Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Symmetry Symmetry Chapter 14 from “Model Checking” by Edmund M. Clarke Jr., Orna Grumberg, and Doron A. Peled presented by Anastasia Braginsky March.

Published byAugustine Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Symmetry Symmetry Chapter 14 from “Model Checking” by Edmund M. Clarke Jr., Orna Grumberg, and Doron A. Peled presented by Anastasia Braginsky March."— Presentation transcript:

1 1 Symmetry Symmetry Chapter 14 from “Model Checking” by Edmund M. Clarke Jr., Orna Grumberg, and Doron A. Peled presented by Anastasia Braginsky March 2012

2 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 2 Outline Introduction Groups and Permutations Symmetry & Symmetry Example Usual representation Quotient Models & Quotient Models Example Bisimulation Correctness proof Model Checking with Symmetry

3 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 3 Symmetry Final-state concurrent systems frequently contain replicated components caches, bus protocols, network protocols … Symmetry uses this fact to obtain reduce models for the system

4 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 4 Formal Symmetry The symmetry in the system implies the existence of nontrivial permutation that preserves both the state labeling the transition relation S0S0 S1S1 S2S2 S3S3

5 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 5 Formal Symmetry This can be used to define an equivalence relation on the state space The quotient model is smaller than the original model and is bisimulation equivalent to that model

6 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 6 Group A group is a set G together with binary operation o on G (the group multiplication), such that: Multiplication is associative: a o (b o c) = (a o b) o c There is an identity element e  G, such that for any element a  G, e o a = a o e For each element a  G, there is an inverse element a -1, such that a -1 o a = a o a -1 = e

7 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 7 Subgroup H is a subgroup of G if H ⊆G and H is a group under the multiplication operation of G If S is a subset of a group G, then, the subgroup generated by S, is the smallest subgroup of G containing every element of S

8 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 8 Permutation A permutation σ on a finite set S is a function that is one-to-one and onto σ : S  S

9 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 9 Permutation group Sym S is the set of all permutations on S Sym S forms a group under functional composition Sym S is called the full symmetric group A subgroup G of Sym S is called a permutation group on S

10 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 10 Kinds of permutations Two permutations σ 1, σ 2 are disjoint iff { i | σ 1 ( i )≠ i } ∩ { j | σ 2 ( j )≠ j } = ø A permutation that maps i 1  i 2, i 2  i 3, …, i k-1  i k, i k  i 1 is called a cycle and is denoted by ( i 1 i 2 … i k ) A cycle of length of two is called transposition Two disjoint permutations CycleTransposition σ1 σ2σ1 σ2

11 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 11 Permutation presentations Every finite permutation can be written as a composition of disjoint cycles Every permutation can be written as a composition of transpositions For example consider S = {1,2,3,4,5} and permutation σ given by 1  3, 2  4, 3  1, 4  5, 5  2 σ can be written as a composition disjoint cycles (1 3) o (2 4 5) a composition of transpositions (1 3) o (2 5) o (2 4) The subgroup of Sym S generated by the to permutations (1 3) and (2 4 5): { e, (1 3), (2 4 5), (2 5 4), (1 3)(2 4 5), (1 3)(2 5 4) } 12345 12345

12 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 12 Automorphism Let M = (S, R, L) be a Kripke structure Let G be a permutation group of on the state space S A permutation σ  G is an automorphism of M iff σ preserves the transition relation R Formally, σ should satisfy the following: σ: S0S0 S1S1 S2S2 S3S3 S0S0 S1S1 S2S2 S3S3 S0S0 S1S1 S2S2 S3S3 S0S0 S2S2 S1S1 S3S3 S0S0 S1S1 S2S2

13 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 13 Automorphism group G is an automorphism group for the Kripke structure M iff every permutation σ  G is an automorphism of M If every generator of the group G is an automorphism of M, then the group G is an automorphism group for M

14 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 14 Token Ring Algorithm One component process QMany component processes P Both P and Q have the following Kripke structure: States: n – noncritical section  initial state for P t – has the token  initial state for Q c – critical section ntc r (receive token) s (send token)

15 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 15 Composition Q||P Q || P t, n Q sends token, P receives token Q || P n, t P sends token, Q receives token Q || P n, c Q || P c, n

16 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking 16 Duplicate process P, i times Q || P 1 ||…||P i t, n, …, n Q sends token, P 1 receives token Q || P 1 ||…||P i n, t, …, n P 1 sends token, Q receives token Q || P 1 ||…||P i n, c, …, n Q || P 1 ||…||P i c, n, …, n … …

