Development of dynamically evolving and self-adaptive software. 1. Background

Size: px
Start display at page:

Download "Development of dynamically evolving and self-adaptive software. 1. Background"

Transcription

1 Development of dynamically evolving and self-adaptive software 1. Background LASER 2013 Isola d Elba, September 2013 Carlo Ghezzi Politecnico di Milano Deep-SE DEIB 1

2 Requirements Functional requirements refer to services that the system shall provide Non-functional requirements constrain how such services shall be provided Non-Functional Requirement Quality of Service Compliance Architectural Constraint Development Constraint Accuracy Safety Security Reliability Performance Interface Installation Distribution Cost Maintainability Cost Deadline Variability Confidentiality Integrity Availability Time Space User interaction Device interaction Software interoperability Subclass link Usability Convenience van Lamsweerde, Requirements Engineering, J. Wiley & Sons

3 Models During software development, software engineers often build abstractions of the system in the form of models [noun] A system or thing used as an example to follow or imitate a simplified description, esp. a mathematical one, of a system or process, to assist calculations or predictions Oxford American Dictionaries 3

4 Why do we use models? To communicate - They embody a shared lexicon E.g., state, transition To simplify descriptions and help focus, ignoring details that distract from the essence of the problem To reason about the modeled system - Mathematics makes reasoning formal - Through models we can predict properties of the real system before it exists 4

5 What makes a good model? A model is good if it carries the right amount of information you need - It is at the right level of abstraction A model abstracts from details - Make sure that they are details, not the essence - Be aware of the approximations A model serves a purpose - Different models for different purposes (views) Expert judgment always needed!!! 5

6 From model(s) to implementation Model driven development tries to support a development process that goes through correctness-preserving transformations Ideally, once correct models are developed, implementation is correct by construction Reality still far from the ideal world... However, focus on models and verification important to achieve better quality products 6

7 Models Perhaps the most used (and useful) models are finitestate models given as Labelled Transition Systems of some kind OFF 0 1 ON 7

8 Labeled Transition System (Kripke Structure) x ~p k p Transitions represent execution steps y ~p h ~p State labels represent predicates true in the state z ~p 8

9 Definition An LTS is a tuple S, I, R, AP, L where - S is a set of states; - I S is the set of initial states; - R S S is the set of transitions; - AP is a set of atomic propositions; - L : S 2 AP is a labelling function. A (maximal) path from a state s0 is either a finite sequence of states that ends in a terminal state or an infinite sequence of states - π = s0, s1, s2,... such that (si, si+1) R, for all i 0. 9

10 An example Two process mutual exclusion with shared semaphore Each process has three states - Non-critical (N) - Trying (T) - Critical (C) Semaphore can be available (S0) or taken (S1) Initially both processes are in N and the semaphore is available --- N1 N2 S0 N 1 T 1 T 1 S 0 C 1 S 1 C 1 N 1 S 0 N 2 T 2 T 2 S 0 C 2 S 1 C2 N 2 S 0 10

11 Consider the following model Does a system behaving like this LTS satisfy our expectations in terms of mutual exclusion: Never a state where both C1 and C2 hold can be reached N 1 N 2 S 0 T 1 N 2 S 0 N 1 T 2 S 0 C 1 N 2 S 1 T 1 T 2 S 0 N 1 C 2 S 1 C 1 T 2 S 1 T 1 C 2 S 1 11

12 How can requirements be specified? For example, we need to formalize statements like: - No matter where you are, there is always a way to get to the initial state Temporal logic to formally express properties - In classical logic, formulae are evaluated within a single fixed world For example, a proposition such as it is raining must be either true or false Propositions are then combined using operators such as,, etc. - In temporal logic, evaluation takes place within a set of worlds, corresponding to time instants it is raining may be satisfied in some worlds, but not in others - The set of worlds correspond to moments in time 12

13 Temporal logic Linear Time - Every moment has a unique successor - Infinite sequences (words) - Linear Time Temporal Logic (LTL) Branching Time - Every moment has several successors - Infinite tree - Computation Tree Logic (CTL) 13

14 LTL: syntax and semantics φ ::= true a φ1 φ2 φ oφ φ1 U φ2 oφ also written Xφ true U φ also written Fφ and also φ F φ also written Gφ and also o φ An LTL property stands for a property of a path For a state s, a formula φ is satisfied if all paths exiting s satisfy the formula Model checking Given an LTS and a formula, verify that initial states satisfy it 14

15 Mutual exclusion Always at least one process is not in the critical section N 1 N 2 S 0 T 1 N 2 S 0 N 1 T 2 S 0 C 1 N 2 S 1 T 1 T 2 S 0 N 1 C 2 S 1 C 1 T 2 S 1 T 1 C 2 S 1 (not C1 not C2) 15

16 CTL State formulae: ϕ ::= true a ϕ1 ϕ2 ϕ φ φ Path formulae: φ ::= o ϕ ϕ1 U ϕ2 X (o), F ( ) and G (o ) can be introduced as for LTL, often also written as E, A Mutual exclusion in CTL: G( C1 C2) Note: CTL and LTL have incomparable expressiveness 16

17 Quantitative modelling LTSs support qualitative modelling Often we need to model quantitative aspects, such as the cost of a certain action or the probability that a certain event occurs Here we review Markov models, an important and useful extension of LTSs 17

