Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Verification with LoLA: 1 Basics


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Verification with LoLA: 1 Basics

  1. 1. Verification with LoLA Niels Lohmann and Karsten Wolf The Blue Angel Germany, 1930 Run Lola Run Germany,1998
  2. 2. What is LoLA?• Explicit state space generation• Place/Transition nets• Focus on standard properties• Many reduction techniques, unique features• Stream based interface• Open source
  3. 3. Where does it come from?• INA - Integrated Net Analyzer by Peter Starke • grown for long time • state space and structural techniques • several net classes • suboptimal design decisions • MODULA 2• Papers needed tables with absolute run times
  4. 4. Purpose• Generate competitive “experimental results” tables• Explore impact of basic design decisions• ... Ship as tool
  5. 5. Milestones• 1998: 1st release• 1998-2005: State space reduction techniques• 2000: Presentation at Petri Nets• 2005-: Case studies, integration• 2007: Invited talk at Petri Nets• since 2008: Implementation of software development processes
  6. 6. Basic Design Decisions• No GUI • Realistic nets are generated, not painted • GUI blocks portability • Many GUIs available, simple connection possible • Do not want user interaction during verification
  7. 7. Basic Design Decisions• One property, one state space • as opposed to query languages on state spaces • One property, one dedicated reduction • Benefit from on-the-fly verification • Generation faster than loading
  8. 8. Basic Design Decisions• Configuration at compile time • property class, search strategy, reductions • #define instead of if() • repeated runs in same configuration
  9. 9. Featured Properties• Boundedness (place) • Reversibility• Boundedness • Home states• Reachability (marking) • LTL properties F φ, GF φ, FG φ (predicate)• Reachability (predicate) • CTL (formula)• Deadlocks• Death (transition)• Liveness (predicate)
  10. 10. Featured Reductions• Stubborn Sets • Reduction based on S/T invariants • unique: dedicated techniques for standard properties • unique.• Symmetries • Coverability graphs • unique: automated • unique: combination with other reductions determination of symmetries in low level net• Sweep-Line • unique: automated calculation of a progress measure
  11. 11. Goal of Tutorial• Can LoLA help you?• Where (and why) does it perform well?• How to (optimally) use it, to integrate it
  12. 12. Outline• Introduction • Input Language • Motivation, • State Space background, Techniques history • Using LoLA • Preview and outline • Case Studies • Basic notions • Integrating LoLA • First demo • Implementation
  13. 13. Basic notions: net• Net: [P,T,F,W,m0] • P,T finite, nonempty, disjoint • F ⊆(P x T) ∪ (T x P) • W: F →N+ • m0: P →N• Firing • t activated in m: (p,t) ∈ F m(p) ≥ W(p,t) • firing; m [t> m’: m’(p) = m(p) - W(p,t) + W(t,p)• State space: • states: reachable markings • edges: m[t>m’
  14. 14. Basic notions: properties• Place p is ... • bounded iff there is a k such that, for all reachable m, m(p) < k• Transition t is ... • dead iff it is not activated in any reachable marking• State predicate φ (p <>≤≥=≠ k, φ∧φ, φ∨φ,¬φ) is ... • reachable iff some reachable marking satisfies v • live iff, from every reachable marking, a marking is reachable that satisfies φ• Net ... • is bounded iff all places are • is reversible iff the initial marking is reachable from all reachable marking • has home states iff some marking is reachable from all reachable markings • is deadlock-free iff every reachable marking activates at least one transition
  15. 15. Basic notions: Temporal Logic• LTL: infinite path (starting in m0) satisfies ... • F φ : is satisfied at least once • GF φ: φ is satisfied in infinitely many markings • FG φ: φ is satisfied forever from some marking on• CTL: marking m satisfies ... • AX (EX) φ: φ holds in all (some) immediate successor marking • AF (EF) φ: every (some) path from m contains a marking satisfying φ • AG (EG) φ: on every (some) path from m, φ holds in all markings • A(E) φ U ψ: on every (some) path starting in m, there is a marking that satisfies ψ such that all preceding markings satisfy φ
  16. 16. Basic notions: State Space• Strongly connected component (scc) • max set of mutually reachable states • partitions state space • form acyclic graph, maximal elements: terminal scc (tscc)• Properties vs scc: • reversible: net has one scc • home states: net has one tscc • live: satisfiable in all tscc
  17. 17. Basic notions: Search• Depth first • can be extended easily for detecting cycles and scc • tends to yield long paths• Breadth first • difficult to detect cycles and scc • yields shortest path