Towards a General Approach for Symbolic Model-Checker Prototyping
-
Upload
edmundo-lopez-bobeda -
Category
Science
-
view
61 -
download
0
description
Transcript of Towards a General Approach for Symbolic Model-Checker Prototyping
![Page 1: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/1.jpg)
Towards a General Approach for Symbolic
Model-Checker PrototypingEdmundo López Bóbeda, Maximilien Colange, Didier Buchs Wednesday, September 24th 2014 - Enschede, Netherlands
1
![Page 2: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/2.jpg)
2
Your awesome DSL
![Page 3: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/3.jpg)
2
Your awesome DSL
Abstract semantics
![Page 4: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/4.jpg)
2
Your awesome DSL
Abstract semantics
Symbolic Model checker
![Page 5: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/5.jpg)
3
Your awesome DSL
Abstract semantics
![Page 6: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/6.jpg)
3
Your awesome DSL
Existing Symbolic Model checker
Abstract semantics
![Page 7: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/7.jpg)
3
Your awesome DSL
Existing Symbolic Model checker
Translation
Abstract semantics
![Page 8: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/8.jpg)
4
Existing Symbolic Model checker
Abstract semantics
Your awesome DSL
Translation
![Page 9: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/9.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
Translation
![Page 10: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/10.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
Translation
![Page 11: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/11.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
}Too much work!
Translation
![Page 12: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/12.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
}Too much work!
Translation
high level data structures
![Page 13: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/13.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
}Too much work!
Translation
high level data structurescustom operations
![Page 14: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/14.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
}Too much work!
Translation
high level data structurescustom operations
rich data types
![Page 15: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/15.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
}Too much work!
Translation
high level data structurescustom operations
rich data types
low level
![Page 16: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/16.jpg)
4
Existing Symbolic Model checker
Your awesome DSL
}Too much work!
Translation
high level data structurescustom operations
rich data types
low levelfixed primitives operations
![Page 17: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/17.jpg)
Set rewriting
5
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 18: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/18.jpg)
Set rewriting
5
Decision diagrams
Translation{Our approach Translation
Abstract semantics
Your awesome DSL
![Page 19: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/19.jpg)
Set rewriting
5
Decision diagrams
Translation{Our approach Translation
Abstract semantics
Your awesome DSL
}Our contribution
![Page 20: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/20.jpg)
Abstract semantics In context
6
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 21: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/21.jpg)
Abstract semantics In context
• High level representation
6
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 22: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/22.jpg)
Abstract semantics In context
• High level representation
• Suitable for humans
6
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 23: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/23.jpg)
Abstract semantics Variable assignation
7
s
hB := c, si ! s[B = k/B = c]
![Page 24: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/24.jpg)
Abstract semantics Variable assignation
• Let s be a state of a system
7
s
hB := c, si ! s[B = k/B = c]
![Page 25: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/25.jpg)
Abstract semantics Variable assignation
• Let s be a state of a system
• s = {A = k1, B = k2, …}
7
s
hB := c, si ! s[B = k/B = c]
![Page 26: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/26.jpg)
Abstract semantics Variable assignation
• Let s be a state of a system
• s = {A = k1, B = k2, …}
• k, k1, k2, c ∈ 𝓝
7
s
hB := c, si ! s[B = k/B = c]
![Page 27: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/27.jpg)
Abstract semantics Variable assignation
• Let s be a state of a system
• s = {A = k1, B = k2, …}
• k, k1, k2, c ∈ 𝓝
• A, B, etc variable names
7
s
hB := c, si ! s[B = k/B = c]
