Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

TMPA-2015: The Verification of Functional Programs by Applying Statechart Diagrams Construction Method

2,250 views

Published on

The Verification of Functional Programs by Applying Statechart Diagrams Construction Method
Andrew Mironov, IPI, Moscow

12 - 14 November 2015
Tools and Methods of Program Analysis in St. Petersburg

Published in: Science
  • Be the first to comment

  • Be the first to like this

TMPA-2015: The Verification of Functional Programs by Applying Statechart Diagrams Construction Method

  1. 1. Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòðîåíèÿ äèàãðàìì ñîñòîÿíèé Àíäðåé Ìèðîíîâ amironov66@gmail.com ÔÈÖ Èíôîðìàòèêà è óïðàâëåíèå ÐÀÍ Ìîñêâà, 2015 ã. Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  2. 2. Êðàòêîå ñîäåðæàíèå Îïèñàíèå ïðîáëåìû Ðàññìàòðèâàåòñÿ ïðîáëåìà âåðèôèêàöèè ôóíêöèîíàëüíûõ ïðîãðàìì (ÔÏ) íàä ñèìâîëüíûìè ñòðîêàìè, ãäå ñïåöèôèêàöèè ñâîéñòâ ÔÏ îïðåäåëÿþòñÿ äðóãèìè ÔÏ, è ÔÏ Σ1 óäîâëåòâîðÿåò ñïåöèôèêàöèè, îïðåäåëÿåìîé ÔÏ Σ2, åñëè êîìïîçèöèÿ ôóíêöèé, îïðåäåëÿåìûõ ÔÏ Σ1 è Σ2, ïðèíèìàåò çíà÷åíèå 1 íà âñåõ àðãóìåíòàõ. Ìû ââîäèì ïîíÿòèå äèàãðàììû ñîñòîÿíèé ÔÏ, è ñâîäèì ïðîáëåìó âåðèôèêàöèè ÔÏ ê ïðîáëåìå àíàëèçà äèàãðàìì ñîñòîÿíèé ÔÏ. Ïðåäëîæåííûé ïîäõîä èëëþñòðèðóåòñÿ ïðèìåðîì âåðèôèêàöèè ÔÏ ñîðòèðîâêè. Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  3. 3. Ïðèìåð âåðèôèêàöèè ñïåöèôèêàöèè ôóíêöèîíàëüíîé ïðîãðàììû ñîðòèðîâêè ñòðîê Ïðîãðàììà: sort(x) = (x = ε)? ε : insert(xh, sort(xt)) insert(a, y) = (y = ε) ? aε : (a ≤ yh) ? ay : yh insert(a, yt) (1) Ñïåöèôèêàöèÿ: ∀ x ∈ S ord(sort(x)) = 1 (2) ãäå ord(x) = = (x = ε) ? 1 : (xt = ε) ? 1 : (xh ≤ (xt)h) ? ord(xt) : 0 (3) Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  4. 4. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè Èíäóêöèÿ ïî äëèíå ñòðîêè x. Åñëè x = ε, òî, ñîãëàñíî ïåðâîìó óðàâíåíèþ ñèñòåìû (1), âåðíî ðàâåíñòâî sort(x) = ε, è ïîýòîìó ord(sort(x)) = ord(ε) = 1 Ïóñòü x = ε. Äîêàæåì ðàâåíñòâî (2) äëÿ ýòîãî ñëó÷àÿ ìåòîäîì ìàòåìàòè÷åñêîé èíäóêöèè. Ïðåäïîëîæèì, ÷òî âåðíî ðàâåíñòâî, ïîëó÷àåìîå èç ðàâåíñòâà â (2) çàìåíîé x íà ëþáóþ ñòðîêó, äëèíà êîòîðîé ìåíüøå äëèíû x. Äîêàæåì, ÷òî â ýòîì ñëó÷àå ðàâåíñòâî â (2) òàêæå áóäåò âåðíûì. Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  5. 5. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè (ïðîäîëæåíèå) Ðàâåíñòâî â (2) ìîæíî ïåðåïèñàòü â âèäå ord( insert(xh, sort(xt))) = 1 (4) Ïî èíäóêòèâíîìó ïðåäïîëîæåíèþ, âåðíî ðàâåíñòâî ord(sort(xt)) = 1 èç êîòîðîãî ñëåäóåò (4) ïî íèæåñëåäóþùåé ëåììå. Ëåììà. Èìååò ìåñòî èìïëèêàöèÿ ord(y) = 1 ⇒ ord(insert(a, y)) = 1 (5) Äîêàçàòåëüñòâî. Äîêàçûâàåì ëåììó èíäóêöèåé ïî äëèíå y. Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  6. 6. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè (ïðîäîëæåíèå) Åñëè y = ε, òî ïðàâàÿ ÷àñòü â (5) èìååò âèä ord(aε) = 1 ÷òî âåðíî ïî îïðåäåëåíèþ ord. Ïóñòü y = ε, è äëÿ êàæäîé ñòðîêè z, äëèíà êîòîðîé ìåíüøå äëèíû y, âåðíà èìïëèêàöèÿ ord(z) = 1 ⇒ ord(insert(a, z)) = 1 (6) Îáîçíà÷èì c def = yh, d def = yt. (5) èìååò âèä ord(cd) = 1 ⇒ ord(insert(a, cd)) = 1 (7) Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  7. 7. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè (ïðîäîëæåíèå) Äëÿ äîêàçàòåëüñòâà èìïëèêàöèè (7) íóæíî äîêàçàòü, ÷òî ïðè óñëîâèè ord(cd) = 1 âåðíû èìïëèêàöèè (a) a ≤ c ⇒ ord(a(cd)) = 1, (b) c a ⇒ ord(c insert(a, d)) = 1. (a) âåðíî ïîòîìó, ÷òî èç a ≤ c ñëåäóåò ord(a(cd)) = ord(cd) = 1. Äîêàæåì (b). Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  8. 8. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè (ïðîäîëæåíèå) d = ε.  ýòîì ñëó÷àå ïðàâàÿ ÷àñòü â (b) èìååò âèä ord(c(aε)) = 1 (8) (8) ñëåäóåò èç c a. d = ε. Îáîçíà÷èì p def = dh, q def = dt.  ýòîì ñëó÷àå íàäî äîêàçàòü, ÷òî ïðè c a ord(c insert(a, pq)) = 1 (9) Åñëè a ≤ p, òî (9) èìååò âèä ord(c(a(pq))) = 1 (10) Ò.ê. c a ≤ p, òî (10) ñëåäóåò èç ðàâåíñòâ ord(c(a(pq))) = ord(a(pq)) = ord(pq) = = ord(c(pq)) = ord(cd) = 1 Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  9. 9. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè (ïðîäîëæåíèå) Åñëè p a, òî (9) èìååò âèä ord(c(p insert(a, q))) = 1 (11) Ïîñêîëüêó ïî ïðåäïîëîæåíèþ ord(cd) = ord(c(pq)) = 1 òî c ≤ p, è ïîýòîìó (11) ìîæíî ïåðåïèñàòü â âèäå ord(p insert(a, q)) = 1 (12) Ïðè p a insert(a, d) = insert(a, pq) = p insert(a, q) ïîýòîìó (12) ìîæíî ïåðåïèñàòü â âèäå ord(insert(a, d)) = 1 (13) Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  10. 10. Îáû÷íîå ìàòåìàòè÷åñêîå äîêàçàòåëüñòâî êîððåêòíîñòè ïðîãðàììû ñîðòèðîâêè (ïðîäîëæåíèå) (13) ñëåäóåò ïî èíäóêòèâíîìó ïðåäïîëîæåíèþ äëÿ ëåììû (ò.å. èç èìïëèêàöèè (6), â êîòîðîé z def = d) èç ðàâåíñòâà ord(d) = 1 êîòîðîå îáîñíîâûâàåòñÿ öåïî÷êîé ðàâåíñòâ 1 = ord(cd) = ord(c(pq)) = (ò.ê. c ≤ p) = ord(pq) = ord(d). Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  11. 