# Formal Specification and Verification

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 Formal Specification and Verification Stefan Ratschan Katedra číslicového návrhu Fakulta informačních technologíı České vysoké učení technické v Praze Stefan Ratschan (FIT ČVUT) PI-PSC / 19

2 History of System Design build try Stefan Ratschan (FIT ČVUT) PI-PSC / 19

3 History of System Design build model test model Intel Pentium FDIV bug (1994) implement model Stefan Ratschan (FIT ČVUT) PI-PSC / 19

4 History of System Design build model prove correctness implement model Stefan Ratschan (FIT ČVUT) PI-PSC / 19

5 Example Modulo 8 counter: State: S. = B 3 v 0 = v 0 v 1 = v 0 v 1 v 2 = (v 0 v 1 ) v 2 Stefan Ratschan (FIT ČVUT) PI-PSC / 19

6 Example: Digital Circuit Transition relation: T S S T ((v 0, v 1, v 2 ), (v 0, v 1, v 2 )). = ((v 0, v 1, v 2 ), (v 0, v 1, v 2)) (v 0 v 0) (v 1 v 0 v 1 ) (v 2 (v 0 v 1 ) v 2 ) Non-determinism Stefan Ratschan (FIT ČVUT) PI-PSC / 19

7 Formal Specification Transition System: Set of states S Set I S of initial states Transition relation R S S For example: S = B n, I, R given by formulas in propositional logic S is program state (program counter + ranges of variables) I, R given by computer program S = {1,..., n} R n, R given by clock checks and resets: timed systems/automata S = R n, I given by (in)equalities, R given by ordinary differential equations (models of physical systems) S = {1,..., n}, I, R given by (in)equalities, ordinary differential equations, and discrete rules: hybrid (dynamical) systems (models of embedded systems) Stefan Ratschan (FIT ČVUT) PI-PSC / 19

8 Formal Specification How to specify whether a given system behaves correctly? First we have to specify properties of single states: state properties Example: error(s): state s is an error state zero(s): state s represents zero Now we can extend this to one behavior of system: A path in a transition system (S, I, R) is an infinite sequence of states s 0 s 1 s 2... s.t. s 0 I, for all i {0, 1,... }, (s i, s i+1 ) R. How to specify whether a given path shows correct/incorrect behavior? Stefan Ratschan (FIT ČVUT) PI-PSC / 19

9 Properties on Paths π State property g holds on first element of path: π = g : g(π(0)) State property holds on next element of path: π = Xg : π 1 = g Train eventually reaches full speed π = Fg : there is k 0 s.t. π k = g (F: in the future ) Number of motor rotations always stays in safe area π = Gg : for all k 0, π k = g (G: globally ) The train eventually stops and until then the doors remain closed π = guh : there is i s.t. π i = h and for all j < i, π j = g (U: until ) As long as the plane does not reach full height the fasten seat belts sign is on π = grh : for all j 0, if for all i < j, not π i = g then π j = h (R: release ) Stefan Ratschan (FIT ČVUT) PI-PSC / 19

10 Combining Operators If the elevator is called, it will eventually show up (g Fh). The train will never move with open doors G (g h) So: Boolean combinations (,, ). Combining temporal operators. For example: FGg: Eventually property g will hold forever. GFg: Always eventually g will hold. Result: Linear Temporal Logic (LTL) Syntax: every state property is an LTL formula If g and h are LTL formulas then also Xg, guh, grh, Fg, Gg, and guh, g, g h, g h, are LTL formulas. Stefan Ratschan (FIT ČVUT) PI-PSC / 19

11 Semantics For a path π and LTL formulas g, h, π = g iff g is a state property and g(π(0)) π = Xg iff π 1 = g π = Fg iff there is k 0 s.t. π k = g π = Gg iff for all k 0, π k = g π = guh iff there is i s.t. π i = h and for all j < i, π j = g. π = grh iff for all j 0, if for all i < j, not π i = g then π j = h π = g iff not π = g π = g h iff π = g and π = h π = g h iff π = g or π = h Stefan Ratschan (FIT ČVUT) PI-PSC / 19

12 Specification of System We already can specify correctness of one path. Correctness of system: = g iff for all paths π of, π = g Industrial Usage: PSL (property specification language) LTL + regular expressions Stefan Ratschan (FIT ČVUT) PI-PSC / 19

