Dániel Darvas (CERN BE-ICS-PCS / TU Budapest) DSL tools for formal verification Spoofax meeting 19/01/2016, CERN Joint work with B. Fernández, E. Blanco,

Slides:

Advertisements

Similar presentations

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Advertisements

Model Driven Generative Programming Reza Azimi February 6, 2003 ECE1770: Trends in Middleware Systems.

This work was partially funded by the RNTL initiative (LUTIN project) 1 Refactoring to Object-Oriented Design Patterns Mikal Ziane (LIP6 and Université.

Verification and Validation

Semantics Static semantics Dynamic semantics attribute grammars

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

Restricted © Siemens AG All rights reserved Siemens Corporate Technology | Month 20XX Proposed topics for TDL phase 3.

Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.

August Moscow meeting1August Moscow meeting1August Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.

CSE 425: Semantic Analysis Semantic Analysis Allows rigorous specification of a program’s meaning –Lets (parts of) programming languages be proven correct.

ISBN Chapter 3 Describing Syntax and Semantics.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

AndroidCompiler. Layout Motivation Literature Review AndroidCompiler Future Works.

Irina Rychkova. 9/20061 Systemic approach towards model definition Model transformation semantics.

C. Varela; Adapted w/permission from S. Haridi and P. Van Roy1 Declarative Computation Model Defining practical programming languages Carlos Varela RPI.

Course Summary. © Katz, 2003 Formal Specifications of Complex Systems-- Real-time 2 Topics (1) Families of specification methods, evaluation criteria.

ISBN Chapter 3 More Syntax –BNF –Derivations –Practice.

1 Semantic Processing. 2 Contents Introduction Introduction A Simple Compiler A Simple Compiler Scanning – Theory and Practice Scanning – Theory and Practice.

CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.

Course Summary. © Katz, 2007 Formal Specifications of Complex Systems-- Real-time 2 Topics (1) Families of specification methods, evaluation criteria.

A Structure Editor For PAL Constraints Anton An July 18, 2001.

8/3/011 Formal methods for CARA development Insup Lee (Univ. of Pennsylvania) Rance Cleaveland (SUNY at Stony Brook) Elsa Gunter (NJIT)

Transformation of Java Card into Diet Java Semester Project Presentation Erich Laube.

CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.

Describing Syntax and Semantics

Principles of Procedural Programming

ESO - G.Chiozzi SPIE 2010 – Evolution of the VLT instrument control system toward industry standards Mario J. Kiekebusch, Gianluca Chiozzi,

Introduction to High-Level Language Programming

Verification technique on SA applications using Incremental Model Checking 컴퓨터학과 신영주.

(1.1) COEN 171 Programming Languages Winter 2000 Ron Danielson.

Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.

Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.

Building Tools by Model Transformations in Eclipse Oskars Vilitis, Audris Kalnins, Edgars Celms, Elina Kalnina, Agris Sostaks, Janis Barzdins Institute.

B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.

Programming Languages & Translators (CE 359) Fall 2013 Prof. Dr: Ahmed El Nahass Lecture 1 1 FACULTY OF ENGINEERING COMPUTER ENGINEERING Prof.Dr Ahmed.

Chapter 6 Programming Languages (2) Introduction to CS 1 st Semester, 2015 Sanghyun Park.

ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.

1 OCL Tools Supervised by Prof. Daniel Amyot May Khalil Nadia Spido Submitted to Professor Daniel Amyot in partial fulfillment of the requirements for.

Predicate Abstraction of ANSI-C Programs Using SAT By Edmund Clarke, Daniel Kroening, Natalia Sharygina, Karen Yorav Presented by Yunho Kim Provable Software.

Parse & Syntax Trees Syntax & Semantic Errors Mini-Lecture.

Abstracting and alternatives for XBRL implementation Abstracting the XBRL Formula Piotr Malczak (GPM Systemy) April 22, 2010.

1. 2 Preface In the time since the 1986 edition of this book, the world of compiler design has changed significantly 3.

Introduction to Compilers. Related Area Programming languages Machine architecture Language theory Algorithms Data structures Operating systems Software.

3.2 Semantics. 2 Semantics Attribute Grammars The Meanings of Programs: Semantics Sebesta Chapter 3.

ISBN Chapter 3 Describing Semantics.

Chapter 3 Part II Describing Syntax and Semantics.

CSE Winter 2008 Introduction to Program Verification January 15 tautology checking.

Ukrprog Formal requirement language and its applications A.Letichevsky Glushkov Institute of Cybernetics.

Presented by: Elena C. Ciobanu Mihai V. Ciobanu Kuntal Ghosh

C H A P T E R T W O Linking Syntax And Semantics Programming Languages – Principles and Paradigms by Allen Tucker, Robert Noonan.

Automated Formal Verification of PLC (Programmable Logic Controller) Programs

From Natural Language to LTL: Difficulties Capturing Natural Language Specification in Formal Languages for Automatic Analysis Elsa L Gunter NJIT.

Dr. Mohamed Ramadan Saady 314ALL CH1.1 Chapter 1: Introduction to Compiling.

CSC 4181 Compiler Construction

LECTURE 3 Compiler Phases. COMPILER PHASES Compilation of a program proceeds through a fixed series of phases.  Each phase uses an (intermediate) form.

