1 Temporal Logic-Overview FM Temporal Logic u Classical logic: Good for describing static conditions u Temporal logic: Adds temporal operators Describe.

Slides:



Advertisements
Similar presentations
1 Verification by Model Checking. 2 Part 1 : Motivation.
Advertisements

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
1 Reasoning with Promela Safety properties bad things do not happen can check by inspecting finite behaviours Liveness properties good things do eventually.
Tutorial I – An Introduction to Model Checking Peng WU INRIA Futurs LIX, École Polytechnique.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
M ODEL CHECKING -Vasvi Kakkad University of Sydney.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.
Partial Order Reduction: Main Idea
Part 3: Safety and liveness
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
François Fages MPRI Bio-info 2006 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraints Group, INRIA.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.
CS6133 Software Specification and Verification
UPPAAL Introduction Chien-Liang Chen.
Model Checking Inputs: A design (in some HDL) and a property (in some temporal logic) Outputs: Decision about whether or not the property always holds.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
卜磊 Transition System. Part I: Introduction  Chapter 0: Preliminaries  Chapter 1: Language and Computation Part II: Models  Chapter.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar D D.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
Model Checking Lawrence Chung.
1 Temporal Logic u Classical logic:  Good for describing static conditions u Temporal logic:  Adds temporal operators  Describe how static conditions.
© Katz, 2007CS Formal SpecificationsLecture - Temporal logic 1 Temporal Logic Formal Specifications CS Shmuel Katz The Technion.
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.
Temporal Logic and Model Checking. Reactive Systems We often classify systems into two types: Transformational: functions from inputs available at the.
Witness and Counterexample Li Tan Oct. 15, 2002.
1 CTL Model Checking David L. Dill. 2 CTL syntax: AP -- atomic propositions p  AP is a formula f  g is a formula, if f and g are ¬f is a formula AX.
Review of the automata-theoretic approach to model-checking.
ESE601: Hybrid Systems Introduction to verification Spring 2006.
Witness and Counterexample Li Tan Oct. 15, 2002.
Automata and Formal Lanugages Büchi Automata and Model Checking Ralf Möller based on slides by Chang-Beom Choi Provable Software Lab, KAIST.
System Design Research Laboratory Specification-based Testing with Linear Temporal Logic Li Tan Oleg Sokolsky Insup Lee University of Pennsylvania.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.
1 Carnegie Mellon UniversitySPINFlavio Lerda Bug Catching SPIN An explicit state model checker.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
15-820A 1 LTL to Büchi Automata Flavio Lerda A 2 LTL to Büchi Automata LTL Formulas Subset of CTL* –Distinct from CTL AFG p  LTL  f  CTL. f.
1 Introduction to SMV and Model Checking Mostly by: Ken McMillan Cadence Berkeley Labs Small parts by: Brandon Eames ISIS/Vanderbilt.
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
On Reducing the Global State Graph for Verification of Distributed Computations Vijay K. Garg, Arindam Chakraborty Parallel and Distributed Systems Laboratory.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
1 CSEP590 – Model Checking and Automated Verification Lecture outline for July 9, 2003.
1 Temporal logic. 2 Prop. logic: model and reason about static situations. Example: Are there truth values that can be assigned to x,y simultaneously.
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
Today’s Agenda  Quiz 4  Temporal Logic Formal Methods in Software Engineering1.
6/12/20161 a.a.2015/2016 Prof. Anna Labella Formal Methods in software development.
Model Checking Lecture 2. Model-Checking Problem I |= S System modelSystem property.
Model Checking Lecture 2 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Basic concepts of Model Checking
What is the SMV (Symbolic Model Verifier) System ?
CIS 842: Specification and Verification of Reactive Systems
Semantically Equivalent Formulas
CSCI1600: Embedded and Real Time Software
CSEP590 – Model Checking and Automated Verification
Automatic Verification of Industrial Designs
Formal Methods in software development
CSCI1600: Embedded and Real Time Software
Translating Linear Temporal Logic into Büchi Automata
Introduction to verification
Formal Methods in software development
Program correctness Linear Time Temporal Logic
Program correctness Branching-time temporal logics
CSE 503 – Software Engineering
Presentation transcript:

1 Temporal Logic-Overview FM Temporal Logic u Classical logic: Good for describing static conditions u Temporal logic: Adds temporal operators Describe how static conditions change over time u Two main ways to represent temporal logic: Linear time: describes single possible time line  LTL (Linear Temporal Logic): Spin Branching time: describes all possible time lines  CTL (Computation Tree Logic): SMV

2 Temporal Logic-Overview FM What can you do with TL? u Use Automaton to describe system behavior Describes actions of system In terms of state sequences u Use temporal logic to describe property of state sequences u Use model checker to verify TL property Checks TL property against automaton Exhaustively checks the automaton Automatic checking

3 Temporal Logic-Overview FM Basic Idea of Temporal Logic u Truth changes over time u Must say when things are true, Not just what is true u Most model checking tools do not allow quantification Use propositional TLs (PTLs)

4 Temporal Logic-Overview FM Semantics of Temporal Logic u 4 basic operators: : always : sometime or eventually : next time or next step : until u Conceptual representation: Let S be a sequence of states S[0]: first state; S[j] : jth state S[j..] sequence starting from jth state S[j..k] sequence from j to k U

5 Temporal Logic-Overview FM More Formal Semantics u Classical Logic: S f: sequence S satisfies formula f S true: for any S S (f and g): S f and S g u Temporal Logic: S f : if for any j, S[j..] f S f : if for some j, S[j..] f Sf : if S[1..] f S f g : if for some k, S[k..] g,  and for any j < k, S[j..] f U

6 Temporal Logic-Overview FM Example u Automaton/machine produces state sequence: abcabcabcabc… u Sequence satisfies property:  (a  b) and It’s always the case that a implies that the next step will be b  (a  a)) It’s always the case that a implies that the next step will eventually be an a. ab c

7 Temporal Logic-Overview FM More Semantics of PTL u Next f: S[j] f iff S[j+1] f u Always f: S[j] f iff (  k: k  j  S[k] f) u Sometime f: S[j] f iff (  k: k  j  S[k] f) u f U g: S[j] f U g iff (  k: k  j  S[k] g)  (   l: j  l  k  S[l] f)

8 Temporal Logic-Overview FM Sample Specifications u Mutual Exclusion: (  inCsA  inCsB) u Response: (wantsInA  inCsA) u See CSE814 handouts for Promela codification.

9 Temporal Logic-Overview FM Computation Tree Logic u Most distributed, reactive systems are nondeterministic Cannot be represented by sequence of possible states or transitions Has a tree of possible computations u Can use CTL to represent these cases Computation Tree Logic

10 Temporal Logic-Overview FM CTL Syntax u Basic logic AND u Temporal expressions: Temporal operators are defined in pairs Path part:  A: means “all paths” (inevitably)  E: means “on some path” (possibly) Property part:  F : same as % For some  G : same as% Globally holds  X : same as% neXt  U : same as U u Sample expressions:  AGp : On all paths, property p always holds  EGp : On some paths, property p always holds

11 Temporal Logic-Overview FM Specification Patterns u Safety: bad thing never happens: AG (  bad-thing) u Liveness: good thing eventually happens AF good-thing u Bad thing could happen: EF bad-thing

12 Temporal Logic-Overview FM System satisfying EFp

13 Temporal Logic-Overview FM System satisfying EGp

14 Temporal Logic-Overview FM System satisfying AGp

15 Temporal Logic-Overview FM System satisfying AFp

16 Temporal Logic-Overview FM Sample Specification Patterns u Possible to get to started state, but ready does not hold EF(started)  (  ready)) u If a request occurs, then it will eventually be acknowledged AG (requested  AF acknowledged)  Process is enabled  infinitely often on every path AG (AF enabled) u Whatever happens, a certain process will eventually be permanently deadlocked: AF (AG deadlocked) u From any state, it is possible to get to a restart state AG (AF restart)

17 Temporal Logic-Overview FM Example Elevator u An elevator at the 2 nd floor traveling upward towards 5 th floor destination does not change its direction AG (floor = 2  direction = up  ButtonPressed5   A[direction = up  U floor 

18 Temporal Logic-Overview FM Tool Support u Model checkers: check that system satisfies property u Reachability analysis: describe paths of behavior of system u Each tool uses different algorithms for optimization purposes SPIN (Holzmann et al) SMV (Clarket et al) Nitpick (D. Jackson) COSPAN (Kurshan, mostly for HW) Verisoft FDR Etc.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.