Satisfiability problem of LTL - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Satisfiability problem of LTL

Description:

dynamically growing and shrinking number of processes ... a model is built using PROMELA. property is specified. SPIN works as a verifier ... – PowerPoint PPT presentation

Number of Views:77
Avg rating:3.0/5.0
Slides: 29
Provided by: NIT89
Category:

less

Transcript and Presenter's Notes

Title: Satisfiability problem of LTL


1
  • Satisfiability problem of LTL
  • Model Checking Problem of LTL
  • Both are decidable
  • Given an LTL formula, to construct an automaton
  • - Vardi Wolper construction

2
Correctness of formula automaton
  • Soundness Every string accepted by A? is a
    model of the formula ?
  • Completeness Every model which satisfies the
    formula ?, is accepted by A?
  • Proof by induction

3
SPIN
  • Tool for formal software verification of systems
  • Open source written in C
  • Developed at Bell Labs in 1981
  • System Software award by ACM in 2001
  • System description is by PROMELA (PROcess MEta
    LAnguage)

4
SPIN is used to
  • Trace logical design errors in
  • - distributed systems design such as
  • -operating systems
  • -data communications protocols
  • -switching systems
  • -concurrent algorithms
  • checks the logical consistency of a specification
  • provides direct support for the use of embedded
    C code as part of model specifications

5
Tool supports
  • dynamically growing and shrinking number of
    processes
  • Synchronous or asynchronous (buffered) message
    passing, and communication through shared memory

6
To verify a design
  • a model is built using PROMELA
  • property is specified
  • SPIN works as a verifier

7
Three modes of SPIN
  • simulator allowing for rapid prototyping with a
    random, guided, or interactive simulations
  • exhaustive verifier, capable of rigorously
    proving the validity of user specified
    correctness requirements
  • proof approximation system that can validate even
    very large system models with maximal coverage of
    the state space

8
PROMELA
  • PROMELA is a verification modelling language
  • Promela programs consist of processes, message
    channels, and variables
  • Processes are global objects
  • Message channels and variables can be declared
    either globally or locally within a process

9
Conditions and statements in PROMELA
  • In Promela there is no difference between
    conditions and statements
  • Statements are either executable or blocked
  • while (a ! b) skip / wait for ab /is
    written as
  • (a b) in PROMELA

10
  • A condition can only be executed when it holds.
    If the condition does not hold, execution blocks
    until it does
  • Declarations and assignments are always
    executable

11
Basic data types
  • bit or bool
  • Byte
  • Short
  • int
  • bool flagint statebyte msg

12
Process
  • The behavior of a process is defined in a
    proctype declaration
  • proctype A() byte state state 3
  • The process type is named A

13
Two processes
  • byte state 2 proctype A() (state 1) -gt
    state 3 proctype B() state state -
    1

14
  • A proctype definition only declares process
    behavior
  • Initially one process will be executed a
    process of type init
  • init skip
  • init run A() run B()

15
  • proctype A(byte state short foo) (state
    1) -gt state foo init run A(1, 3)
  • Data arrays or process types can not be passed as
    parameters
  • Run statements can be used in any process to
    spawn new processes

16
Message passing
  • Message channels to pass info between processes
  • chan qname 16 of short
  • chan qname 16 of byte, int, chan, byte
  • qname!expr sends the value of expr
  • qname?msg receives message

17
Control Flow
  • Selection
  • Repetition
  • Unconditional jumps

18
Selection
  • if (a ! b) -gt option1 (a b) -gt
    option2fi
  • Mutually exclusive guards or not
  • Non-deterministic selection

19
Repetition
  • byte count proctype counter() do
    count count 1 count count - 1
    (count 0) -gt break od

20
  • proctype counter() do (count ! 0)
    -gt if count count 1 count
    count - 1 fi (count 0) -gt
    break od

21
Unconditional Jumps
  • proctype Euclid(int x, y)
  • do
  • (x gt y) -gt x x - y
  • (x lt y) -gt y y - x
  • (x y) -gt goto done
  • od
  • done
  • skip

22
Assertions
  • assert(any_boolean_condition)
  • Always executable
  • If condition holds statements has no effect
  • If not the error report is produced

23
some other useful aspects
  • Time-out statements
  • Pseudo Statements
  • Progress-State Labels
  • End-State Labels

24
SPIN
  • Given a model system specified in Promela
  • Spin can either
  • -perform random simulations
  • -it can generate a C program that
  • performs verification of the system
  • state space
  • Different options
  • spin option input file name

25
References
  • www.spinroot.com
  • Model Checking, Clarke, Grumberg, and Peled, MIT
    Press, 2000

26
(No Transcript)
27
(No Transcript)
28
  • spin option input file name
  • Output is written to set of C files pan.
  • To guarantee an exhaustive exploration of the
    state space, the program can be compiled using
  • - gcc -o pan pan.c
  • For large systems
  • - gcc -DBITSTATE -o pan pan.c
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Satisfiability problem of LTL" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!