![Page 28: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/28.jpg)
Set rewriting In context
8
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 29: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/29.jpg)
Set rewriting In context
• Rewriting and strategies
8
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 30: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/30.jpg)
Set rewriting In context
• Rewriting and strategies
• Good semantic framework [Martí-Oliet & Meseguer 1993]
8
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 31: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/31.jpg)
Set rewriting In context
• Rewriting and strategies
• Good semantic framework [Martí-Oliet & Meseguer 1993]
• Operational semantics
8
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 32: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/32.jpg)
Set rewriting A state
• Variables
• var(A, 0, var(B, 2, var(C, 3, empty)))
9
![Page 33: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/33.jpg)
Set rewriting Operational semantics / Variable Assignation
10
s
hB := c, si ! s[B = k/B = c]
![Page 34: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/34.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
10
s
hB := c, si ! s[B = k/B = c]
![Page 35: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/35.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
• var(B, $x, $s) ⤳ var(B, c, $s), k ∈ 𝓝
10
s
hB := c, si ! s[B = k/B = c]
![Page 36: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/36.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
• var(B, $x, $s) ⤳ var(B, c, $s), k ∈ 𝓝
• Problem:
10
s
hB := c, si ! s[B = k/B = c]
![Page 37: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/37.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
• var(B, $x, $s) ⤳ var(B, c, $s), k ∈ 𝓝
• Problem:
• Non determinism ⇒ performance hit, ambiguity
10
s
hB := c, si ! s[B = k/B = c]
![Page 38: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/38.jpg)
Rewriting strategies Goal
• Introduced in ELAN [Borovanský et al.1996]
11
![Page 39: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/39.jpg)
Rewriting strategies Goal
• Introduced in ELAN [Borovanský et al.1996]
• Control rewriting
11
![Page 40: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/40.jpg)
Rewriting strategies Goal
• Introduced in ELAN [Borovanský et al.1996]
• Control rewriting
• Avoid ambiguity
11
![Page 41: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/41.jpg)
Rewriting strategies Goal
• Introduced in ELAN [Borovanský et al.1996]
• Control rewriting
• Avoid ambiguity
• Improve speed
11
![Page 42: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/42.jpg)
Rewriting strategies What are they
Rewrite rules
12
![Page 43: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/43.jpg)
Rewriting strategies What are they
Strategies
Rewrite rules
12
![Page 44: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/44.jpg)
Rewriting strategies Basic strategy
• Basic strategy (A list of rewrite rules)
13
![Page 45: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/45.jpg)
Rewriting strategies Basic strategy
• Basic strategy (A list of rewrite rules)
• Application to root term only
13
![Page 46: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/46.jpg)
Rewriting strategies Basic strategy
• Basic strategy (A list of rewrite rules)
• Application to root term only
• The first applicable rule is applied
13
![Page 47: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/47.jpg)
Rewriting strategies Basic strategy
• Basic strategy (A list of rewrite rules)
• Application to root term only
• The first applicable rule is applied
• Otherwise, fail
13
![Page 48: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/48.jpg)
Rewriting strategies Other useful strategies
14
![Page 49: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/49.jpg)
Rewriting strategies Other useful strategies
• Identity[t] = t
14
![Page 50: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/50.jpg)
Rewriting strategies Other useful strategies
• Identity[t] = t
• Fail[t], always fails
14
![Page 51: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/51.jpg)
Rewriting strategies Other useful strategies
• Identity[t] = t
• Fail[t], always fails
• (S1 orElse S2)[t] = S1[t], or S2[t] if S1[t] fails
• Conditional application of strategies
14
![Page 52: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/52.jpg)
Rewriting strategies Other useful strategies
• Identity[t] = t
• Fail[t], always fails
• (S1 orElse S2)[t] = S1[t], or S2[t] if S1[t] fails
• Conditional application of strategies
• (S1 andThen S2)[t] = S2[S1[t]]
• Sequential composition of strategies
14
![Page 53: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/53.jpg)
Rewriting strategies Other useful strategies
• Identity[t] = t
• Fail[t], always fails
• (S1 orElse S2)[t] = S1[t], or S2[t] if S1[t] fails