17 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Back to Q||P composition σ is an automorphism of Q||P 17 Q || P t, n Q sends token, P receives token Q || P n, t P sends token, Q receives token Q || P n, c Q || P c, n n,tt,nc,n n,c n,t t,nc,n n,c σ:σ:

18 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Usual behavior of finite-state systems States are determined by the values (from domain D) of a set of state variables x 1, x 2, …, x n For example, a state of Q||P i is an (i+1)-touple from domain {n,t,c} When extracting a Kripke structure from such systems: S ⊆D k In Q||P example: k=2, S = { ( x 1 =n, x 2 =t), (c, n), (t, n), (n, c)} R ⊆S xS In Q||P example, R = { ( ( x 1 =n, x 2 =t), ( x 1 =t, x 2 =n) ), ( (t,n), (n,t)) … } d J ∈L(s) ⇔ x i =d J In Q||P example: L( ( x 1 =n, x 2 =t) ) = {n, t} 18

19 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Usual automorphism representation The automorphism group is given as a group acting on the indices of the state variables In Q||P example σ is the transposition (1 2) A permutation σ acting on the set of indices {1, 2, …, n}, defines a new permutation σ ’ acting on states in D n in the following manner: σ ‘ ( (x 1, x 2, …, x n ) ) = (x σ(1), x σ(2), …, x σ(n) ) σ = (1 2)  x 1 =d i x 2 =d j  x 2 =d i x 1 =d j 19 n,tt,nc,n n,c n,t t,nc,n n,c σ': x 1, x 2

20 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Quotient Models G is a permutation group acting on the set S s is an element of S, s ∈S The orbit of s is the set θ ( s ) = { t | ∃ σ ∈G ( σ ( s )=t ) } A representative of orbit is denoted rep ( θ (s)) ∈ θ (s) Intuitively, the quotient model is obtained by collapsing all the states in one orbit to a single representative state 20 σ1 σ2σ1 σ2

21 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Quotient Models - formally M = (S, R, L) is a Kripke structure G is an automorphism group acting on S The quotient structure M G = (S G, R G, L G ): S G = { θ ( s ) | s ∈ S } the set of orbits of the states in S (groups of states) R G = { ( θ ( s 1 ), θ ( s 2 ) ) | ( s 1, s 2 ) ∈R } L G ( θ ( s ) ) = L( rep( θ (s)) ) 21

22 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Representatives choice R G is independent of the chosen representatives Because G is an automorphism group However, L G is not independent of the chosen representatives Restrict the attention to automorphism groups, that are also invariance groups 22

23 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Invariance group G is an invariance group for an atomic proposition p iff the set of states labeled by p is closed under the permutations of G Formally: An automorphism group G of a Kripke structure M = (S, R, L) is an invariance group for atomic proposition p iff (  σ ∈G ) (  s ∈ S) ( p ∈ L ( s ) ⇔ p ∈ L( σ ( s )) ) p is an invariant under G 23

24 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Back to example G = is the group generated by permutation on indexes (1 2) G is an automorphism group of Q||P The orbits induced by G are {(t,n), (n,t)} and {(c,n), (n,c)} 24 Q || P t, n Q sends token, P receives token Q || P n, t P sends token, Q receives token Q || P n, c Q || P c, n n,tt,nc,n n,c n,t t,nc,n n,c σ=(1 2): x 1, x 2

25 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Example’s quotient model Pick the states (t,n) and (c,n) as representatives 25 t,nc,n

26 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Duplicate process P, i times The Kripke structure corresponding to Q||P i has 2(i+1) reachable states The permutation group G= is an automorphism group for Q||P i G also induces only two orbits 26 Q || P 1 ||…||P i t, n, …, n Q sends token, P 1 receives token Q || P 1 ||…||P i n, t, …, n P 1 sends token, Q receives token Q || P 1 ||…||P i n, c, …, n Q || P 1 ||…||P i c, n, …, n … t,n,…nn,t,…nc,n,…n n,c,…n t,n,…n n,t,…nc,n,…n n,c,…n σ = (1 2 … i+1) ↓ x 1,x 2,…x i+1 … … … … SAME QUOTIENT MODEL!

