Introduction to Formal Methods. Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm

Similar documents
The Course.

Specification and Analysis of Contracts Lecture 1 Introduction

INF5140: Specification and Verification of Parallel Systems

Model Checking of Software

T Reactive Systems: Introduction and Finite State Automata

Model Checking: An Introduction

Formal Verification and Linear-time Model Checking

Safety Verification of the Small Aircraft Transportation System Concept of Operations

The Model Checker SPIN

Model Checking based Software Verification

Introducing Formal Methods. Software Engineering and Formal Methods

Formal Verification of Software

Formal Methods for Software Engineering

Verifying Semantic of System Composition for an Aspect-Oriented Approach

Formal Specification and Verification

The ProB Animator and Model Checker for B

Rigorous Software Development CSCI-GA

Software Engineering. How does software fail? Terminology CS / COE 1530

Static Program Transformations for Efficient Software Model Checking

Formal Verification by Model Checking

Static Analysis of Dynamic Properties - Automatic Program Verification to Prove the Absence of Dynamic Runtime Errors

27 Formal Specification

ICECCS 08/Workshop «UML&AADL 2008», April, 2, 2008

MODEL CHECKING CONCURRENT AND REAL-TIME SYSTEMS: THE PAT APPROACH. LIU YANG (B.Sc. (Hons.), NUS)

Automated Theorem Proving - summary of lecture 1

Advanced Software Engineering ( -Formal specification, verification, transformation, and application-

Kirsten Sinclair SyntheSys Systems Engineers

Mathematical Reasoning in Software Engineering Education. Peter B. Henderson Butler University

OUTILS DE DÉMONSTRATION

ONLINE EXERCISE SYSTEM A Web-Based Tool for Administration and Automatic Correction of Exercises

Algorithmic Software Verification

Software Modeling and Verification

Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification

VDM vs. Programming Language Extensions or their Integration

[Refer Slide Time: 05:10]

A Logic Approach for LTL System Modification

COMPUTER SCIENCE. FACULTY: Jennifer Bowen, Chair Denise Byrnes, Associate Chair Sofia Visa

Rigorous Methods for Software Engineering (F21RS1) High Integrity Software Development

Testing LTL Formula Translation into Büchi Automata

Coverability for Parallel Programs

School of Computer Science

Adversary Modelling 1

Datavetenskapligt Program (kandidat) Computer Science Programme (master)

Eastern Washington University Department of Computer Science. Questionnaire for Prospective Masters in Computer Science Students

Verifying Specifications with Proof Scores in CafeOBJ

tutorial: hardware and software model checking

Object-Oriented Software Specification in Programming Language Design and Implementation

Development of dynamically evolving and self-adaptive software. 1. Background

ABET General Outcomes. Student Learning Outcomes for BS in Computing

A Classification of Model Checking-based Verification Approaches for Software Models

How To Test Automatically

CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing

CSE 459/598: Logic for Computer Scientists (Spring 2012)

Formal Methods at Intel An Overview

Numerical Matrix Analysis

Formal Specification and Programming for SDN

An Agile Formal Development Methodology

Professional Organization Checklist for the Computer Science Curriculum Updates. Association of Computing Machinery Computing Curricula 2008

Computer Science Information Sheet for entry in What is Computer Science?

Using Patterns and Composite Propositions to Automate the Generation of Complex LTL

FROM SAFETY TO SECURITY SOFTWARE ASSESSMENTS AND GUARANTEES FLORENT KIRCHNER (LIST)

A Framework for the Semantics of Behavioral Contracts

logic language, static/dynamic models SAT solvers Verified Software Systems 1 How can we model check of a program or system?

Model Checking II Temporal Logic Model Checking

Chapter 4 Software Lifecycle and Performance Analysis

Automated Program Behavior Analysis

A Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation

Slides based in part on previous lectures by Mahesh Vishwanathan, and by Gul Agha January 21,

Software Engineering for Real- Time Systems.

