Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Verification 2 Automated Verification

Similar presentations


Presentation on theme: "Software Verification 2 Automated Verification"— Presentation transcript:

1 Software Verification 2 Automated Verification
Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

2 Recap: LTL and CTL Kripke models = LTS
Expressively equivalent to FOL (<) on linear orders Arguably more intuitive to use Kripke models = LTS branching time – possibility properties linear time – fairness properties CTL* subsumes both CTL and LTL

3 Safety and Liveness

4 Some Theorems Every LTL formula can be written in one of these forms (where p is a pure past formula) Every LTL safety property is expressible as G*φ (where φ is pure past) Every LTL formula can be written as reactivity ⋀(G*F*φ  F*G*ψ) All the inclusions are strict All the non-inclusions are provable (dualities) e.g. F*G*p cannot be expressed as G*F*φ Conjunction and disjunction of a recurrence is a recurrence G*F*p  G*F*q = G*F*(p  -p U-q) G*F*p  G*F*q = G*F*(p  q) Obligations can be expressed as recurrences and persistences G*p = G*F*H*p, F*p = G*F*P*p , where H*p = ¬P*¬p

5 Safety and Liveness Properties
Proof of decomposition theorem: φs={w0w1... | for every i, w0w1... wi is a prefix of φ} φl= φ{w0w1... | for some i, w0w1... wi is not a prefix of φ} show: φs is safety, φl is liveness, φ = φs  φl

6 Examples (p U+ q) = ((p W+ q)  F+ q) G*(p  F*q) = (G*p  G*F*q)
G*p  G*q = G*(H*p  H*q) (gilt nur initial, im Anfangspunkt!) Total program correctness = invariance  termination other direction does not hold


Download ppt "Software Verification 2 Automated Verification"

Similar presentations


Ads by Google