Download presentation
Presentation is loading. Please wait.
1
29.4.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik
2
Slide 2 H. Schlingloff, Logical Specification 29.4.2008 Recap: Propositional Logic Syntax PL ::= Ρ | | (PL PL) Semantics Propositional Model M: (U,I); Interpretation I: Ρ ↦ U Validation relation M ⊨ - M ⊨ p if I(p)=true - M ⊭ - M ⊨ ( ) if M ⊨ implies M ⊨ Validity ( ⊨ ), Satifiability (SAT( )) Calculus axiom schemes: weakening, distribution, excluded middle rule: modus ponens
3
Slide 3 H. Schlingloff, Logical Specification 29.4.2008 Q.: exponential blowup? (r s) = ((r s) (s r)) (q (r s)) = ((q (r s)) ((r s) q)) = ((q ((r s) (s r))) (((r s) (s r)) q)) (p (q (r s))) = (p (q (r s))) ((q (r s)) p) = (p ((q ((r s) (s r))) (((r s) (s r)) q))) (((q ((r s) (s r))) (((r s) (s r)) q)) p) p (q r) ( ¬ q s) q (t u) p ((t u) r) ( ¬ (t u) s) logarithmic reduction by introduction of abbreviations?
4
Slide 4 H. Schlingloff, Logical Specification 29.4.2008 Boolean Quantification QPL ::= Ρ | | (QPL QPL) | Ρ QPL intuitively, p (p) means p is „hidden“ M ⊨ p if there is an M‘= (U,I‘) such that I‘(q)=I(q) for all q p and M‘ ⊨ ⊨ p ( (p:= ) (p:=Τ) ) ∀ p = ¬ p ¬ ; ⊨∀ p ( (p:= ) (p:=Τ) )
5
Slide 5 H. Schlingloff, Logical Specification 29.4.2008 Conciseness and Complexity Quantified formulae can be logarithmically more concise = [… ((r s) t) … ((r s) t) … ((r s) t) …] ( p(p ((r s) t)) [… p … p … p …]) Quantified formulae can be exponentially harder to analyze SAT(PL) is NP-hard, SAT(QPL) is PSPACE-hard To check whether p holds one has to check both alternatives
6
Slide 6 H. Schlingloff, Logical Specification 29.4.2008 Boolean Normal Forms DNF (disjunctive normal form) each formula is equivalent to a disjunction of conjunction of literals e.g. ((p ¬ q r) ( ¬ p q ¬ r) (p ¬ q ¬ r)) obtained by truth table CNF (conjunctive normal form) de Morgan dual of DNF used in PLAs (programmable logic arrays) NAND-, NOR-normal form (p|q)=(p ¬q); ¬p =(p|p); (p q)= (p| ¬ q) used for gate arrays Algebraic normal form XOR of conjunction of (positive) propositions used in linear feedback shift registers
7
Slide 7 H. Schlingloff, Logical Specification 29.4.2008 next week: tree normal form (ordering of variables)
8
Slide 8 H. Schlingloff, Logical Specification 29.4.2008 Boolean Modelling of Reactive Systems Many modelling formalisms are being used Transition systems Parallel and hierarchical transition systems, statecharts Shared variables programs UML diagrams Abstract state machines ...
9
Slide 9 H. Schlingloff, Logical Specification 29.4.2008 Transition Systems Transition system TS=( ,S, , S 0 ), where is a nonempty finite alphabet S is a nonempty finite set of states S S is the transition relation, and S 0 S is the set of initial states similar to a nondeterministic finite automaton, with many initial states but without finite states transition system generates a (finite or infinite) word w 0 w 1 w 2... iff there are states s 0 s 1 s 2 s 3... such that s 0 S 0 and each (s i,w i,s i+1 ) Δ
10
Slide 10 H. Schlingloff, Logical Specification 29.4.2008 Example ={up, dn} S={off, tape, memory, play} ={(off,dn,tape), (tape,up,off), (tape,dn,memory), (memory,up,off), (memory,dn,play), (play,dn,tape), (play,up,off)} S 0 ={off} off memorytapeplay dn up
11
Slide 11 H. Schlingloff, Logical Specification 29.4.2008 Parallel Transition Systems Parallel transition system T=(T 1,…,T n ) each T i is a transition system S i S j = interleaving semantics on its private alphabet, each T i can make an independent move synchronization is via common events example: power switch and camcorder mode
12
Slide 12 H. Schlingloff, Logical Specification 29.4.2008 Example T=(switch, camera) {pwr_fail, pwr_res} are private to camera synchronization alphabet {up,dn} how big is the state space? but_hi but_lo dn up off on dn, pwr_res up, pwr_fail memorytape play dn on switch camera dn
13
Slide 13 H. Schlingloff, Logical Specification 29.4.2008 The global transition system T associated with a parallel transition system (T 1,…,T n ) is defined as T=( , S, , S 0 ), where = i S= S 1 … S n S 0 = S 1,0 … S n,0, and ((s 1,…,s n ),a,(s 1 ‘,…,s n ‘)) iff for all T i - if a i, then ((s i ),a,(s i ‘)) i, and - if a i, then s i =s i ‘.
14
Slide 14 H. Schlingloff, Logical Specification 29.4.2008 Shared Variables A shared variables program is given by a tuple (V,D,T,s 0 ), where V=(v 1,…,v n ) is a set of program variables D=(D 1,…,D n ) is a tuple of corresponding finite domains D i ={d i1,…,d im } T D D is a transition relation, and s 0 = (d 11,…,d n1 ) is the initial state
15
Slide 15 H. Schlingloff, Logical Specification 29.4.2008 Example (1) A request granting algorithm V={request,state} D=({true, false}, {ready, busy}) T=(((true, ready), (true, busy)), ((false, ready), (false, ready)), ((true, busy), (true, busy)), ((true, busy), (true, ready)), …)
16
Slide 16 H. Schlingloff, Logical Specification 29.4.2008 Example (2) Euclidean algorithm gcd(a, b) if a = 0 return b while b ≠ 0 if a > b then a := a − b else b := b − a return a Shared variables program V=(a,b) D=(Nat, Nat) (finite?) T={((0,0),(0,0)), ((7,4),(3,4)), ((3,4),(3,1)), …} s 0 =D
17
Slide 17 H. Schlingloff, Logical Specification 29.4.2008 Transition Systems and Programs For every (parallel) transition system there is an equivalent shared variables program of the same order of size. The translation in the other direction may cause an exponential blowup. Exercise: describe the translations! In which sense are the translations equivalent?
18
Slide 18 H. Schlingloff, Logical Specification 29.4.2008 Transition Relation as Boolean Formula State=(d 1,…,d n ) (d i D i ) Transition relation T can be defined by a propositional formula T atomic propositions: let V‘={v 1 ‘,…,v n ‘} P={(x=y) | x,y (V V‘ D i )} Any propositional formula T in this alphabet defines a transition relation via the following convention If s=(d 1,…,d n ) and s‘=(d 1 ‘,…d n ‘), then (s,s‘) T iff M ⊨ T, where I(v i )=d i and I(v i ‘)=d i ‘.
19
Slide 19 H. Schlingloff, Logical Specification 29.4.2008 Example request granting algorithm V={request,state} D=({true, false}, {ready, busy}) T=((request=true) (state=ready) (state‘=busy)) „Propositional logic as a programming language“ Used in model checkers such as nuSMV
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.