13 Formal Verification Problem: Even finite transition systems may have paths of infinite length! Checking G ok: Check prefixes of paths of length 1, 2,... : bounded model checking BMC(n) In Boolean case, individual checks can be done efficiently by SAT (in practice, not in theory) Especially: Bugs can often be found fast Bounded model checking algorithms for other types of systems: Software: CBMC [Clarke et al., 2004] Hybrid Systems: isat [Fränzle and Herde, 2007, Fränzle et al., 2007]... Stefan Ratschan (FIT ČVUT) PI-PSC / 19

14 Full LTL? Unbounded Case? Full LTL [Biere et al., 2003] For every LTL formula φ, for all n, = φ implies BMC(φ, n) Opposite direction? Observation: = Gs iff BMC(Gs, S ) If system does not fulfill Gs then it has an error path of length at most S Theorem for all finite transition system, for all LTL formula φ there is a bound n s.t. for all n n, BMC(φ, n ) iff = φ But: bound may be huge! Stefan Ratschan (FIT ČVUT) PI-PSC / 19

15 Unbounded Model Checking If we want to prove correctness over unbounded time, or we search for a bug that shows up after long time. Reach set computation: let R be the set of initial states add reachable state reachable from R until no more new reachable states If for all x R, ok(x), then = G ok. For full LTL (and other temporal logics), more complicated [Clarke et al., 1999]. Stefan Ratschan (FIT ČVUT) PI-PSC / 19

16 Unbounded Model Checking for Specific System Types In Boolean case, sets can be represented by (reduced ordered) binary decision diagrams (BDD) BDDs provide a unique representation for Boolean formulas Hence can be used equivalence checking (i.e., specification is another circuit) Other systems: Software: Huge field of software model checking [Jhala and Majumdar, 2009] Timed automata: Uppaal ( Hybrid systems: HyTech [Henzinger et al., 1997] PHAver [Frehse, 2008] HSolver [Ratschan and She, 2007] Stefan Ratschan (FIT ČVUT) PI-PSC / 19

17 Literature I Armin Biere, Alessandro Cimatti, Edmund M. Clarke, Ofer Strichman, and Yunshan Zhu. Bounded model checking. volume 58 of Advances in Computers, pages Elsevier, doi: DOI: /S (03) Edmund Clarke, Daniel Kroening, and Flavio Lerda. A tool for checking ANSI-C programs. In Kurt Jensen and Andreas Podelski, editors, Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2004), volume 2988 of Lecture Notes in Computer Science, pages Springer, ISBN X. Edmund M. Clarke, Orna Grumberg, and Doron A. Peled. Model Checking. MIT Press, Stefan Ratschan (FIT ČVUT) PI-PSC / 19

18 Literature II M. Fränzle, C. Herde, S. Ratschan, T. Schubert, and T. Teige. Efficient solving of large non-linear arithmetic constraint systems with complex boolean structure. JSAT Journal on Satisfiability, Boolean Modeling and Computation, Special Issue on SAT/CP Integration, 1: , Martin Fränzle and Christian Herde. Hysat: An efficient proof engine for bounded model checking of hybrid systems. Formal Methods in System Design, 30(3): , Goran Frehse. Phaver: algorithmic verification of hybrid systems past hytech. International Journal on Software Tools for Technology Transfer (STTT), 10(3): , doi: /s x. Thomas A. Henzinger, Pei-Hsin Ho, and Howard Wong-Toi. HYTECH: a model checker for hybrid systems. International Journal on Software Tools for Technology Transfer (STTT), 1: , Stefan Ratschan (FIT ČVUT) PI-PSC / 19

19 Literature III Ranjit Jhala and Rupak Majumdar. Software model checking. ACM Comput. Surv., 41(4):1 54, ISSN doi: Stefan Ratschan and Zhikun She. Safety verification of hybrid systems by constraint propagation based abstraction refinement. ACM Transactions in Embedded Computing Systems, 6(1), Stefan Ratschan (FIT ČVUT) PI-PSC / 19

### Model Checking: An Introduction

Announcements Model Checking: An Introduction Meeting 2 Office hours M 1:30pm-2:30pm W 5:30pm-6:30pm (after class) and by appointment ECOT 621 Moodle problems? Fundamentals of Programming Languages CSCI

### Formal Verification and Linear-time Model Checking

Formal Verification and Linear-time Model Checking Paul Jackson University of Edinburgh Automated Reasoning 21st and 24th October 2013 Why Automated Reasoning? Intellectually stimulating and challenging

