the logic of verification

The Logic of Verification Michael Bolton - PDF document

Nov 09, 2022 •555 likes •1.03k views

The Logic of Verification Michael Bolton and James Bach The Logic of Verification Michael Bolton http://www.developsense.com michael@developsense.com Twitter: @michaelbolton James Bach http://www.satisfice.com james@satisfice.com Twitter:

  1. The Logic of Verification Michael Bolton and James Bach The Logic of Verification Michael Bolton http://www.developsense.com michael@developsense.com Twitter: @michaelbolton James Bach http://www.satisfice.com james@satisfice.com Twitter: @jamesmarcusbach I’m Michael Bolton Not the guy Not the singer. No relation. in Office Space. The Logic of Verification ‐ 2

  2. The Logic of Verification Michael Bolton and James Bach The Big Ideas • There is a logical basis to verification. The logic of verification is often misunderstood or ignored. • Verification is a kind of tool. As with any useful and powerful tool, we must understand its capabilities and its limits to use it effectively. • Excellent verification is part of a testing process. • Testing includes not only questioning of the product, but also questioning of the ways in which we check it and test it. The Logic of Verification ‐ 3 ? We have a product of uncertain quality. The Logic of Verification ‐ 4

  3. The Logic of Verification Michael Bolton and James Bach P Let’s call it Product P. The Logic of Verification ‐ 5 C P One way to evaluate P is to put it inside another system. We’ll call that C (for “Checks”). The Logic of Verification ‐ 6

  4. The Logic of Verification Michael Bolton and James Bach C Report P We design C to provide input to P; to operate it; to observe it; to compare the output to a specified result, and to report on the outcome of the comparison. The Logic of Verification ‐ 7 C Report P After this process, some people might be tempted to think this way: The Logic of Verification ‐ 8

  5. The Logic of Verification Michael Bolton and James Bach C Report P  “If C reports no problems, we have verified that P is a good product.” The Logic of Verification ‐ 9 C Report P  “If C reports problems, we have verified that P is a bad product.” The Logic of Verification ‐ 10

  6. The Logic of Verification Michael Bolton and James Bach C Report P ? But what is really going on here? The Logic of Verification ‐ 11  Verify (n.) • To ascertain, confirm, check, or test the truth or accuracy of • To assert or prove to be true • To testify to the truth of, support (a statement, law) • To check (items of data input) for accuracy eg by having the same data keyed twice, by two separate operators, and then checked by computer for discrepancies (computing) —Chambers Dictionary The Logic of Verification ‐ 12

  7. The Logic of Verification Michael Bolton and James Bach Verification (in the RST namespace)  Verification (n.) 1. The process of establishing the truth of a proposition (this is universal, rather than specific to software) 2. In regulated software development, the process of comparing a product to its immediate specification Verification is distinct from “validation”. We say this:  Validation (n.) the process of assessing a product against how well it fulfills its ultimate purposes The Logic of Verification ‐ 13 What IS Verification? • Something exists. • Some of what exists can be known. • Some of that can be described in words. • Some of that can be expressed as propositions which are either true or false. Again: verification is the process of establishing the truth or falsehood of a proposition. The Logic of Verification ‐ 14

  8. The Logic of Verification Michael Bolton and James Bach Verification isn’t a feeling. Verification is reasoning via a logical process, within a logical system. • X + Y = 10 has a truth value and can be verified as true or false if the values of X and Y are known, and if they are numbers, and if the conventions of arithmetic apply. • X + Y = 10 may have a truth value that cannot be verified if the conventions of arithmetic apply, and if X and Y are numbers, but the value of X or of Y is not known. • X +  = 10 does not have a verifiable truth value if the conventions of mathematics apply. (We chose the  symbol because it looks nice, and yin/yang starts with Y, but the symbol doesn’t stand for anything in particular here.) The Logic of Verification ‐ 15 DID work is not DOES work; CAN work is not WILL work. In a system with a non‐trivial state space, X + Y = 10 may be true ten times in a row, yet may be false on the next iteration. • If you find X + Y = 10 to be true even once, then you have verified that it CAN be true. • From that, you could make an inference that it will PROBABLY be true next time. • But unless you check EVERY POSSIBLE state of the system, including possible states that you don’t even know are possible , you cannot verify that X + Y = 10 will CERTAINLY be true. Key questions: What assumptions are supporting your inferences? What could change that would cause your inferences to change? The Logic of Verification ‐ 16

