Visual Tools for Temporal Reasoning G. Kutty, L.K. Dillon, L.E. Moser, P.M. Melliar-Smith, and Y.S. Ramakrishna.

Slides:



Advertisements
Similar presentations
Chapter 7 - Resource Access Protocols (Critical Sections) Protocols: No Preemptions During Critical Sections Once a job enters a critical section, it cannot.
Advertisements

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Concurrency: Mutual Exclusion and Synchronization Chapter 5.
ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
CS6133 Software Specification and Verification
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.
The Timeline formalism A visual formalism for expressing temporal constraints Eric Bodden.
Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ITEC113 Algorithms and Programming Techniques
1 Chapter 4 Dynamic Modeling and Analysis (Part I) Object-Oriented Technology From Diagram to Code with Visual Paradigm for UML Curtis H.K. Tsang, Clarence.
1 Chapter 4 Dynamic Modeling and Analysis (Part I) Object-Oriented Technology From Diagram to Code with Visual Paradigm for UML Curtis H.K. Tsang, Clarence.
Tele Design of Reactive Systems Summer 2001 Prof. Dr. Stefan Leue Institute for Computer Science Albert-Ludwigs-Universität Freiburg
© Katz, 2007CS Formal SpecificationsLecture - Temporal logic 1 Temporal Logic Formal Specifications CS Shmuel Katz The Technion.
System Concepts for Process Modeling  Process Concepts  Process Logic  Decomposition diagrams and data flow diagrams will prove very effective tools.
Temporal Specification Chris Patel Vinay Viswanathan.
Ordering and Consistent Cuts Presented By Biswanath Panda.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.
Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.
On-the-fly Model Checking from Interval Logic Specifications Manuel I. Capel & Miguel J. Hornos Dept. Lenguajes y Sistemas Informáticos Universidad de.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.
Review of the automata-theoretic approach to model-checking.
9-1 © Prentice Hall, 2004 Chapter 9, Part II: System Behavior - Interactions (Adapted) Object-Oriented Systems Analysis and Design Joey F. George, Dinesh.
ESE601: Hybrid Systems Introduction to verification Spring 2006.
Dependent Types for Reasoning About Distributed Systems Paul Sivilotti - Ohio State Hongwei Xi - Cincinnati.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
Abstract Verification is traditionally done by determining the truth of a temporal formula (the specification) with respect to a timed transition system.
Unified Modeling Language(UML) BY
Software Engineering EKT 420. What is Activity Diagram Activity diagrams are graphical representations of workflows of stepwise activities and actions.
Induction and recursion
On the Formal Specification of Automata- based Programs via Specification Patterns Spring/Summer Young Researchers' Colloquium on Software Engineering.
L. Dillon Software Engineering & Network Systems Laboratory Michigan State University 1 Getting Results From Testing Laura K. Dillon Software Engineering.
CS6133 Software Specification and Verification
Interaction Models (2): Sequence Diagrams Extracted from textbook: Object Oriented Modeling and Design with UML M. Blaha, J. Rumbaugh 1.
Chapter 5 Models and UML Notation for The Object-Oriented Approach.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
9-1 © Prentice Hall, 2007 Chapter 9: Analysis Classes Object-Oriented Systems Analysis and Design Joey F. George, Dinesh Batra, Joseph S. Valacich, Jeffrey.
Course Instructor: Kashif Ihsan 1. Chapter # 3 2.
Dale Roberts 1 Program Control - Algorithms Department of Computer and Information Science, School of Science, IUPUI CSCI N305.
Reasoning about programs March CSE 403, Winter 2011, Brun.
CSCI-383 Object-Oriented Programming & Design Lecture 12.
Defining Liveness by Bowen Alpern and Fred B. Schneider Presented by Joe Melnyk.
2015 Concurrency: logical properties 1 ©Magee/Kramer 2 nd Edition Chapter 14 Logical Properties Satisfied? Not satisfied?
CIS 842: Specification and Verification of Reactive Systems Lecture INTRO-Examples: Simple BIR-Lite Examples Copyright 2004, Matt Dwyer, John Hatcliff,
Functions and Their Representations
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.
Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes.
1 Temporal logic. 2 Prop. logic: model and reason about static situations. Example: Are there truth values that can be assigned to x,y simultaneously.
Lecture 4 Correctness and Fairness Verification and Assurance.
Program Correctness. The designer of a distributed system has the responsibility of certifying the correctness of the system before users start using.
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
Presented by: Belgi Amir Seminar in Distributed Algorithms Designing correct concurrent algorithms Spring 2013.
Today’s Agenda  Quiz 4  Temporal Logic Formal Methods in Software Engineering1.
ALLOY: A Formal Methods Tool Glenn Gordon Indiana University of Pennsylvania COSC 481- Formal Methods Dr. W. Oblitey 26 April 2005.
State Modeling. Introduction A state model describes the sequences of operations that occur in response to external stimuli. As opposed to what the operations.
Model Checking Early Requirements Specifications in Tropos Presented by Chin-Yi Tsai.
Complexity of Compositional Model Checking of Computation Tree Logic on Simple Structures Krishnendu Chatterjee Pallab Dasgupta P.P. Chakrabarti IWDC 2004,
Analysis Classes Unit 5.
CIS 842: Specification and Verification of Reactive Systems
Numbering System TODAY AND TOMORROW 11th Edition
UML dynamic Modeling (Behavior Diagram)
UML Activity Diagrams.
Basic Concepts of Algorithm
Introduction to verification
Inequalities Some problems in algebra lead to inequalities instead of equations. An inequality looks just like an equation, except that in the place of.
Inequalities TRUE FALSE.
Structural Program Development: If, If-Else
Presentation transcript:

Visual Tools for Temporal Reasoning G. Kutty, L.K. Dillon, L.E. Moser, P.M. Melliar-Smith, and Y.S. Ramakrishna

What is GIL?  GIL = Graphical Interval Logic  A way of specifying the behavior of concurrent systems  A visual, temporal logic  GIL Editor and toolkit  System designers use it to create graphical specifications of concurrent system behavior  Verify properties of those systems from the specs  Generate models that satisfy the spec

Temporal Logic  Used to describe systems that change with time  But people seem to prefer diagrams:  Timing diagrams  State-transition diagrams  Flow charts  Data flow diagrams  Etc.

Other diagrams  Pro:  Support intuition  Con:  Can’t be used in formal reasoning about the correctness and consistency of the specifications

Other representations  Harel’s State Charts  Milner’s CCS: IDCCS  Manna and Pneuli’s notation  Tecton

GIL  models computation as a linear sequence of states  user constructs time intervals  expresses properties that apply to those intervals  interval operator: limits scope of properties to that time interval  vertical dimension -> composition  intervals can be nested

Running example  Two concurrent processes that request exclusive use of a shared resource

Example 1  sig1 = process 1 signals for exclusive access to the shared resource  sig2 = process 2 signals for exclusive access to the shared resource   “not” : indicates that sig1 and sig2 are false  [ ]  the interval symbol  left justification means that the conditions hold at the start of the interval

Example 2 turn1 = process 1 has priority turn2 = process 2 has priority indentation indicates that the formula holds at every state in the interval indicates that if process 1 has priority then process 2 does not, and vice versa

Example 2 [ - includes endpoint -) excludes endpoint

Example 3  cs1 = process 1 has exclusive permission to use the resource  if the process with higher priority requests the resource it must be granted permission to access the resource before it cancels the request

Example 3   : the search operator; locates the next state at which the formula associated with the arrowhead is true  searches forward until turn1 and sig1 both hold  the interval includes the left endpoint, but excludes the right endpoint  interval ends when sig1 becomes false

Example 3  diamond shape means that cs1 holds at some state within the interval  indentation of formula to the right within the outer interval indicates that it holds over the outer interval (it is an invariant property)  if search fails, then interval formula is “vacuously true”

Example 4  if process 1 has access to the resource, it will eventually release the resource  when it does, turn2 is set to true, so the other process then has higher priority  double-headed arrow: strong search; asserts that the search operator does not fail, provided prior searches do not fail  right end of inner interval coincides with outer interval; arrow without formula indicates search to end of context

Example 5  if process 1 claims the resource and process 2 does not, then process 1 is permitted to enter the critical section

Example 6  if process 1 issues sig1 but later cancels sig1 before gaining access to the resource (it can do so when process 2 has priority and also wants access to the resource), it will reissue sig1 at a later time  guarantees that process 1 will keep issuing sig1 until it eventually gains access to the resource

Example 6  states in the formula are positioned so that states that correspond to the same points in time are aligned vertically

Intervals initial property: holds at the first state of the interval shown invariant property: holds at every state in the interval eventuality property: holds at some state within the interval

Intervals a recurring property

An interval formula left endpoint: the earliest state at which l-req holds right endpoint: the earliest state at which r-req holds formula asserts that local-req holds in the interval from the left endpoint up to but not including the right endpoint

 coming soon (tomorrow)  searches  operators  specifying properties …

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.