18 Discrete-time Markov Chains A DTMC is defioned by a tuple (S, s0, P, AP, L) where S is a finite set of states s0 S is the initial state P: S S [0;1] is a stochastic matrix AP is a set of atomic propositions L: S 2 AP is a labelling function. The modelled process must satisfy the Markov property, i.e., the probability distribution of future states does not depend on past states; the process is memoryless 18

19 An#example#!A simple communication protocol operating with a channel! 1 start S D T L S D T L delivered try lost matrix representation Note: sum of probabilities for transitions leaving a given state equals 1 C. Baier, JP Katoen, Principles of model checking MIT Press,

20 Discrete Time Markov Reward Models Like a DTMC, plus - labelling states with a state reward - labelling transitions with a transition reward (we just use state rewards) Rewards can be any real-valued, additive, non negative measure; we use non-negative real functions Usage in modelling: rewards represent energy consumption, average execution time, outsourcing costs, pay per use cost, CPU time 20

21 Reward DTMC A R-DTMC is a tuple (S, s0, P, AP, L, µ), where S, s0, P, L are defined as for a DTMC, while µ is defined as follows: - µ : S R 0 is a state reward function assigning a non-negative real number to each state... at step 0 the system enters the initial state s0. At step 1, the system gains the reward µ(s0) associated with the state and moves to a new state... 21

22 Which model(s) should we use? Different models provide different viewpoints from which a system can be analyzed Focus on non-functional properties leads to models where we can deal with uncertainty and specify quantitative aspects Examples DTMCs for reliability CTMCs for performance Reward DTMCs for energy/cost/performance 22

23 Quantitative requirements specification Specification can be qualitative ( the system shall do... ) or quantitative ( average response time shall be less than xxx ) LTL, CTL temporal logic are typical examples of qualitative specification languages Non-functional requirements ask for quantitative specification Quantitative specs then require quantitative verification 23

24 PCTL Probabilistic extension of CTL In a state, instead of existential and universal quantifiers over paths we can predicate on the probability for the set of paths (leaving the state) that satisfy property In addition, path formulas also include step-bounded until ϕ1 U k ϕ2 ::= P ( ) ::= An example of a reachability property - P>0.8 [ (system state = success)] 1 absorbing state 24

25 R-PCTL Reward-Probabilistic CTL for R-DTMC ::= P ( ) ::= R ( ) ::= = R ( = ) R ( ) R ( ) 25

26 Example R ( = ) Expected state reward to be gained in the state entered at step k along the paths originating in the given state The expected cost gained after exactly 10 time steps is less than 5 R < ( = ) 26

27 Example R ( ) T Expected cumulated reward within k time steps ext Text The expected energy consumption within the first 50 time units of operation is less than 6 kwh R < ( ) 27

28 Example R ( ) Expected cumulated reward until a state satisfying is reached Text Text The average execution time until a user session is complete is lower than 150 s R < ( ) 28

29 A bit of theory Probability for a finite path traversed is 1 if otherwise to be A state sj is reachable from state si if a finite path exists leading to sj from si The probability of moving from si to sj in exactly 2 steps is which is the entry of The probability of moving from si to sj in exactly k steps is the entry =1 of = s 0,s 1,s Q 2,... 2 k=0 P (s k,s k+1 ) Ps x 2S p ix p xj (i, j) P 2 (i, j) P k 29

30 A bit of theory A state is recurrent if the probability that it will be eventually visited again after being reached is 1; it is otherwise transient (a non-zero probability that it will never be visited again) A recurrent state sk where pk,k = 1 is called absorbing Here we assume DTMCs to be well-formed, i.e. - every recurrent state is absorbing - all states are reachable from initial state - from every transient state it is possible to reach an absorbing state 30

31 An example C A 3 Probability of reaching an absorbing state (e.g., 2) 2 can be reached by reaching 1 in 0, 1, 2,... steps and then 2 with prob.5 ( ) x 0.5 = ( 0.2 n ) x 0.5 = (1/(1-0.2)) x 0.5 = Similarly, for state 3, (1/(1-0.2)) x 0.3 = Notice that an absorbing state is reached with prob 1 31

32 A bit of theory Consider a DTMC with r absorbing and t transient states Its matrix can be restructured as Q R P = 0 I - Q is a nonzero t t matrix - R is a t r matrix - 0 is a r t matrix - I is a r r identity matrix Q k! 0 as k!1 Theorem - In a well-formed Markov chain, the probability of the process to be eventually absorbed is 1 (1) 32

33 Focus on reachability properties A reachability property has the following form P./p ( ) states that the probability of reaching a state where holds matches the constraint./ p Typically, they refer to reaching an absorbing state (denoting success/failure for reliability analysis) It is a flat formula (i.e. no subformula contains P./p ( )) These properties are the most commonly found 33

34 A bit of theory Consider again P = Q ni,k expected # of visits of transient state sk from si, i.e., the sum of the probablities of visiting it 0, 1, 2,...times Theorem: The geometric series converges to Consider R 0 I N = I + Q 1 + Q 2 + Q 3 + = B = N R absorbing state sk from si is 1X k=0 Q k (1). The probability of reaching b ik = X k=0..t 1 n ij r jk (I Q) 1 34

35 Proving reachability properties = Pr( s = End ) j n r 0, j j, End n0,j is the sum of the probabilities to reach state j in 1, 2, 3,... steps 35

36 Model checking tools SPIN (Holzmann) analyzes LTL properties for LTSs expressed in Promela (Nu)SMV (Clarke et al, Cimatti et al.) can also analyze CTL properties and uses a symbolic representation of visited states (BDDs) to address the state explosion problem PRISM (Kwiatkowska et al.) and MRMC (Katoen et al.) support Markov models and perform probabilistic model checking 36

