Presentation is loading. Please wait.

Presentation is loading. Please wait.

Formal Verification of fFSM Model Sachoun Park, Gihwon Kwon Department of Computer Science Kyonggi University, Korea IWFST, Shanghai, China, 2005.11.08.

Published byDorothy Russell Modified over 9 years ago

Similar presentations

Presentation on theme: "Formal Verification of fFSM Model Sachoun Park, Gihwon Kwon Department of Computer Science Kyonggi University, Korea IWFST, Shanghai, China, 2005.11.08."— Presentation transcript:

1 Formal Verification of fFSM Model Sachoun Park, Gihwon Kwon Department of Computer Science Kyonggi University, Korea IWFST, Shanghai, China, 2005.11.08.

2 2 Formal Verification Minimization (e.g. bisimulation) Property specification State space: - Kripke structure - LTS (Lab.Trans.Syst.) - Marking graphs Modeling languages: - Communicating FSMs - Process algebra - Petri nets Generation init(state):= 0; next(state):= case state=0: {2,3}; state=1: 1; 1 : state; esac; Verification: - Model checking - Equivalence checking - ?? Logical results with counter-example

3 3 fFSM Model Hierarchy Concurrency Internal Event Variable State A2B C D A1 E F f1 f2 B1 B2 B3 snd rcv D1 rcv snd fFSM Dataflow wormhole (super-block with different domain inside) System-level Specification in PeaCE Event generators Display Backplane: Discrete Event

4 4 Flattened Model pFSM = (I, IT, O, M, , V), I = {coin, ready, stop, time}, O = {tilt, game_over, game_on, …} V = {randn, remain} M = {m 1, m 2, m 3, m 4 }  (m 1 ) = {m 3, m 4 },  (m 2 ) = ,  (m 3 ) = ,  (m 4 ) =   m 1 = (S 1, s 0 1, L 1, T 1 )  S 1 = {GameOff, GameOn},  L 1 = {(GameOff,  ), (GameOn,  )}  T 1 = {(GameOff, coin==1,  game_on=1, timeset=1000 , GameOn), …} m1m1 m2m2 m3m3 m4m4

5 5 fFSM Semantics {GameOff, TimeInit, Ready, Rand}, {coin},  {GameOn, TimeInit, Ready, Rand}, {timeset},  {GameOn, Wait, Ready, Rand}, ,  {game_on:=1}{remain:=1000} {GameOff, TimeInit, Ready, Rand}, {coin},  {GameOn, Wait, Ready, Rand}, ,  {game_on:=1, remain:=1000} Micro Step: Macro Step: Macro step Environmental change Micro steps Environmental change stable

6 6 Desired Properties No unused components  EF component 1  …  EF component n  Components: states, events No unreachable guards  EF (s i  EX s j ), guard(t) = g, source(t) = s i, target(t) = s j No unambiguous transitions (ambiguous transition)  AG  ((t 1  t 2 )  (t 2  t 3 )  (t 1  t 3 )), where {t 1, t 2, t 3 } is a set of outgoing transitions from the same state. No deadlocks   EFAG deadlock, where deadlock is  (t 1  …  t n ) No divergent behavior (circular transition)  AG (  stable  A[  stable U stable]) Race condition violation  AG(  stable  uadate  AX A[  uadate U stable])

7 7 Stepper: Simulation & Verification Tool F2V Model Checker SMV Translator SMV Model checke r Graph Generator *.xml fFSM simulator *.smv Model Result CTL Property Formal fFSM Verifier (F2V) Explicit model checker Properties to be checked Reachability Race condition Ambiguous transitions Circular transitions

8 8 Discussion Topics How to avoid the state explosion problem ?  State explosion problem occurs due to variables  How to abstract them away ? How to integrated heterogeneous models ?  fFSM models the control flow of a system  SDF models the data flow of a system  How to integate them ? 1. data transfer 3. result(flag) transfer Display Event source “flag ” Backplane “ a” fFSM XY a/out flag B “out” A SDF C 2. execution A SPDF C B Event source Backplane domain node_name: foo script: “stop foo ”script:“run foo ” XY a FSM reset Asynchronous Interaction Synchronous Interaction

Download ppt "Formal Verification of fFSM Model Sachoun Park, Gihwon Kwon Department of Computer Science Kyonggi University, Korea IWFST, Shanghai, China, 2005.11.08."

Similar presentations

Embedded System, A Brief Introduction

Embedded System, A Brief Introduction
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Timed Automata.

Timed Automata.
Network Protocols Dr. Eng Amr T. Abdel-Hamid NETW 703 Winter 2006 Finite State Machines (FSMs)

Network Protocols Dr. Eng Amr T. Abdel-Hamid NETW 703 Winter 2006 Finite State Machines (FSMs)
Software system modeling

Software system modeling
卜磊 Transition System. Part I: Introduction  Chapter 0: Preliminaries  Chapter 1: Language and Computation Part II: Models  Chapter.

卜磊 Transition System. Part I: Introduction  Chapter 0: Preliminaries  Chapter 1: Language and Computation Part II: Models  Chapter.
SYMBOLIC MODEL CHECKING: 10 20 STATES AND BEYOND J.R. Burch E.M. Clarke K.L. McMillan D. L. Dill L. J. Hwang Presented by Rehana Begam.

SYMBOLIC MODEL CHECKING: STATES AND BEYOND J.R. Burch E.M. Clarke K.L. McMillan D. L. Dill L. J. Hwang Presented by Rehana Begam.
CS 267: Automated Verification Lecture 7: SMV Symbolic Model Checker, Partitioned Transition Systems, Counter-example Generation in Symbolic Model Checking.

CS 267: Automated Verification Lecture 7: SMV Symbolic Model Checker, Partitioned Transition Systems, Counter-example Generation in Symbolic Model Checking.
1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.

1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.
Anna Philippou Department of Computer Science University of Cyprus Joint work with Mauricio Toro Department of Comp. Sc. EAFIT University Christina Kassara.

Anna Philippou Department of Computer Science University of Cyprus Joint work with Mauricio Toro Department of Comp. Sc. EAFIT University Christina Kassara.
Automatic Verification of Component-Based Real-Time CORBA Applications Gabor Madl Sherif Abdelwahed

Automatic Verification of Component-Based Real-Time CORBA Applications Gabor Madl Sherif Abdelwahed
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.
Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.

Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.
Hardware and Petri nets: application to asynchronous circuit design Jordi CortadellaUniversitat Politècnica de Catalunya, Spain Michael KishinevskyIntel.

Hardware and Petri nets: application to asynchronous circuit design Jordi CortadellaUniversitat Politècnica de Catalunya, Spain Michael KishinevskyIntel.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

Similar presentations

Ads by Google