2 Temporal Logic Model Checking

ML for the Working Programmer

Introduction to Automata Theory. Reading: Chapter 1

Technical Training Module ( 30 Days)

Lecture 03 ( ) Quality of the Software Development Process

Software Verification: Infinite-State Model Checking and Static Program

The Road from Software Testing to Theorem Proving

Institut für Parallele und Verteilte Systeme. Abteilung Anwendersoftware. Universität Stuttgart Universitätsstraße 38 D Stuttgart

Execution of A Requirement Model in Software Development

Formally speaking: How to apply OCL

Rigorous Software Development An introduction

CMMI Process Area Compliance with Formal Specification Based Software Development

Formal Verification of Computer Systems - (INFO-F-412)

Complexities of Simulating a Hybrid Agent-Landscape Model Using Multi-Formalism

sensors and actuators? How do we handle the errors introduced due to noise, quantization etc?

COMPUTER SCIENCE TRIPOS

Automata-based Verification - I

Module 10. Coding and Testing. Version 2 CSE IIT, Kharagpur

1. Software Engineering Overview

Journal of Mathematics Volume 1, Number 1, Summer 2006 pp

Automatic Assessment of Programming assignment

Modelling and Verification of Business Processes

T I C S ELECTE SEP David Garlan Alan Brown, Daniel Jackson Jim Tomayko, Jeannette Wing August 6, 1993 CMU-CS

System-on-Chip Design Verification: Challenges and State-of-the-art

Formal Methods in Security Protocols Analysis

Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder

TEACHING MODEL CHECKING TO UNDERGRADUATES

COMPUTER SCIENCE STUDENTS NEED ADEQUATE MATHEMATICAL BACKGROUND

Environment Modeling for Automated Testing of Cloud Applications

Fair testing vs. must testing in a fair setting

Transcription:

Introduction to Formal Methods Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm

Outline Introduction Formal Specification Formal Verification Model Checking Theorem Proving

Introduction Good papers to begin with them: Formal Methods: State of the Art and Future Directions, Edmund M. Clarke, Jeannette M. Wing, ACM Computing Surveys, 1996 Ten Commandments of Formal Methods... Ten Years Later, Jonathan P., Bowen and Mike Hinchey, IEEE Computer, 39(1):40-48, January 2006.

Scientists Quotes Teaching to unsuspecting youngsters the effective use of formal methods is one of the joys of life because it is so extremely rewarding The Cruelty of Really Teaching Computing Science is a 1988 paper by E. W. Dijkstra,

Scientists Quotes A more mathematical approach is inevitable. Professional software development not the everyday brand practiced by the public at large will become more like a true engineering discipline, applying mathematical techniques. I don't know how long this evolution will take, but it will happen. The basic theory is there, but much work remains to make it widely applicable. (Bertrand Meyer, a pioneer of object technology)

Scientists Quotes Software engineers want to be real engineers. Real engineers use mathematics. Formal methods are the mathematics of software engineering. Therefore, software engineers should use formal methods. (Mike Holloway, NASA)

Introduction Major goal of software engineers Develop reliable systems Formal Methods Mathematical languages, techniques and tools Used to specify and verify systems Goal: Help engineers construct more reliable systems A mean to examine the entire state space of a design (whether hardware or software) Establish a correctness or safety property that is true for all possible inputs

Introduction Past years of the formal methods Obscure notation Non-scalable techniques Inadequate tool support Hard to use tools Very few case studies Not convincing for practitioners

Introduction Nowadays Trying to find more rigorous notations Model checking and theorem proving complement simulation in Hardware industry More industrial sized case studies Researchers try to gaining benefits of using formal methods

Introduction Formal methods can be applied at various points through the development process Specification Verification Specification: Give a description of the system to be developed, and its properties Verification: Prove or disprove the correctness of a system with respect to the formal specification or property

Specification Using a language with a mathematically defined syntax and semantics System properties Functional behavior Timing behavior Performance characteristics Internal t l structure t

Specification Specification has been most successful for behavioral properties A trend is to integrate different specification languages Each enable to handle a different aspect of a system Some other non-behavioral aspects of a system Performance Real-time constraints Security policies Architectural design