37 Question How do modelling notations and verification fit software evolution? - A modification to an existing system viewed as a new system - No support to reasoning on the changes and their effects 37

Software Modeling and Verification

Software Modeling and Verification Software Modeling and Verification Alessandro Aldini DiSBeF - Sezione STI University of Urbino Carlo Bo Italy 3-4 February 2015 Algorithmic verification Correctness problem Is the software/hardware system

More information

Formal Verification and Linear-time Model Checking

Formal Verification and Linear-time Model Checking Formal Verification and Linear-time Model Checking Paul Jackson University of Edinburgh Automated Reasoning 21st and 24th October 2013 Why Automated Reasoning? Intellectually stimulating and challenging

More information

A Logic Approach for LTL System Modification

A Logic Approach for LTL System Modification A Logic Approach for LTL System Modification Yulin Ding and Yan Zhang School of Computing & Information Technology University of Western Sydney Kingswood, N.S.W. 1797, Australia email: {yding,yan}@cit.uws.edu.au

More information

Introduction to Software Verification

Introduction to Software Verification Introduction to Software Verification Orna Grumberg Lectures Material winter 2013-14 Lecture 4 5.11.13 Model Checking Automated formal verification: A different approach to formal verification Model Checking

More information

Model Checking: An Introduction

Model Checking: An Introduction Announcements Model Checking: An Introduction Meeting 2 Office hours M 1:30pm-2:30pm W 5:30pm-6:30pm (after class) and by appointment ECOT 621 Moodle problems? Fundamentals of Programming Languages CSCI

More information

Today s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary

Today s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary Today s Agenda Quiz 4 Temporal Logic Formal Methods in Software Engineering 1 Automata and Logic Introduction Buchi Automata Linear Time Logic Summary Formal Methods in Software Engineering 2 1 Buchi Automata

More information

Algorithmic Software Verification

Algorithmic Software Verification Algorithmic Software Verification (LTL Model Checking) Azadeh Farzan What is Verification Anyway? Proving (in a formal way) that program satisfies a specification written in a logical language. Formal

More information

Model Checking II Temporal Logic Model Checking

Model Checking II Temporal Logic Model Checking 1/32 Model Checking II Temporal Logic Model Checking Edmund M Clarke, Jr School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 2/32 Temporal Logic Model Checking Specification Language:

More information

logic language, static/dynamic models SAT solvers Verified Software Systems 1 How can we model check of a program or system?

logic language, static/dynamic models SAT solvers Verified Software Systems 1 How can we model check of a program or system? 5. LTL, CTL Last part: Alloy logic language, static/dynamic models SAT solvers Today: Temporal Logic (LTL, CTL) Verified Software Systems 1 Overview How can we model check of a program or system? Modeling

More information

Temporal Logics. Computation Tree Logic

Temporal Logics. Computation Tree Logic Temporal Logics CTL: definition, relationship between operators, adequate sets, specifying properties, safety/liveness/fairness Modeling: sequential, concurrent systems; maximum parallelism/interleaving

More information

DiPro - A Tool for Probabilistic Counterexample Generation

DiPro - A Tool for Probabilistic Counterexample Generation DiPro - A Tool for Probabilistic Counterexample Generation Husain Aljazzar, Florian Leitner-Fischer, Stefan Leue, and Dimitar Simeonov University of Konstanz, Germany Abstract. The computation of counterexamples

More information

Mining Behavior Models from User-Intensive Web Applications

Mining Behavior Models from User-Intensive Web Applications Mining Behavior Models from User-Intensive Web Applications ABSTRACT Carlo Ghezzi Politecnico di Milano, Italy DeepSE Group at DEIB carlo.ghezzi@polimi.it Michele Sama Head of cloud and data Touchtype

More information

Formal Verification by Model Checking

Formal Verification by Model Checking Formal Verification by Model Checking Natasha Sharygina Carnegie Mellon University Guest Lectures at the Analysis of Software Artifacts Class, Spring 2005 1 Outline Lecture 1: Overview of Model Checking

More information

Validated Templates for Specification of Complex LTL Formulas

Validated Templates for Specification of Complex LTL Formulas Validated Templates for Specification of Complex LTL Formulas Salamah Salamah Department of Electrical, computer, Software, and Systems Engineering Embry Riddle Aeronautical University 600 S. Clyde Morris

More information

http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86

http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86 Atlantic Electronic http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86 AUTOMATED RECOGNITION OF STUTTER INVARIANCE OF LTL FORMULAS Jeffrey Dallien 1 and Wendy

More information

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL University of Texas at El Paso DigitalCommons@UTEP Departmental Technical Reports (CS) Department of Computer Science 8-1-2007 Using Patterns and Composite Propositions to Automate the Generation of Complex

More information

Probabilistic Model Checking at Runtime for the Provisioning of Cloud Resources

Probabilistic Model Checking at Runtime for the Provisioning of Cloud Resources Probabilistic Model Checking at Runtime for the Provisioning of Cloud Resources Athanasios Naskos, Emmanouela Stachtiari, Panagiotis Katsaros, and Anastasios Gounaris Aristotle University of Thessaloniki,

More information

Model checking test models. Author: Kevin de Berk Supervisors: Prof. dr. Wan Fokkink, dr. ir. Machiel van der Bijl