• Conditional application of strategies
• (S1 andThen S2)[t] = S2[S1[t]]
• Sequential composition of strategies
• Subtermk(S)[f(t1, …, tn)] = f(t1, …, S(tk), …, tn)
• Apply strategy to subterm
14
![Page 54: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/54.jpg)
Set rewriting Operational semantics / Variable Assignation
15
s
hB := c, si ! s[B = k/B = c]
![Page 55: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/55.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
15
s
hB := c, si ! s[B = k/B = c]
![Page 56: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/56.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
• assignK = { var(B, $x, $s) ⤳ var(B, c, $s) }
15
s
hB := c, si ! s[B = k/B = c]
![Page 57: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/57.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
• assignK = { var(B, $x, $s) ⤳ var(B, c, $s) }
• applyToB(S) = S orElse (Subterm3(applyToB(S)))
15
s
hB := c, si ! s[B = k/B = c]
![Page 58: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/58.jpg)
Set rewriting Operational semantics / Variable Assignation
• var(A, 0, var(B, 2, var(C, 3, empty)))
• assignK = { var(B, $x, $s) ⤳ var(B, c, $s) }
• applyToB(S) = S orElse (Subterm3(applyToB(S)))
• transition = applyToB(assignK)
15
s
hB := c, si ! s[B = k/B = c]
![Page 59: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/59.jpg)
Set rewriting Operational semantics / Variable Assignation
16
s
hB := c, si ! s[B = k/B = c]
assignK = { var(B, $x, $s) ⤳ var(B, c, $s) }
applyToB(S) = S orElse (Subterm3(applyToB(S)))
transition = applyToB(assignK)
![Page 60: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/60.jpg)
Set rewriting Set extension
• In practice
• Strategies and rewrite rules applied to sets of terms
• Allow also to describe model checking computation
17
![Page 61: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/61.jpg)
Set rewriting Set extension
18
![Page 62: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/62.jpg)
Set rewriting Set extension
• Natural extension
• S[{t1, …, tn}] = {S[t1], …, S[tn]}
18
![Page 63: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/63.jpg)
Set rewriting Set extension
• Natural extension
• S[{t1, …, tn}] = {S[t1], …, S[tn]}
• Set strategies, T = {t1, …, tn}
• Union(S1, S2)[T] = S1[T] U S2[T], if both succeed
• Fixpoint(S)[T] = μT.S[T]
18
![Page 64: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/64.jpg)
Set rewriting Computing state space
19
![Page 65: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/65.jpg)
Set rewriting Computing state space
19
s
hB := c, si ! s[B = k/B = c]transition1 = …
![Page 66: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/66.jpg)
Set rewriting Computing state space
19
s
hB := c, si ! s[B = k/B = c]transition1 = …
semantic formula 2 transition2 = …
![Page 67: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/67.jpg)
Set rewriting Computing state space
19
s
hB := c, si ! s[B = k/B = c]transition1 = …
semantic formula 2 transition2 = ……
![Page 68: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/68.jpg)
Set rewriting Computing state space
19
s
hB := c, si ! s[B = k/B = c]transition1 = …
semantic formula 2 transition2 = …
semantic formula n transitionn = ……
![Page 69: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/69.jpg)
Set rewriting Computing state space
19
s
hB := c, si ! s[B = k/B = c]transition1 = …
semantic formula 2 transition2 = …
semantic formula n transitionn = ……
calculateSS = Fixpoint(Union(transition1, transition2, …, transitionn))
![Page 70: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/70.jpg)
Set rewriting Saturation: For connaisseurs
20
![Page 71: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/71.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
20
![Page 72: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/72.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
20
![Page 73: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/73.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
![Page 74: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/74.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 75: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/75.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 76: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/76.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 77: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/77.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 78: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/78.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 79: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/79.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 80: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/80.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 81: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/81.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 82: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/82.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 83: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/83.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 84: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/84.jpg)
