Presentation is loading. Please wait.

Presentation is loading. Please wait.

Forges: Synthesizing Verified Generators Kestrel Institute PIs: Cordell Green, John Anton CSs: Lindsay Errington, Doug Smith, Alessandro Coglio, Stephen.

Published byLucy Small Modified over 9 years ago

Similar presentations

Presentation on theme: "Forges: Synthesizing Verified Generators Kestrel Institute PIs: Cordell Green, John Anton CSs: Lindsay Errington, Doug Smith, Alessandro Coglio, Stephen."— Presentation transcript:

1 Forges: Synthesizing Verified Generators Kestrel Institute PIs: Cordell Green, John Anton CSs: Lindsay Errington, Doug Smith, Alessandro Coglio, Stephen Westfold, Jim McDonald

2 Objective: synthesize model- based generators! Produce generators quicker! Produce generators that are verified!

3 Overview Stateflow meta-model C meta-model Stateflow model C code Generator Meta Generator design knowledge translation specification

4 Problem Theory (D|I  R|O) generate-and-test Constraint Satisfaction (R = set of maps) Global Structure (R = set + recursive partition) global search binary search backtrack branch-and-bound Local Structure (R = set + relation) local search hill climbing simulated annealing tabu search Local Structure (R = set + relation) genetic algorithms Local Poset Structure (R = set + partial order) Local Semilattice Structure (R = semilattice) GS-CSP (R = recursively partitioned set of maps) GS-Horn-CSP (Horn-like Constraints) constraint propagation Monotone Deflationary Function fixed point iteration Integer Linear Programming 0-1 methods Linear Programming simplex method interior point primal dual Network Flow specialized simplex Ford-Fulkerson Transportation NW algorithm Assignment Problem Hungarian method Divide -and -Conquer divide-and-conquer Problem Reduction Generators dynamic programming branch-and-bound game tree search Complement Reduction sieves Problem Reduction Structure Taxonomy of Algorithm Theories

5 What’s a meta-model? A language specification! Static semantics  What are well formed programs in the language Dynamic semantics  How programs behave

6 Elements of a Static Semantics Abstract syntax Characterization of well-formed terms Type theory Vanderbilt has a static-semantics UML meta-model for Stateflow We translate UML into specifications in logic

7 Stateflow static semantics sort Event, State, Transition, Action, … op src : Transition  State op dst : Transition  State op event : Transition  Event op action : Transition  Action op children : State  Or [State] | And [State] | None op parent : State  State 

8 Static semantics (cont’d) op active : State  Bool active(s)  parent(s) ≠ undef  active(parent(s)) “the ancestors of an active state are active”

9 Dynamic Semantics Many formalisms to choose from Denotational, axiomatic, … Action Semantics (Mosses) Structural Operational Semantics (Plotkin) Natural Semantics (Kahn) (used in Centaur) Our choice: Abstract State Machines (ASMs) aka Evolving Algebras (Gurevich)

10 What are Abstract State Machines? Algebraic theories. Sorts, operators, axioms Rules for conditionally rewriting theories. if b then f(t 1,…,t n ) := t

11 ASM Example sort Node op left : Node  Node op right : Node  Node op node : Node if left(node)  undef then left(node) := left(left(node)) right(node) := right(left(node))

12 Why ASMs? ASMs support: abstraction refinement composition Comprehensible To be shared with other MoBIES participants.

13 Stateflow dynamic semantics Stateflow is event driven a/bb entry: f();entry: g();

14 Dynamic semantics (cont’d) Event handling can be pre-empted  Need a stack! sort Frame = Exec Action | EndTrans Transition | … sort Stack = [Frame] op stack : Stack startTrans(s : State, t : Transition) = active(s) := false stack := (Exec action(t)) :: (EndTrans t) :: (tail stack)

15 Verifiability: when is the translation correct? Conventional notion: Program p denotes a function or relation [p] Translation correct when the denotation is preserved: [p] = [trans(p)] Conventional notion doesn’t work: Stateflow diagrams are reactive – not functional – they may never terminate!