Model checking test models. Author: Kevin de Berk Supervisors: Prof. dr. Wan Fokkink, dr. ir. Machiel van der Bijl Model checking test models Author: Kevin de Berk Supervisors: Prof. dr. Wan Fokkink, dr. ir. Machiel van der Bijl February 14, 2014 Abstract This thesis is about model checking testing models. These testing

More information

Software Engineering using Formal Methods

Software Engineering using Formal Methods Software Engineering using Formal Methods Model Checking with Temporal Logic Wolfgang Ahrendt 24th September 2013 SEFM: Model Checking with Temporal Logic /GU 130924 1 / 33 Model Checking with Spin model

More information

Testing LTL Formula Translation into Büchi Automata

Testing LTL Formula Translation into Büchi Automata Testing LTL Formula Translation into Büchi Automata Heikki Tauriainen and Keijo Heljanko Helsinki University of Technology, Laboratory for Theoretical Computer Science, P. O. Box 5400, FIN-02015 HUT, Finland

More information

Simulative Model Checking of Steady State and Time-Unbounded Temporal Operators

Simulative Model Checking of Steady State and Time-Unbounded Temporal Operators Simulative Model Checking of Steady State and Time-Unbounded Temporal Operators Christian Rohr Department of Computer Science Brandenburg University of Technology Cottbus June 25, 2012 Outline 1 Introduction

More information

Bisimulation and Logical Preservation for Continuous-Time Markov Decision Processes

Bisimulation and Logical Preservation for Continuous-Time Markov Decision Processes Bisimulation and Logical Preservation for Continuous-Time Markov Decision Processes Martin R. Neuhäußer 1,2 Joost-Pieter Katoen 1,2 1 RWTH Aachen University, Germany 2 University of Twente, The Netherlands

More information

Automata-based Verification - I

Automata-based Verification - I CS3172: Advanced Algorithms Automata-based Verification - I Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2006 Supporting and Background Material Copies of key slides (already

More information

Formal Verification of Software

Formal Verification of Software Formal Verification of Software Sabine Broda Department of Computer Science/FCUP 12 de Novembro de 2014 Sabine Broda (DCC-FCUP) Formal Verification of Software 12 de Novembro de 2014 1 / 26 Formal Verification

More information

Software Verification and Testing. Lecture Notes: Temporal Logics

Software Verification and Testing. Lecture Notes: Temporal Logics Software Verification and Testing Lecture Notes: Temporal Logics Motivation traditional programs (whether terminating or non-terminating) can be modelled as relations are analysed wrt their input/output

More information

Automated Route Planning for Milk-Run Transport Logistics with the NuSMV Model Checker

Automated Route Planning for Milk-Run Transport Logistics with the NuSMV Model Checker IEICE TRANS. INF. & SYST., VOL.E96 D, NO.12 DECEMBER 2013 2555 PAPER Special Section on Parallel and Distributed Computing and Networking Automated Route Planning for Milk-Run Transport Logistics with

More information

Average System Performance Evaluation using Markov Chain

Average System Performance Evaluation using Markov Chain Designing high performant Systems: statistical timing analysis and optimization Average System Performance Evaluation using Markov Chain Weiyun Lu Supervisor: Martin Radetzki Sommer Semester 2006 Stuttgart

More information

Static Program Transformations for Efficient Software Model Checking

Static Program Transformations for Efficient Software Model Checking Static Program Transformations for Efficient Software Model Checking Shobha Vasudevan Jacob Abraham The University of Texas at Austin Dependable Systems Large and complex systems Software faults are major

More information

Fundamentals of Software Engineering

Fundamentals of Software Engineering Fundamentals of Software Engineering Model Checking with Temporal Logic Ina Schaefer Institute for Software Systems Engineering TU Braunschweig, Germany Slides by Wolfgang Ahrendt, Richard Bubel, Reiner

More information

CISC422/853: Formal Methods

CISC422/853: Formal Methods Outline CISC422/853: Formal Methods in Software Engineering: Computer-Aided Verification Topic 7: Specifying, or How to Describe How the System Should (or Should Not) Behave Juergen Dingel Feb, 2009 Readings:

More information

Formal Verification Problems in a Bigdata World: Towards a Mighty Synergy

Formal Verification Problems in a Bigdata World: Towards a Mighty Synergy Dept. of Computer Science Formal Verification Problems in a Bigdata World: Towards a Mighty Synergy Matteo Camilli matteo.camilli@unimi.it http://camilli.di.unimi.it ICSE 2014 Hyderabad, India June 3,

More information

Analysis of an Artificial Hormone System (Extended abstract)

Analysis of an Artificial Hormone System (Extended abstract) c 2013. This is the author s version of the work. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purpose or for creating

More information

From Workflow Design Patterns to Logical Specifications

From Workflow Design Patterns to Logical Specifications AUTOMATYKA/ AUTOMATICS 2013 Vol. 17 No. 1 http://dx.doi.org/10.7494/automat.2013.17.1.59 Rados³aw Klimek* From Workflow Design Patterns to Logical Specifications 1. Introduction Formal methods in software

More information

Verification of multiagent systems via ordered binary decision diagrams: an algorithm and its implementation

Verification of multiagent systems via ordered binary decision diagrams: an algorithm and its implementation Verification of multiagent systems via ordered binary decision diagrams: an algorithm and its implementation Franco Raimondi Alessio Lomuscio Department of Computer Science King s College London London

More information

tutorial: hardware and software model checking

tutorial: hardware and software model checking tutorial: hardware and software model checking gerard holzmann and anuj puri { gerard anuj } @research.bell-labs.com Bell Labs, USA outline introduction (15 mins) theory and algorithms system modeling

More information

Introducing Formal Methods. Software Engineering and Formal Methods

Introducing Formal Methods. Software Engineering and Formal Methods Introducing Formal Methods Formal Methods for Software Specification and Analysis: An Overview 1 Software Engineering and Formal Methods Every Software engineering methodology is based on a recommended

More information

Copyright. Network and Protocol Simulation. What is simulation? What is simulation? What is simulation? What is simulation?

