Presentation is loading. Please wait.

Presentation is loading. Please wait.

2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 1 Formal Methods Mads.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 1 Formal Methods Mads."— Presentation transcript:

1 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 1 Formal Methods http://www.imit.kth.se/courses/2G1516/ http://www.imit.kth.se/courses/2G1521/ Mads Dam (Course responsible) mfd@imit.kth.se790 4123/070 8 76 44 40 Irem Aktug Mika Cohen irem@imit.kth.se mikac@imit.kth.se 790 4265

2 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 2 Synopsis Techniques and tools for formal modelling and analysis of computer systems Topics: –Modelling techniques –Model checking, temporal logic, automata, SPIN –Process algebra, CCS, CWB –Deductive verification, theorem proving, Floyd/Hoare logic, ESC/Java Theory and labs –Aim 1: Show this is useful stuff –Aim 2: Understand and reason about the theory Do not underestimate the workload!

3 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 3 Feedback Please! Your help is requested... Course committee (kursnämnd): –NN1: ___________________ –NN2: ___________________ –NN3: ___________________ Very important!

4 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 4 Requirements, 1 Four labs, 3 pts total –Lab 1, PVS Reporting on Sept 17 –Lab 2, SPIN Reporting on Sept 30 –Lab 3, ESC/Java Reporting on Oct 6 –Lab 4, CCS/CWB Reporting on Oct 13 Final exam, 2 pts, determines final grade

5 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 5 On the Labs No assigned lab facilities! Deadlines must be respected Important to get started early Requirements for each lab determined on course web To get help: –Use course mailing list: formal-methods@imit.kth.se –Ask course assistant at exercise sessions

6 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 6 Literature Slides Course book: D. Peled: Software Reliability Methods Price ~550SEK, available at Kårbokhandeln Campus and Kista Handouts Course web

7 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 7 Why Formal Methods? The better you understand the problem and your proposed solution The better the quality of the end product Understanding !Properties ! Modelling !Formalisation !PROOF! Formalisation and proof = use of mathematics and logics Embodied in usable tools

8 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 8 The Challenge Real systems are huge and complex There is no silver bullet Problems –Undecidability: Applies to humans as well as machines –Distribution: Complexity explodes Engineering: –How to get a satisfactory analysis with the resources (time, space, people, machines) available –Satisfactory: Correct, or good enough for trust

9 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 9 The Sum Is More Than the Sum of the Parts Each link uses fault free data transfer protocol Is the system fault free? Used(B) = n*Size(AB) + m*Size(DB) Free(B) = Mem(B) – Used(B) Scenario: Min(Size(AB),Size((DB) > Free(B) n*Size(AB) < Size(BC) m*Size(DB) < Size(BE) A D BC E

10 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 10 Another Example What happens if we upgrade link AB to 10 Mbit/s? B permanently saturated AC throughput -> 1Mbit/s (But AB transmits at full speed) Buffer release rate at B: 2 Mbit/s AC traffic has 91% chance of grabbing free buffer DE traffic gets < 0.2 Mbit/s A D BC E 1 Mbit/s 10 Mbit/s

11 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 11 The Key Questions What is the right level of abstraction? –Physical? Circuit? Network? –Binaries? Bytecode? Source program? Libraries? –Architectural? Algorithmic? Process? Model? What are the important properties? –Type safety (e.g. Java bytecode verifier)? –Partial/total correctness? Implementation correctness? –Deadlocks? Starvation? Reactiveness? There is no ”correct” answer Answers determine choice of methods and tools

12 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 12 Occam’s Razor Abstraction, abstraction, abstraction... –Eliminate irrelevant details until the important features stick out –And then eliminate some of these if necessary –And try to eliminate the bad design decisions that made the analysis too complex – e.g. timing, language, platform dependencies Use common, well-understood models –Sequential systems: First-order logic (FOL), recursive functions –Concurrency and distribution: Automata = state machines, Communicating state machines, process algebra, temporal logic

13 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 13 Abstraction Assume you should verify absence of deadlock between an ATM trying to store a withdrawal and a server ATM: server!store(self,time,accountno,amount, transactionkind) Server: if correctChecksum(...) and validAmount(...) and allowedTransaction(...) then storeValue(time,accountno,amount,transactionkind); client!transactionOK else client!transactionNotOK endif

14 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 14 Abstraction, II What will the parameters be used for when checking for deadlocks? What can the server do which affects the possibility of deadlock?

