM , National Committee for Disaster Management. Outline Outline 1. About Cambodia 1. About Cambodia 2. Overview of disaster Hazards &amp;

346 views • 15 slides
Optimization and Machine Learning with Applications Antonio Candelieri 1,2 Department of Computer

Optimization and Machine Learning with Applications Antonio Candelieri 1,2 Department of Computer

Optimization and Machine Learning with Applications Antonio Candelieri 1,2 Department of Computer Science, Systems and Communications University of Milano-Bicocca, viale Sarca 336, 20126, Milan, Italy OAKS srl Optimization Analytics Knowledge

515 views • 26 slides
Apache Gearpump next-gen streaming engine Karol Brejna, Intel (karolbrejna@apache.org) Huafeng

Apache Gearpump next-gen streaming engine Karol Brejna, Intel (karolbrejna@apache.org) Huafeng

Apache Gearpump next-gen streaming engine Karol Brejna, Intel (karolbrejna@apache.org) Huafeng Wang, Intel (huafengw@apache.org) Apache: Big Data Europe 2016 Sevilla, Spain 14 November 2016 Agenda What is Gearpump? Why Apache

853 views • 60 slides
State Notation Language State Notation Language and the Sequencer and the Sequencer NSLS-II

State Notation Language State Notation Language and the Sequencer and the Sequencer NSLS-II

State Notation Language State Notation Language and the Sequencer and the Sequencer NSLS-II EPICS Training Ralph Lange &lt;rlange@bnl.gov&gt; Acknowledgements Acknowledgements Slides for this presentation have been taken from talks

801 views • 30 slides
35T experience with Cryo Measurements and CFD Alan Hahn FNAL 8/15/18 1 35 Ton Prototype

35T experience with Cryo Measurements and CFD Alan Hahn FNAL 8/15/18 1 35 Ton Prototype

35T experience with Cryo Measurements and CFD Alan Hahn FNAL 8/15/18 1 35 Ton Prototype Cryostat HV Field Cage Test Installation 8/15/18 2 Cryo Operations Use LAPD Cryostat as a storage Dewar for LAr Deliveries from vendor LAPD can

452 views • 17 slides
Study of paramagnetic properties of Fe 3+ ions in sapphire for the realization of a cryogenic

Study of paramagnetic properties of Fe 3+ ions in sapphire for the realization of a cryogenic

1 Study of paramagnetic properties of Fe 3+ ions in sapphire for the realization of a cryogenic whispering gallery maser oscillator E. Rubiola on behalf of K. Benmessai, P.-Y. Bourgeois, M. Oxborrow*, N. Bazin, Y. Kersal and V. Giordano

130 views • 9 slides
Capture Zone Analyses For Pump and Treat Systems Internet Seminar Version: July 1, 2008 1 1

Capture Zone Analyses For Pump and Treat Systems Internet Seminar Version: July 1, 2008 1 1

Capture Zone Analyses For Pump and Treat Systems Internet Seminar Version: July 1, 2008 1 1 Background z Hydraulic containment of impacted ground water (i.e., plume capture) is one of the remedy objectives at almost every site with a

764 views • 57 slides
OO Using UML: The object model describes the structure of the system (objects, Dynamic Models

OO Using UML: The object model describes the structure of the system (objects, Dynamic Models

Overview OO Using UML: The object model describes the structure of the system (objects, Dynamic Models attributes, and operations) The dynamic model describes how the objects change state (how the attributes change) and in which order

452 views • 11 slides
AI for a Responsible Power System Mathijs de Weerdt Associate Professor in Algorithmics group,

AI for a Responsible Power System Mathijs de Weerdt Associate Professor in Algorithmics group,

AI for a Responsible Power System Mathijs de Weerdt Associate Professor in Algorithmics group, EEMCS Delft University of Technology February 21, 2019 My talk in a nutshell Artificial Intelligence can (should) contribute towards a more

881 views • 37 slides

More recommend