Software Verification 2 Automated Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

Slide 2 H. Schlingloff, SS2012: SWV 2 LTL Model Checking Algorithm

Slide 3 H. Schlingloff, SS2012: SWV 2 Improvements bitstate hashing incomplete hashing partial order techniques

Slide 4 H. Schlingloff, SS2012: SWV 2 CTL model checking For each LTS/model there is exactly one computation tree  CTL model checking works directly on the model (no need to extract computation sequences) For all subformulas of a formula and all states of a given model, mark whether the state satisfies the subformula  iteration on formulas according to their inductive definition  if p is an atomic proposition, then p M = I(p)   M ={}  (φ  ψ) M = (M-φ M +ψ M )  (EXφ) M = {w |  w‘ (wRw‘  w‘  φ M )}  E(φU + ψ) M = {w | there is a path α from w and a w‘ on α such that (w<w‘  w‘  ψ M )  w‘‘ (w<w‘‘<w‘  w‘‘  φ M )}  A(φU + ψ) M = {w | for all paths α from w there is a w‘ on α such that (w<w‘  w‘  ψ M )  w‘‘ (w<w‘‘<w‘  w‘‘  φ M )}

Slide 5 H. Schlingloff, SS2012: SWV 2 Actual Calculation How to calculate (EX ψ) M from ψ M ?  Inverse image construction How to calculate E(φU + ψ) M or A(φU + ψ) M from φ M and ψ M ?

Slide 6 H. Schlingloff, SS2012: SWV

Slide 7 H. Schlingloff, SS2012: SWV 2 Inverse reachability calculation

Slide 8 H. Schlingloff, SS2012: SWV 2 Symbolic Representation Modelchecking algorithm deals with sets of states and with relations (sets of pairs of states) Need an efficient representation

Slide 9 H. Schlingloff, SS2012: SWV Binary Encoding of Domains Any variable on a finite domain D can be replaced by log(D) binary variables  similar to encoding of data types by compilers  e.g. var v: {0..15} can be replaced by var v1,v2,v3,v4: boolean (0=0000, 1= 0001, 2=0010, 3=0011,..., 15=1111) State space  still in the order of original domain!  e.g. three int8-variables can have 2 24 =10 8 states  e.g. array of length 10 with 10-bit values  states Representation of large sets of states?

Slide 10 H. Schlingloff, SS2012: SWV Representation of Sets

Slide 11 H. Schlingloff, SS2012: SWV Ordered Tree Form Normal form for propositional formulas Uses only the connective Ite Linear ordering on the set of propositions  e.g., most significant bit first Shannon expansion

Slide 12 H. Schlingloff, SS2012: SWV Truth table and tree form formula Reduction: Replace Ite (v,ψ,ψ) by ψ

Slide 13 H. Schlingloff, SS2012: SWV Abbreviations Introduce abbreviations maximally abbreviated

Slide 14 H. Schlingloff, SS2012: SWV Binary Decision Trees (BDTs) Binary decision tree Elimination of isomorphic subtrees (abbreviations)

Slide 15 H. Schlingloff, SS2012: SWV Binary Decision Diagrams (BDDs) Elimination of redundant nodes (redundant subformulas) Ite (v,ψ,ψ) by ψ

Slide 16 H. Schlingloff, SS2012: SWV Calculation of BDDs