27 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Explicit and quotient models are equivalent We want to prove that: If a temporal specification f has only invariant propositions, Then f can be safely checked in the quotient model 27

28 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Bisimulation relation Is a binary relation between state transition systems, which behave in the same way in the sense that one system simulates the other and vice-versa equivalence between models that strongly preserves CTL* (  -calculus) If M 1  M 2 then for every CTL* formula , M 1 |=   M 2 |=  28

29 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Bisimulation Relation - formally Let M=(S,R,L) and M’=(S’,R’,L’) be two structures with the same set of atomic propositions AP. A relation B ⊆ S x S’ ’is a bisimulation relation between M and M’ iff For all s and s’, if B ( s, s’ ) then the following holds: 1. L(s) = L’(s’) 2.  s 1 such that R(s,s 1 ) there is s’ 1 such that R’(s’,s’ 1 ) and B(s 1,s’ 1 ) 3.  s’ 1 such that R’(s’,s’ 1 ) there is s 1 such that R(s,s 1 ) and B(s 1,s’ 1 ) Bisimulation example: 29 ab a’ b’ a’ B

30 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Lemma Let M=(S,R,L) be a Kripke structure with AP as the set of atomic propositions, Let G be an invariance group for all propositions in AP Let M G be the quotient model for M Let B ⊆ SxS G be a relation defined by: For every s  S, B(s,θ(s)) Then, B is a bisimulation relation between M and M G 30

31 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof -1 Definition: M=(S,R,L) & M’=(S’,R’,L’) have the same AP B ⊆ SxS’ is a bisimulation relation between M and M’ iff ∀ s,s’, if B(s,s’), then: 1. L(s) = L’ (s’) 2.  s 1 such that R(s,s 1 ) there is s’ 1 such that R’ (s’,s’ 1 ) and B(s 1, s’ 1 ) 3.  s’ 1 such that R’ (s’,s’ 1 ) there is s 1 such that R(s,s 1 ) and B(s 1, s’ 1 ) Lemma: M=(S,R,L): a Kripke structure over AP G: invariance group for all propositions in AP M G : the quotient model for M B ⊆ SxS G is a relation defined by: For every s ∊ S, B(s,θ(s)) B is a bisimulation relation between M & M G First let’s show that: L(s)=L G (θ(s)) By definition of M G : L G ( θ ( s ) )=L( rep ( θ (s)) ) rep ( θ ( s ))  θ ( s )  there is a permutation σ ∈G such that σ (s)= rep ( θ (s)) G is an invariance group for all propositions in AP  For all p  AP, ( p ∈ L ( s ) ⇔ p ∈ L( rep ( θ (s)) ) ) Thus: L(s)= L( rep ( θ ( s )) )=L G ( θ (s))

32 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof -2 Consider relation (s,t)  R By definition of R G : ( θ ( s ), θ (t ) )  R G By definition of B: ( t, θ (t ) )  B s t θ(s)θ(s) θ(t)θ(t) B Lemma: M=(S,R,L): a Kripke structure over AP G: invariance group for all propositions in AP M G : the quotient model for M B ⊆ SxS G is a relation defined by: For every s ∊ S, B(s,θ(s)) B is a bisimulation relation between M & M G Definition: M=(S,R,L) & M’=(S’,R’,L’) have the same AP B ⊆ SxS’ is a bisimulation relation between M and M’ iff ∀ s,s’, if B(s,s’), then: 1. L(s) = L’ (s’) 2.  s 1 such that R(s,s 1 ) there is s’ 1 such that R’ (s’,s’ 1 ) and B(s 1, s’ 1 ) 3.  s’ 1 such that R’ (s’,s’ 1 ) there is s 1 such that R(s,s 1 ) and B(s 1, s’ 1 ) B

33 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof -3 Consider relation ( θ ( s ), θ (t ) )  R G By definition of θ there must be some rep ( θ ( t ))  θ (t) Let’s denote rep ( θ ( t ) ) as t, need to prove that (s,t)  R and B(t, θ ( t ) ) By definition of R G there must be some s 1 and t 1 such that s 1  θ (s), t 1  θ (t), and (s 1,t 1 )  R s 1  θ (s), t 1  θ (t)  ∃ σ 1  G, ∃ σ 2  G, σ 1 (s)=s 1 σ 2 (t)= t 1 G is automorphism group  (s 1,t 1 )  R  (s,t)  R s t θ(s)θ(s) θ(t)θ(t) B Lemma: M=(S,R,L): a Kripke structure over AP G: invariance group for all propositions in AP M G : the quotient model for M B ⊆ SxS G is a relation defined by: For every s ∊ S, B(s,θ(s)) B is a bisimulation relation between M & M G Definition: M=(S,R,L) & M’=(S’,R’,L’) have the same AP B ⊆ SxS’ is a bisimulation relation between M and M’ iff ∀ s,s’, if B(s,s’), then: 1. L(s) = L’ (s’) 2.  s 1 such that R(s,s 1 ) there is s’ 1 such that R’ (s’,s’ 1 ) and B(s 1, s’ 1 ) 3.  s’ 1 such that R’ (s’,s’ 1 ) there is s 1 such that R(s,s 1 ) and B(s 1, s’ 1 ) B

