Verification of Software via Integration of Design and Implementation - PowerPoint PPT Presentation
1 / 13
Title:
Verification of Software via Integration of Design and Implementation
Description:
Property j : temporal logic. Does M j ? Yes: definitely. No: counter example ... example feasible in P: P property. Counter-example infeasible in P: refine ... – PowerPoint PPT presentation
Number of Views:38
Avg rating:3.0/5.0
Title: Verification of Software via Integration of Design and Implementation
1
Verification of Software via Integration of
Design and Implementation
- Andrew S. Miner
- Samik Basu
- Department of Computer Science
- Iowa State University
- NSFNGS 2006
2
Motivation
?
?
Design Property
Implementation1 Property1
void main() int I, j, k for (int I 0 I
lt k i)
Design
1
?
2
Implementation2 Property2
void main() int I, j, k for (int I 0 I
lt k i)
3
Motivation
Given Implementation1 Property1
Implementation2 Property2
Hybrid Model
Design
Property
2
1
Bridge the gap between Design and Implementation
4
Organization
- Motivation
- Background
- Model checking high-level models
- Model checking low-level models
- Integrated model checking
- Work in progress
- Summary
5
Model Checking High-level Models
- Model M high-level representation
- Property j temporal logic
- Does M j ?
- Yes definitely
- No counter example
- Difficulty state explosion
- Use symbolic methods
- BDDs / MDDs
6
Model Checking Implementations
- Abstraction-Verification-Refinement
- Given program P obtain abstraction P
- Check P property?
- Yes P property
- No counter-example in P
- Counter-example feasible in P P property
- Counter-example infeasible in P refine P,
iterate
7
Integrated Model Checking
while (1) THINK()
while (1) wait(lock)
if (readers gt 0)
signal(lock) else break
writers assert(writers
1) assert(readers 0)
WRITE() writers--
signal(lock)
W_THINK
R_THINK
W_TRY
R_TRY
WRITING
READING
W_DONE
R_DONE
Mutual Exclusion
8
Integrated Model Checking
while (1) THINK()
while (1) wait(lock)
if (readers gt 0)
signal(lock) else break
writers assert(writers
1) assert(readers 0)
WRITE() writers--
signal(lock)
R_THINK
R_TRY
READING
R_DONE
Hybrid Model
9
Model Checking for Hybrid Models
1
5 readers ? 0
1 while (1) THINK() 2
while (1) wait(lock) 3
if (readers gt 0)
signal(lock) 4 else break
writers assert(writers
1) 5 assert(readers 0) 6
WRITE() writers--
signal(lock)
wait(lock)
2
4 readers 0
signal(lock)
wait(lock)
3 readers gt 0
6 readers 0
signal(lock)
10
Model Checking for Hybrid Models
1 while (1) THINK() 2
while (1) wait(lock) 3
if (readers gt 0)
signal(lock) 4 else break
writers assert(writers
1) 5 assert(readers 0) 6
WRITE() writers--
signal(lock)
R_THINK
R_TRY
READING
R_DONE
11
Work in Progress Analysis of counter-examples
- Counter-example sequence of statements
- Identify Focus Statements
- Affect undesirable behavior
- Via live variable analysis
- Obtain Focus Statement Sequence (FSS)
- Slice of counter-example TACAS 2005
- Can identify Design-Implementation interfaces
- Used to produce constraint graph
12
Work in ProgressSymbolic methods
- Extensible BDD / MDD Library
- Model checking with constraints
- Manipulate constraint graphs
- Associate constraints with elements
- Along edges
- In terminal nodes
13
Summary
- Design with Partial Implementation satisfies
global requirement - Implementation satisfies Design Specification
- Identify design-implementation inconsistency
- Incremental development of software
Recommended
CrystalGraphics Presentations