  9. The Logic of Verification Michael Bolton and James Bach Problems with Verification • Propositions without a truth value can’t be verified. • “Colorless green ideas sleep furiously.” • Huh? This statement is syntactically okay, but it’s meaningless in everyday English. • Statements about the future cannot be verified until we reach that future. • “There are no bugs in the product.” ( so far ) • “Our checks will find all the bugs in this product.” ( we hope ) • “Customers will be satisfied with this product.” ( we believe ) The Logic of Verification ‐ 17 Verifying Statements About The Future • Obtain a time machine, and go to a set point in the future. • Ask all customers and stakeholders “Were you satisfied with it?” • Come back and report success! Huzzah! • But even then, you can’t verify that people would remain satisfied after you asked them. The Logic of Verification ‐ 18

  10. The Logic of Verification Michael Bolton and James Bach Infinite Leap: situated fact  abstract speculation What I can observe is But what I care about may be knowable here and now: timeless and universal: “The product does not currently “The product shall not crash.” appear to be in a crashed state.” … but the fact that this is true does not mean This cannot be verified empirically. that the product • didn’t crash without visible manifestations • won’t crash with different data • won’t crash right now if I move the mouse or type the wrong key • won’t crash five minutes from now The Logic of Verification ‐ 20

  11. The Logic of Verification Michael Bolton and James Bach Infinite Leap: situated fact  abstract speculation What I can observe is But what I care about may be knowable here and now: timeless and universal: “I am able to read all the buttons on “The product shall be reasonably this screen.” easy to use.” … but the fact that this is true does not mean This cannot be verified empirically. that it will be true • for all buttons in the product • at all times • on all browsers, in every state • for every kind of person • under all lighting conditions Advance to next slide? The Logic of Verification ‐ 20 Infinite Leap: situated fact  abstract speculation What I can observe is But what I care about may be knowable here and now: timeless and universal: “I recognize the login prompt and see “The system shall always be in the nothing wrong.” appropriate state after logging in.” … but the fact that this is true does not mean This cannot be verified empirically. that it will be true • for every situation where the login prompt should be displayed • that it is compatible with every browser • that all the client‐side JavaScript and all the PHP on the server do all the right things The Logic of Verification ‐ 20

  12. The Logic of Verification Michael Bolton and James Bach Test ideas for login functionality after one hour of brainstorming and research.

  13. The Logic of Verification Michael Bolton and James Bach Asymmetries: What We Can (and Can’t) Verify Verifiable Not Verifiable that there is a problem for some person that there will be no problem for that person that we are not aware of a problem for some person that there is no problem for any person that the product did something under specific conditions that the product will do the same thing under conditions that we have observed that we have not yet observed that the product DID do something that the product DOES do something that the product CAN do something that the product WILL do something that we were aware of certain conditions we believed to that we were aware of all of the conditions relevant to be relevant to the test the test that a product does not meet a requirement that a product does meet a requirement that the product appears to meet a requirement to some that the product definitely meets a requirement degree that the product has not crashed that the product will not crash that we have not observed a problem in a feature so far that there is no problem in a feature that someone is currently satisfied with the product, that someone will continue to be satisfied when new based on what they know at the moment knowledge is revealed facts that might influence decisions about quality the product’s quality The Logic of Verification ‐ 23 Verification isn’t exactly testing. To say “This product is very good” is often like saying “This product is very  based on known variables X and Y, plus all our assumptions about unknown variables V 1 , V 2 , V 3 …V 10000 … etc.” This is unverifiable , but it may be testable . The Logic of Verification ‐ 24

Recommend

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification

DIVS DL/ID Verification Systems Verification of Legal Status DIVS Passport Verification Projects Birth Record Verification State to State Verification DIVS State to State Verification Service (S2S) Program Benefits Mission

349 views • 8 slides
Logic for Verification Jo ao Martins August 4, 2012 J. Martins () Logic for Verification

Logic for Verification Jo ao Martins August 4, 2012 J. Martins () Logic for Verification

Logic for Verification Jo ao Martins August 4, 2012 J. Martins () Logic for Verification August 4, 2012 1 / 96 1 Introduction 2 Syntax 3 Semantics 4 Verification Truth Tables Resolution Natural Deduction 5 Beyond Propositional Logic

1.39k views • 106 slides
Markov Logic Markov Logic Probability First-Order Logic Propositional Logic Markov Logic

Markov Logic Markov Logic Probability First-Order Logic Propositional Logic Markov Logic

Putting the Pieces Together Markov Logic Markov Logic Probability First-Order Logic Propositional Logic Markov Logic Definition A Markov Logic Network (MLN) is a set of A logical KB is a set of hard constraints pairs (F, w) where on

350 views • 6 slides
Computational Logic A Motivational Introduction 1 Computational Logic programming algorithms