### Building SMT-based Software Model Checkers: an Experience Report

Building SMT-based Software Model Checkers: an Experience Report Alessandro Armando Artificial Intelligence Laboratory (AI-Lab) Dipartimento di Informatica Sistemistica e Telematica (DIST) University of

### Algorithmic Software Verification

Algorithmic Software Verification (LTL Model Checking) Azadeh Farzan What is Verification Anyway? Proving (in a formal way) that program satisfies a specification written in a logical language. Formal

### The Course. http://www.cse.unsw.edu.au/~cs3153/

The Course http://www.cse.unsw.edu.au/~cs3153/ Lecturers Dr Peter Höfner NICTA L5 building Prof Rob van Glabbeek NICTA L5 building Dr Ralf Huuck NICTA ATP building 2 Plan/Schedule (1) Where and When Tuesday,

### T-79.186 Reactive Systems: Introduction and Finite State Automata

T-79.186 Reactive Systems: Introduction and Finite State Automata Timo Latvala 14.1.2004 Reactive Systems: Introduction and Finite State Automata 1-1 Reactive Systems Reactive systems are a class of software

### logic language, static/dynamic models SAT solvers Verified Software Systems 1 How can we model check of a program or system?

5. LTL, CTL Last part: Alloy logic language, static/dynamic models SAT solvers Today: Temporal Logic (LTL, CTL) Verified Software Systems 1 Overview How can we model check of a program or system? Modeling

### Automata-based Verification - I

CS3172: Advanced Algorithms Automata-based Verification - I Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2006 Supporting and Background Material Copies of key slides (already

### http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86

Atlantic Electronic http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86 AUTOMATED RECOGNITION OF STUTTER INVARIANCE OF LTL FORMULAS Jeffrey Dallien 1 and Wendy

### Verification of multiagent systems via ordered binary decision diagrams: an algorithm and its implementation

Verification of multiagent systems via ordered binary decision diagrams: an algorithm and its implementation Franco Raimondi Alessio Lomuscio Department of Computer Science King s College London London

### On the Modeling and Verification of Security-Aware and Process-Aware Information Systems

On the Modeling and Verification of Security-Aware and Process-Aware Information Systems 29 August 2011 What are workflows to us? Plans or schedules that map users or resources to tasks Such mappings may

### Formal Verification Coverage: Computing the Coverage Gap between Temporal Specifications

Formal Verification Coverage: Computing the Coverage Gap between Temporal Specifications Sayantan Das Prasenjit Basu Ansuman Banerjee Pallab Dasgupta P.P. Chakrabarti Department of Computer Science & Engineering

### A Logic Approach for LTL System Modification

A Logic Approach for LTL System Modification Yulin Ding and Yan Zhang School of Computing & Information Technology University of Western Sydney Kingswood, N.S.W. 1797, Australia email: {yding,yan}@cit.uws.edu.au

### Introduction to Software Verification

Introduction to Software Verification Orna Grumberg Lectures Material winter 2013-14 Lecture 4 5.11.13 Model Checking Automated formal verification: A different approach to formal verification Model Checking

### Formal Verification by Model Checking

Formal Verification by Model Checking Natasha Sharygina Carnegie Mellon University Guest Lectures at the Analysis of Software Artifacts Class, Spring 2005 1 Outline Lecture 1: Overview of Model Checking

### Introduction to Formal Methods. Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm

Introduction to Formal Methods Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm Outline Introduction Formal Specification Formal Verification Model Checking Theorem Proving Introduction Good papers to

### Software Modeling and Verification

Software Modeling and Verification Alessandro Aldini DiSBeF - Sezione STI University of Urbino Carlo Bo Italy 3-4 February 2015 Algorithmic verification Correctness problem Is the software/hardware system

### Verification of hybrid dynamical systems

Verification of hybrid dynamical systems Jüri Vain Tallinn Technical University/Institute of Cybernetics vain@ioc.ee Outline What are Hybrid Systems? Hybrid automata Verification of hybrid systems Verification

### Automatic Conversion Software for the Safety Verification of Goal-based Control Programs

Automatic Conversion Software for the Safety Verification of Goal-based Control Programs Julia M. B. Braman and Richard M. Murray Abstract Fault tolerance and safety verification of control systems are

### Table-based Software Designs: Bounded Model Checking and Counterexample Tracking

Table-based Software Designs: Bounded Model Checking and Counterexample Tracking Noriyuki Katahira 1, Weiqiang Kong 1, Wanpeng Qian 1, Masahiko Watanabe 2, Tetsuro Katayama 3, Akira Fukuda 4 1 Fukuoka