Specification Formal methods for specification of the sequential systems Z (Spivey 1988) Constructive Z (Mirian 1997) VDM (Jones 1986) Larch (Guttag & Horning 1993) States are described in rich math structures (set, relation, function) Transition are described in terms of pre- and post- conditions

Specification Formal methods for specification of the concurrent systems CSP (Hoare 1985) CCS (Milner 1980) Statecharts (Harel 1987) Temporal Logic (Pnueli 1981) I/O Automata (Lynch and Tuttle 1987) States range over simple domains, like integers Behavior is defined in terms of sequences, trees, partial orders of events

Specification Formal methods for handling both rich state space and complexity due to concurrency RAISE (Nielsen 1989) LOTOS (ISO 1987)

Case Studies: CICS The CICS project CICS: Customer Information Control System The on-line transaction processing system of choice for large IBM installations In the 1980s Oxford Univ. and IBM Hursley Labs formalized parts of fcics with ihz There was an overall improvement in the quality of fthe product It is estimated that it reduced 9% of the total development cost

Case Studies: CICS This work won the Queen s Awardfor Technological The highest honor that can be bestowed on a The highest honor that can be bestowed on a UK company.

Case Studies: CUTE CUTE: A Concolic Unit Testing Engine for C Developed by a team managed by Gul Agha 2005 Concolic testing use the symbolic execution to generate inputs that direct a program to alternate paths use the concrete execution to guide the symbolic execution along a concrete path

Case Studies: CUTE CUTE was used to automatically test SGLIB, a popular C data structure library used in a commercial tool CUTE took less than 2 seconds to find two previously unknown errors! a segmentation fault an infinite loop The homepage of CUTE: http://osl.cs.uiuc.edu/~ksen/cute/

Case Studies: Intel s Successes http://www.cse.ogi.edu/s3s/johnharrison.pdf Intel uses formal verification quite extensively Verification of Intel Pentium 4 floating-point unit with a mixture of STE and theorem proving Verification of bus protocols using pure temporal logic model checking Verification of microcode and software for many Intel Itanium floating-point operations, using pure theorem proving FV found many high-quality bugs in P4 and verified 20% of design FV is now standard practice in the floating-point domain

Case Studies: NASA SATS Small Aircraft Transportation System (SATS) http://sats.nasa.gov/ Use of a software system that t will sequence aircraft into the SATS airspace in the absence of an airport controller There are serious safety issues associated with these software systems and their underlying key algorithms

Case Studies: NASA SATS The criticality of such software systems necessitates that strong guarantees of the safety be developed for them Under the SATS program NASA Langley researchers are currently investigating rigorous verification of these software system using formal methods Modeling and Verification of Air Traffic Conflict Detection and Alerting

Verification Two well established approaches to verification Model Checking Theorem Proving Model checking Build a finite model of system and perform an exhaustive search Theorem Proving Mechanization M h i of a logical l proof

Model Checking The technical challenge is to devise an algorithm for handling large spaces Rebeca uses compositional verification

Model Checking There are two general approaches in model checking 1. Temporal Model Checking 2. Model checking with a automaton spec The difference is between the specification First one : Temporal Logic Second one : Automaton

Model Checking Model checking is completely automatic It produces counter examples The counter example usually represents subtle error in design The main disadvantage d : state t explosion problem!

Model Checking Several approaches for facing the state explosion Ordered binary decision diagrams (BDD) McMillan Partial Order Peled Localization reduction Kurshan Semantic minimization i i Elseaidy Checking large systems by using appropriate abstraction techniques Burch et al. 10 ^ 120 states!

Theorem Proving Both the system and its desired properties p are expressed in some mathematical logic Theorem proving is the process of finding a proof from the axioms of the system It can be roughly classified Highly automated programs Interactive systems with special purpose capabilities In contrast to model checking, it can deal with infinite space Relies on techniques like reduction

Pham Ngoc Hung, Coltech, VNU, 2009 29

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information