Classic Model Checking Algorithms

2,058 views

Published on

0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,058
On SlideShare
0
From Embeds
0
Number of Embeds
38
Actions
Shares
0
Downloads
0
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Classic Model Checking Algorithms

  1. 1. Classic Model Checking Algorithms in Reactive Software Systems US Naval Postgraduate School Donna A. Dulo US Dept of Army Fall 2007 SW 4920 Formal Verification & Validation of Reactive Software Systems
  2. 2. Classic Model Checking Classic Model Checking refers to the Set of Non-Execution Based Algorithmic Approaches for Checking a Property expressed as:  A Linear Time Logic (LTL) Formula  A Computational Tree Logic (CTL) Formula  A CTL* Formula  A Finite State Automaton Against a model, which can be expressed as:  A Finite State Machine  A Kripke Structure SW 4920 Formal Verification & Validation of Reactive Software Systems
  3. 3. The Algorithms of Classical Model Checking SW 4920 Formal Verification & Validation of Reactive Software Systems
  4. 4. Classic Model Checkers Most popular developed in academia Classic Model Checkers available in the public domain: SPIN  LTL SMV  CTL SW 4920 Formal Verification & Validation of Reactive Software Systems
  5. 5. CTL Model Checking • CTL Model Checking aims to establish M |= φ ? Does the model M satisfy the specification φ? • M is given as a Kripke structure and φ is given as a formula in temporal logic CTL SW 4920 Formal Verification & Validation of Reactive Software Systems
  6. 6. CTL Model Checking • Given - a finite-state Kripke structure M = (Q,T,L) - where AP are atomic propositions • L: Q → 2AP is a labeling of states with propositions and a CTL formula φ • Find all states in M that satisfy φ : {q ∈ Q | M,q ╞ φ } and check that this set includes all initial states SW 4920 Formal Verification & Validation of Reactive Software Systems
  7. 7. CTL Model Checking • CTL syntax: φ ::= p | ¬φ | φ1 ^ φ2 | AX φ | EX φ | A(φ1 U φ2) | E(φ1 U φ2) | AF φ | EF φ | AG φ | EG φ – Every operator F, G, X, U is preceded by A or E Every formula can be translated to Existential Normal Form (ENF): φ ::= p | ¬φ | φ1 ^ φ2 | EX φ | E(φ1 U φ2) | EG φ SW 4920 Formal Verification & Validation of Reactive Software Systems
  8. 8. CTL Model Checking Algorithm • Convert formula to ENF • Build parse tree of the formula • Proceed recursively, bottom-up (from leaves upwards) labeling states for each sub-formula – if sub-formula is true in q ∈ Q, add it to the set of labels for q, lbl(q) – continue processing upwards on the formula parse tree – stop when root of the parse tree is checked • When the algorithm terminates – M╞ φ iff the initial state is labeled with φ SW 4920 Formal Verification & Validation of Reactive Software Systems
  9. 9. CTL Model Checking Algorithm • Example formula: ¬E [ true U EG (PC1=15 ^ PC2=23)] • Build parse tree ¬ EU EG True ^ 15 23 SW 4920 Formal Verification & Validation of Reactive Software Systems
  10. 10. CTL Model Checking Algorithm • Aim to calculate lbl(q) for state q • Initialize lbl(q) to {true} • Must consider 6 cases: φ ::= p | ¬φ | φ1 ^ φ2 | EX φ | E(φ1 U φ2) | EG φ SW 4920 Formal Verification & Validation of Reactive Software Systems
  11. 11. CTL Model Checking φ ::= p | ¬φ | φ1 ^ φ2 | EX φ | E(φ1 U φ2) | EG φ • Case 1: φ is atomic proposition Add φ to lbl(q) if φ ∈ L(q) • Case 2: φ is negation Add φ to lbl(q) if ¬φ ∈ lbl(q) • Case 3: φ is conjunction Add φ to lbl(q) if φ1, φ2 ∈ lbl(q) • Case 4: φ is EX ψ • Case 5: φ is E(φ1 U φ2) • Case 6: φ is EG ψ SW 4920 Formal Verification & Validation of Reactive Software Systems
  12. 12. CTL Model Checking Algorithm Case 1: φ is atomic proposition Add φ to lbl(q) if φ ∈ L(q) State Space SW 4920 Formal Verification & Validation of Reactive Software Systems
  13. 13. CTL Model Checking Algorithm • After moving through all of the cases ¬E [ true U EG (PC1=15 ^ PC2=23)] • Find no states satisfy the property • Conclusion: The model M does not satisfy the property SW 4920 Formal Verification & Validation of Reactive Software Systems
  14. 14. LTL Model Checking Finite State Model System OK Model Checker ERROR Trace Temporal Logic Formula Error 1… Φ ( −> ◊ Ω) Error 2… Error 3… … Error n SW 4920 Formal Verification & Validation of Reactive Software Systems
  15. 15. LTL Model Checking Finite State Model Decision Problem: System OK Model Checker ERROR Trace Temporal Logic Formula Error 1… Φ ( −> ◊ Ω) Error 2… Given finite transition system TS and Error 3… LTL-formula ϕ: exhibit “yes” if TS |= ϕ, … Error n and “no” (plus a counterexample) if TS | =ϕ SW 4920 Formal Verification & Validation of Reactive Software Systems
  16. 16. LTL Model Checking Algorithm System OK Model Checker Transition System TS Product Transition System TS Ø A ¬φ TS Ø A ¬φ |= Ppers (A ¬φ) Generalized Buchi Buchi Automaton Automaton G ¬φ A ¬φ ERROR LTL Formula Trace ¬φ SW 4920 Formal Verification & Validation of Reactive Software Systems
  17. 17. Complexity • CTL Model Checking: – Partition the state space into strongly connected components, O(|Q|+|T|) – Traverse the transition graph, O(|Q|+|T|) - The overall complexity is O(|φ|*(|Q|+|T|)) • LTL Model Checking: – is O(2|φ| *(|Q|+|T|)), the exponential in size of the formula – Linear in relation to size of model, as is CTL SW 4920 Formal Verification & Validation of Reactive Software Systems
  18. 18. Questions? SW 4920 Formal Verification & Validation of Reactive Software Systems
  19. 19. References Clark, E.M., Grumberg, O., & Peled, D.A. (1999). Model Checking. MIT Press: Cambridge. Corbett, J.C. & Pasareneau, C. (2007). Translating Ada programs for Model Checking. University of Hawaii. Drusinski, D., Michael, J.B., & Shing, M. (2007). “Three Dimensions of Formal Validation and Verification of Reactive System Behaviors. US Naval Postgraduate School, NPS-CS-07-008. Dwyer, M., Hatcliff, J. & Avrunin, G. (2004). Software Model Checking for Embedded Systems. Kansas State University. Intel Corporation. (2007). “Classic Model Checking Introduction”. www.intel.com. Katoen, J.P. (2006). “LTL Model Checking using Automata”. www-i2.informatik.rwth-aachen.de. SW 4920 Formal Verification & Validation of Reactive Software Systems

×