Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

A Survey of Runtime Verification Jonathan Amir 2004.

M ODEL CHECKING -Vasvi Kakkad University of Sydney.

Promising Directions in Hardware Design Verification Shaz Qadeer Serdar Tasiran Compaq Systems Research Center.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Timed Automata.

What are Formal Verification Methods Mathematically based languages, techniques and tools for specifying and verifying systems Language – Clear unambiguous.

Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.

B. Sharma, S.D. Dhodapkar, S. Ramesh 1 Assertion Checking Environment (ACE) for Formal Verification of C Programs Babita Sharma, S.D.Dhodapkar RCnD, BARC,

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Software Failure: Reasons Incorrect, missing, impossible requirements * Requirement validation. Incorrect specification * Specification verification. Faulty.

6/14/991 Symbolic verification of systems with state machines David L. Dill Jeffrey Su Jens Skakkebaek Computer System Laboratory Stanford University.

Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (

Teaching MC to Undergrads. Abhik Roychoudhury National University of Singapore.

Demonstration Of SPIN By Mitra Purandare

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

1 Basic Definitions: Testing What is software testing? Running a program In order to find faults a.k.a. defects a.k.a. errors a.k.a. flaws a.k.a. faults.

CSEP590 – Model Checking and Software Verification University of Washington Department of Computer Science and Engineering Summer 2003.

May 11, ACL2 Panel: What is the Future of Theorem Proving? Arvind Computer Science & Artificial Intelligence Laboratory.

Software Engineering: Where are we? And where do we go from here? V Software Engineering Lecture 23 Clark Barrett New York University 4/17/2006.

Hardware and Petri nets: application to asynchronous circuit design Jordi CortadellaUniversitat Politècnica de Catalunya, Spain Michael KishinevskyIntel.

Formal Verification of Safety Properties in Timed Circuits Marco A. Peña (Univ. Politècnica de Catalunya) Jordi Cortadella (Univ. Politècnica de Catalunya)

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop.

Computing OverApproximations with Bounded Model Checking Daniel Kroening ETH Zürich.

Automatic synthesis and verification of asynchronous interface controllers Jordi CortadellaUniversitat Politècnica de Catalunya, Spain Michael KishinevskyIntel.

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.

MCAI 2.0 Model Checking in Ten Minutes Edmund Clarke School of Computer Science Carnegie Mellon University.

Verification technique on SA applications using Incremental Model Checking 컴퓨터학과 신영주.

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

Using a Formal Specification and a Model Checker to Monitor and Guide Simulation Verifying the Multiprocessing Hardware of the Alpha Microprocessor.

Using Mathematica for modeling, simulation and property checking of hardware systems Ghiath AL SAMMANE VDS group : Verification & Modeling of Digital systems.

Sparse Coding for Specification Mining and Error Localization Runtime Verification September 26, 2012 Wenchao Li, Sanjit A. Seshia University of California.

Digitaalsüsteemide verifitseerimise kursus1 Digitaalsüsteemide verifitseerimine IAF0620, 5.0 AP, E Jaan Raik IT-208,

INVARIANTS EEN 417 Fall When is a Design of a System “Correct”? A design is correct when it meets its specification (requirements) in its operating.

B. Fernández, D. Darvas, E. Blanco Formal methods appliedto PLC code verification Automation seminar CERN – IFAC (CEA) 02/06/2014.

Yang Liu, Jun Sun and Jin Song Dong School of Computing National University of Singapore.

Framework for the Development and Testing of Dependable and Safety-Critical Systems IKTA 065/ Supported by the Information and Communication.

1 Hybrid-Formal Coverage Convergence Dan Benua Synopsys Verification Group January 18, 2010.

Introduction to Mathematical techniques Formal Methods Limits of Formal Methods.

Page 1 Advanced Technology Center HCSS 03 – April 2003 vFaat: von Neumann Formal Analysis and Annotation Tool David Greve Dr. Matthew Wilding Rockwell.

Reasoning about programs March CSE 403, Winter 2011, Brun.

1 Predicate Abstraction and Refinement for Verifying Hardware Designs Himanshu Jain Joint work with Daniel Kroening, Natasha Sharygina, Edmund M. Clarke.

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

Verification & Validation By: Amir Masoud Gharehbaghi

HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.

Open Incremental Model Checking (OIMC) and the Role of Contracts Model-Based Programming and Verification.

1 IAF0620, 5.0 AP, Exam Jaan Raik ICT-524, , Digital systems verification.

Ukrprog Formal requirement language and its applications A.Letichevsky Glushkov Institute of Cybernetics.

CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.

Static Techniques for V&V. Hierarchy of V&V techniques Static Analysis V&V Dynamic Techniques Model Checking Simulation Symbolic Execution Testing Informal.

Introduction to Hardware Verification ECE 598 SV Prof. Shobha Vasudevan.

Automated Formal Verification of PLC (Programmable Logic Controller) Programs

( = “unknown yet”) Our novel symbolic execution framework: - extends model checking to programs that have complex inputs with unbounded (very large) data.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Survey on the Formal Verification Dept. of Nuclear and Quantum Engineering NICIEL Myung Jun Song.