### The Model Checker SPIN

The Model Checker SPIN Author: Gerard J. Holzmann Presented By: Maulik Patel Outline Introduction Structure Foundation Algorithms Memory management Example/Demo SPIN-Introduction Introduction SPIN (Simple(

### Model Checking II Temporal Logic Model Checking

1/32 Model Checking II Temporal Logic Model Checking Edmund M Clarke, Jr School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 2/32 Temporal Logic Model Checking Specification Language:

### Development of dynamically evolving and self-adaptive software. 1. Background

Development of dynamically evolving and self-adaptive software 1. Background LASER 2013 Isola d Elba, September 2013 Carlo Ghezzi Politecnico di Milano Deep-SE Group @ DEIB 1 Requirements Functional requirements

### Model Checking based Software Verification

Model Checking based Software Verification 18.5-2006 Keijo Heljanko Keijo.Heljanko@tkk.fi Department of Computer Science and Engineering Helsinki University of Technology http://www.tcs.tkk.fi/~kepa/ 1/24

### A Classification of Model Checking-based Verification Approaches for Software Models

A Classification of Model Checking-based Verification Approaches for Software Models Petra Brosch, Sebastian Gabmeyer, Martina Seidl Sebastian Gabmeyer Business Informatics Group Institute of Software

### Optimization-based Trajectory Generation with Linear Temporal Logic Specifications

Optimization-based Trajectory Generation with Linear Temporal Logic Specifications Eric M. Wolff, Ufuk Topcu, and Richard M. Murray Abstract We present a mathematical programming-based method for optimal

### Scheduling Home Health Care with Separating Benders Cuts in Decision Diagrams

Scheduling Home Health Care with Separating Benders Cuts in Decision Diagrams André Ciré University of Toronto John Hooker Carnegie Mellon University INFORMS 2014 Home Health Care Home health care delivery

### InvGen: An Efficient Invariant Generator

InvGen: An Efficient Invariant Generator Ashutosh Gupta and Andrey Rybalchenko Max Planck Institute for Software Systems (MPI-SWS) Abstract. In this paper we present InvGen, an automatic linear arithmetic

### Software Verification and Testing. Lecture Notes: Temporal Logics

Software Verification and Testing Lecture Notes: Temporal Logics Motivation traditional programs (whether terminating or non-terminating) can be modelled as relations are analysed wrt their input/output

### Analysis of Boolean Programs

Analysis of Boolean Programs Patrice Godefroid 1 Mihalis Yannakakis 2 1 Microsoft Research, pg@microsoft.com 2 Columbia University, mihalis@cs.columbia.edu Abstract. Boolean programs are a popular abstract

### Checking MTL Properties of Discrete Timed Automata via Bounded Model Checking

Checing MTL Properties of Discrete Timed Automata via Bounded Model Checing Extended Abstract Bożena Woźna-Szcześnia and Andrzej Zbrzezny IMCS, Jan D lugosz University. Al. Armii Krajowej 13/15, 42-200

### Model Checking of Software

Model Checking of Software Patrice Godefroid Bell Laboratories, Lucent Technologies SpecNCheck Page 1 August 2001 A Brief History of Model Checking Prehistory: transformational programs and theorem proving

### Static Program Transformations for Efficient Software Model Checking

Static Program Transformations for Efficient Software Model Checking Shobha Vasudevan Jacob Abraham The University of Texas at Austin Dependable Systems Large and complex systems Software faults are major

### Formal Verification of Software

Formal Verification of Software Sabine Broda Department of Computer Science/FCUP 12 de Novembro de 2014 Sabine Broda (DCC-FCUP) Formal Verification of Software 12 de Novembro de 2014 1 / 26 Formal Verification

### Image Computation and Predicate Refinement for RTL Verilog using Word Level Proofs

Image Computation and Predicate Refinement for RTL Verilog using Word Level Proofs Daniel Kroening ETH Zurich Natasha Sharygina University of Lugano Abstract Automated abstraction is the enabling technique

### Software Model Checking: Theory and Practice

Software Model Checking: Theory and Practice Lecture: Secification Checking - Temoral Logic Coyright 2004, Matt Dwyer, John Hatcliff, and Robby. The syllabus and all lectures for this course are coyrighted

### Bounded LTL Model Checking with Stable Models

Under consideration for publication in Theory and Practice of Logic Programming 1 Bounded LTL Model Checking with Stable Models KEIJO HELJANKO and ILKKA NIEMELÄ Helsinki University of Technology Department