Set rewriting Saturation: For connaisseurs
• Well known DD optimization technique
• Apply local fixpoint in order to reduce peak effect
• Satn(S) = (Subtermn(Satn(S)) orElse FixPoint(S)) andThen Fixpoint(S)
20
var(A, 1, var(B, 2, var(C, 0, empty )))
![Page 85: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/85.jpg)
Decision Diagrams In context
• Fast
• Large state spaces
• Suitable for model checking
21
Set rewriting
Decision diagrams
Translation
Translation
Abstract semantics
Your awesome DSL
![Page 86: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/86.jpg)
The idea is that you never have to think in terms of DD again… so we won’t talk about them :-)
22
![Page 87: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/87.jpg)
Implementation• We have a tool that implements the approach
23
![Page 88: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/88.jpg)
Implementation• We have a tool that implements the approach
• Stratagem http://sourceforge.net/projects/stratagem-mc/ (written in Java and Scala)
23
![Page 89: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/89.jpg)
Implementation• We have a tool that implements the approach
• Stratagem http://sourceforge.net/projects/stratagem-mc/ (written in Java and Scala)
• ~3700 lines of Scala code (DD and Strategies engine)
23
![Page 90: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/90.jpg)
Implementation• We have a tool that implements the approach
• Stratagem http://sourceforge.net/projects/stratagem-mc/ (written in Java and Scala)
• ~3700 lines of Scala code (DD and Strategies engine)
• Java code generated from model (Eclipse EMF, XText)
23
![Page 91: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/91.jpg)
Implementation• We have a tool that implements the approach
• Stratagem http://sourceforge.net/projects/stratagem-mc/ (written in Java and Scala)
• ~3700 lines of Scala code (DD and Strategies engine)
• Java code generated from model (Eclipse EMF, XText)
• Implemented translation for Petri nets
23
![Page 92: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/92.jpg)
Implementation• We have a tool that implements the approach
• Stratagem http://sourceforge.net/projects/stratagem-mc/ (written in Java and Scala)
• ~3700 lines of Scala code (DD and Strategies engine)
• Java code generated from model (Eclipse EMF, XText)
• Implemented translation for Petri nets
• Implemented translation for SPIN-like formalism
23
![Page 93: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/93.jpg)
Practical results Presentation
24
![Page 94: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/94.jpg)
Practical results Presentation
• Petri nets taken from the Model checking contest @ PETRI NETS 2014 [Kordon et al. 2014]
24
![Page 95: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/95.jpg)
Practical results Presentation
• Petri nets taken from the Model checking contest @ PETRI NETS 2014 [Kordon et al. 2014]
• Marcie [Heiner et al. 2013] was the best model checker for the state space category
24
![Page 96: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/96.jpg)
Practical results Presentation
• Petri nets taken from the Model checking contest @ PETRI NETS 2014 [Kordon et al. 2014]
• Marcie [Heiner et al. 2013] was the best model checker for the state space category
• Since then we only improved the translation
24
![Page 97: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/97.jpg)
Practical results Kanban problem
25
![Page 98: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/98.jpg)
Practical results Kanban problem
• Small Petri net
25
![Page 99: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/99.jpg)
Practical results Kanban problem
• Small Petri net
• 16 places & 16 transitions, marking changes with scale parameter
25
![Page 100: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/100.jpg)
Practical results Kanban problem
• Small Petri net
• 16 places & 16 transitions, marking changes with scale parameter
• State space for scale parameter 100
25
![Page 101: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/101.jpg)
Practical results Kanban problem
• Small Petri net
• 16 places & 16 transitions, marking changes with scale parameter
• State space for scale parameter 100
• 1.7263 ·1019 states
25
![Page 102: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/102.jpg)
Practical results Kanban problem
26
Tim
e in
sec
onds
0.1
1
10
100
Model size (scale parameter)
10 20 50 100
Marcie Stratagem
![Page 103: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/103.jpg)
Practical results Kanban problem
