Presentation is loading. Please wait.

Presentation is loading. Please wait.

Construction of Abstract State Graphs with PVS Susanne Graf and Hassen Saidi VERIMAG.

Published byClifford Burke Modified over 9 years ago

Similar presentations

Presentation on theme: "Construction of Abstract State Graphs with PVS Susanne Graf and Hassen Saidi VERIMAG."— Presentation transcript:

1 Construction of Abstract State Graphs with PVS Susanne Graf and Hassen Saidi VERIMAG

2 Summary of the Paper Method based on abstract interpretation –a weaker abstract transition relation –automatically construct an abstract state graph –input: infinite state program Monomials: particular set of abstract states –defined w.r.t. a set of state predicates  1...  k Successor states: computed by using PVS –upper approximation of the successor states Construct abstract state graph –verify invariants –LTL prop. by MC

3 Summary of the Paper (2) Abstract State Graph: –represents a relatively precise global control flow graph of the system –can be used to generate stronger structural invariants –assumes that control depends on data Implemented the method in a tool: –interfaced with PVS, ALDÉBARAN Verified bounded retransmission protocol: –protocol developed by Philips –used the tool to prove correctness almost automatically

4 Parallel Systems: Syntax Basic intuition: parallel composition of processes by interleaving and synchronization by shared variables (unity) Process: process P is varsx 1 :T 1,..., x n :T n → global, what P uses initinit_pred(x 1,..., x n )→ implicit pc (control var) update □ g 1 (x) → ass 1 (x)-  1 □ g n (x) → ass n (x)-  n Parallel composition (P 1 || P 2 ): is a process P s.t. P_init = P 1 _init  P 2 _init P_vars = P 1 _vars  P 2 _vars P_upd = P 1 _upd  P 2 _upd Type - might be infinite (PVS type)

5 Transition Graph for P Given is P (vars, init, update) Define the transition graph S P = (Q P, R P, I P ) Q P = T 1 x... x T n R P = U  i where  i (q) = I P = {q | init(q) = true} R P : Q P → P(Q P ) ≡ R P  Q P x Q P i=1 P  if g i (q) = false ass i (q) otherwise

6 Predicate Transformers Definition: R  Q x Q and   P(Q) {  } g → ass {  } strongest postcondition:post[R](  ) =  q. R(q,q')   (q) weakest precondition:pre[R](  ) =  q'. R(q,q')   (q') R(q, q 1 )   (q 1 ) ... R(q, q n )   (q n ) property:  = post[R](  )   = pre[R](  ) preconditionpostcondition set of guarded assignments ass(q) pre[  i ](  ) = g i (x)   [ass i (x) / x]  no quantifiers

Download ppt "Construction of Abstract State Graphs with PVS Susanne Graf and Hassen Saidi VERIMAG."

Similar presentations

Demand-driven inference of loop invariants in a theorem prover

Demand-driven inference of loop invariants in a theorem prover
Continuing Abstract Interpretation We have seen: 1.How to compile abstract syntax trees into control-flow graphs 2.Lattices, as structures that describe.

Continuing Abstract Interpretation We have seen: 1.How to compile abstract syntax trees into control-flow graphs 2.Lattices, as structures that describe.
Abstraction of Source Code (from Bandera lectures and talks)

Abstraction of Source Code (from Bandera lectures and talks)
Data-Flow Analysis II CS 671 March 13, 2008. CS 671 – Spring 2008 1 Data-Flow Analysis Gather conservative, approximate information about what a program.

Data-Flow Analysis II CS 671 March 13, CS 671 – Spring Data-Flow Analysis Gather conservative, approximate information about what a program.
Greta YorshEran YahavMartin Vechev IBM Research. { ……………… …… …………………. ……………………. ………………………… } P1() Challenge: Correct and Efficient Synchronization { ……………………………

Greta YorshEran YahavMartin Vechev IBM Research. { ……………… …… …………………. ……………………. ………………………… } P1() Challenge: Correct and Efficient Synchronization { ……………………………
Greta YorshEran YahavMartin Vechev IBM Research. { ……………… …… …………………. ……………………. ………………………… } T1() Challenge: Correct and Efficient Synchronization { ……………………………

Greta YorshEran YahavMartin Vechev IBM Research. { ……………… …… …………………. ……………………. ………………………… } T1() Challenge: Correct and Efficient Synchronization { ……………………………
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
1 Translation Validation: From Simulink to C Michael RyabtsevOfer Strichman Technion, Haifa, Israel Acknowledgement: sponsored by a grant from General.

1 Translation Validation: From Simulink to C Michael RyabtsevOfer Strichman Technion, Haifa, Israel Acknowledgement: sponsored by a grant from General.
Timed Automata.

Timed Automata.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.

Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Automatic Predicate Abstraction of C-Programs T. Ball, R. Majumdar T. Millstein, S. Rajamani.

Automatic Predicate Abstraction of C-Programs T. Ball, R. Majumdar T. Millstein, S. Rajamani.
Partial correctness © Marcelo d’Amorim 2010.

Partial correctness © Marcelo d’Amorim 2010.
Review of topics Final exam : -May 2nd to May 7 th - Projects due on May 7th.

Review of topics Final exam : -May 2nd to May 7 th - Projects due on May 7th.
CS 355 – Programming Languages

CS 355 – Programming Languages
Program Verification as Probabilistic Inference Sumit Gulwani Nebojsa Jojic Microsoft Research, Redmond.

Program Verification as Probabilistic Inference Sumit Gulwani Nebojsa Jojic Microsoft Research, Redmond.
1 Basic abstract interpretation theory. 2 The general idea §a semantics l any definition style, from a denotational definition to a detailed interpreter.

1 Basic abstract interpretation theory. 2 The general idea §a semantics l any definition style, from a denotational definition to a detailed interpreter.
© Katz, 2003 Formal Specifications of Complex Systems-- Real-time 1 Adding Real-time to Formal Specifications Formal Specifications of Complex Systems.

© Katz, 2003 Formal Specifications of Complex Systems-- Real-time 1 Adding Real-time to Formal Specifications Formal Specifications of Complex Systems.
1 Operational Semantics Mooly Sagiv Tel Aviv University 640-6706 Textbook: Semantics with Applications.

1 Operational Semantics Mooly Sagiv Tel Aviv University Textbook: Semantics with Applications.

Similar presentations

Ads by Google