Presentation is loading. Please wait.

Presentation is loading. Please wait.

Visual Tools for Temporal Reasoning G. Kutty, L.K. Dillon, L.E. Moser, P.M. Melliar-Smith, and Y.S. Ramakrishna.

Published byBuck Short Modified over 9 years ago

Similar presentations

Presentation on theme: "Visual Tools for Temporal Reasoning G. Kutty, L.K. Dillon, L.E. Moser, P.M. Melliar-Smith, and Y.S. Ramakrishna."— Presentation transcript:

1 Visual Tools for Temporal Reasoning G. Kutty, L.K. Dillon, L.E. Moser, P.M. Melliar-Smith, and Y.S. Ramakrishna

2 What is GIL?  GIL = Graphical Interval Logic  A way of specifying the behavior of concurrent systems  A visual, temporal logic  GIL Editor and toolkit  System designers use it to create graphical specifications of concurrent system behavior  Verify properties of those systems from the specs  Generate models that satisfy the spec

3 Temporal Logic  Used to describe systems that change with time  But people seem to prefer diagrams:  Timing diagrams  State-transition diagrams  Flow charts  Data flow diagrams  Etc.

4 Other diagrams  Pro:  Support intuition  Con:  Can’t be used in formal reasoning about the correctness and consistency of the specifications

5 Other representations  Harel’s State Charts  Milner’s CCS: IDCCS  Manna and Pneuli’s notation  Tecton

6 GIL  models computation as a linear sequence of states  user constructs time intervals  expresses properties that apply to those intervals  interval operator: limits scope of properties to that time interval  vertical dimension -> composition  intervals can be nested

7 Running example  Two concurrent processes that request exclusive use of a shared resource

8 Example 1  sig1 = process 1 signals for exclusive access to the shared resource  sig2 = process 2 signals for exclusive access to the shared resource   “not” : indicates that sig1 and sig2 are false  [-----------]  the interval symbol  left justification means that the conditions hold at the start of the interval

9 Example 2 turn1 = process 1 has priority turn2 = process 2 has priority indentation indicates that the formula holds at every state in the interval indicates that if process 1 has priority then process 2 does not, and vice versa

10 Example 2 [ - includes endpoint -) excludes endpoint

11 Example 3  cs1 = process 1 has exclusive permission to use the resource  if the process with higher priority requests the resource it must be granted permission to access the resource before it cancels the request

12 Example 3  -------  : the search operator; locates the next state at which the formula associated with the arrowhead is true  searches forward until turn1 and sig1 both hold  the interval includes the left endpoint, but excludes the right endpoint  interval ends when sig1 becomes false

13 Example 3  diamond shape means that cs1 holds at some state within the interval  indentation of formula to the right within the outer interval indicates that it holds over the outer interval (it is an invariant property)  if search fails, then interval formula is “vacuously true”

14 Example 4  if process 1 has access to the resource, it will eventually release the resource  when it does, turn2 is set to true, so the other process then has higher priority  double-headed arrow: strong search; asserts that the search operator does not fail, provided prior searches do not fail  right end of inner interval coincides with outer interval; arrow without formula indicates search to end of context

15 Example 5  if process 1 claims the resource and process 2 does not, then process 1 is permitted to enter the critical section

16 Example 6  if process 1 issues sig1 but later cancels sig1 before gaining access to the resource (it can do so when process 2 has priority and also wants access to the resource), it will reissue sig1 at a later time  guarantees that process 1 will keep issuing sig1 until it eventually gains access to the resource

17 Example 6  states in the formula are positioned so that states that correspond to the same points in time are aligned vertically

18 Intervals initial property: holds at the first state of the interval shown invariant property: holds at every state in the interval eventuality property: holds at some state within the interval

19 Intervals a recurring property

20 An interval formula left endpoint: the earliest state at which l-req holds right endpoint: the earliest state at which r-req holds formula asserts that local-req holds in the interval from the left endpoint up to but not including the right endpoint

21  coming soon (tomorrow)  searches  operators  specifying properties …

Download ppt "Visual Tools for Temporal Reasoning G. Kutty, L.K. Dillon, L.E. Moser, P.M. Melliar-Smith, and Y.S. Ramakrishna."

Similar presentations

Chapter 7 - Resource Access Protocols (Critical Sections) Protocols: No Preemptions During Critical Sections Once a job enters a critical section, it cannot.

Chapter 7 - Resource Access Protocols (Critical Sections) Protocols: No Preemptions During Critical Sections Once a job enters a critical section, it cannot.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Concurrency: Mutual Exclusion and Synchronization Chapter 5.

Concurrency: Mutual Exclusion and Synchronization Chapter 5.
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
CS6133 Software Specification and Verification

CS6133 Software Specification and Verification
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.

Probabilistic Verification of Discrete Event Systems using Acceptance Sampling Håkan L. S. YounesReid G. Simmons Carnegie Mellon University.
The Timeline formalism A visual formalism for expressing temporal constraints Eric Bodden.

The Timeline formalism A visual formalism for expressing temporal constraints Eric Bodden.
Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.

Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.
Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.

Copyright © 2006 Addison-Wesley. All rights reserved.1-1 ICS 410: Programming Languages Chapter 3 : Describing Syntax and Semantics Axiomatic Semantics.
ITEC113 Algorithms and Programming Techniques

ITEC113 Algorithms and Programming Techniques
1 Chapter 4 Dynamic Modeling and Analysis (Part I) Object-Oriented Technology From Diagram to Code with Visual Paradigm for UML Curtis H.K. Tsang, Clarence.

1 Chapter 4 Dynamic Modeling and Analysis (Part I) Object-Oriented Technology From Diagram to Code with Visual Paradigm for UML Curtis H.K. Tsang, Clarence.
1 Chapter 4 Dynamic Modeling and Analysis (Part I) Object-Oriented Technology From Diagram to Code with Visual Paradigm for UML Curtis H.K. Tsang, Clarence.

1 Chapter 4 Dynamic Modeling and Analysis (Part I) Object-Oriented Technology From Diagram to Code with Visual Paradigm for UML Curtis H.K. Tsang, Clarence.
Tele Design of Reactive Systems Summer 2001 Prof. Dr. Stefan Leue Institute for Computer Science Albert-Ludwigs-Universität Freiburg

Tele Design of Reactive Systems Summer 2001 Prof. Dr. Stefan Leue Institute for Computer Science Albert-Ludwigs-Universität Freiburg
© Katz, 2007CS236368 Formal SpecificationsLecture - Temporal logic 1 Temporal Logic Formal Specifications CS236368 Shmuel Katz The Technion.

© Katz, 2007CS Formal SpecificationsLecture - Temporal logic 1 Temporal Logic Formal Specifications CS Shmuel Katz The Technion.
System Concepts for Process Modeling  Process Concepts  Process Logic  Decomposition diagrams and data flow diagrams will prove very effective tools.

System Concepts for Process Modeling  Process Concepts  Process Logic  Decomposition diagrams and data flow diagrams will prove very effective tools.
Temporal Specification Chris Patel Vinay Viswanathan.

Temporal Specification Chris Patel Vinay Viswanathan.
Ordering and Consistent Cuts Presented By Biswanath Panda.

Ordering and Consistent Cuts Presented By Biswanath Panda.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.

Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.

Similar presentations

Ads by Google