26
Tim
e in
sec
onds
0.1
1
10
100
Model size (scale parameter)
10 20 50 100
Marcie Stratagem
![Page 104: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/104.jpg)
Practical results Kanban problem
26
Tim
e in
sec
onds
0.1
1
10
100
Model size (scale parameter)
10 20 50 100
Marcie Stratagem
![Page 105: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/105.jpg)
Practical results Sharedmem problem
27
![Page 106: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/106.jpg)
Practical results Sharedmem problem
• Petri net’s places and transition increase with scale parameter
27
![Page 107: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/107.jpg)
Practical results Sharedmem problem
• Petri net’s places and transition increase with scale parameter
• 2651 places & 5050 transitions for scale parameter 50
27
![Page 108: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/108.jpg)
Practical results Sharedmem problem
• Petri net’s places and transition increase with scale parameter
• 2651 places & 5050 transitions for scale parameter 50
• State space for scale parameter 50
27
![Page 109: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/109.jpg)
Practical results Sharedmem problem
• Petri net’s places and transition increase with scale parameter
• 2651 places & 5050 transitions for scale parameter 50
• State space for scale parameter 50
• 5.87 ·1026 states
27
![Page 110: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/110.jpg)
Practical results SharedMem problem
28
Tim
e in
sec
onds
0.1
1
10
100
1000
Model size (scale parameter)
5 10 20 50
Marcie Stratagem
![Page 111: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/111.jpg)
Practical results SharedMem problem
28
Tim
e in
sec
onds
0.1
1
10
100
1000
Model size (scale parameter)
5 10 20 50
Marcie Stratagem
![Page 112: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/112.jpg)
Practical results SharedMem problem
28
Tim
e in
sec
onds
0.1
1
10
100
1000
Model size (scale parameter)
5 10 20 50
Marcie Stratagem
![Page 113: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/113.jpg)
Limitations
29
![Page 114: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/114.jpg)
Limitations
• Non-linear rules are not allowed (but can be simulated)
29
![Page 115: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/115.jpg)
Limitations
• Non-linear rules are not allowed (but can be simulated)
• Verification not yet implemented
29
![Page 116: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/116.jpg)
Conclusions
30
![Page 117: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/117.jpg)
Conclusions
• New approach
30
![Page 118: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/118.jpg)
Conclusions
• New approach
• Better results just by changing the strategy
30
![Page 119: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/119.jpg)
Conclusions
• New approach
• Better results just by changing the strategy
• More general and unified
30
![Page 120: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/120.jpg)
Conclusions
• New approach
• Better results just by changing the strategy
• More general and unified
• Good benchmarks
30
![Page 121: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/121.jpg)
Future work
31
![Page 122: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/122.jpg)
Future work
• Systematically go from SOS rules to rewrite strategies
31
![Page 123: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/123.jpg)
Future work
• Systematically go from SOS rules to rewrite strategies
• Create more translations
31
![Page 124: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/124.jpg)
Future work
• Systematically go from SOS rules to rewrite strategies
• Create more translations
• Implement CTL model checking using strategies
31
![Page 125: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/125.jpg)
Questions ?
32
![Page 126: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/126.jpg)
Bibliography!
Narciso Martí-Oliet and José Meseguer. Rewriting Logic as a Logical and Semantic Framework.1993
Peter Borovanský and Claude Kirchner and Hélène Kirchner and Pierre-Etienne Moreau and Marian Vittek. ELAN: A logical framework based on computational systems. Electronic Notes in Theoretical Computer Science 4(0):35 – 50, 1996.
M Heiner, C Rohr and M Schwarick. MARCIE - Model checking And Reachability analysis done effiCIEntly; In Proc. PETRI NETS 2013, Milano, Springer, LNCS, volume 7927, pages 389–399, June 2013
Kordon et al. HTML results from the Model Checking Contest @ Petri Net (2014 edition). http://mcc.lip6.fr/2014, 2014
33
![Page 127: Towards a General Approach for Symbolic Model-Checker Prototyping](https://reader034.fdocuments.net/reader034/viewer/2022042714/5577b4bad8b42a1c068b4615/html5/thumbnails/127.jpg)
The paper for this presentation can be found at: http://
edmundo.lopezbobeda.net/ publications
34