Presentation is loading. Please wait.

Presentation is loading. Please wait.

Formal Verification of Synchronization Issues of SpecC Description with Automatic Abstraction Thanyapat Sakunkonchak Masahiro Fujita Department of Electronics.

Published byPoppy Carroll Modified over 9 years ago

Similar presentations

Presentation on theme: "Formal Verification of Synchronization Issues of SpecC Description with Automatic Abstraction Thanyapat Sakunkonchak Masahiro Fujita Department of Electronics."— Presentation transcript:

1 Formal Verification of Synchronization Issues of SpecC Description with Automatic Abstraction Thanyapat Sakunkonchak Masahiro Fujita Department of Electronics Engineering University of Tokyo

2 Overview Introduction Verification Flows Example Summary & Outlooks

3 Synchronization in SpecC Ambiguous results on y causing from x = 10; /*st1*/ x = 20; /*st3*/ y = 20 (always)

4 Synchronization in SpecC (cont.) y = 20 (always) Tas=Tbs, Tae=Tbe Tas<=T1s<T1e<=T2s<T2e<=Tas Tbs<=T3s<T3e<=Tbe T2e<=T3s

5 Difference Decision Diagrams ( DDD ) Introduce by M Φ ller, et al. Symbolic representation of ‘ non-boolean ’, such as inequality: less efficient if using BDD DDD represents difference constraints (x- y≤c), x,y are integers, c is constant Represents graph for ¬(x−z<1)Λ(x−y≤0)Λ(y−z≤2)

6 Overview Introduction Verification Flows Example Summary & Outlooks

7 Verification Flows Goals:  Check whether given SpecC codes (with ‘ par ’, ‘ notify/wait ’ ) are properly synchronized  If checking fails, counter-examples should be generated (trace to source of errors) Based on:  Boolean SpecC, DDD, SVC, Program Slicing,...

8

9 Overview Introduction Verification Flows Example Summary & Outlooks

10 Example Sleeping barber problem barber customer empty chair barber chair barber: finished cutting->call customer barber: no customer->wait customer: barber wait->has hair cut customer: chairs occupied->come again customer: a chair empty->wait

11 Example behavior barber (inout event call, inout bool chairOccupied, inout int numCustomer) { void main() { while(1) { if (numCustomer == 0) DayDreaming(); else { if (chairOccupied == true) { KeepCutting(); chairOccupied = false; } else { notify call; chairOccupied = true; } }; behavior customer (inout event call, inout bool chairOccupied, inout int numCustomer) { void main() { while(1) { if (numCustomer == 3) GoBack(); else { numCustomer++; if (chairOccupied == false) { wait call; numCustomer--; } };

12 Example (verify) 1. SpecC => boolean SpecC & build Control Flow Graph (CFG) 2. Verify with DDDs if result is satisfied, terminate, else go to next step 3. Use CFG to find related path and use SVC to verify boolean variables and find the conditions imply infeasibility 4. Use those conditions and modify boolean SpecC 5. Go to 2

13 Example behavior barber (inout event call, inout bool chairOccupied, inout int numCustomer) { void main() { while(1) { if (numCustomer == 0) DayDreaming(); else { if (chairOccupied == true) { KeepCutting(); chairOccupied = false; } else { notify call; chairOccupied = true; } }; behavior customer (inout event call, inout bool chairOccupied, inout int numCustomer) { void main() { while(1) { if (numCustomer == 3) GoBack(); else { numCustomer++; if (chairOccupied == false) { wait call; numCustomer--; } }; Build boolean SpecC & CFG

14 Example (abstract) behavior barber () { void main() { while(a0) { if (a1)... else { if (a2) {... } else { notify call;... } }; behavior customer () { void main() { while(b0) { if (b1)... else {... if (b2) { wait call;... } }; Verify with DDDs

15 CFG Construction Entry barber whilenumCustomerchairOccupiedcall if numCustomer = 0 DayDreaming if numCustomer != 0 if chairOccupied = Tif chairOccupied = F KeepCuttingchairOccupied = Fnotify callchairOccupied = T Control flow (CF) Date flow (DF)

16 CFG Construction Entry customer whilenewCustomernumCustomer newCustomer = rand() % 1 numCustomer += newCustomer if numCustomer = 5if numCustomer != 5 callchairOccupied numCustomer++if chairOccupied = T wait call GoBack Control flow (CF) Date flow (DF) numCustomer--