Copyright. Network and Protocol Simulation. What is simulation? What is simulation? What is simulation? What is simulation? Copyright Network and Protocol Simulation Michela Meo Maurizio M. Munafò Michela.Meo@polito.it Maurizio.Munafo@polito.it Quest opera è protetta dalla licenza Creative Commons NoDerivs-NonCommercial. Per

More information

The Model Checker SPIN

The Model Checker SPIN The Model Checker SPIN Author: Gerard J. Holzmann Presented By: Maulik Patel Outline Introduction Structure Foundation Algorithms Memory management Example/Demo SPIN-Introduction Introduction SPIN (Simple(

More information

1. (First passage/hitting times/gambler s ruin problem:) Suppose that X has a discrete state space and let i be a fixed state. Let

1. (First passage/hitting times/gambler s ruin problem:) Suppose that X has a discrete state space and let i be a fixed state. Let Copyright c 2009 by Karl Sigman 1 Stopping Times 1.1 Stopping Times: Definition Given a stochastic process X = {X n : n 0}, a random time τ is a discrete random variable on the same probability space as

More information

Master s Theory Exam Spring 2006

Master s Theory Exam Spring 2006 Spring 2006 This exam contains 7 questions. You should attempt them all. Each question is divided into parts to help lead you through the material. You should attempt to complete as much of each problem

More information

Exam Introduction Mathematical Finance and Insurance

Exam Introduction Mathematical Finance and Insurance Exam Introduction Mathematical Finance and Insurance Date: January 8, 2013. Duration: 3 hours. This is a closed-book exam. The exam does not use scrap cards. Simple calculators are allowed. The questions

More information

On the Modeling and Verification of Security-Aware and Process-Aware Information Systems

On the Modeling and Verification of Security-Aware and Process-Aware Information Systems On the Modeling and Verification of Security-Aware and Process-Aware Information Systems 29 August 2011 What are workflows to us? Plans or schedules that map users or resources to tasks Such mappings may

More information

Development of global specification for dynamically adaptive software

Development of global specification for dynamically adaptive software Development of global specification for dynamically adaptive software Yongwang Zhao School of Computer Science & Engineering Beihang University zhaoyw@act.buaa.edu.cn 22/02/2013 1 2 About me Assistant

More information

T-79.186 Reactive Systems: Introduction and Finite State Automata

T-79.186 Reactive Systems: Introduction and Finite State Automata T-79.186 Reactive Systems: Introduction and Finite State Automata Timo Latvala 14.1.2004 Reactive Systems: Introduction and Finite State Automata 1-1 Reactive Systems Reactive systems are a class of software

More information

Information Theory and Coding Prof. S. N. Merchant Department of Electrical Engineering Indian Institute of Technology, Bombay

Information Theory and Coding Prof. S. N. Merchant Department of Electrical Engineering Indian Institute of Technology, Bombay Information Theory and Coding Prof. S. N. Merchant Department of Electrical Engineering Indian Institute of Technology, Bombay Lecture - 17 Shannon-Fano-Elias Coding and Introduction to Arithmetic Coding

More information

Lecture Note 1 Set and Probability Theory. MIT 14.30 Spring 2006 Herman Bennett

Lecture Note 1 Set and Probability Theory. MIT 14.30 Spring 2006 Herman Bennett Lecture Note 1 Set and Probability Theory MIT 14.30 Spring 2006 Herman Bennett 1 Set Theory 1.1 Definitions and Theorems 1. Experiment: any action or process whose outcome is subject to uncertainty. 2.

More information

Lecture 9 verifying temporal logic

Lecture 9 verifying temporal logic Basics of advanced software systems Lecture 9 verifying temporal logic formulae with SPIN 21/01/2013 1 Outline for today 1. Introduction: motivations for formal methods, use in industry 2. Developing models

More information

Formal Specification and Verification

Formal Specification and Verification Formal Specification and Verification Stefan Ratschan Katedra číslicového návrhu Fakulta informačních technologíı České vysoké učení technické v Praze 2. 5. 2011 Stefan Ratschan (FIT ČVUT) PI-PSC 4 2.

More information

A Classification of Model Checking-based Verification Approaches for Software Models

A Classification of Model Checking-based Verification Approaches for Software Models A Classification of Model Checking-based Verification Approaches for Software Models Petra Brosch, Sebastian Gabmeyer, Martina Seidl Sebastian Gabmeyer Business Informatics Group Institute of Software

More information

PRISM 4.0: Verification of Probabilistic Real-time Systems

PRISM 4.0: Verification of Probabilistic Real-time Systems PRISM 4.0: Verification of Probabilistic Real-time Systems Marta Kwiatkowska 1, Gethin Norman 2, and David Parker 1 1 Department of Computer Science, University of Oxford, Oxford, OX1 3QD, UK 2 School

More information

An Innocent Investigation

An Innocent Investigation An Innocent Investigation D. Joyce, Clark University January 2006 The beginning. Have you ever wondered why every number is either even or odd? I don t mean to ask if you ever wondered whether every number

More information

System modeling. Budapest University of Technology and Economics Department of Measurement and Information Systems

System modeling. Budapest University of Technology and Economics Department of Measurement and Information Systems System modeling Business process modeling how to do it right Partially based on Process Anti-Patterns: How to Avoid the Common Traps of Business Process Modeling, J Koehler, J Vanhatalo, IBM Zürich, 2007.

