Presentation is loading. Please wait.

Presentation is loading. Please wait.

Q1:Royal Garden’s Puzzle as a Model Checking Problem Pictures from UbiSoft HW6: Due Dec 4th 23:59.

Published byFelicia Fletcher Modified over 9 years ago

Similar presentations

Presentation on theme: "Q1:Royal Garden’s Puzzle as a Model Checking Problem Pictures from UbiSoft HW6: Due Dec 4th 23:59."— Presentation transcript:

1 Q1:Royal Garden’s Puzzle as a Model Checking Problem Pictures from UbiSoft HW6: Due Dec 4th 23:59

2 http://www.youtube.com/watch?v=1xv4KSUGSS8&hl=kohttp://www.youtube.com/watch?v=1xv4KSUGSS8&hl=kohttp://www.youtube.com/watch?v=1xv4KSUGSS8&hl=ko

3 R1 R2R3R4 R8 R9R10R11 R5 R6R7 H1 H2 H3 H4 Source Sink HandleAreas rotated H1R1,R2,R5,R6 H2R2,R3,R4,R6,R7 H3R5,R6,R8,R9,R10 H4-R6,R7,-R10,R11 Type A Type B Type C

4 1.Write down a C model and a Promela model to solve the puzzle by using CB MC and Spin a.Use assert statement to detect when the route is established b.Find and explain the shortest solution by analyzing counter examples. Also show that why your solution is the shortest one for the route a.Hint: there exists a solution less than 10 steps c.Report the complexity of the problem – i.e., # of clauses and variables, # of states, memory usage, verification time, etc.

5 /* Assume that there are two processes */ char count=0,x=0,y=0,z=0; void process() { char me=_pid +1; /* me is 1 or 2*/ again: x= me; if (y ==0 || y== me) ; else goto again; z =me; if (x == me) ; else goto again; y=me; if(z==me); else goto again; /* enter a critical section */ count++; InCritSec: … count --; /* leaving a critical section */ goto again; } a. To specify a corresponding Promela specification – Note that no atomic allowed b. To specify the following properties in LTL – Note that procname[pid]@label returns a nonzero value only if a statemen t at the corresponding label is executable now 1.Mutual exclusion 2.Deadlock-freedom 3.Starvation-freedom c. Check if your Promela spec satisfies the above 3 properties by using Spin. Also explain the counter examples. 2. Faulty mutual exclusion algorithm

6 3. Build the following mutual exclusion protocol in Promela. - Your Promela spec should contain 2 processes. - You should use a global lock with atomic keyword to check entrance to the critical section. - Verify the following correctness properties of your Promela model – Mutual exclusion – Liveness mtype ={n,t,c} byte lock=0; active [2] proctype process() { byte status=n; … }

7 4. Build the following mutual exclusion protocol in Promela. And verify the correctness of your Promela model – Mutual exclusion – Liveness – You may use a global variable turn to indicate which process has a higher priority to enter critical section – Note that you can access a local variable of the other processes through remote reference procname[pid]:localvar mtype={n,t,c}; byte lock; byte turn=255; active [2] proctype process() { … }

Download ppt "Q1:Royal Garden’s Puzzle as a Model Checking Problem Pictures from UbiSoft HW6: Due Dec 4th 23:59."

Similar presentations

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.
The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.
1 Carnegie Mellon UniversitySPIN ExamplesFlavio Lerda Bug Catching15-398 SPIN Examples.

1 Carnegie Mellon UniversitySPIN ExamplesFlavio Lerda Bug Catching SPIN Examples.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.
HW4:Royal Garden’s Puzzle as a Model Checking Problem Pictures from UbiSoft.

HW4:Royal Garden’s Puzzle as a Model Checking Problem Pictures from UbiSoft.
CSC321 Concurrent Programming: §3 The Mutual Exclusion Problem 1 Section 3 The Mutual Exclusion Problem.

CSC321 Concurrent Programming: §3 The Mutual Exclusion Problem 1 Section 3 The Mutual Exclusion Problem.
Ch. 7 Process Synchronization (1/2) 2015-04-17. 7.I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.

Ch. 7 Process Synchronization (1/2) I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.
Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.

Background Concurrent access to shared data can lead to inconsistencies Maintaining data consistency among cooperating processes is critical What is wrong.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
Multiprocessor Synchronization Algorithms (20225241) Lecturer: Danny Hendler The Mutual Exclusion problem.

Multiprocessor Synchronization Algorithms ( ) Lecturer: Danny Hendler The Mutual Exclusion problem.
Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.

Process Synchronization. Module 6: Process Synchronization Background The Critical-Section Problem Peterson’s Solution Synchronization Hardware Semaphores.
© 2011 Carnegie Mellon University SPIN: Part 2 15-414/614 Bug Catching: Automated Program Verification Sagar Chaki April 21, 2014.

© 2011 Carnegie Mellon University SPIN: Part /614 Bug Catching: Automated Program Verification Sagar Chaki April 21, 2014.
/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct 2007 08:021PROMELA Semantics.

/ PSWLAB P ROMELA Semantics from “THE SPIN MODEL CHECKER” by G. J. Holzmann Presented by Hong,Shin 5 th Oct :021PROMELA Semantics.
1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.

1 Temporal Claims A temporal claim is defined in Promela by the syntax: never { … body … } never is a keyword, like proctype. The body is the same as for.
Critical Section chapter3.

Critical Section chapter3.
Sept 2011 1 COMP60611 Fundamentals of Parallel and Distributed Systems Lecture 12 The Critical Section problem John Gurd, Graham Riley Centre for Novel.

Sept COMP60611 Fundamentals of Parallel and Distributed Systems Lecture 12 The Critical Section problem John Gurd, Graham Riley Centre for Novel.
Chapter 3 The Critical Section Problem

Chapter 3 The Critical Section Problem
Parallel Processing (CS526) Spring 2012(Week 6).  A parallel algorithm is a group of partitioned tasks that work with each other to solve a large problem.

Parallel Processing (CS526) Spring 2012(Week 6).  A parallel algorithm is a group of partitioned tasks that work with each other to solve a large problem.

Similar presentations

Ads by Google