Formal Methods: Model Checkers and Theorem Provers

SS 2017 Software Verification Bounded Model Checking, Outlook

Types for Programs and Proofs

Synthesis from scenarios and requirements

Gabor Madl Ph.D. Candidate, UC Irvine Advisor: Nikil Dutt

Model Checking for an Executable Subset of UML

Introduction To software engineering

Rich Model Toolkit – An Infrastructure for Reliable Computer Systems

Presentation transcript:

Formal verification Marco A. Peña Universitat Politècnica de Catalunya

Outline l Motivation l Simulation l Formal verification –Theorem proving –Model checking l State space exploration l Formal verification with relative timing l Conclusions

Motivation

Motivation: the problem l System’s complexity: continuous growth is scale and functionality l Probability to introduce design errors increases l System failures are unacceptable: –Software: cost of update, credibility, etc. –Embedded software: no update possible –Hardware: high cost of fabrication/replacement –Safety-critical systems: catastrophic consequences l Delay in time-to-market, loss of money and human lives!!

Motivation: examples l 1994: Floating point divider unit of Pentium microprocessor –Bug in the implementation of the division algorithm –475 million US $ l 1996: Launch failure of Ariane 5 rocket –Wrong data type conversion when computing altitude –Explosion 36 minutes after lunch l 1986: Challenger space shuttle –… l What else?

Motivation: where do bugs come from? l Incorrect specifications l Misinterpretation of specifications l Misunderstandings between designers l Missed cases l Protocol non-conformance l And a long etcetera.

Motivation: what to do? l Develop methods to ensure systems reliability l Detect and fix bugs at the early stages of the design flow l Verification: –General bug-finding techniques. –Usually simulation. l Formal verification: –Methods for 100% bug coverage. –Use mathematical formalisms (logics, automata, etc.) and techniques to reason about the correctness of a system.

Simulation

l Predominant verification method: intuitive idea l Construction of test-cases: manually, randomly, etc. l “Heisenbug” paradigm: when trying to reproduce a bug it never shows up l Example: (x+1) 2 = x 2 + 2x +1 ?

Simulation l Example: –Concurrent processes A and B –Events happen concurrently every operation cycles l Process A X := X l Process B X := X Precondition X = 0 Postcondition X = 1 (!)

Simulation: typical experience Time Functional testing PurgatoryProduct in the market Bugs found

Formal verification

l Ensures consistency with specification for all possible input patterns: exhaustive coverage l Requires: –Formal model of the system –Formal specification language: properties –Reasoning method l Main strategies: –Theorem proving –Model checking

Formal verification l Example: (x+1) 2 = x 2 + 2x +1 ?

Formal verification: theorem proving l Implementation and specification: formulas in some mathematical logic l Deep knowledge of the formalisms and proof techniques l The prover is often human l Useful for: arithmetic algorithms, etc.

Formal verification: theorem proving l Major drawbacks: no guarantee of a proof, complexity of the proof, no counterexample, … l Some impressive results: –AMD K7 floating point unit –Combined with model checking: Intel P4 instruction decoder l Few automatic tools exist l Not a general solution: –Too expert human interaction –Only for small problems or niche applications

Formal verification: model checking l The checker enumerates all the states of the system l Finite state space, but combinatorial explosion ! l Symbolic methods, partial orders, abstractions, etc. l Several automatic tools and success stories exist

Formal verification: model checking l Gaining acceptance but not yet widely used l Major drawbacks: state explosion problem and tools difficult to use for designers l Commercial tools start to appear: Abstract, Chrysalis, IBM, Lucent, Verysys, … l Companies have increasing interest: IBM, Intel, AT&T, etc.  Oportunity! l Not a general solution: –Combination with theorem proving –Combination with semi-formal strategies

State space exploration

l Combinatorial explosion l Symbolic representations: BDDs

State space exploration Some states do not exist, but …

State space exploration Time incorporates a new source of exponentiality !!

Formal verification with Relative Timing

Verification approach: main features l Model checking-like approach for timed systems l Iterative incremental refinement of the untimed state space by: –Off-line timing analysis on small acyclic graphs, and –Incorporation of Relative Timing constraints l Verification of temporal safety properties l BDD-based symbolic representation: large untimed state spaces l Backannotation: sufficient relative timing constraints for correctness are reported, or counterexample trace

Verification approach: system model l Timed Transition Systems: Transition System + delay bounds

Verification approach

Symbolic state space exploration and failure detection Verification approach

Failure states Failure trace Event structure x a b c g d Timing analysis Composition Verification approach [1,2] [3,4] [1,2]

Failure trace Event structure x a b c g d Timing analysis Composition Verification approach [1,2] [3,4] [1,2]

Verification approach: flow

Conclusions

Size of the system (state bits) Probability of verification Research Real systems %

Conclusions: research l Research in Spain: University –PhD programs, FI/FPI grants –Possible stages in foreign universities/companies l Verification teams in companies grow much faster than design teams: oportunity! l Companies and research centers: –USA and Europe –PhD required

Conclusions: collaboration, projects,… l Long list of open problems: –Real case studies: circuits, protocols, etc. –Implementations of other techniques for comparison –Parallel implementations: clusters, etc. –Combination of techniques: formal and semi-formal, etc. –…