More information

Rigorous Software Development CSCI-GA 3033-009

Rigorous Software Development CSCI-GA 3033-009 Rigorous Software Development CSCI-GA 3033-009 Instructor: Thomas Wies Spring 2013 Lecture 11 Semantics of Programming Languages Denotational Semantics Meaning of a program is defined as the mathematical

More information

Model Checking of Software

Model Checking of Software Model Checking of Software Patrice Godefroid Bell Laboratories, Lucent Technologies SpecNCheck Page 1 August 2001 A Brief History of Model Checking Prehistory: transformational programs and theorem proving

More information

Software Model Checking: Theory and Practice

Software Model Checking: Theory and Practice Software Model Checking: Theory and Practice Lecture: Secification Checking - Temoral Logic Coyright 2004, Matt Dwyer, John Hatcliff, and Robby. The syllabus and all lectures for this course are coyrighted

More information

Coding and decoding with convolutional codes. The Viterbi Algor

Coding and decoding with convolutional codes. The Viterbi Algor Coding and decoding with convolutional codes. The Viterbi Algorithm. 8 Block codes: main ideas Principles st point of view: infinite length block code nd point of view: convolutions Some examples Repetition

More information

The Course. http://www.cse.unsw.edu.au/~cs3153/

The Course. http://www.cse.unsw.edu.au/~cs3153/ The Course http://www.cse.unsw.edu.au/~cs3153/ Lecturers Dr Peter Höfner NICTA L5 building Prof Rob van Glabbeek NICTA L5 building Dr Ralf Huuck NICTA ATP building 2 Plan/Schedule (1) Where and When Tuesday,

More information

LECTURE 4. Last time: Lecture outline

LECTURE 4. Last time: Lecture outline LECTURE 4 Last time: Types of convergence Weak Law of Large Numbers Strong Law of Large Numbers Asymptotic Equipartition Property Lecture outline Stochastic processes Markov chains Entropy rate Random

More information

Optimizing a Fraud Detection Process 1

Optimizing a Fraud Detection Process 1 Optimizing a Fraud Detection Process 1 Nuno Homem TULisbon Instituto Superior Tecnico INESC-ID R. Alves Redol 9, 1000-029 Lisboa Portugal nuno_homem@hotmail.com Abstract Fraud in telecommunications services

More information

Handout #1: Mathematical Reasoning

Handout #1: Mathematical Reasoning Math 101 Rumbos Spring 2010 1 Handout #1: Mathematical Reasoning 1 Propositional Logic A proposition is a mathematical statement that it is either true or false; that is, a statement whose certainty or

More information

Policy Modeling and Compliance Verification in Enterprise Software Systems: a Survey

Policy Modeling and Compliance Verification in Enterprise Software Systems: a Survey Policy Modeling and Compliance Verification in Enterprise Software Systems: a Survey George Chatzikonstantinou, Kostas Kontogiannis National Technical University of Athens September 24, 2012 MESOCA 12,

More information

Fixed-Point Logics and Computation

Fixed-Point Logics and Computation 1 Fixed-Point Logics and Computation Symposium on the Unusual Effectiveness of Logic in Computer Science University of Cambridge 2 Mathematical Logic Mathematical logic seeks to formalise the process of

More information

Chapter 4 Lecture Notes

Chapter 4 Lecture Notes Chapter 4 Lecture Notes Random Variables October 27, 2015 1 Section 4.1 Random Variables A random variable is typically a real-valued function defined on the sample space of some experiment. For instance,

More information

CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing

CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing CS Master Level Courses and Areas The graduate courses offered may change over time, in response to new developments in computer science and the interests of faculty and students; the list of graduate

More information

Reinforcement Learning

Reinforcement Learning Reinforcement Learning LU 2 - Markov Decision Problems and Dynamic Programming Dr. Martin Lauer AG Maschinelles Lernen und Natürlichsprachliche Systeme Albert-Ludwigs-Universität Freiburg martin.lauer@kit.edu

More information

Monitoring Metric First-order Temporal Properties

Monitoring Metric First-order Temporal Properties Monitoring Metric First-order Temporal Properties DAVID BASIN, FELIX KLAEDTKE, SAMUEL MÜLLER, and EUGEN ZĂLINESCU, ETH Zurich Runtime monitoring is a general approach to verifying system properties at

More information

2 Temporal Logic Model Checking

2 Temporal Logic Model Checking Bounded Model Checking Using Satisfiability Solving Edmund Clarke 1, Armin Biere 2, Richard Raimi 3, and Yunshan Zhu 4 1 Computer Science Department, CMU, 5000 Forbes Avenue Pittsburgh, PA 15213, USA,

More information

Formal Verification Toolkit for Requirements and Early Design Stages

Formal Verification Toolkit for Requirements and Early Design Stages Formal Verification Toolkit for Requirements and Early Design Stages Julia M. Badger 1 and Sheena Judson Miller 2 1 NASA Johnson Space Center, Houston, TX 77058, USA 2 Barrios Technology, Houston, TX 77058,