34 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking It can be also proven that If B(s,s’) is a bisimulation, then for every CTL* formula f, s ⊨ f  s’ ⊨ f

35 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Corollary Let M be a structure defined over AP and let G be an invariance group for AP Then for every s  S and every CTL* formula defined over AP M,s ⊨ f  M G, θ (s) ⊨ f

36 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Theorem Let M=(S,R,L) be a Kripke structure Let G be an automorphism group of M Let f be a CTL* formula If G is an invariance group for all the atomic propositions p occurring in f Then M,s ⊨ f  M G, θ (s) ⊨ f

37 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof (some definitions) M is defined over AP and f is defined over AP’ ⊆ AP The restriction of M to AP’ is the structure M’=(S,R,L’) that is identical to M, except that for s  S, L’(s)=L(s)∩AP’ For every CTL* formula defined over AP’ and for every s  S M,s ⊨ f  M’,s ⊨ f

38 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof Let M’ G be the quotient model of M’, induced by G By the definition of quotient model, M’ G is the restriction of M G to AP’ Thus for every V  S G, M G, V ⊨ f  M’ G, V ⊨ f G is an invariance group for AP’, so the corollary applies, thus: M’,s ⊨ f  M’ G, θ (s) ⊨ f Altogether: M,s ⊨ f  M G, θ (s) ⊨ f

39 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Model Checking with Symmetry How to perform the model checking itself? Compact explicit Kripke structure Use OBDD

40 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Find the reachable set of states How to find the set of states in an explicit Kripke structure that are reachable from initial states? BFS or DFS from the set of initial structures is performed Maintain list of reached states and list of unexplored states Assume function ξ (q), which maps a state q to the unique state representing the orbit of q

41 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Algorithm reached := ø; unexplored := ø; for all initial states s do append ξ (s) to reach; append ξ (s) to unexplored; end for all while unexplored ≠ ø do remove a state s from unexplored; for all successor states q of s do if ξ (q) is not in reached append ξ (q) to reached; append ξ (q) to unexplored; end if end for all end while It is important to compute the orbit relation efficiently This is as least as hard as the graph isomorphism problem Which is in NP, but not known to be NP complete

42 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking OBDD as the underlying representation The construction of the quotient model is more complex At least If R is represented by the OBDD R( v 1,…,v k,v’ 1,…,v’ k ) And σ is a permutation on the state variables (recall the usual representation) Then, it is straightforward to check that σ is an automorphism of M Check R( v 1,…,v k,v’ 1,…,v’ k ) == R( v σ(1),…,v σ(k),v’ σ(1),…,v’ σ(k) ) R( v σ(1),…,v σ(k),v’ σ(1),…,v’ σ(k) ) is the OBDD representing the transition relation of the permuted structure

43 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Orbit relation Given a Kripke structure M=(S,R,L) and an automorphism group G on M with r generators g 1, g 2,…,g r The orbit relation Θ ( Θ (x,y)  (x  θ (y)) ) is the least fixpoint of the equation: Least fixpoint: 1. Start from the smallest relation, where each state is in relation with itself 2. Stop when no more iterations of applying the recursive equation add new value

44 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Lemma 2 The least fixpoint of equation: Is the orbit relation Θ induced by the group G generated by g 1, g 2,…,g r

45 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof - fixpoint: Θ has reflexivity and transitivity, therefore: Θ(x,y)  ( x=y  (  z( Θ(x,z)  V i y=g i (z) ) ) ) Θ (x,y)  Θ (y,x) By the definition of the orbit relation ∃ σ  G such that y= σ (x) Let assume x≠y (otherwise the result is immediate) σ  G  σ is composition of generators, thus y= g k ( g’’…g’ ((x))) Lets set z= g’’…g’ ((x))   g k, k≤r,  z such that Θ(x,z) and y= g k (z), therefore: Θ(x,y)  ( x=y  (  z( Θ(x,z)  V i y=g i (z) ) ) )