### npsolver A SAT Based Solver for Optimization Problems

npsolver A SAT Based Solver for Optimization Problems Norbert Manthey and Peter Steinke Knowledge Representation and Reasoning Group Technische Universität Dresden, 01062 Dresden, Germany peter@janeway.inf.tu-dresden.de

### Temporal Logics. Computation Tree Logic

Temporal Logics CTL: definition, relationship between operators, adequate sets, specifying properties, safety/liveness/fairness Modeling: sequential, concurrent systems; maximum parallelism/interleaving

### Toward Model-Based Verification of Adaptive Allocation Managers

Toward Model-Based Verification of Adaptive Allocation Managers William Leal, Frank Drews, Chang Liu, Lonnie Welch Ohio University { leal@cs.ohiou.edu, drews@ohiou.edu, changliu@cs.ohiou.edu, welch@ohio.edu

### Software Engineering using Formal Methods

Software Engineering using Formal Methods Model Checking with Temporal Logic Wolfgang Ahrendt 24th September 2013 SEFM: Model Checking with Temporal Logic /GU 130924 1 / 33 Model Checking with Spin model

### Program Synthesis is a Game

Program Synthesis is a Game Barbara Jobstmann CNRS/Verimag, Grenoble, France Outline Synthesis using automata- based game theory. MoBvaBon, comparison with MC and LTL. Basics Terminology Reachability/Safety

### Today s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary

Today s Agenda Quiz 4 Temporal Logic Formal Methods in Software Engineering 1 Automata and Logic Introduction Buchi Automata Linear Time Logic Summary Formal Methods in Software Engineering 2 1 Buchi Automata

### Modeling and Verification of Sampled-Data Hybrid Systems

Modeling and Verification of Sampled-Data Hybrid Systems Abstract B. Izaias Silva and Bruce H. Krogh Dept. of Electrical and Computer Engineering, Carnegie Mellon University (Izaias /krogh)@cmu.edu We

### Automated Route Planning for Milk-Run Transport Logistics with the NuSMV Model Checker

IEICE TRANS. INF. & SYST., VOL.E96 D, NO.12 DECEMBER 2013 2555 PAPER Special Section on Parallel and Distributed Computing and Networking Automated Route Planning for Milk-Run Transport Logistics with

### LTL Model Checking with Logic Based Petri Nets

LTL Model Checking with Logic Based Petri Nets Tristan M. Behrens and Jürgen Dix IfI Technical Report Series IfI-07-04 Impressum Publisher: Institut für Informatik, Technische Universität Clausthal Julius-Albert

### Specification and Analysis of Contracts Lecture 1 Introduction

Specification and Analysis of Contracts Lecture 1 Introduction Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov.

### Model Checking of Global Power Management Strategies in Software with Temporal Logic Properties

Model Checking of Global Power Management Strategies in Software with Temporal Logic Properties Rajdeep Mukherjee Indian Institute of Technology Kharagpur rajdeep.mukherjee@cse.iitkgp.ernet.in Subhankar

### Context-Bounded Model Checking of LTL Properties for ANSI-C Software. Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole

Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse, Lucas Cordeiro, Bernd Fischer, Denis Nicole Model Checking C Model checking: normally applied to formal state transition

### Teaching Software Model Checking

FORMED 2008 Teaching Software Model Checking Cyrille Artho 1 Research Center for Information Security (RCIS) National Institute of Advanced Industrial Science and Technology (AIST) Tokyo, Japan Kenji Taguchi

### A computational model for MapReduce job flow

A computational model for MapReduce job flow Tommaso Di Noia, Marina Mongiello, Eugenio Di Sciascio Dipartimento di Ingegneria Elettrica e Dell informazione Politecnico di Bari Via E. Orabona, 4 70125

### Fundamentals of Software Engineering

Fundamentals of Software Engineering Model Checking with Temporal Logic Ina Schaefer Institute for Software Systems Engineering TU Braunschweig, Germany Slides by Wolfgang Ahrendt, Richard Bubel, Reiner

### Some facts about polynomials modulo m (Full proof of the Fingerprinting Theorem)

Some facts about polynomials modulo m (Full proof of the Fingerprinting Theorem) In order to understand the details of the Fingerprinting Theorem on fingerprints of different texts from Chapter 19 of the