More information

Single item inventory control under periodic review and a minimum order quantity

Single item inventory control under periodic review and a minimum order quantity Single item inventory control under periodic review and a minimum order quantity G. P. Kiesmüller, A.G. de Kok, S. Dabia Faculty of Technology Management, Technische Universiteit Eindhoven, P.O. Box 513,

More information

5 INTEGER LINEAR PROGRAMMING (ILP) E. Amaldi Fondamenti di R.O. Politecnico di Milano 1

5 INTEGER LINEAR PROGRAMMING (ILP) E. Amaldi Fondamenti di R.O. Politecnico di Milano 1 5 INTEGER LINEAR PROGRAMMING (ILP) E. Amaldi Fondamenti di R.O. Politecnico di Milano 1 General Integer Linear Program: (ILP) min c T x Ax b x 0 integer Assumption: A, b integer The integrality condition

More information

Formal verification of contracts for synchronous software components using NuSMV

Formal verification of contracts for synchronous software components using NuSMV Formal verification of contracts for synchronous software components using NuSMV Tobias Polzer Lehrstuhl für Informatik 8 Bachelorarbeit 13.05.2014 1 / 19 Problem description and goals Problem description

More information

Institut für Parallele und Verteilte Systeme. Abteilung Anwendersoftware. Universität Stuttgart Universitätsstraße 38 D-70569 Stuttgart

Institut für Parallele und Verteilte Systeme. Abteilung Anwendersoftware. Universität Stuttgart Universitätsstraße 38 D-70569 Stuttgart Institut für Parallele und Verteilte Systeme Abteilung Anwendersoftware Universität Stuttgart Universitätsstraße 38 D-70569 Stuttgart Diplomarbeit Nr. 3243 Development and Evaluation of a Framework for

More information

Feature Specification and Automated Conflict Detection

Feature Specification and Automated Conflict Detection Feature Specification and Automated Conflict Detection AMY P. FELTY University of Ottawa and KEDAR S. NAMJOSHI Bell Laboratories Large software systems, especially in the telecommunications field, are

More information

Modular Verification of Dynamically Adaptive Systems

Modular Verification of Dynamically Adaptive Systems Modular Verification of Dynamically Adaptive Systems Ji Zhang, Heather J. Goldsby, and Betty H.C. Cheng Department of Computer Science and Engineering, Michigan State University East Lansing, Michigan,

More information

9.2 Summation Notation

9.2 Summation Notation 9. Summation Notation 66 9. Summation Notation In the previous section, we introduced sequences and now we shall present notation and theorems concerning the sum of terms of a sequence. We begin with a

More information

Tool Support for Model Checking of Web application designs *

Tool Support for Model Checking of Web application designs * Tool Support for Model Checking of Web application designs * Marco Brambilla 1, Jordi Cabot 2 and Nathalie Moreno 3 1 Dipartimento di Elettronica e Informazione, Politecnico di Milano Piazza L. Da Vinci,

More information

Quick Start Guide. June 3, 2012

Quick Start Guide. June 3, 2012 The ERIGONE Model Checker Quick Start Guide Mordechai (Moti) Ben-Ari Department of Science Teaching Weizmann Institute of Science Rehovot 76100 Israel http://stwww.weizmann.ac.il/g-cs/benari/ June 3, 2012

More information

Verifying Real-Time Embedded Software by Means of Automated State-based Online Testing and the SPIN Model Checker Application to RTEdge Models

Verifying Real-Time Embedded Software by Means of Automated State-based Online Testing and the SPIN Model Checker Application to RTEdge Models Verifying Real-Time Embedded Software by Means of Automated State-based Online Testing and the SPIN Model Checker Application to RTEdge Models A thesis submitted to the Faculty of Graduate and Postdoctoral

More information

CHAPTER 7 GENERAL PROOF SYSTEMS

CHAPTER 7 GENERAL PROOF SYSTEMS CHAPTER 7 GENERAL PROOF SYSTEMS 1 Introduction Proof systems are built to prove statements. They can be thought as an inference machine with special statements, called provable statements, or sometimes

More information

Model Checking LTL Properties over C Programs with Bounded Traces

Model Checking LTL Properties over C Programs with Bounded Traces Noname manuscript No. (will be inserted by the editor) Model Checking LTL Properties over C Programs with Bounded Traces Jeremy Morse 1, Lucas Cordeiro 2, Denis Nicole 1, Bernd Fischer 1,3 1 Electronics

More information

Business Process Verification: The Application of Model Checking and Timed Automata

Business Process Verification: The Application of Model Checking and Timed Automata Business Process Verification: The Application of Model Checking and Timed Automata Luis E. Mendoza Morales Processes and Systems Department, Simón Bolívar University, P.O. box 89000, Baruta, Venezuela,

More information

Overview. Essential Questions. Precalculus, Quarter 4, Unit 4.5 Build Arithmetic and Geometric Sequences and Series

Overview. Essential Questions. Precalculus, Quarter 4, Unit 4.5 Build Arithmetic and Geometric Sequences and Series Sequences and Series Overview Number of instruction days: 4 6 (1 day = 53 minutes) Content to Be Learned Write arithmetic and geometric sequences both recursively and with an explicit formula, use them

More information

Third Party Data Session Control in the Evolved Packet System

Third Party Data Session Control in the Evolved Packet System Third Party Data Session Control in the Evolved Packet System EVELINA PENCHEVA Faculty of Telecommunications Technical University of Sofia 8 Kliment Ohridski blvd., 1000 Sofia BULGARIA enp@tu-sofia.bg

More information

Optimizing Description Logic Subsumption

Optimizing Description Logic Subsumption Topics in Knowledge Representation and Reasoning Optimizing Description Logic Subsumption Maryam Fazel-Zarandi Company Department of Computer Science University of Toronto Outline Introduction Optimization

More information

Fundamental Computer Science Concepts Sequence TCSU CSCI SEQ A

Fundamental Computer Science Concepts Sequence TCSU CSCI SEQ A Fundamental Computer Science Concepts Sequence TCSU CSCI SEQ A A. Description Introduction to the discipline of computer science; covers the material traditionally found in courses that introduce problem

More information

Specification and Analysis of Contracts Lecture 1 Introduction

Specification and Analysis of Contracts Lecture 1 Introduction Specification and Analysis of Contracts Lecture 1 Introduction Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov.

