August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11...
-
Upload
muriel-bryant -
Category
Documents
-
view
213 -
download
0
Transcript of August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11...
![Page 1: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/1.jpg)
August 27-29 2007 Moscow meeting 1August 27-29 2007 Moscow meeting 1August 27-29 2007 Moscow meeting 11
Deductive tools in insertion modeling verification
A.Letichevsky
INTAS Moscow27-29 August 2007
![Page 2: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/2.jpg)
August 27-29 2007 Moscow meeting 2August 27-29 2007 Moscow meeting 2
Content
August 27-29 2007 Moscow meeting 2
1. Specification languages 2. Static requirements checking3. Trace generation
New results in semantics of BPSL
New predicate transformers for inductive
proving
New results in toolsdevelopment
Insertion modeling:Cybernetics and system Analyses 4, 2005 (Specification of systems by means of basic protocols)
![Page 3: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/3.jpg)
August 27-29 2007 Moscow meeting 3August 27-29 2007 Moscow meeting 3
Specification languages
• Basic Protocol Specification Language (BPSL) is the main SL of insertion modeling
• Other languages used for industrial projects– UML– SDL– MSC
• Translation to BPSL (presentation of S.Potienko) • Process language semantics
![Page 4: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/4.jpg)
August 27-29 2007 Moscow meeting 4August 27-29 2007 Moscow meeting 4August 27-29 2007 Moscow meeting 44
Basic Protocol Specifications
Environment description (structural requirements)Defines the signature and axioms of Basic Language,
(first order logic language used for the description of local properties of a system)
environment, and agent attributesThe set of Basic Protocols (local requirements)
Define the transitions of environment with inserted agents Global requirements
Define the properties of a system in terms of temporal logic(mostly safety and liveness)
![Page 5: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/5.jpg)
August 27-29 2007 Moscow meeting 5August 27-29 2007 Moscow meeting 5
Environment description
August 27-29 2007 Moscow meeting 5
Types: Data types
simple: int, real, Bool, intervals, enumerated, symbolic (free terms), agent behaviors (process algebra), ADT
lists: list (m) of τ
object types:functional: (arrays are considered as functional types)
Agent types: defined by the set of typed agent attributes
Environment attributes:used as functional symbols (simple, lists, and objects = arity 0)
Agent attributes: typed namesInstances: (for MSC as processes in BPs)Axioms: formulas without attributes (ADT)Rewriting rule systems: equations as in APS (ADT and normal forms) Initial states: formula of basic language or concrete state
,...):,:(obj 2211 aa ,...),( 21
![Page 6: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/6.jpg)
August 27-29 2007 Moscow meeting 6August 27-29 2007 Moscow meeting 6August 27-29 2007 Moscow meeting 666
Basic protocol is a process with pre- and postconditions
Phone n Network
phone(n,idle)
phone(n, dial)
offhook n
dialtone n
Phone m
Phone n Network
phone(m,dial)
dial(m,n)
phone(m, dial n)
call setup initial call setup dialing 1
Precondition
Postcondition
![Page 7: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/7.jpg)
August 27-29 2007 Moscow meeting 7
Basic protocols
August 27-29 2007 Moscow meeting 7
Algebraic representation:
x – list of typed parameters, P – process, and are pre- and postconditions.
Preconditions:1-st order formula with the following literals:
State assumptions (like phone(m, idle)) Linear inequalities for numericEqualities for symbolicBoolean attribute expressions
Postconditions:1-st order formula as in precondition Assignments x:=y considered as statements x´=y Updating lists
))()()(( Forall xxPxx )(x )(x
![Page 8: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/8.jpg)
August 27-29 2007 Moscow meeting 8
Semantics of BPSL
August 27-29 2007 Moscow meeting 8
Defined by the notion of implementation: Attributed transition system with validity relation s|=α ,…such that for each BP and its instantiation
(direct implementation)
(inverse implementation)
For each finite MSC C such that (permutability relation on actions and partially sequential composition of processes).Concrete implementations: interpretation of signature and initial states are fixed as well as deterministic transitions, validity is computed from attribute valuations. Abstract implementations: interpretation of signature and initial states are not fixed, validity is inferenced from the states labeling.
