Verification with LoLA: 1 Basics

559 views
496 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
559
On SlideShare
0
From Embeds
0
Number of Embeds
169
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Verification with LoLA: 1 Basics

    1. 1. Verification with LoLA Niels Lohmann and Karsten Wolf The Blue Angel Germany, 1930 Run Lola Run Germany,1998
    2. 2. What is LoLA?• Explicit state space generation• Place/Transition nets• Focus on standard properties• Many reduction techniques, unique features• Stream based interface• Open source
    3. 3. Where does it come from?• INA - Integrated Net Analyzer by Peter Starke • grown for long time • state space and structural techniques • several net classes • suboptimal design decisions • MODULA 2• Papers needed tables with absolute run times
    4. 4. Purpose• Generate competitive “experimental results” tables• Explore impact of basic design decisions• ... Ship as tool
    5. 5. Milestones• 1998: 1st release• 1998-2005: State space reduction techniques• 2000: Presentation at Petri Nets• 2005-: Case studies, integration• 2007: Invited talk at Petri Nets• since 2008: Implementation of software development processes
    6. 6. Basic Design Decisions• No GUI • Realistic nets are generated, not painted • GUI blocks portability • Many GUIs available, simple connection possible • Do not want user interaction during verification
    7. 7. Basic Design Decisions• One property, one state space • as opposed to query languages on state spaces • One property, one dedicated reduction • Benefit from on-the-fly verification • Generation faster than loading
    8. 8. Basic Design Decisions• Configuration at compile time • property class, search strategy, reductions • #define instead of if() • repeated runs in same configuration
    9. 9. Featured Properties• Boundedness (place) • Reversibility• Boundedness • Home states• Reachability (marking) • LTL properties F φ, GF φ, FG φ (predicate)• Reachability (predicate) • CTL (formula)• Deadlocks• Death (transition)• Liveness (predicate)
    10. 10. Featured Reductions• Stubborn Sets • Reduction based on S/T invariants • unique: dedicated techniques for standard properties • unique.• Symmetries • Coverability graphs • unique: automated • unique: combination with other reductions determination of symmetries in low level net• Sweep-Line • unique: automated calculation of a progress measure
    11. 11. Goal of Tutorial• Can LoLA help you?• Where (and why) does it perform well?• How to (optimally) use it, to integrate it
    12. 12. Outline• Introduction • Input Language • Motivation, • State Space background, Techniques history • Using LoLA • Preview and outline • Case Studies • Basic notions • Integrating LoLA • First demo • Implementation
    13. 13. Basic notions: net• Net: [P,T,F,W,m0] • P,T finite, nonempty, disjoint • F ⊆(P x T) ∪ (T x P) • W: F →N+ • m0: P →N• Firing • t activated in m: (p,t) ∈ F m(p) ≥ W(p,t) • firing; m [t> m’: m’(p) = m(p) - W(p,t) + W(t,p)• State space: • states: reachable markings • edges: m[t>m’
    14. 14. Basic notions: properties• Place p is ... • bounded iff there is a k such that, for all reachable m, m(p) < k• Transition t is ... • dead iff it is not activated in any reachable marking• State predicate φ (p <>≤≥=≠ k, φ∧φ, φ∨φ,¬φ) is ... • reachable iff some reachable marking satisfies v • live iff, from every reachable marking, a marking is reachable that satisfies φ• Net ... • is bounded iff all places are • is reversible iff the initial marking is reachable from all reachable marking • has home states iff some marking is reachable from all reachable markings • is deadlock-free iff every reachable marking activates at least one transition
    15. 15. Basic notions: Temporal Logic• LTL: infinite path (starting in m0) satisfies ... • F φ : is satisfied at least once • GF φ: φ is satisfied in infinitely many markings • FG φ: φ is satisfied forever from some marking on• CTL: marking m satisfies ... • AX (EX) φ: φ holds in all (some) immediate successor marking • AF (EF) φ: every (some) path from m contains a marking satisfying φ • AG (EG) φ: on every (some) path from m, φ holds in all markings • A(E) φ U ψ: on every (some) path starting in m, there is a marking that satisfies ψ such that all preceding markings satisfy φ
    16. 16. Basic notions: State Space• Strongly connected component (scc) • max set of mutually reachable states • partitions state space • form acyclic graph, maximal elements: terminal scc (tscc)• Properties vs scc: • reversible: net has one scc • home states: net has one tscc • live: satisfiable in all tscc
    17. 17. Basic notions: Search• Depth first • can be extended easily for detecting cycles and scc • tends to yield long paths• Breadth first • difficult to detect cycles and scc • yields shortest path

    ×