Computational Logic A Motivational Introduction 1 Computational Logic programming algorithms

Computational Logic A Motivational Introduction 1 Computational Logic programming algorithms logic lambda calculus verification logic and AI logic programming knowledge representation functional programming logic of programming

475 views • 25 slides
Logic Modeling Outline What is a logic model? How to use a logic model How to build a

Logic Modeling Outline What is a logic model? How to use a logic model How to build a

An Introduction to Logic Modeling Outline What is a logic model? How to use a logic model How to build a logic model What is a Logic Model? Brief definition: A logic model is a graphic representation of a program showing

630 views • 61 slides
Combining equilibrium logic and dynamic logic (an introduction and a very brief overview) Luis

Combining equilibrium logic and dynamic logic (an introduction and a very brief overview) Luis

Introduction HT logic and equilibrium logic A dynamic extension of HT logic and of equilibrium logic DL-PA: dynamic logic of propositional Combining equilibrium logic and dynamic logic (an introduction and a very brief overview) Luis Farias

637 views • 31 slides
Automatic Verification of Automatic Verification of Automatic Verification of Automatic

Automatic Verification of Automatic Verification of Automatic Verification of Automatic

Automatic Verification of Automatic Verification of Automatic Verification of Automatic Verification of Competitive Stochastic Systems Competitive Stochastic Systems Competitive Stochastic Systems Competitive Stochastic Systems Marta

500 views • 29 slides
Formal Verification Methods 1: Propositional Logic John Harrison Intel Corporation Course

Formal Verification Methods 1: Propositional Logic John Harrison Intel Corporation Course

Formal Verification Methods 1: Propositional Logic Formal Verification Methods 1: Propositional Logic John Harrison Intel Corporation Course overview Propositional logic A resurgence of interest Logic and circuits Normal

424 views • 18 slides
Modelling and Verification Hennessy-Milner Logic Hennessy-Milner logic Syntax and semantics

Modelling and Verification Hennessy-Milner Logic Hennessy-Milner logic Syntax and semantics

Introduction Hennessy-Milner Logic Correspondence between HM Logic and Strong Bisimilarity Modelling and Verification Hennessy-Milner Logic Hennessy-Milner logic Syntax and semantics Correspondence with strong bisimilarity Examples in CWB

670 views • 19 slides
Modelling and Verification Hennessy-Milner Logic An introduction to Hennessy-Milner logic (HML)

Modelling and Verification Hennessy-Milner Logic An introduction to Hennessy-Milner logic (HML)

Introduction to Model Checking Hennessy-Milner Logic Hennessy-Milner Logic with One Recursive Definition Selection of Temporal Properties Modelling and Verification Hennessy-Milner Logic An introduction to Hennessy-Milner logic (HML) Syntax

1.2k views • 44 slides
The logic of learning: The logic of learning: logic and knowledge representation logic and

The logic of learning: The logic of learning: logic and knowledge representation logic and

The logic of learning: The logic of learning: logic and knowledge representation logic and knowledge representation in machine learning in machine learning Peter A. Flach Department of Computer Science University of Bristol

771 views • 59 slides
Logic and Social Choice Theory Ulle Endriss Institute for Logic, Language and Computation

Logic and Social Choice Theory Ulle Endriss Institute for Logic, Language and Computation

Logic and Social Choice Theory Core Logic 2009 Logic and Social Choice Theory Ulle Endriss Institute for Logic, Language and Computation University of Amsterdam Ulle Endriss 1 Logic and Social Choice Theory Core Logic 2009 (Computational)

348 views • 16 slides
Introduction to Symbolic Logic David W. Agler 1 RL: Beyond Predicate Logic Predicate Logic

Introduction to Symbolic Logic David W. Agler 1 RL: Beyond Predicate Logic Predicate Logic

Introduction to Symbolic Logic David W. Agler 1 RL: Beyond Predicate Logic Predicate Logic Semantics with Variable Assignments 2 Predicate Logic Semantics with Variable Assignments Predicate Logic using Names Recall the following valuation

1.51k views • 126 slides
Gates and Logic: From Transistors to Logic Gates and Logic Circuits CS 3410: Computer System

Gates and Logic: From Transistors to Logic Gates and Logic Circuits CS 3410: Computer System

Gates and Logic: From Transistors to Logic Gates and Logic Circuits CS 3410: Computer System Organization and Programming [K. Bala, A. Bracy, E. Sirer, and H. Weatherspoon] Goals for Today From Switches to Logic Gates to Logic Circuits

434 views • 25 slides
05Predicate Logic CS 5209: Foundation in Logic and AI Martin Henz and Aquinas Hobor February