46 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof – least fixpoint We want to prove that If T is any fixpoint of equation Then Θ  T We will prove that Θ (x,y)  T(x,y) 46

47 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Proof – least fixpoint – cont. By the definition of the orbit relation Θ (x,y) ∃ σ  G such that x= σ (y) σ  G  σ is composition of generators, thus σ = g i m … g i 2 g i 1 1≤i j ≤r Because T is a fix point of the equation it can be proved by induction that for every 1≤ l ≤m T(x, g i l (… g i 2 (g i 1 (x) ) ) ) holds For l ≤m we see that T(x,y) holds 47

48 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking Complexity The size of OBDD for the orbit relation should be bounded If suitable OBDD is available, this fixpoint equation can be computed Having Θ, we can compute ξ :S  S (unique representative of the orbit) Assuming we have the OBDD representation of the mapping function ξ, the transition R G : R G (x,y) =  x 1  y 1 ( R(x 1,y 1 )  ξ (x 1 )=x  ξ (y 1 )=y ) 48

49 Introduction Groups & Permutations Symmetry Usual representation Quotient Models Correctness proof Model Checking SUMMARY! 49

50 Questions? Thank you!! 50

Download ppt "1 Symmetry Symmetry Chapter 14 from “Model Checking” by Edmund M. Clarke Jr., Orna Grumberg, and Doron A. Peled presented by Anastasia Braginsky March."

Similar presentations

Completeness and Expressiveness

Completeness and Expressiveness
Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
1 Verification of Parameterized Systems Reducing Model Checking of the Few to the One. E. Allen Emerson, Richard J. Trefler and Thomas Wahl Junaid Surve.

1 Verification of Parameterized Systems Reducing Model Checking of the Few to the One. E. Allen Emerson, Richard J. Trefler and Thomas Wahl Junaid Surve.
5.1 Real Vector Spaces.

5.1 Real Vector Spaces.
On Complexity, Sampling, and -Nets and -Samples. Range Spaces A range space is a pair, where is a ground set, it’s elements called points and is a family.

On Complexity, Sampling, and -Nets and -Samples. Range Spaces A range space is a pair, where is a ground set, it’s elements called points and is a family.
1 Decomposing Hypergraphs with Hypertrees Raphael Yuster University of Haifa - Oranim.

1 Decomposing Hypergraphs with Hypertrees Raphael Yuster University of Haifa - Oranim.
Partial Order Reduction: Main Idea

Partial Order Reduction: Main Idea
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.

1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Recursive Definitions and Structural Induction

Recursive Definitions and Structural Induction
1 Partial Order Reduction. 2 Basic idea P1P1 P2P2 P3P3 a1a1 a2a2 a3a3 a1a1 a1a1 a2a2 a2a2 a2a2 a2a2 a3a3 a3a3 a3a3 a3a3 a1a1 a1a1 3 independent processes.

1 Partial Order Reduction. 2 Basic idea P1P1 P2P2 P3P3 a1a1 a2a2 a3a3 a1a1 a1a1 a2a2 a2a2 a2a2 a2a2 a3a3 a3a3 a3a3 a3a3 a1a1 a1a1 3 independent processes.
Copyright © Cengage Learning. All rights reserved. CHAPTER 5 SEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION SEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION.

Copyright © Cengage Learning. All rights reserved. CHAPTER 5 SEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION SEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION.
Math 3121 Abstract Algebra I

Math 3121 Abstract Algebra I
Groups TS.Nguyễn Viết Đông.

Groups TS.Nguyễn Viết Đông.
Algebraic Structures: Group Theory II

Algebraic Structures: Group Theory II
Algebraic Structures DEFINITIONS: PROPERTIES OF BINARY OPERATIONS Let S be a set and let  denote a binary operation on S. (Here  does not necessarily.

Algebraic Structures DEFINITIONS: PROPERTIES OF BINARY OPERATIONS Let S be a set and let  denote a binary operation on S. (Here  does not necessarily.
Symmetric Group Sym(n) As we know a permutation  is a bijective mapping of a set A onto itself:  : A  A. Permutations may be multiplied and form the.

Symmetric Group Sym(n) As we know a permutation  is a bijective mapping of a set A onto itself:  : A  A. Permutations may be multiplied and form the.
1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.

1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.
1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

1 Model Checking, Abstraction- Refinement, and Their Implementation Based on slides by: Orna Grumberg Presented by: Yael Meller June 2008.

Similar presentations

Ads by Google