### Context-Bounded Model Checking of LTL Properties for ANSI-C Software

Context-Bounded Model Checking of LTL Properties for ANSI-C Software Jeremy Morse 1, Lucas Cordeiro 2, Denis Nicole 1, Bernd Fischer 1 1 Electronics and Computer Science, University of Southampton, UK

### asked the Software Engineering Institute Publishes Software Technology Review A Cliffs Notes Approach for PEOs, PMs, IPTs, and Support Staff

ACQUISITION REFERENCE SOURCE Software Engineering Institute Publishes Software Technology Review A Cliffs Notes Approach for PEOs, PMs, IPTs, and Support Staff ROBERT ROSENSTEIN KIMBERLY BRUNE JOHN FOREMAN

### An Approach to Model Checking Ada Programs

An Approach to Model Checking Ada Programs José Miguel Faria 1,2, João Martins 1, and Jorge Sousa Pinto 1 1 Departamento de Informática / CCTC, Universidade do Minho, Braga, Portugal 2 Critical Software,

### Monitoring Metric First-order Temporal Properties

Monitoring Metric First-order Temporal Properties DAVID BASIN, FELIX KLAEDTKE, SAMUEL MÜLLER, and EUGEN ZĂLINESCU, ETH Zurich Runtime monitoring is a general approach to verifying system properties at

### Using Patterns and Composite Propositions to Automate the Generation of Complex LTL

University of Texas at El Paso DigitalCommons@UTEP Departmental Technical Reports (CS) Department of Computer Science 8-1-2007 Using Patterns and Composite Propositions to Automate the Generation of Complex

### A Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation

PLDI 03 A Static Analyzer for Large Safety-Critical Software B. Blanchet, P. Cousot, R. Cousot, J. Feret L. Mauborgne, A. Miné, D. Monniaux,. Rival CNRS École normale supérieure École polytechnique Paris

### Formal verification of contracts for synchronous software components using NuSMV

Formal verification of contracts for synchronous software components using NuSMV Tobias Polzer Lehrstuhl für Informatik 8 Bachelorarbeit 13.05.2014 1 / 19 Problem description and goals Problem description

### HOMEWORK 5 SOLUTIONS. n!f n (1) lim. ln x n! + xn x. 1 = G n 1 (x). (2) k + 1 n. (n 1)!

Math 7 Fall 205 HOMEWORK 5 SOLUTIONS Problem. 2008 B2 Let F 0 x = ln x. For n 0 and x > 0, let F n+ x = 0 F ntdt. Evaluate n!f n lim n ln n. By directly computing F n x for small n s, we obtain the following

### Modeling, Verification and Testing using Timed and Hybrid. Automata. Stavros Tripakis and Thao Dang

Modeling, Verification and Testing using Timed and Hybrid Automata Stavros Tripakis and Thao Dang September 12, 2008 ii Contents 1 Modeling, Verification and Testing using Timed and Hybrid Automata 1 1.1

### Slides based in part on previous lectures by Mahesh Vishwanathan, and by Gul Agha January 21, 2014 1

Contact Information CS477 Formal Software Development Methods Elsa L Gunter 2112 SC, UIUC egunter@illinois.edu http://courses.engr.illinois.edu/cs477 Office: 2112 SC Office Hours: Wednesdays 11:00am -

### Automatic Verification by Abstract Interpretation

Automatic Verification by Abstract Interpretation (Invited tutorial) Patrick Cousot École normale supérieure, Département d informatique, 45 rue d Ulm, 75230 Paris cedex 05, France Patrick.Cousot@ens.fr

### Information Theory and Coding Prof. S. N. Merchant Department of Electrical Engineering Indian Institute of Technology, Bombay

Information Theory and Coding Prof. S. N. Merchant Department of Electrical Engineering Indian Institute of Technology, Bombay Lecture - 17 Shannon-Fano-Elias Coding and Introduction to Arithmetic Coding

### Using Hybrid Automata to Express Realtime Properties in VSE-II

From: FLAIRS-01 Proceedings. Copyright 2001, AAAI (www.aaai.org). All rights reserved. Using Hybrid Automata to Express Realtime Properties in VSE-II Andreas Nonnengart Georg Rock Werner Stephan* Deutsches

### From Hybrid Data-Flow Languages to Hybrid Automata: A Complete Translation

From Hybrid Data-Flow Languages to Hybrid Automata: A Complete Translation Peter Schrammel peter.schrammel@inria.fr (joint work with Bertrand Jeannet) INRIA Grenoble Rhône-Alpes INRIA large-scale initiative

