Formal Verification and Model Checking - PowerPoint PPT Presentation

About This Presentation
Title:

Formal Verification and Model Checking

Description:

Based on executable model of the system. permits a quick and shallow ... fUg holds for p if there exists a state s on p where g holds while f holds in ... – PowerPoint PPT presentation

Number of Views:103
Avg rating:3.0/5.0
Slides: 21
Provided by: ida2
Category:

less

Transcript and Presenter's Notes

Title: Formal Verification and Model Checking


1
Formal Verification and Model Checking
  • Traian Pop

2
System Validation
  • System Validation Techniques
  • Simulation
  • Testing
  • Formal Verification
  • Model Checking

3
Simulation
  • Based on executable model of the system
  • permits a quick and shallow evaluation of the
    design quality
  • not suitable for finding subtle errors

4
Testing
  • based on the real implementation of the system
    not on a model
  • it is the only way of (partially) validating a
    design when
  • the construction of a valid and reliable model of
    the system is difficult (due to complexity)
  • system parts cannot be formally modelled
  • the model is proprietary

5
Formal Verification
  • Formal Verification requires
  • A model of the system
  • A specification method
  • A set of proof rules

6
Formal Verification (contd)
  • Verification of sequential programs
  • pre- and post-conditions f S y (Hoares
    triple)
  • f S y is partially correct if any terminating
    computation S that starts in a state satisfying
    f,terminates in a state satisfying y.
  • f S y is totally correct if any computation S
    that starts in a state satisfying f,terminates
    and finishes in a state satisfying y.

7
Formal Verification (contd)








8
Formal Verification (contd)
  • Formal verification of parallel systems
    introduces non-determinsm problems
  • Tools in formal verification
  • Proof assistants
  • Proof checkers
  • Theorem provers

9
Model Checking
  • Automated technique
  • Verifies whether the required properties hold for
    a model

10
Model Checking (contd)
  • Typical algorithm exhaustive state-space search
  • Approaches (depending on requirement
    specificaton)
  • Heterogeneous (logic based)
  • Homogeneous (behavior based)
  • Bisimulation (A and B are bisimilar if A can
    simulate every step of B and vice-versa)
  • Two bisimilar models satisfy the same CTL formulas

11
Computational Tree Logic (CTL)
  • Specification language for finitestate systems
  • Each formula describes properties of computation
    paths (which are infinite sequences of states)
  • Logical operators NOT, AND
  • Operators for temporal relationships X
    (next-state), G(global), U(until), F(future)
  • Path quantifiers E, A

12
Computational Tree Logic (contd)
  • Descriptions
  • Xf holds for a path p iff it holds for
    succ(first(p))
  • Gf gtf holds in all states of a computational
    path
  • Ff gt f will hold sometime in the future
  • fUg holds for p if there exists a state s on p
    where g holds while f holds in all states
    preceding s
  • AXf holds in a state if f holds in all possible
    next states

13
Binary Decision Diagrams (BDD)
  • Rooted, acyclic graphs representing boolean
    functions
  • Capture some of the regularities in the
    state-space
  • Total ordering on variables is needed
  • Support AND, OR, NOT and functional composition

14
Model Checking with BDDs and CTL
f V g BDD(f) V BDD(g)
NOT f NOT BDD(f)
BDD(EX, f, R)(vi) ? vf R(vi, vf) ? BDD(f,R)(vf)
Ef U g z g V f ? EXz
EGf z f ? EXz
15
Fairness
  • Fairness constraint an arbitrary formula of the
    logic
  • A path is fair with respect to a set of fairness
    constraints if each constraint holds infinitely
    often along the path
  • CTLF enhanced for dealing with fair paths
  • Ex.
  • Fair EG true
  • EX f ? EX(f ? Fair)
  • EG f with B ? Z f ? EX(EZ U (Z ? B))

16
Model Checking for RTS
  • Extend both the state-transition graph and the
    logical formulas, with quantitative timing
    information
  • TCTL (Timed CTL) expresses desired behavior
  • Timed graphs express possible behavior

17
Timed CTL
  • E f Uc g
  • A f Uc g
  • ??, ?, ?, ?, ?
  • E f U ? c g for some computational path p
    there is an initial prefix of time less than c
    such that g holds at the last state and f holds
    in all intermediate states
  • ! No X operator for time in real domain R, as
    there is no unique next-state/next-time

18
Timed graphs
  • Model finite-state RT systems
  • Composed of
  • Finite set of nodes
  • Finite set of clocks

19
Model Checking for RTS (contd)
  • The problem consists of deciding whether a
    finite-state RTS modelled as a timed graph meets
    its specification given as a TCTL-formula
  • System model G (S, m, s0, E, C, p, t)
  • TCTL-structure MG (S x G(G), m, f)
  • For a TCTL-formula f, G satisfies f iff (MG,
    ,(s0, u0)) satisfies f, where u0(x) 0, ? x ? C

20
Model Checking - Conclusions
  • Advantages
  • General approach
  • Supports partial verification
  • Relatively easy to use (as compared to theorem
    provers)
  • Can provide a significant increase in the level
    of confidence of a system
  • Disadvantages
  • Appropriate mainly to control intensive
    applications
  • Verifies the model, not the system
  • Only stated requirements are checked
  • State-space explosion problem -gt complexity issues
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Formal Verification and Model Checking" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!