17 Example (refine) behavior barber () { void main() { while(a0) { if (a1) //numCustomer == 0... else { if (a2) { //chairOccupied == true... !a2 //chairOccupied == false } else { notify call; a2 //chairOccupied == true } }; behavior customer () { void main() { while(b0) { if (b1) //numCustomer == 3... else {... //numCustomer++ if (b2) { //chairOccupied == false wait call;... //numCustomer-- } }; Check predicates for validity (SVC)Verify with DDDs

18 Example (verification) The synchronization of even ‘ call ’ is satisfied User-defined assertions can be used to verify for some properties, e.g. to see whether numCustomer is more than 3 The refinement process is not automatically done. Some efforts from users are needed to browse over CFG and find the locations numCustomer++; if (numCustomer > 3) assert(F); if (chairOccupied == false) {

19 Overview Introduction Verification Flows Example Summary & Outlooks

20 Summary & Outlook The verification of synchronization issues of SpecC is described The automatic abstraction is proposed Up to the current implementation:  The refinement process is not fully automatic (CFG cooperation needs to be manually done)  Cannot handle complex SpecC construct

21 Summary & Outlook (2) Future plans  Make the “abstraction refinement” to be automatically operated  Expand capability to support more complex SpecC structure, e.g. loop, functions, recursive

Download ppt "Formal Verification of Synchronization Issues of SpecC Description with Automatic Abstraction Thanyapat Sakunkonchak Masahiro Fujita Department of Electronics."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Detecting Bugs Using Assertions Ben Scribner. Defining the Problem  Bugs exist  Unexpected errors happen Hardware failures Loss of data Data may exist.

Detecting Bugs Using Assertions Ben Scribner. Defining the Problem  Bugs exist  Unexpected errors happen Hardware failures Loss of data Data may exist.
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008

Masahiro Fujita Yoshihisa Kojima University of Tokyo May 2, 2008
A System to Generate Test Data and Symbolically Execute Programs Lori A. Clarke September 1976.

A System to Generate Test Data and Symbolically Execute Programs Lori A. Clarke September 1976.
Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.

Computer Design Aided Computer Design Aided Fujita Lab, University of Tokyo Equivalence Checking in C-based System-Level Design by Sequentializing Concurrent.
Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.

Verification of Evolving Software Natasha Sharygina Joint work with Sagar Chaki and Nishant Sinha Carnegie Mellon University.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)

1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)
Bebop: A Symbolic Model Checker for Boolean Programs Thomas Ball Sriram K. Rajamani

Bebop: A Symbolic Model Checker for Boolean Programs Thomas Ball Sriram K. Rajamani
SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.

SOFTWARE TESTING. INTRODUCTION  Software Testing is the process of executing a program or system with the intent of finding errors.  It involves any.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
A survey of techniques for precise program slicing Komondoor V. Raghavan Indian Institute of Science, Bangalore.

A survey of techniques for precise program slicing Komondoor V. Raghavan Indian Institute of Science, Bangalore.
1 Program Slicing Purvi Patel. 2 Contents Introduction What is program slicing? Principle of dependences Variants of program slicing Slicing classifications.

1 Program Slicing Purvi Patel. 2 Contents Introduction What is program slicing? Principle of dependences Variants of program slicing Slicing classifications.
Automatic Predicate Abstraction of C-Programs T. Ball, R. Majumdar T. Millstein, S. Rajamani.

Automatic Predicate Abstraction of C-Programs T. Ball, R. Majumdar T. Millstein, S. Rajamani.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.

Symmetry-Aware Predicate Abstraction for Shared-Variable Concurrent Programs Alastair Donaldson, Alexander Kaiser, Daniel Kroening, and Thomas Wahl Computer.
The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.

The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.
Speeding Up Dataflow Analysis Using Flow- Insensitive Pointer Analysis Stephen Adams, Tom Ball, Manuvir Das Sorin Lerner, Mark Seigle Westley Weimer Microsoft.

Speeding Up Dataflow Analysis Using Flow- Insensitive Pointer Analysis Stephen Adams, Tom Ball, Manuvir Das Sorin Lerner, Mark Seigle Westley Weimer Microsoft.

Similar presentations

Ads by Google