Automating Checking of Models Built Using a Graphically Based Formal Language Robert John Walters.

Slides:



Advertisements
Similar presentations
SDL+ The Simplest, Useful Enhanced SDL-Subset The documentation is the design, the design is the system! Copyright © SDL Task Force Consortium.
Advertisements

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str Thessaloniki Greece.
CS 290C: Formal Models for Web Software Lecture 4: Implementing and Verifying Statecharts Specifications Using the Spin Model Checker Instructor: Tevfik.
Formal verification in SPIN Karthikeyan Bhargavan, Davor Obradovic CIS573, Fall 1999.
VIP: A Visual Editor and Compiler for v-Promela Stefan Leue Albert-Ludwigs-University Freiburg
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Chapter 2- Visual Basic Schneider1 Chapter 2 Problem Solving.
The Spin Model Checker Promela Introduction Nguyen Tuan Duc Shogo Sawai.
Solutions to Review Questions. 4.1 Define object, class and instance. The UML Glossary gives these definitions: Object: an instance of a class. Class:
Introduction to Objective-C and Xcode (Part 1) FA 175 Intro to Mobile App Development.
1 Spin Model Checker Samaneh Navabpour Electrical and Computer Engineering Department University of Waterloo SE-464 Summer 2011.
Spin Tutorial (some verification options). Assertion is always executable and has no other effect on the state of the system than to change the local.
CS320n –Visual Programming LabVIEW Foundations. Visual ProgrammingLabVIEW Foundations2 What We Will Do Today Hand back and review the midterm Look at.
28/6/05 ICFI05 1 A generic approach for the automatic verification of featured, parameterised systems Alice Miller and Muffy Calder University of Glasgow.
Chapter Day 5. © 2007 Pearson Addison-Wesley. All rights reserved2-2 Agenda Day 5 Questions from last Class?? Problem set 1 Posted  Introduction on developing.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
Visual Formal Methods R J Walters. Introduction Motivation The Language The tools An example Conclusion.
© 2005 Prentice Hall8-1 Stumpf and Teague Object-Oriented Systems Analysis and Design with UML.
Visual Modelling R J Walters. Introduction Motivation The Language The tools An example Conclusion.
More on RDT Robert John Walters. RDT – a reprise A Graphically based formal modelling language Models represented as diagrams (not text) Communications.
Implementing Hierarchical Features in a Graphically Based Formal Modelling Language Peter Henderson, Robert John Walters and Stephen Crouch Department.
Chapter 8: I/O Streams and Data Files. In this chapter, you will learn about: – I/O file stream objects and functions – Reading and writing character-based.
Programming Logic and Design, Introductory, Fourth Edition1 Understanding Computer Components and Operations (continued) A program must be free of syntax.
1 Case Study: Starting the Student Registration System Chapter 3.
A given modeling and code generation framework Formalization of UML with Traceability Department of Computer Science & Engineering College of Engineering.
TIBCO Designer TIBCO BusinessWorks is a scalable, extensible, and easy to use integration platform that allows you to develop, deploy, and run integration.
02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Extended Prelude to Programming Concepts & Design, 3/e by Stewart Venit and.
Extended Prelude to Programming Concepts & Design, 3/e by Stewart Venit and Elizabeth Drake Chapter 8: More About OOP and GUIs.
Correctness requirements. Basic Types of Claims Basic assertions End-state labels Progress-state labels Accept-state labels Never claims Trace assertions.
Learning objectives By the end of this lecture you should be able to:  have a well-earned rest! Ch 24 Beyond the second semester.
Tutorial 111 The Visual Studio.NET Environment The major differences between Visual Basic 6.0 and Visual Basic.NET are the latter’s support for true object-oriented.
Java Classes Appendix C © 2015 Pearson Education, Inc., Hoboken, NJ. All rights reserved.
Chapter 6 Programming Languages (2) Introduction to CS 1 st Semester, 2015 Sanghyun Park.
Computer Programs and Programming Languages What are low-level languages and high-level languages? High-level language Low-level language Machine-dependent.
Problem Solving Techniques. Compiler n Is a computer program whose purpose is to take a description of a desired program coded in a programming language.
More on Hierarchies 1. When an object of a subclass is instantiated, is memory allocated for only the data members of the subclass or also for the members.
Chapter 1 Program design Objectives To describe the steps in the program development process To introduce the current program design methodology To introduce.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Extended Prelude to Programming Concepts & Design, 3/e by Stewart Venit and.
Temporal Logic Model-checking with SPIN
STAR Event data storage and management in STAR V. Perevoztchikov Brookhaven National Laboratory,USA.
May University of Glasgow Generalising Feature Interactions in Muffy Calder, Alice Miller Dept. of Computing Science University of Glasgow.
M1G Introduction to Programming 2 5. Completing the program.
© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.
Introduction to Object-Oriented Programming Lesson 2.
Lecture 4 Introduction to Promela. Promela and Spin Promela - process meta language G. Holzmann, Bell Labs (Lucent) C-like language + concurrency dyamic.
Classes, Interfaces and Packages
Slide 1 Controls v Control naming convention –Label: lblName –Command Button: cmdName –Text Box: txtName.
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
2 1 Database Systems: Design, Implementation, & Management, 7 th Edition, Rob & Coronel Data Models Why data models are important About the basic data-modeling.
Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Extended Prelude to Programming Concepts & Design, 3/e by Stewart Venit and.
UFCFY5-30-1Multimedia Studio Scripting for Interactive Media Using Interface Fields to Receive and Display Data to the User.
Program Design. Simple Program Design, Fourth Edition Chapter 1 2 Objectives In this chapter you will be able to: Describe the steps in the program development.
INTRODUCTION TO COMPUTER PROGRAMMING(IT-303) Basics.
1 An SDL Tutorial Two primary elements: –Structure –Identifies the various components of the system, and the communication paths among them. –Components:
© 2006 Lawrenceville Press Slide 1 Chapter 4 Variables  A variable is a name for a value stored in memory.  Variables are created using a declaration.
Visual Basic.NET Windows Programming
Chapter 8: More About OOP and GUIs
Formal verification in SPIN
CSE 503 – Software Engineering
Functions CIS 40 – Introduction to Programming in Python
VISUAL BASIC.
Tutorial 19 - Microwave Oven Application Building Your Own Classes and Objects Outline Test-Driving the Microwave Oven Application Designing.
Arrays .
An explicit state model checker
A Refinement Calculus for Promela
CSE 503 – Software Engineering
Presentation transcript:

Automating Checking of Models Built Using a Graphically Based Formal Language Robert John Walters

RDT A Graphically based formal modelling language Models represented as diagrams (not text) Communications inspired by π-calculus Drawn in two parts: Behaviour of components (processes) How they are connected together

RDT Processes Inspired by RADs Have named state Three types of event: Send Receive Create They describe a type of behaviour

RDT Models Process instances labelled with a name and their type Channels known to an instance are shown and labelled Connections between channels shown by lines Concerned with instances

Why SPIN? Highly regarded and widely available Input language looks like “C” Direct input of property to be checked Natural correspondence between channels in Promela and RDT

Translation Several parts to the operation RDT processes converted to Promela processes RDT model conversion - the “init” process Channel allocations Special consideration of features of RDT

Translation: Processes (1) Could have used a single “do” loop with process state stored in a variable State would have to be since there is no string type in Promela Establishing the extent to which a process is exercised is not straightforward

Translation: Processes (2) Each RDT process is converted to a process in Promela Label in Promela for each state of the RDT process “if” statement with each label with two statements which Perform the communication Move process to the next state

Translation: Processes (3) proctype Sink(chan In, val) { initial: if :: In?Val; goto initial; fi; } proctype Source(chan Out) { initial: if :: Out?Out; goto initial; fi; }

Translation: Models (1) Performed in the “init” process Required instances of processes are created (run) Actions enclosed in “atomic” statement Connections implemented by appropriate allocation of channels as parameters to process instances

Translation: Models (2) chan ch0 = [CHLEN] of {chan}; chan nch0 = [0] of {chan}; /* Process definitions here */ init { Atomic { run Source(ch0); run Sink(ch0, nch0); } };

Translation: Models (3) Promela permits the creation of channels which carry channels Length of channels is determined by user at translation time Each process is given a channel as a parameter for each channel name it knows

Issues – the Create type event Permits a process to bring a new channel (value) into existance Translation scheme outlined so far requires all channels to be declared before start of execution Solution adopted is a provide processes with a collection of channels to use

Issues – Special case of Read if :: X?X; goto second; fi; chan tmp; … if :: atomic{X?tmp; X = tmp; } goto second; fi;

Conclusion & further work I have a tool which performs this translation automatically More complete solution to the problem of the Create type event

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.