15 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 15 Abstraction, III Suppose we don’t care about memory consumption, very detailed execution time analysis, actual value input/output relations... ATM: server!store(self) Server: if random() < 0.5 then storeValue() ; client!transactionOK else client!transactionNotOK endif

16 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 16 Main Schools Theorem proving –FOL, HOL, type theory, using formalised theories –Problem of proof search Model checking –Automatic traversal of finite state machine graphs –Efficient, but scalability issues Floyd/Hoare logic –Theorem proving for flow graphs/while programs –Proof search, but more domain knowledge Process algebra –Reasoning about abstract processes –Structured approach

17 2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 17 The Field Formal verification is an ambitious task, so: –Use with discretion –Avoid exaggerated expectations –For engineers, not for programmers Current industrial usage –Common criteria EAL 5-7 –Computer security (e.g. BAN logics) –Programming language design Operational semantics, type systems –Processor design all major chip vendors + tool providers –Safety-critical systems Railway, automotive, power industry, aerospace

Download ppt "2G1516/2G1521 Formal Methods2004 Mads Dam IMIT, KTH 1 Formal Methods Mads."

Similar presentations

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.

Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.
Executional Architecture

Executional Architecture
ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.
8/25/2009 Sofya Raskhodnikova Intro to Theory of Computation L ECTURE 1 Theory of Computation Course information Overview of the area Finite Automata Sofya.

8/25/2009 Sofya Raskhodnikova Intro to Theory of Computation L ECTURE 1 Theory of Computation Course information Overview of the area Finite Automata Sofya.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Timed Automata.

Timed Automata.
LIFE CYCLE MODELS FORMAL TRANSFORMATION

LIFE CYCLE MODELS FORMAL TRANSFORMATION
Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (www.dcs.warwick.ac.uk/~doron/notes.html)

Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.

1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
Advanced Formal Methods Mads Dam KTH/CSC Course 2D1453, 2006-07.

Advanced Formal Methods Mads Dam KTH/CSC Course 2D1453,
Discrete Maths Objective to give some background on the course 242-213, Semester 2, 2013-2014 Who I am: Andrew Davison WiG Lab

Discrete Maths Objective to give some background on the course , Semester 2, Who I am: Andrew Davison WiG Lab
CS603 Advanced Topics in Distributed Systems MWF 13:30-14:30 RHPH 162 Professor Chris Clifton.

CS603 Advanced Topics in Distributed Systems MWF 13:30-14:30 RHPH 162 Professor Chris Clifton.
CMSC 132: Object-Oriented Programming II Nelson Padua-Perez William Pugh Department of Computer Science University of Maryland, College Park.

CMSC 132: Object-Oriented Programming II Nelson Padua-Perez William Pugh Department of Computer Science University of Maryland, College Park.
From Discrete Mathematics to AI applications: A progression path for an undergraduate program in math Abdul Huq Middle East College of Information Technology,

From Discrete Mathematics to AI applications: A progression path for an undergraduate program in math Abdul Huq Middle East College of Information Technology,
1 CS 603: Advanced Topics in Distributed Systems Spring 2002 Professor Chris Clifton.

1 CS 603: Advanced Topics in Distributed Systems Spring 2002 Professor Chris Clifton.
Designing Predictable and Robust Systems Tom Henzinger UC Berkeley and EPFL.

Designing Predictable and Robust Systems Tom Henzinger UC Berkeley and EPFL.
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

Similar presentations

Ads by Google