16 Bisimulation! A run of a machine on a program p is a sequence of states. We observe only the events. p and trans(p) are equivalent when we observe the same behaviour Formally we define a bisimulation relation between the states of p and trans(p)

17 Bisimulation … and vice versa p Stateflow trans(p) C q e q’ e

18 Bisimulation What we won’t do: Exhibit the bisimulation relation What we will do: Ensure that the translation preserves bisimulation

19 Status Meta-modeling Translation theories – getting started StateflowCSMVSSATNotes Static With help from Vanderbilt Dynamic40% -- Anticipate help from MoBIES partipants

20 Conclusions Produce generators quicker! By reuse of language meta-models By capturing and exploiting design knowledge Produce generators that are verified! Translation preserves bisumulation

21 Tasks ahead Completion of meta-models Validation of meta-models Abstraction of design theories

Download ppt "Forges: Synthesizing Verified Generators Kestrel Institute PIs: Cordell Green, John Anton CSs: Lindsay Errington, Doug Smith, Alessandro Coglio, Stephen."

Similar presentations

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Programmed Strategies for Program Verification Richard B. Kieburtz OHSU/OGI School of Science and Engineering and Portland State University.

Programmed Strategies for Program Verification Richard B. Kieburtz OHSU/OGI School of Science and Engineering and Portland State University.
Process Algebra Book: Chapter 8. The Main Issue Q: When are two models equivalent? A: When they satisfy different properties. Q: Does this mean that the.

Process Algebra Book: Chapter 8. The Main Issue Q: When are two models equivalent? A: When they satisfy different properties. Q: Does this mean that the.
A Model-based Development approach for Model Transformations Shekoufeh Kolahdouz Rahimi, Kevin Lano

A Model-based Development approach for Model Transformations Shekoufeh Kolahdouz Rahimi, Kevin Lano
Algorithm Design Methods (I) Fall 2003 CSE, POSTECH.

Algorithm Design Methods (I) Fall 2003 CSE, POSTECH.
Big Ideas in Cmput366. Search Blind Search State space representation Iterative deepening Heuristic Search A*, f(n)=g(n)+h(n), admissible heuristics Local.

Big Ideas in Cmput366. Search Blind Search State space representation Iterative deepening Heuristic Search A*, f(n)=g(n)+h(n), admissible heuristics Local.
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Intermediate Code Generation

Intermediate Code Generation
STATEMATE A Working Environment for the Development of Complex Reactive Systems.

STATEMATE A Working Environment for the Development of Complex Reactive Systems.
Translator Architecture Code Generator ParserTokenizer string of characters (source code) string of tokens abstract program string of integers (object.

Translator Architecture Code Generator ParserTokenizer string of characters (source code) string of tokens abstract program string of integers (object.
8. Introduction to Denotational Semantics. © O. Nierstrasz PS — Denotational Semantics 8.2 Roadmap Overview:  Syntax and Semantics  Semantics of Expressions.

8. Introduction to Denotational Semantics. © O. Nierstrasz PS — Denotational Semantics 8.2 Roadmap Overview:  Syntax and Semantics  Semantics of Expressions.
Algorithms + L. Grewe.

Algorithms + L. Grewe.
CSE 425: Semantic Analysis Semantic Analysis Allows rigorous specification of a program’s meaning –Lets (parts of) programming languages be proven correct.

CSE 425: Semantic Analysis Semantic Analysis Allows rigorous specification of a program’s meaning –Lets (parts of) programming languages be proven correct.
Software Requirements Engineering

Software Requirements Engineering
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
CS 355 – Programming Languages

CS 355 – Programming Languages
1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.

1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.
10.6.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.
A Semantic Characterization of Unbounded-Nondeterministic Abstract State Machines Andreas Glausch and Wolfgang Reisig 1.

A Semantic Characterization of Unbounded-Nondeterministic Abstract State Machines Andreas Glausch and Wolfgang Reisig 1.

Similar presentations

Ads by Google