SSVV 10 Model Checking

Outline
System verification
Model checking
Transition system
Linear-Time Properties
Temporal Logic
Linear-Time Logic
Computation Tree Logic
Next lecture
Questions
References
Software Systems Verification and Validation

Lecture 10 - Model checking
Lect. dr. Andreea Vescan
Babes-Bolyai University
Cluj-Napoca
2015-2016
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
System verification
Software verification techniques
Catching software bugs
Formal methods
Model checking
Model checking approach
Strengths and Weaknesses
Transition system
Transition system
Intuitive behavior
Example
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
System verification
Information and Communication Technology (ICT)
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
System verification
Correct ICT systems
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
System verification
Correct ICT systems
It is all about money.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
System verification
Correct ICT systems
It is all about safety.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
System verification
Correct ICT systems
The reliability of the ICT systems is a key issue in the system

design process [KB08].
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
System verification
Correct ICT systems
The reliability of the ICT systems is a key issue in the system

design process [KB08].
System verification techniques
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Schematic view of an posteriori system verification

system
specification
Design
Process
properties
product or
prototype
bug (s) found
Verification
no bugs found
Figure: Schematic view of an posteriori system verification

Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods

Non-formal verification techniques (used in practice): peer
reviewing (SSVV Lecture 01) and testing (SSVV Lecture 2-3).
Peer review (static technique)
Software testing (Dynamic technique)
Formal verification techniques.

Formal methods
Model-based simulation
Model checking( SSVV Lecture 10- today)
Model-based testing
Theorem proving (SSVV Lecture 06 and 07)
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Catching software bugs: the sooner, the better [KB08]

Analysis
Conceptual
Design
Programming
Unit Testing System

Testing
50%
40%
introduced
errors (in %)
detected
errors (in %)
Operation
cost of correction
per error
(In 1,000 us $)
12.5
10
30%
7.5
20%
10%
2.5
0%
Time (non-linear)
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
More time and effort spend on verification than on
construction - in software/hardware design of complex
systems.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.
The role of formal methods:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.
To establish system correctness with mathematical rigor.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.
To facilitate the early detection of defects.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.
Brands of verification technique:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.
deductive methods - the correctness of system is determined by properties in a mathematical

theory, using tools as theorem provers and proof checkers
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.

model-based techniques: model checking (exhaustive exploration), simulation (restrictive set of
scenarios in the model), model-based testings, etc
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
System verification
Formal methods
Formal methods
systems.

model-based techniques: model checking (exhaustive exploration), simulation (restrictive set of
scenarios in the model), model-based testings, etc
Any verification using model-based techniques is only as good

as the model of the system.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References

Model checking
System
Requirements
Formalizing
Modeling
property
specification
System
model
Model
Checking
Satisfied
Violated+
Counterexample
Simulation
Location
Error
Figure: Schematic view of the model checking approach [KB08]

Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References

Characteristics of Model Checking

Model checking is an automated technique that, given a
finite-state model of a system and a formal property,
systematically checks whether this property holds for (a given
state in) that model.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


The model checking process
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
Running phase
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
Running phase
Analysis phase
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
model the system under consideration
Running phase
Analysis phase
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
formalize the property to be checked.
Running phase
Analysis phase
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
Running phase
Analysis phase
property satisfied?
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Modeling phase
Running phase
Analysis phase
property satisfied?
property violated?
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References

Strengths and Weaknesses of model checking [KB08]

Strengths
Weaknesses
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
General verification approach
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
Supports partial verification
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
Provides diagnostic information
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
Potential
push-buttontechnology
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
Potential
Increasing interest by industry
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
Potential
Easily integrated in existing
development cycles
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
Appropriate to control-intensive
applications