CS412/413 Introduction to Compilers Radu Rugina Lecture 11: Symbol Tables 13 Feb 02.

Boolean Programs: A Model and Process For Software Analysis By Thomas Ball and Sriram K. Rajamani Microsoft technical paper MSR-TR Presented by.

Overview of Compilation Prepared by Manuel E. Bermúdez, Ph.D. Associate Professor University of Florida Programming Language Principles Lecture 2.

1 Budapest University of Technology and Economics Department of Measurement and Information Systems Budapest University of Technology and Economics Fault.

ALLOY: A Formal Methods Tool Glenn Gordon Indiana University of Pennsylvania COSC 481- Formal Methods Dr. W. Oblitey 26 April 2005.

The PLA Model: On the Combination of Product-Line Analyses 강태준.

DSL implementation for UNICOS-CPC Ivan Prieto Barreiro Jeffrey Goderie BE-ICS.

Lecture 9 Symbol Table and Attributed Grammars

Formal verification of industrial control systems

Improving the quality of PLC programs

Introduction to Compiler Construction

Requirements for CPC Scripting Language

Presentation by Julie Betlach 7/02/2009

Presentation transcript:

Dániel Darvas (CERN BE-ICS-PCS / TU Budapest) DSL tools for formal verification Spoofax meeting 19/01/2016, CERN Joint work with B. Fernández, E. Blanco, S. Bliudze, J.O. Blech, J-C. Tournier, T. Bartha, A. Vörös, I. Majzik

What are we doing? Formal verification of PLC programs … to complement testing … to find hidden, complex bugs … accessible to developers

Native support for only one language Model checking (PLCverif) Formal model Formal requirement Model checker SatisfiedNot satisfied Counter- example PLC code (SCL) Verification report Reductions Verification based on the implementation External tool checks the satisfaction of the req. Self-contained report with counterexample Requirement patterns User-friendly requirem’t specification

Model checking – Technologies used Reductions Textual representation Textual input/output Textual representation HTML Java +Java Formal model Formal requirement Model checker PLC code (SCL) Requirement patterns Verification report

Model checking – Technologies used Reductions This should remain EMF Metamodel generated by Xtext Java Verification model PLC code (SCL) SCL AST

The PLCverif tool Eclipse-based editor for PLC programs

The PLCverif tool Defining verification cases (requirement, fine-tuning, etc.) No model checker-related things or temporal logic expressions

The PLCverif tool Defining verification cases (requirement, fine-tuning, etc.) No model checker-related things or temporal logic expressions

The PLCverif tool Click-button verification, verification report with the analysed counterexample

Problems with the current method −Our ST (SCL) Xtext grammar is partial −Double maintenance of ST (SCL) grammars However, −Xtext’s performance is good enough 1 file with 120k statements parsed in 1–3 sec (headless) −Headless parsing is needed (  Jenkins) −Our tool is relatively stable and working fine Could we use the Spoofax-based implementation in our setting without major changes?

Technologies used (reminder) Reductions This should remain EMF Metamodel generated by Xtext Java Verification model PLC code (SCL) SCL AST

Potential future work #1 Code generation PLC code (SCL) Currently Some model Future plan SCL Abstract Syntax Tree Some model PLC code (SCL) Code generator

Potential future work #2 Support for other PLC languages (IL/STL) ST (SCL) code FUNCTION_BLOCK Test VAR_INPUT in1: Bool; END_VAR VAR_OUTPUT out1: Bool; END_VAR BEGIN out1:= NOT in1; END_FUNCTION_BLOCK FUNCTION_BLOCK Test VAR_INPUT in1: Bool; END_VAR VAR_OUTPUT out1: Bool; END_VAR BEGIN out1:= NOT in1; END_FUNCTION_BLOCK Siemens IL (STL) code FUNCTION_BLOCK Test VAR_INPUT in1: Bool; END_VAR VAR_OUTPUT out1: Bool; END_VAR BEGIN NETWORK A in1; NOT; = out1; END_FUNCTION_BLOCK FUNCTION_BLOCK Test VAR_INPUT in1: Bool; END_VAR VAR_OUTPUT out1: Bool; END_VAR BEGIN NETWORK A in1; NOT; = out1; END_FUNCTION_BLOCK

Potential future work #2 Support for other PLC languages (IL/STL) PLC code (SCL) Currently PLC code (IL/STL) Future plan Regex-based translation Formal model PLC code (SCL) PLC code (IL/STL) Formal model Limited translation

Potential future work #3 Improve the requirement specification Currently one requirement at a time Limited editing support (only simple content assist) Here we should accept any Boolean SCL expression Currently

Potential future work #4 (Simple) static code analysis Are all the variables assigned? Do all conditional statements have meaningful conditions? IF unsignedVar >= 0 THEN … Are the variable names consistently used? foobar = FOOBAR = fOoBaR Is the code correctly indented? A technical student project is planned to be started on this.

Wrap up −Replacing Xtext with Spoofax would be beneficial No double maintenance Better SCL implementation Could help our future plans −Constraints for the replacement Performance Headless operation “It kind of works now.” – The replacement effort should be reasonable.