11. Èäåÿ íîâîãî ìåòîäà âåðèôèêàöèè ôóíêöèîíàëüíûõ ïðîãðàìì Îòêàç îò äîêàçàòåëüñòâà óòâåðæäåíèÿ î êîððåêòíîñòè ïðîãðàììû, âûðàæàåìîãî ôîðìóëîé èñ÷èñëåíèÿ ïðåäèêàòîâ ïåðâîãî ïîðÿäêà, ïóòåì ïîñòðîåíèÿ ôîðìàëüíîãî âûâîäà â ëîãèêå ïåðâîãî ïîðÿäêà. Ìåòîä âåðèôèêàöèè ïîñòðîåíèå ãðàôîâîé ìîäåëè âåðèôèöèðóåìîé ïðîãðàììû è ãðàôîâîé ìîäåëè ïðîãðàììû, âûðàæàùåé ïðîâåðÿåìîå ñâîéñòâî, ïîñëå ÷åãî âû÷èñëÿåòñÿ ãðàôîâàÿ ìîäåëü äëÿ ñóïåðïîçèöèè àíàëèçèðóåìîé è ïðîâåðÿþùåé ôóíêöèé, è èññëåäóþòñÿ òåðìèíàëüíûå âåðøèíû ïîëó÷èâøåéñÿ ãðàôîâîé ìîäåëè. Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  12. 12. Èäåÿ íîâîãî ìåòîäà âåðèôèêàöèè ôóíêöèîíàëüíûõ ïðîãðàìì Òåîðåìà . Ïóñòü ÔÏ Σ ◦ Σspec èìååò êîíå÷íóþ äèàãðàììó ñîñòîÿíèé (ÄÑ), ïðè÷åì çíà÷åíèÿ ñîñòîÿíèé, ñîîòâåòñòâóþùèõ òåì òåðìèíàëüíûì âåðøèíàì ýòîé ÄÑ, êîòîðûå äîñòèæèìû èç íà÷àëüíîãî ñîñòîÿíèÿ, ðàâíû 1. Òîãäà fΣ◦Σspec ïðèíèìàåò çíà÷åíèå 1 íà âñåõ ñâîèõ àðãóìåíòàõ. Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  13. 13. Ïðèìåð ãðàôîâîé ìîäåëè ôóíêöèîíàëüíîé ïðîãðàììû y := sort(x) ε ε := x ' $ % y := a → u u := sort(b) ab := x y y aε aε := x ' $ % z := a → d cd := sort(b) ab := x tail tail tail tail {a ≤ c}.acd {c a}.cz ' $ z := a → d, d := p → j cj := sort(q) apq := x ' $ % z := a → ij ij := sort(q) acq := x ' $ % cd := sort(b) ab := x {c a}.caε acε := x c c E E E c rrr rr‰ ¨¨ ¨¨¨¨B rr rrr‰ ¨¨¨ ¨¨B d d dds      d d d ds       A B C D E G F I H {c a, c ≤ i}.cz {c a, c p}.cz Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  14. 14. Ðåäóöèðîâàííàÿ ãðàôîâàÿ ìîäåëü äëÿ ÔÏ ñîðòèðîâêè y := sort(x) ε ε := x ' $ % y := a → u u := sort(b) ab := x y y aε aε := x ' $ % z := a → d cd := sort(b) ab := x tail tail {a ≤ c}.acd {c a}.cz ' $ % cd := sort(b) ab := x c c E Er rrr r‰ ¨¨¨ ¨¨¨B d d dds       A B C D E G Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  15. 15. Ãðàôîâàÿ ìîäåëü ÔÏ ïðîâåðêè óïîðÿäî÷åííîñòè ñòðîêè a b c d e f g s s := ord(y) s s := ord(cz) cz := y 1 ε := y 1 cε := y s' $ % s := ord(cvw) cvw := y cvw := y ' $ % s := ord(vw) cvw := y c c ' {c ≤ v}.s E {v c}.0 E EE Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  16. 16. Ãðàôîâàÿ ìîäåëü ñóïåðïîçèöèè Aa BaCe Gc Da Ec Gf Ge 1' $ % . . . 1' $ % . . .E ' $ % ' $ % s := ord(y) y := sort(x) c' $ % s := ord(y) y := a → u u := sort(b) ab := x d d d d ds ' c EE ' $ % s := ord(cz) z := a → d cd := sort(b) ab := x ' $ % s := ord(vw) vw := a → d cd := sort(b) ab := x E ' $ % s := ord(cvw) vw := a → d cd := sort(b) ab := x ' $ % s := ord(cd) cd := sort(b) ab := x {a ≤ c}.s {c a, c ≤ v}.s{c a}.s {c a}.s s s d d dds       Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð
  17. 17. Ñïàñèáî çà âíèìàíèå! Âîïðîñû? Àíäðåé Ìèðîíîâ Âåðèôèêàöèÿ ôóíêöèîíàëüíûõ ïðîãðàìì ìåòîäîì ïîñòð

×