Potential
development cycles
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
applications
Its applicability is subject to
decidability issues
Potential
development cycles
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
applications

decidability issues
Potential
It verifies a system model

development cycles
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
applications

decidability issues
Potential
Checks only stated requirements

development cycles
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
applications

decidability issues
Potential

development cycles
Suffers from the state-space explosion

problem
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References


Weaknesses
Strengths
applications

decidability issues
Potential

development cycles
Suffers from the state-space explosion

problem
Requires some expertise
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system
Transition systems - used in computer science as models to
describe the behavior of the systems.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system
Transition systems - directed graphs:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system
Nodes - represent states;
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system
Edges - model transitions, i. e. state changes.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system
A Transition System (TS) is tuple (S, Act, , I, Ap, L),

where
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
S is a set of states,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
Act is a set of actions,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
S Act S is a transition relation,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
I S is a set of initial states,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
AP is a set of atomic propositions, and
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
L : S 2AP is a labeling function.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system

where
L : S 2AP is a labeling function.
TS is called finite if S, Act and AP are finite.

Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Transition system - remarks

Intuitive behavior of a transition system
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I
Using the transition relation the system evolves
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I
Current state s, a transition s s is selected

nondeterministically
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I

The selection procedure is repeated and finishes once a state is
encountered that has no outgoing transitions.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I

The labeling function L relates a set L(s) 2AP at atomic
propositions to any state s.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I

propositions to any state s. L(s) intuitively stands for exactly those
atomic propositions a AP which are satisfied by state s.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example

Initial state s0 I

propositions to any state s. L(s) intuitively stands for exactly those
atomic propositions a AP which are satisfied by state s.
Given that is a propositional logic formula, then s satisfies the
formula if the evaluation induced by L(s) makes the formula
true,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Beverage Vending Machine
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Transition system
Intuitive behavior
Example
Beverage Vending Machine

S = {pay , select, soda, beer }, I = {pay }
Act = {insert coin, get soda, get bear , }
insert coin
select,
Example transitions: pay
get beer
beer pay
Atomic propositions depends on the
properties under consideration. A simple
choice - to let the state names act as
atomic propositions, i. e. L(s) = {s}.
The vending machine only delivers a
drink after providing a coin,
AP = {paid, drink},
L(pay ) = , L(soda) = L(beer ) =
pay
get_beer
get_soda
soda
insert_coin
tau
select
tau
beer
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Deadlock
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Deadlock
Safety properties = nothing bad should happen.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Deadlock
The number of inserted coins is always at least the number of
dispensed drinks.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Deadlock
The number of inserted coins is always at least the number of
dispensed drinks.
Liveness properties = something good will happen in the

future.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic
Propositional temporal logics [KB08], [Fre10]- extensions of
propositional logic by temporal modalities.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic
The elementary temporal modalities that are present in most
temporal logics include the operators
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic
eventually (eventually in the future) -
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic
always (now and forever in the future -
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic
The nature of time in temporal logics can be either linear or

branching.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic

branching.
The adjective temporal
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic

branching.
specification of the relative order of events;
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Temporal Logic
Temporal Logic

branching.
specification of the relative order of events;
does not support any means to refer to the precise timing of
events.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
LTL temporal modalities
Intuitive meaning of temporal modalities
LTL semaphore example
Linear-Time Logic
Construction of LTL formulae in LTL - ingredients:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Linear-Time Logic
atomic propositions a AP, (stands for the state label a in a
transition system)
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Linear-Time Logic
transition system)
boolean connectors like conjunction and negation ,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Linear-Time Logic
transition system)
boolean connectors like conjunction and negation
S ,
basic temporal modalities next and until .
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Linear-Time Logic
transition system)
S ,
LTL formulae over the set AP of atomic proposition are

formed according to the following grammar:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Linear-Time Logic
transition system)
S ,
LTL formulae over the set AP of atomic proposition are

formed according to the following S
grammar:
::= true|a|1 2 || |1 2 , where a AP.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

The until operator allows to derive the temporal modalities
(eventually, sometimes in the future) and (always,
from now on forever) as follows:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

= true
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

S
= true .
= .
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

S
= true .
= .
By combining the temporal modalities and , new temporal

modalities are obtained:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

S
= true .
= .

- infinitely often .
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

S
= true .
= .

