Presentation is loading. Please wait.

Presentation is loading. Please wait.

Formal Methods in software development

Published byΩσαννά Σπανός Modified over 6 years ago

Similar presentations

Presentation on theme: "Formal Methods in software development"— Presentation transcript:

1 Formal Methods in software development
a.a.2017/2018 Prof. Anna Labella 12/2/2018

2 Temporal logic Let us want to express the following properties
x ((file(x) requested(x)) y (y≥a  print(x,y)) y (y≥a  works(x)) The constant a as well as the variable y, of type “time” If a file is requested to be printed, eventually it will be printed After an amount a of time, x will begin to work 12/2/2018

3 Temporal logic One could use typed variables and first order logic
making a distinction between temporal and dominion references Or one can use modal operators x ((file(x) requested(x))  F print(x)) G works(x)) F means eventually G means always 12/2/2018

4 Some hypotheses on temporal structure
Discrete/ Continuous Linear / Branching 12/2/2018

5 Linear time temporal logic: LTL (syntax)
::=T | | p | () | () | () | () | (X) | (F) | (G) | (X) | ( U ) | ( W ) F “eventually” G “always” X “next step” U “until” W “until possibly” 12/2/2018

6 LTL: syntax Warning: Operators not connectives
They bind more tightly than connectives 12/2/2018

7 Exercises 12/2/2018

8 LTL: satisfiability

9 LTL: semantics M, s |=  if the path starting from s satisfys 
We are dealing with a path intended as an infinite series of states M, s |=  if the path starting from s satisfys  States or paths? States are starting points of paths suffixes of paths are still paths 12/2/2018

10 LTL: semantics (satisfaction)
12/2/2018

11 Semantics  |=  O-----O-----O-----O-----O , ’  … 12/2/2018

12 Semantics of G and F Semantics of G:  |= G p Semantics of F:  |= F p
O-----O-----O-----O-----O---- p p p p p Semantics of F:  |= F p O-----O-----O-----O-----O p 12/2/2018

13 Semantics of X and U Semantics of X: 1 |= X p 1 2 |= p
Semantics of U:  |= p U q j|= p i |= q 12/2/2018

14 Semantics a modal formula can be true or false in a path
e.g. in this trace: O-----O-----O-----O-----O------….. pq p¬q p¬q pq pq … p ∨ ¬q true: is true in the first state of the trace X¬q true, because q is false in the second state XXq false, because q is false in the third state Gp true, because p is true in all states Gq false, because q is not true in all states (it is true only in some states) 12/2/2018

15 Semantics in the same trace: O-----O-----O-----O-----O------…..
pq p¬q p¬q pq pq … GFq true: for all states of the sequence, there is some future point where q is true pU¬q true: p is true until ¬q becomes true; (in the first state p is true, then ¬q becomes true) qUXXq true: in the first state q is true, in the second state XXq is true (because q is true two states later) G(pUXXq) not straightforward to check: all states have to be checked for qUXXq in turn, check XXq in all states 12/2/2018

16 Exercises 12/2/2018

17 LTL: equivalences

18 LTL: what does hold (exercises)
G ()  (G  G ) G   F  G  X X  F G  F X() ≅ X X 12/2/2018

19 LTL: reductions (transitivity on paths) G   GG while
GG   G is always valid 12/2/2018

20 LTL An internal induction rule w.r.t. time   X G(  X ) (  G )
12/2/2018

21 LTL: definability F  ≅ T U  “eventually” G  ≅  W  “always”
U ≅ (W)  (F) “until” W ≅ (U)  (G) “until possibly” 12/2/2018

22 LTL “next” operator 12/2/2018

23 Exercises 12/2/2018

Download ppt "Formal Methods in software development"

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.

Model Checking Lecture 2. Three important decisions when choosing system properties: 1automata vs. logic 2branching vs. linear time 3safety vs. liveness.
Tutorial I – An Introduction to Model Checking Peng WU INRIA Futurs LIX, École Polytechnique.

Tutorial I – An Introduction to Model Checking Peng WU INRIA Futurs LIX, École Polytechnique.
Metodi formali dello sviluppo software a.a.2013/2014 Prof.Anna Labella.

Metodi formali dello sviluppo software a.a.2013/2014 Prof.Anna Labella.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
Part 3: Safety and liveness

Part 3: Safety and liveness
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
LINEAR TEMPORAL LOGIC Fall 2013 Dr. Eric Rozier.

LINEAR TEMPORAL LOGIC Fall 2013 Dr. Eric Rozier.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
CS6133 Software Specification and Verification

CS6133 Software Specification and Verification
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 11.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
 Dr. Vered Gafni 1 LTL Decidability Enables consistency check, but also base for verification.

 Dr. Vered Gafni 1 LTL Decidability Enables consistency check, but also base for verification.
1 Temporal Logic u Classical logic:  Good for describing static conditions u Temporal logic:  Adds temporal operators  Describe how static conditions.

1 Temporal Logic u Classical logic:  Good for describing static conditions u Temporal logic:  Adds temporal operators  Describe how static conditions.
CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.

CSE 555 Protocol Engineering Dr. Mohammed H. Sqalli Computer Engineering Department King Fahd University of Petroleum & Minerals Credits: Dr. Abdul Waheed.
Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.

Lecture 4&5: Model Checking: A quick introduction Professor Aditya Ghose Director, Decision Systems Lab School of IT and Computer Science University of.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.

Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.
Review of the automata-theoretic approach to model-checking.

Review of the automata-theoretic approach to model-checking.
ESE601: Hybrid Systems Introduction to verification Spring 2006.

ESE601: Hybrid Systems Introduction to verification Spring 2006.
Witness and Counterexample Li Tan Oct. 15, 2002.

Witness and Counterexample Li Tan Oct. 15, 2002.

Similar presentations

Ads by Google