05Predicate Logic CS 5209: Foundation in Logic and AI Martin Henz and Aquinas Hobor February

Predicate Logic: Motivation, Syntax, Proof Theory Semantics of Predicate Logic Soundness and Completeness of Predicate Logic Undecidability of Predicate Logic 05Predicate Logic CS 5209: Foundation in Logic and AI Martin Henz and Aquinas

1.36k views • 69 slides
Gates and Logic: From Transistors to Logic Gates and Logic Circuits Prof. Hakim Weatherspoon CS

Gates and Logic: From Transistors to Logic Gates and Logic Circuits Prof. Hakim Weatherspoon CS

Gates and Logic: From Transistors to Logic Gates and Logic Circuits Prof. Hakim Weatherspoon CS 3410 Computer Science Cornell University [Weatherspoon, Bala, Bracy, and Sirer] Goals for Today From Switches to Logic Gates to Logic

1.04k views • 77 slides
Warsaw Side event Setting the scene Support slides Michael Grubb 4CMR University of Cambridge

Warsaw Side event Setting the scene Support slides Michael Grubb 4CMR University of Cambridge

Warsaw Side event Setting the scene Support slides Michael Grubb 4CMR University of Cambridge Centre for Mitigation Research Editor-in-Chief, Climate Policy journal Senior Advisor, Sustainable Energy Policy, UK Office of Electricity and Gas

362 views • 3 slides
The Positive & Negative Aspects of Group Decision Making Positive Aspects of Group Decision

The Positive & Negative Aspects of Group Decision Making Positive Aspects of Group Decision

The Positive & Negative Aspects of Group Decision Making Positive Aspects of Group Decision Making Working with a group may enhance the quality of information in making a decision. If one person isn t familiar with the subj

343 views • 5 slides
Resolution-based Methods for Linear Temporal Reasoning PhD dissertation defense Martin

Resolution-based Methods for Linear Temporal Reasoning PhD dissertation defense Martin

Resolution-based Methods for Linear Temporal Reasoning PhD dissertation defense Martin Suda Saarbrcken, October 16, 2015 b b b b b b b b b Introduction LPSup LS4 VCE Hardware Verification Automated Planning Conclusion

1.39k views • 47 slides
INCEIF Kuala Lumpur Seminar Presentation by Dr. Erbas Knightian Uncertainty, Contemporary

INCEIF Kuala Lumpur Seminar Presentation by Dr. Erbas Knightian Uncertainty, Contemporary

INCEIF Kuala Lumpur Seminar Presentation by Dr. Erbas Knightian Uncertainty, Contemporary Research and Applications June 17, 2010 1. Knightian Uncertainty In reality, possible payoffs and associated probabilities to economic enterprise are

403 views • 18 slides
TECHNOLOGY INNOVATION By Dr. Robert Finkelstein (Based On: Mastering The Dynamics of Innovation

TECHNOLOGY INNOVATION By Dr. Robert Finkelstein (Based On: Mastering The Dynamics of Innovation

TECHNOLOGY INNOVATION By Dr. Robert Finkelstein (Based On: Mastering The Dynamics of Innovation by James M. Utterback) INNOVATION: A DEFINITION Innovation: transforming a new invention into a successful product (or process) Creativity

602 views • 28 slides
Welcome! A Balance Principle of Educational Technology Adoption Troy Welch, Thompson Rivers

Welcome! A Balance Principle of Educational Technology Adoption Troy Welch, Thompson Rivers

Conference 2018 Conference 2018 Welcome! A Balance Principle of Educational Technology Adoption Troy Welch, Thompson Rivers University Thai Noipho (Photographer). Muddy roads in underdeveloped countries The Northern Thailand. Retrieved March

713 views • 31 slides
Human performance for process safety Joelle Mitchell APPEA HSR Forum, October 2016 About

Human performance for process safety Joelle Mitchell APPEA HSR Forum, October 2016 About

Human performance for process safety Joelle Mitchell APPEA HSR Forum, October 2016 About NOPSEMA National Offshore Petroleum Safety and Environmental Management Authority Safety, Integrity, Environment Commonwealth waters

530 views • 17 slides
Scientific Economics: new vs old economics, or neoclassical economics as a pseudoscience Terry

Scientific Economics: new vs old economics, or neoclassical economics as a pseudoscience Terry

Scientific Economics: new vs old economics, or neoclassical economics as a pseudoscience Terry Barker University of East Anglia & University of Cambridge, UK Lecture and discussion at the University of Pireas, Greece 12th April 2016 1

506 views • 33 slides

More recommend