Jun. Sun Singapore University of Technology and Design Songzheng Song and Yang Liu National University of Singapore.

Slides:



Advertisements
Similar presentations
Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.
Advertisements

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Monte Carlo Model Checking Radu Grosu SUNY at Stony Brook Joint work with Scott A. Smolka.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Distributed Markov Chains P S Thiagarajan School of Computing, National University of Singapore Joint work with Madhavan Mukund, Sumit K Jha and Ratul.
The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.
Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.
Timed Automata.
Model Checking : Making Automatic Formal Verification Scale Shaz Qadeer EECS Department University of California at Berkeley.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
Process Algebra (2IF45) Probabilistic Process Algebra Suzana Andova.
Process Algebra (2IF45) Probabilistic Process Algebra Suzana Andova.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Luca de Alfaro Thomas A. Henzinger Ranjit Jhala UC Berkeley Compositional Methods for Probabilistic Systems.
Components based systems with Probabilistic choice Doron Peled Bar Ilan University.
Anna Philippou Department of Computer Science University of Cyprus Joint work with Mauricio Toro Department of Comp. Sc. EAFIT University Christina Kassara.
SUN, Jun Assistant Visiting Jing Song Dong and Yang Liu, NUS.
Miguel E. Andrés Radboud University, The Netherlands Significant Diagnostic Counterexamples in Probabilistic Model Checking Pedro D’Argenio Famaf, Argentina.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.
Games, Times, and Probabilities: Value Iteration in Verification and Control Krishnendu Chatterjee Tom Henzinger.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.
Automata and Formal Lanugages Büchi Automata and Model Checking Ralf Möller based on slides by Chang-Beom Choi Provable Software Lab, KAIST.
Verification of Hierarchical Component-Based Designs in FRESCO Tom Henzinger, Marius Minea, Vinayak Prabhu.
Monte Carlo Model Checking Scott Smolka SUNY at Stony Brook Joint work with Radu Grosu Main source of support: ARO – David Hislop.
The Model Checker SPIN Written by Gerard J. Holzmann Presented by Chris Jensen.
Abstract Verification is traditionally done by determining the truth of a temporal formula (the specification) with respect to a timed transition system.
Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.
Solving Games Without Determinization Nir Piterman École Polytechnique Fédéral de Lausanne (EPFL) Switzerland Joint work with Thomas A. Henzinger.
1 Carnegie Mellon UniversitySPINFlavio Lerda Bug Catching SPIN An explicit state model checker.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
15-820A 1 LTL to Büchi Automata Flavio Lerda A 2 LTL to Büchi Automata LTL Formulas Subset of CTL* –Distinct from CTL AFG p  LTL  f  CTL. f.
Yang LIU Senior Research Scientist National University of Singapore (joint work with Jun SUN and Jin Song DONG and PAT research team)
Institute for Applied Information Processing and Communications 1 Karin Greimel Semmering, Open Implication.
ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.
Model Checking Lecture 4 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Model Checking Lecture 3 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Yang Liu, Jun Sun and Jin Song Dong School of Computing National University of Singapore.
Specifying and Verifying Event-based Fairness Enhanced Systems 1 ICFEM 2008 Specifying and Verifying Event-based Fairness Enhanced Systems Jun SUN, Yang.
PAT: Getting started.
CIS 842: Specification and Verification of Reactive Systems Lecture Specifications: LTL Model Checking Copyright , Matt Dwyer, John Hatcliff,
1 Probabilistic Model Checking of Systems with a Large State Space: A Stratified Approach Shou-pon Lin Advisor: Nicholas F. Maxemchuk Department of Electrical.
Conformance Test Suites, Extensionally Arend Rensink University of Twente Dutch Workshop on Formal Testing Techniques University of Twente 13 September.
CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
Monte Carlo Model Checking Radu Grosu SUNY at Stony Brook Joint work with Scott A. Smolka.
Quantitative Model Checking Radu Grosu SUNY at Stony Brook Joint work with Scott A. Smolka.
Verification & Validation By: Amir Masoud Gharehbaghi
Constraints Assisted Modeling and Validation Presented in CS294-5 (Spring 2007) Thomas Huining Feng Based on: [1]Constraints Assisted Modeling and Validation.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Compositional Formal Verification using MOCHA PI: Tom Henzinger Student 1: Freddy Mang (game-theoretic methods) Student 2: Ranjit Jhala (probabilistic.
Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.
Duminda WijesekeraSWSE 623: Introduction1 Introduction to Formal and Semi- formal Methods Based on A Specifier's Introduction to Formal Methods (J. Wing)
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
Jun Sun, Yang Liu, Jin Song Dong and Xian Zhang School of Computing National University of Singapore.
Model Checking Lecture 1: Specification Tom Henzinger.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Model Checking Lecture 2. Model-Checking Problem I |= S System modelSystem property.
CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
Model Checking Lecture 2 Tom Henzinger. Model-Checking Problem I |= S System modelSystem property.
Krishnendu ChatterjeeFormal Methods Class1 MARKOV CHAINS.
Formal methods: Lecture
An explicit state model checker
Program Synthesis is a Game
Relatively Complete Refinement Type System for Verification of Higher-Order Non-deterministic Programs Hiroshi Unno (University of Tsukuba) Yuki Satake.
Compositional Refinement for Hierarchical Hybrid Systems
Presentation transcript:

Jun. Sun Singapore University of Technology and Design Songzheng Song and Yang Liu National University of Singapore

Model checking A model covers all relevant details may not be feasible. Probability is necessary. Randomized distributed algorithms, Bio-systems, Decision processes, Human factor in system reliability, etc. Problem: How to verify a system with one or more random components? Example: a pacemaker malfunctions with a probability of 0.46%. 2

PRISM 3

PRISM’s Language “…[a model] must be specified in the PRISM language, a simple, state-based language, based on the Reactive Modules formalism of Alur and Henzinger...” Example module phil1 p1: [0..11]; [] p1=0 -> (p1'=1); // trying [] p1=1 -> 0.5 : (p1'=2) : (p1'=3); // draw randomly [] p1=2 & lfree -> (p1'=4); // pick up left [] p1=3 & rfree -> (p1'=5); // pick up right [] p1=4 & rfree -> (p1'=8); // pick up right (got left) … 4

PAT 5

PAT’s Probabilistic Language PCSP# = CSP# + PCSP = CSP Stop, Skip, e -> P, P [] Q, P || Q, P|[X]| Q, P; Q, etc. + Data Structure e{x=y+5; z=obj.Method1(x,y,z)} -> P + Probabilistic Choice pcase { [p1]: P1; [p2]: P2; …; [pn]: Pn } 6

PCSP# Semantics Markov Decision Processes (MDP) Operational Semantics: extending semantics of CSP# with one rule (V, pcase {[p1] P1; [p2] P2; … })  (V, u) such that u(P1) = p1 and u(P2) = p2 and etc

Property: Reachability 8 Example: what is the probability of severe consequence due to pacemaker malfunctioning? What is the probability of reaching a bad state?

Property: Refinement Example: What is the probability of a heart (with an installed pacemaker) behaving normally? What is the probability of a PCSP# implementation model trace-refining a CSP# specification model? The implementation model is the parallel composition of a model of a problematic heart and the pacemaker. The specification model is a model of a normal heart. 9

Refinement: Algorithm Determinize the specification model So that a state in the determinized specification contains a set of states which can be reached via the same trace. Compute the synchronous product of the implementation and the determinized specification So that a state in the product is of the form (s, X) such that s is a state of implementation and X is a state of the determinized specification. Compute the probability of reaching any state of the form (s, {}) in the product. 10

Refinement: Example 11 cs.1 cs.2 exit.1 with prob 0.9 exit.2 with prob 08 cs.1 with prob 0.2 cs.2 with prob 0.1 exit.12 cs.1 cs.2 exit.1 exit.2 The ImplementationThe Specification

Property: LTL Problem: Given an LTL formula ψ, what is probability of a PCSP# model satisfies ψ? Automata theoretic approach Build a deterministic Rabin automaton which is equivalent to ψ. Build the product of the PCSP# model and the Rabin automaton. Identify end components in the product which satisfies Rabin acceptance condition. Compute the probability of reaching any states in the end components. 12

Improved LTL Verification 13 Generate Buchi Automaton from ψ Refinement Checking The BA is Safety Generate Buchi Automaton from ψ Generate Buchi Automaton from -ψ The BA is NOT Safety Standard Probabilistic LTL Model Checking The BA is NOT Safety

Experiment PAT vs PRISM Note 1: PCSP# is capable of specifying hierarchical probabilistic system. Note 2: The experiment is based on benchmark systems which are NOT hierarchical. Note 3: PAT is currently based on explicit state whereas PRISM is based (MT)BDD. 14

Experiment: Modeling 15

Experiment: Refinement 16

Experiment: LTL 17

Before Demonstration Contributions PCSP#: a language for modeling hierarchical probabilistic systems. PAT: a reliable toolkit for probabilistic model checking. Future work State reduction. PCSP# + real-time 18 The modeling language is extremely important in system verification.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.