Digitaalsüsteemide verifitseerimise kursus1 Formal verification: Property checking Property checking.

Slides:



Advertisements
Similar presentations
1 Verification by Model Checking. 2 Part 1 : Motivation.
Advertisements

Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.
Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
Metodi formali dello sviluppo software a.a.2013/2014 Prof.Anna Labella.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
François Fages MPRI Bio-info 2006 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraints Group, INRIA.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.
CS6133 Software Specification and Verification
Model Checking Inputs: A design (in some HDL) and a property (in some temporal logic) Outputs: Decision about whether or not the property always holds.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar D D.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Review of topics Final exam : -May 2nd to May 7 th - Projects due on May 7th.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
1 Temporal Logic u Classical logic:  Good for describing static conditions u Temporal logic:  Adds temporal operators  Describe how static conditions.
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.
Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Witness and Counterexample Li Tan Oct. 15, 2002.
ECE Synthesis & Verification - L211 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Verification Equivalence checking.
Review of the automata-theoretic approach to model-checking.
Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop.
ESE601: Hybrid Systems Introduction to verification Spring 2006.
Witness and Counterexample Li Tan Oct. 15, 2002.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
CS 267: Automated Verification Lecture 13: Bounded Model Checking Instructor: Tevfik Bultan.
Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.
1 Carnegie Mellon UniversitySPINFlavio Lerda Bug Catching SPIN An explicit state model checker.
Digitaalsüsteemide verifitseerimise kursus1 Formal verification: BDD BDDs applied in equivalence checking.
1 Introduction to SMV and Model Checking Mostly by: Ken McMillan Cadence Berkeley Labs Small parts by: Brandon Eames ISIS/Vanderbilt.
Institute for Applied Information Processing and Communications 1 Karin Greimel Semmering, Open Implication.
Model Checking Lecture 4 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Model Checking Lecture 3 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Digitaalsüsteemide verifitseerimise kursus1 Formal verification: SAT SAT applied in equivalence checking.
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
Yang Liu, Jun Sun and Jin Song Dong School of Computing National University of Singapore.
CS6133 Software Specification and Verification
Verification & Validation By: Amir Masoud Gharehbaghi
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
1 CSEP590 – Model Checking and Automated Verification Lecture outline for July 9, 2003.
1 Temporal logic. 2 Prop. logic: model and reason about static situations. Example: Are there truth values that can be assigned to x,y simultaneously.
Variants of LTL Query Checking Hana ChocklerArie Gurfinkel Ofer Strichman IBM Research SEI Technion Technion - Israel Institute of Technology.
Classification of Simulators Logic Simulators Emulator-basedSchematic-basedHDL-based Event-drivenCycle-basedGateSystem.
Digitaalsüsteemide verifitseerimise kursus1 Exercises Binary decision diagrams ROBDD generation. Shannon expansion Finding an optimal ordering Dynamic.
6/12/20161 a.a.2015/2016 Prof. Anna Labella Formal Methods in software development.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Model Checking Lecture 2. Model-Checking Problem I |= S System modelSystem property.
Model Checking Lecture 2 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Complexity of Compositional Model Checking of Computation Tree Logic on Simple Structures Krishnendu Chatterjee Pallab Dasgupta P.P. Chakrabarti IWDC 2004,
Basic concepts of Model Checking
SS 2017 Software Verification LTL monitoring
Alternating tree Automata and Parity games
Chapter 4: Model Checking of Finite State Systems
Albert M. K. Cheng Real-Time Systems Laboratory University of Houston
Formal Methods in software development
CSCI1600: Embedded and Real Time Software
Formal Methods in software development
Introduction to verification
Formal Methods in software development
Program correctness Model-checking CTL
Presentation transcript:

Digitaalsüsteemide verifitseerimise kursus1 Formal verification: Property checking Property checking

Digitaalsüsteemide verifitseerimise kursus2 Property checking If designs to be verified are sequential and the correspondence of states is not known then equivalence checking not an option Property checking traverses the full search space (bounded or unbounded) to check if a property holds in the design. Property checking needed if incomplete or abstract specifications verified

Digitaalsüsteemide verifitseerimise kursus3 safety property states that an undesired property should not hold liveness property states that a necessary property should hold fairness property states that some states are traversed repeatedly Types of properties

Digitaalsüsteemide verifitseerimise kursus4 Communication between TLC and property automaton with properties: 1.North-South traffic has a different light than East-West traffic. 2.Traffic light follows the sequence R,G,Y,R,G,Y.... Properties as an automaton