### Combining Software and Hardware Verification Techniques

Formal Methods in System Design, 21, 251 280, 2002 c 2002 Kluwer Academic Publishers. Manufactured in The Netherlands. Combining Software and Hardware Verification Techniques ROBERT P. KURSHAN VLADIMIR

### TEACHING MODEL CHECKING TO UNDERGRADUATES

STUDIA UNIV. BABEŞ BOLYAI, INFORMATICA, Volume LV, Number 3, 2010 TEACHING MODEL CHECKING TO UNDERGRADUATES A.VESCAN AND M. FRENŢIU Abstract. The way program verification is taught in our faculty is firstly

### A Classification of Model Checking-Based Verification Approaches for Software Models

Volt Second Workshop on Verification Of Model Transformations, 2013, A Classification of Model Checking-Based Verification Approaches for Software Models Sebastian Gabmeyer a Petra Brosch a Martina Seidl

### The ProB Animator and Model Checker for B

The ProB Animator and Model Checker for B A Tool Description Michael Leuschel and Michael Butler Department of Electronics and Computer Science University of Southampton Highfield, Southampton, SO17 1BJ,

### Coverability for Parallel Programs

2015 http://excel.fit.vutbr.cz Coverability for Parallel Programs Lenka Turoňová* Abstract We improve existing method for the automatic verification of systems with parallel running processes. The technique

### Automated Model-Based Testing of Embedded Real-Time Systems

Automated Model-Based Testing of Embedded Real-Time Systems Jan Peleska jp@tzi.de University of Bremen Bieleschweig Workshop 7 2006-05-05 Outline Technologie-Zentrum Informatik Objectives Basic concepts

### Automata-Based Verification of Temporal Properties on Running Programs Dimitra Giannakopoulou Klaus Havelund

Automata-Based Verification of Temporal Properties on Running Programs Dimitra Giannakopoulou Klaus Havelund RIACS Technical Report 01.21 August 2001 Presented at the 16 th IEEE International Conference

### INF5140: Specification and Verification of Parallel Systems

Motivation INF5140: Specification and Verification of Parallel Systems Lecture 1 Introduction: Formal Methods Gerardo Schneider Department of Informatics University of Oslo INF5140, Spring 2009 Outline

### ONLINE EXERCISE SYSTEM A Web-Based Tool for Administration and Automatic Correction of Exercises

ONLINE EXERCISE SYSTEM A Web-Based Tool for Administration and Automatic Correction of Exercises Daniel Baudisch, Manuel Gesell and Klaus Schneider Embedded Systems Group, University of Kaiserslautern,

### Verification of Temporal Properties in Automotive Embedded Software

Verification of Temporal Properties in Automotive Embedded Software Djones Lettnin, Pradeep K. Nalla,Jürgen Ruf, Thomas Kropf and Wolfgang Rosenstiel University of Tübingen Department of Computer Engineering

### A Formal Approach for Safe Controllers Analysis

A Formal Approach for Safe Controllers Analysis Paulo Borges Mechanical Engineering Department, CT2M / University of Minho Campus of Azurém, 4800-058 Guimarães, Portugal pborges@gmail.com José Machado

### Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog

Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog Himanshu Jain CMU SCS, Pittsburgh, PA 15213 Natasha Sharygina CMU SEI, Pittsburgh, PA 15213 Daniel Kroening ETH Zürich, Switzerland

### Constructing Automata from Temporal Logic Formulas : A Tutorial

Constructing Automata from Temporal Logic Formulas : A Tutorial Pierre Wolper Université de Liège, Institut Montefiore, B28, 4000 Liège, Belgium pw@montefiore.ulg.ac.be, http://www.montefiore.ulg.ac.be/~pw/

### Rigorous Software Development CSCI-GA 3033-009

Rigorous Software Development CSCI-GA 3033-009 Instructor: Thomas Wies Spring 2013 Lecture 11 Semantics of Programming Languages Denotational Semantics Meaning of a program is defined as the mathematical

### Model-Checking Verification for Reliable Web Service

Model-Checking Verification for Reliable Web Service Shin NAKAJIMA Hosei University and PRESTO, JST nkjm@i.hosei.ac.jp Abstract Model-checking is a promising technique for the verification and validation

### Runtime Verification - Monitor-oriented Programming - Monitor-based Runtime Reflection

Runtime Verification - Monitor-oriented Programming - Monitor-based Runtime Reflection Martin Leucker Technische Universität München (joint work with Andreas Bauer, Christian Schallhart et. al) FLACOS

