CTL Model Checking - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

CTL Model Checking

Description:

Z has really been used. IBM CICS specification (1992) Cyclotron specification (Jacky) Used routinely by Praxis Critical Systems, Ltd (UK) ... – PowerPoint PPT presentation

Number of Views:40
Avg rating:3.0/5.0
Slides: 16
Provided by: davidd159
Category:
Tags: ctl | checking | critical | model

less

Transcript and Presenter's Notes

Title: CTL Model Checking


1
CTL Model Checking
  • David L. Dill

2
CTL syntax
  • AP -- atomic propositions
  • p ?AP is a formula
  • f ? g is a formula, if f and g are
  • f is a formula
  • AX f is a formula
  • EX f is a formula
  • Af U g ...
  • Ef U g ...

3
CTL model checking
CTL formulas (propeties)
State graph from implementation (Kripke structure)
OK or counter- example
Model checker
4
State graph
  • Many representations can be translated to state
    graphs
  • circuits
  • concurrent programs
  • various description languages
  • SCR, statecharts
  • Translation is usually to a BDD representation of
    graph, not explicit graph.

5
Abbreviations
  • AF f Atrue U f "future"
  • EF f Etrue U f
  • AG f ? EF ? f "globally"
  • EG f ? AF ? f

6
CTL intuition
AX p
p
EX p
p
p
p
p
7
AGp p is invariant
AFp p is inevitable
EFp p potentially holds
8
CTL examples
  • Mutual exclusion AG ? (c1 ? c2 )
  • Fairness AG (t1 ? AF c1)
  • Resetability AG (EF "init") (there is always a
    path back to init)

9
Request/Acknowledge example
  • Areq U ack ? Aack U req ? Areq U ack ?
    Aack U req
  • (Weak Until? Aack u req)

Req
Ack
10
Algorithm for model checking
  • Idea progressively label states with nonatomic
    properties.
  • Subformulas are treated like atomic formulas
    after they have been checked.
  • labels(s) -- set of labels of state s in M.
  • Initially, labels(s) P(s).

11
Fixed point algorithm for model checking
  • We then traverse the formula to be checked
    bottom-up, checking subformulas of f before
    checking f.
  • Add f to labels(s) if f not in labels(s)
  • Add f ? g to labels(s) if f in labels(s) and g in
    labels(s)
  • Add AX f to labels(s) if f in labels(s') for all
    s's R s'
  • Add EX f to labels(s) if f in labels(s') for some
    s' s R s'

12
Fixed point algorithm for model checking
  • Until formulas require a fixed-point iteration
  • Use fact that Af U g g ? AX Af U g
  • Algorithm
  • 1. Whenever state g in labels(s), add Af U g
    to labels(s).
  • 2. Repeat Whenever all next states of s have
    Af U g in labels(s), add A f U g to
    labels(s).
  • Similarly for E f U g .

13
Z (zed) specifications
14
Z
  • Logical specification language
  • Probably most widely known such
  • Very general can describe
  • data structures
  • relations and tables
  • functions
  • Few tools
  • syntax checkers
  • recently, theorem provers

15
Z has really been used
  • IBM CICS specification (1992)
  • Cyclotron specification (Jacky)
  • Used routinely by Praxis Critical Systems, Ltd
    (UK)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "CTL Model Checking" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!