Digitaalsüsteemide verifitseerimise kursus5 Properties as an automaton

Digitaalsüsteemide verifitseerimise kursus6 Temporal structure & computation trees In general, using property automata is inconvenient Therefore other approaches applied: temporal logic, computation trees …

Digitaalsüsteemide verifitseerimise kursus7 State graph and state sequence Temporal structure & computation trees

Digitaalsüsteemide verifitseerimise kursus8 State transitions tree Temporal structure & computation trees

Digitaalsüsteemide verifitseerimise kursus9 Kripke structures: computational tree

Digitaalsüsteemide verifitseerimise kursus10 Temporal-logic Consider 3 logics: –LTL (linear temporal logic), –CTL (computation tree logic) and –CTL* LTL assumes linear time model, while CTL assumes branch time model Two types of formulae in temporal logic: state and path formulae

Digitaalsüsteemide verifitseerimise kursus11 Temporal-logic: LTL LTL considers a single path 2 temporal operations: X(neXt) and U(Until) LTL formulae: –Every Boolean variable is an LTL formula –If f and g are LTL formulae, then ~f and f+g are LTL formulae –If f and g are LTL formulae, then fUg and Xg are LTL formulae

Digitaalsüsteemide verifitseerimise kursus12 More complex functions can be derived: Fg = TRUE U g, i.e. g will eventually become true Gf = ~(F~f), i.e. f is always (globally) true fRg = ~(~f U ~g), i.e. f must be false until g becomes true (Release operation) Temporal-logic: LTL

Digitaalsüsteemide verifitseerimise kursus13 Temporal-logic: LTL

Digitaalsüsteemide verifitseerimise kursus14 CTL includes 8 operators: AX,EX,AG,EG,AF,EF,AU ja EU In fact can be represented by three: EX,EG and EU AXf = ~EX(~f) AF(f) = ~EG(~f) AG(f) = ~EF(~f) EF(f) = E( TRUE U f) A(fUg) = (~E(~gU(~f)(~g)))(~EG(~g)) Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus15 Operation AX(f): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus16 Operation EX(f): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus17 Operation AG(f): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus18 Operation EG(f): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus19 Operation AF(f): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus20 Operation EF(f): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus21 Operation A(fUg): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus22 Operation E(fUg): Temporal-logic: CTL

Digitaalsüsteemide verifitseerimise kursus23 Temporal-logic: System Verilog Assertions System Verilog Assertions and PSL also temporal languages!

Digitaalsüsteemide verifitseerimise kursus24 Property checking in automata 1.Describe property as automaton, such that some states represent success or failure of property 2.Compose design automaton with property automaton 3.Property succeeds only iff no failure composite state is reachable

Digitaalsüsteemide verifitseerimise kursus25 A and B throw dice. When A gets more points, then –A’s score incremented by 1, if the score is not 2. If score is 2, then it becomes 0 again. –B’s score skoor is decremented by 1, if score not 0. If B gets more points, then the same applies but A and B interchanged. If A, B get equal points then score unchanged. Property checking in automata: throwing dice

Digitaalsüsteemide verifitseerimise kursus26 Check two properties: 1.Can we have a draw1:1? 2.Can we have a draw 2:2? Property checking in automata: throwing dice

Digitaalsüsteemide verifitseerimise kursus27 Property checking in automata: throwing dice

Digitaalsüsteemide verifitseerimise kursus28 Property checking in automata: throwing dice

Digitaalsüsteemide verifitseerimise kursus29 Language containment Verify: L(D)  L(P)? 1.Construct complementary automaton ¬P for property automaton P 2.Compose: D × ¬P 3.L(D)  L(P), if L(D × ¬P) = Ø

Digitaalsüsteemide verifitseerimise kursus30 Language containment in verification

Digitaalsüsteemide verifitseerimise kursus31 Symbolic computation and model-checking Graph based algorithms described above operated with automata and Kripke structures Not applicable to large designs. A circuit with 100 flipflops has states... In Symbolic computation we don’t enumerate states but convert state traversal to Boolean functions We can verify larger designs

Digitaalsüsteemide verifitseerimise kursus32 Forward traversal of states: Symbolic computation and model-checking

Digitaalsüsteemide verifitseerimise kursus33 Generating counter-examples Forward traversal until faulty state reached Backward traversal from the faulty state using symbolic computation During backward traversal we limit the state image with the ones obtained during forward traversal This is needed to reach the initial state!

Digitaalsüsteemide verifitseerimise kursus34 Generating counter-examples

Digitaalsüsteemide verifitseerimise kursus35 Equivalence of Sequential Circuits How to perform sequential equivalence checking without one to one mapping in states? Have to check whether the output state 1 of the combined miter circuit is reachable

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.