### 2 Temporal Logic Model Checking

Bounded Model Checking Using Satisfiability Solving Edmund Clarke 1, Armin Biere 2, Richard Raimi 3, and Yunshan Zhu 4 1 Computer Science Department, CMU, 5000 Forbes Avenue Pittsburgh, PA 15213, USA,

### Verification of Supervisory Control Software Using State Proximity and Merging

Verification of Supervisory Control Software Using State Proximity and Merging Flavio Lerda 1, James Kapinski 2, Edmund M. Clarke 1, and Bruce H. Krogh 2 1 School of Computer Science flerda@cs.cmu.edu,

### Testing LTL Formula Translation into Büchi Automata

Testing LTL Formula Translation into Büchi Automata Heikki Tauriainen and Keijo Heljanko Helsinki University of Technology, Laboratory for Theoretical Computer Science, P. O. Box 5400, FIN-02015 HUT, Finland

### Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog

Word Level Predicate Abstraction and Refinement for Verifying RTL Verilog 28.1 Himanshu Jain CMU SCS, Pittsburgh, PA 15213 Natasha Sharygina CMU SCS and SEI, Pittsburgh, PA 15213 Daniel Kroening ETH Zürich,

### A Framework for the Semantics of Behavioral Contracts

A Framework for the Semantics of Behavioral Contracts Ashley McNeile Metamaxim Ltd, 48 Brunswick Gardens, London W8 4AN, UK ashley.mcneile@metamaxim.com Abstract. Contracts have proved a powerful concept

### Fairness Modulo Theory: A New Approach to LTL Software Model Checking

Fairness Modulo Theory: A New Approach to LTL Software Model Checking Daniel Dietsch, Matthias Heizmann, Vincent Langenfeld, and Andreas Podelski University of Freiburg, Germany Artifact * AEC * CAV *

### MODEL CHECKING CONCURRENT AND REAL-TIME SYSTEMS: THE PAT APPROACH. LIU YANG (B.Sc. (Hons.), NUS)

MODEL CHECKING CONCURRENT AND REAL-TIME SYSTEMS: THE PAT APPROACH LIU YANG (B.Sc. (Hons.), NUS) A THESIS SUBMITTED FOR THE DEGREE OF DOCTOR OF PHILOSOPHY DEPARTMENT OF COMPUTER SCIENCE NATIONAL UNIVERSITY

### Business Process Verification: The Application of Model Checking and Timed Automata

Business Process Verification: The Application of Model Checking and Timed Automata Luis E. Mendoza Morales Processes and Systems Department, Simón Bolívar University, P.O. box 89000, Baruta, Venezuela,

### Development of global specification for dynamically adaptive software

Development of global specification for dynamically adaptive software Yongwang Zhao School of Computer Science & Engineering Beihang University zhaoyw@act.buaa.edu.cn 22/02/2013 1 2 About me Assistant

### tutorial: hardware and software model checking

tutorial: hardware and software model checking gerard holzmann and anuj puri { gerard anuj } @research.bell-labs.com Bell Labs, USA outline introduction (15 mins) theory and algorithms system modeling

### Laurea Specialistica in Ingegneria dell'automazione

Laurea Specialistica in Ingegneria dell'automazione Sistemi in Tempo Reale Luigi Palopoli email: palopoli@sssup.it Tel. 050 883444 Introduzione Lecture Introduction Outline Generalities The development

### Model Checking Distributed Software

Model Checking Distributed Software Sagar Chaki September 19, 2014 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Model Checking and Me 1997 : Ed visits IIT Kharagpur Just

### SECTION 10-2 Mathematical Induction

73 0 Sequences and Series 6. Approximate e 0. using the first five terms of the series. Compare this approximation with your calculator evaluation of e 0.. 6. Approximate e 0.5 using the first five terms

### Formal Verification Toolkit for Requirements and Early Design Stages

Formal Verification Toolkit for Requirements and Early Design Stages Julia M. Badger 1 and Sheena Judson Miller 2 1 NASA Johnson Space Center, Houston, TX 77058, USA 2 Barrios Technology, Houston, TX 77058,

### µz An Efficient Engine for Fixed points with Constraints

µz An Efficient Engine for Fixed points with Constraints Kryštof Hoder, Nikolaj Bjørner, and Leonardo de Moura Manchester University and Microsoft Research Abstract. The µz tool is a scalable, efficient