|,| ][][ ssss CB
))()()(( Forall xxPxx )(tPB
][][ CB
|),|( ][][ ssss CB
![Page 9: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/9.jpg)
August 27-29 2007 Moscow meeting 9
Partially sequential composition
);().().(,
vuJjbu
jjIi
ii
j
vubvuavu
0);0( ,);( ,);( );(:));:((
vJj
jjuIi
ii vbvuau
. ,. Canonical form of behaviors
![Page 10: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/10.jpg)
August 27-29 2007 Moscow meeting 10
Some results on abstractions
A class of concrete implementations Concr(P) is defined and proved to be direct and inverse implementations of consistent BPS P.
Two classes Adir(P) and Ainv(P) of direct and inverse abstract implementations has been defined and proved to be implementations of consistent BPS P.
Each abstract implementation is an abstraction of some concrete one.
There exist the most abstract implementation (is an abstraction of all concrete implementations).
![Page 11: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/11.jpg)
August 27-29 2007 Moscow meeting 11
Abstraction relation on states
more abstract:
Attributed transition systems with the
same attribute labeling and validity
BLAbs
Abs
))|()|)(((),(
ssss
SS
ss
![Page 12: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/12.jpg)
August 27-29 2007 Moscow meeting 12
Abstraction relation on systems
s' t'
s t
a
a
as' t'
s ta
inverse
direct
))),()((),)((,(
))),()((),)((,(
tttsSttsssSsSs
tttsSttsssSsSs aa
)))(()(,(
)))(()(,(
tttsSttsssSsSs
tttsSttsssSsSs aa
:SS 1 Abs invdir ,Preserve initial states
![Page 13: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/13.jpg)
August 27-29 2007 Moscow meeting 13
Predicate transformers for abstract implementations
)()),(),(())(),,((pt
),(pt,,[B]
rsusuursr
),,(),(&))),,((&...&)),,((&),,()(,(
)),(&)),,(:(&...&)),,(:(),,,((pt
11
11
rqpqprvutprvutprvuvu
qprqptprqptprqp
mm
mm
State and precondition were valid before
Only attributes in precondition can change values
Postcondition with assignments
B
![Page 14: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/14.jpg)
August 27-29 2007 Moscow meeting 14
Tools forstatic and dynamic
requirements checking
The applications of BPSL
VRS Verification of Requirement
Specificationsa tool developed
for Motorola
Formalizing requirementsExperience in Telecommunications, Telematics and other application domains
(projects for Motorola) Formal description of MPI library
(projects for Intel)
Generating tests from requirement specifications
![Page 15: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/15.jpg)
August 27-29 2007 Moscow meeting 15
Static requirements checking
• Proving consistency and completeness• Proving safety• Computing invariants
Preconditions for BPs (with the same external actions) must not
intersect
Disjunction of preconditions is valid
![Page 16: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/16.jpg)
August 27-29 2007 Moscow meeting 16
Inductive proving of safety
),()),(),,(),((
),()),(),,,(),((pt
srrxsuxsuux
srrxsrxsrx
))()()(( Forall xxPxx
safety and precondition were valid before Safety will be valid after
![Page 17: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/17.jpg)
August 27-29 2007 Moscow meeting 17
Dynamic requirements checking
• Concrete trace generator – Generating traces and checking properties for concrete
models• Symbolic trace generator
– Generating traces and checking properties for abstract models
• Checking safety and reachability• Generating tests for given coverage criteria
More details in presentation of Letichevsky Jr
![Page 18: August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting1August 27-29 2007Moscow meeting11 Deductive tools in insertion modeling verification A.Letichevsky.](https://reader035.fdocuments.net/reader035/viewer/2022071805/56649ccc5503460f94995ca3/html5/thumbnails/18.jpg)
August 27-29 2007 Moscow meeting 18
Symbolic trace generation
• Checking applicability of protocol– Satisfiability of current state and precondition– Proving existential formula
• Computing predicate transformer– Proving predicate transformer formula
• Combining numeric and symbolic constraints
• Using data structures (arrays, lists etc.)