More information

Path Querying on Graph Databases

Path Querying on Graph Databases Path Querying on Graph Databases Jelle Hellings Hasselt University and transnational University of Limburg 1/38 Overview Graph Databases Motivation Walk Logic Relations with FO and MSO Relations with CTL

More information

Toward Model-Based Verification of Adaptive Allocation Managers

Toward Model-Based Verification of Adaptive Allocation Managers Toward Model-Based Verification of Adaptive Allocation Managers William Leal, Frank Drews, Chang Liu, Lonnie Welch Ohio University { leal@cs.ohiou.edu, drews@ohiou.edu, changliu@cs.ohiou.edu, welch@ohio.edu

More information

6.231 Dynamic Programming and Stochastic Control Fall 2008

6.231 Dynamic Programming and Stochastic Control Fall 2008 MIT OpenCourseWare http://ocw.mit.edu 6.231 Dynamic Programming and Stochastic Control Fall 2008 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms. 6.231

More information

Schedule. Logic (master program) Literature & Online Material. gic. Time and Place. Literature. Exercises & Exam. Online Material

Schedule. Logic (master program) Literature & Online Material. gic. Time and Place. Literature. Exercises & Exam. Online Material OLC mputational gic Schedule Time and Place Thursday, 8:15 9:45, HS E Logic (master program) Georg Moser Institute of Computer Science @ UIBK week 1 October 2 week 8 November 20 week 2 October 9 week 9

More information

A computational model for MapReduce job flow

A computational model for MapReduce job flow A computational model for MapReduce job flow Tommaso Di Noia, Marina Mongiello, Eugenio Di Sciascio Dipartimento di Ingegneria Elettrica e Dell informazione Politecnico di Bari Via E. Orabona, 4 70125

More information

Access Control Based on Dynamic Monitoring for Detecting Software Malicious Behaviours

Access Control Based on Dynamic Monitoring for Detecting Software Malicious Behaviours Access Control Based on Dynamic Monitoring for Detecting Software Malicious Behaviours K. Adi, L. Sullivan & A. El Kabbal Computer Security Research Laboratory http://w3.uqo.ca/lrsi NCAC'05 1 Motivation

More information

Model-Checking Verification for Reliable Web Service

Model-Checking Verification for Reliable Web Service Model-Checking Verification for Reliable Web Service Shin NAKAJIMA Hosei University and PRESTO, JST nkjm@i.hosei.ac.jp Abstract Model-checking is a promising technique for the verification and validation

More information

Reinforcement Learning

Reinforcement Learning Reinforcement Learning LU 2 - Markov Decision Problems and Dynamic Programming Dr. Joschka Bödecker AG Maschinelles Lernen und Natürlichsprachliche Systeme Albert-Ludwigs-Universität Freiburg jboedeck@informatik.uni-freiburg.de

More information

Multi-state transition models with actuarial applications c

Multi-state transition models with actuarial applications c Multi-state transition models with actuarial applications c by James W. Daniel c Copyright 2004 by James W. Daniel Reprinted by the Casualty Actuarial Society and the Society of Actuaries by permission

More information

Introduction to Formal Methods. Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm

Introduction to Formal Methods. Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm Introduction to Formal Methods Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm Outline Introduction Formal Specification Formal Verification Model Checking Theorem Proving Introduction Good papers to

More information

Semantics and Verification of Software

Semantics and Verification of Software Semantics and Verification of Software Lecture 21: Nondeterminism and Parallelism IV (Equivalence of CCS Processes & Wrap-Up) Thomas Noll Lehrstuhl für Informatik 2 (Software Modeling and Verification)

More information

TEACHING MODEL CHECKING TO UNDERGRADUATES

TEACHING MODEL CHECKING TO UNDERGRADUATES STUDIA UNIV. BABEŞ BOLYAI, INFORMATICA, Volume LV, Number 3, 2010 TEACHING MODEL CHECKING TO UNDERGRADUATES A.VESCAN AND M. FRENŢIU Abstract. The way program verification is taught in our faculty is firstly

More information

EFFICIENT KNOWLEDGE BASE MANAGEMENT IN DCSP

EFFICIENT KNOWLEDGE BASE MANAGEMENT IN DCSP EFFICIENT KNOWLEDGE BASE MANAGEMENT IN DCSP Hong Jiang Mathematics & Computer Science Department, Benedict College, USA jiangh@benedict.edu ABSTRACT DCSP (Distributed Constraint Satisfaction Problem) has

More information

[Refer Slide Time: 05:10]

[Refer Slide Time: 05:10] Principles of Programming Languages Prof: S. Arun Kumar Department of Computer Science and Engineering Indian Institute of Technology Delhi Lecture no 7 Lecture Title: Syntactic Classes Welcome to lecture

More information