- eventually forever .
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

S
= true .
= .

at any moment j there is a moment i i j at which an a state
is visited
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL

S
= true .
= .

at any moment j there is a moment i i j at which an a state
is visited
from some moment j on, only a-states are visited.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Intuitive semantics of temporal modalities

arbitrary
atomic
proposition a
arbitrary
arbitrary
arbitrary
...
next step
arbitrary
arbitrary
arbitrary
arbitrary
...
until
arbitrary
...
eventually
arbitrary
...
always
...
Figure: Intuitive semantics of temporal modalities

Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
((A = green B = green))
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
A and B can not be
simultaneously green.
(A = yellow A = red)
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
A and B can not be

If A is yellow eventually will
become red.
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
A and B can not be

become red.
(A = yellow (A = red))
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
A and B can not be

become red.

If A is yellow then it will be
red into the next state.
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
A and B can not be

become red.

((B = green)
B
A
(A = red))
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of LTL
Semaphore example
A and B can not be

become red.

((B = green)
B
A
(A = red))
B will not be green until A

changes in red.Lect. dr. Andreea Vescan
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL - state and path formulae
CTL semaphore example
CTL
Construction of CTL formulae:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
as in LTL by the next-step and until operators,
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
must be not combined with boolean connectives
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
no nesting of temporal modalities is allowed.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
CTL formulae over the set AP of atomic proposition are

Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL

::= true |a|1 2 |||, where a AP and is a
path formula.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL

path formula.
CTL path formulae are formed according to the following
grammar:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL

path formula.
CTL path formulae are formed according to the following
grammar:
S
::= |1 2 , where , 1 and2 are state fromulae.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
CTL distinguishes between state formulae and path formulae:
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
State formulae express a property of a state.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
Path formulae express a property of a path, i.e. an infinite
sequence of states.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S
Temporal PATH operators and
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S
holds for a path if holds in the next state of the path;
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S

S holds for a path if holds in the next state of the path;
holds for a path if there is some state along the path for
which holds, and holds in all states prior to that state.
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S

Path formulae state formulae by prefixing them with
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S

path quantifier (pronounced for some path);
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S

Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S

- holds in a state if there exists some path satisfying that
starts in that state.
path quantifier (pronounced for all paths.)
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
CTL
sequence of states.
S

- holds in a state if there exists some path satisfying that
starts in that state.
path quantifier (pronounced for all paths.)
Lect.
Validation
-holds
indr.a Andreea
state Vescan
if all pathsSoftware
thatSystems
start Verification
in that and
state
satisfy .
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
Semaphore example
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
Semaphore example
(B = yellow (B =
red)).
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Syntax of CTL
Semaphore example
(B = yellow (B =
red)).
If B is yellow, it will become
(sometime in the future) red.
B
A
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Next lecture
Next lecture
CMM
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Questions
Questions
Thank You For Your Attention!
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
Questions
Questions
Thank You For Your Attention!
Outline
System verification
Model checking
Transition system
Temporal Logic
Linear-Time Logic
Next lecture
Questions
References
References I

SSVV 10 Model Checking

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

SSVV 10 Model Checking

Încărcat de

Drepturi de autor:

Formate disponibile

Outline

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

The reliability of the ICT systems is a key issue in the system

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

The reliability of the ICT systems is a key issue in the system

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Schematic view of an posteriori system verification

Figure: Schematic view of an posteriori system verification

Software Systems Verification and Validation

Software verification techniques

Formal verification techniques.

Software Systems Verification and Validation

Catching software bugs: the sooner, the better [KB08]

Unit Testing System

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Brands of verification technique:

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Brands of verification technique:

deductive methods - the correctness of system is determined by properties in a mathematical

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Brands of verification technique:

deductive methods - the correctness of system is determined by properties in a mathematical

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Brands of verification technique:

deductive methods - the correctness of system is determined by properties in a mathematical

Any verification using model-based techniques is only as good

Software Systems Verification and Validation

Model checking approach

Figure: Schematic view of the model checking approach [KB08]

Software Systems Verification and Validation

Model checking approach

Characteristics of Model Checking

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Model checking approach

Characteristics of Model Checking

Lect. dr. Andreea Vescan

Software Systems Verification and Validation

Model checking approach