1 / 21

Formal Methods of Systems Specification Logical Specification of Hard- and Software

Formal Methods of Systems Specification Logical Specification of Hard- and Software. Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik. Boolean Normal Forms. DNF, CNF, NAND-, NOR-normal form

cayla
Download Presentation

Formal Methods of Systems Specification Logical Specification of Hard- and Software

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Formal Methods of Systems SpecificationLogical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

  2. Boolean Normal Forms • DNF, CNF, NAND-, NOR-normal form • (p|q)=(p¬q); ¬p=(p|p); (pq)=(p|¬q) • used for gate arrays • Algebraic normal form • XOR of conjunction of (positive) propositions • later: tree normal forms • (ordering of propositions)

  3. Boolean Modelling of Reactive Systems • (Parallel) transition systems, shared variables programs • shared variables program (V,D,T,s0) • V=(v1,…,vn) is a set (sequence) of program variables • D=(D1,…,Dn) is a tuple of corresponding finite domains Di={di1,…,dim} • TDD is a transition relation, and • s0 = (d11,…,dn1) is the initial state • Propositional representation of programs • T=((request=true)(state=ready)(state‘=busy)) • Representation of non-boolean domains?

  4. Binary Encoding of Domains • Any variable on a finite domain D can be replaced by log(D) binary variables • similar to encoding of data types by compilers • e.g. var v: {0..15} can be replaced byvar v1,v2,v3,v4: boolean(0=0000, 1= 0001, 2=0010, 3=0011, ..., 15=1111) • State space • still in the order of original domain! • e.g. three int8-variables can have 224=108 states • e.g. array of length 10 with 10-bit values  1030 states • Representation of large sets of states?

  5. Representation of Sets

  6. Ordered Tree Form • Normal form for propositional formulas • Uses only the connective Ite • Linear ordering on the set of propositions • e.g., most significant bit first • Shannon expansion

  7. Truth table and tree form formula Reduction: Replace Ite (v,ψ,ψ) by ψ

  8. Abbreviations • Introduce abbreviations • maximally abbreviated

  9. Binary Decision Trees (BDTs) • Binary decision tree • Elimination ofisomorphic subtrees(abbreviations)

  10. Binary Decision Diagrams (BDDs) • Elimination ofredundant nodes(redundant subformulas) Ite (v,ψ,ψ) by ψ

  11. A Toy Example • How many states are reachable? • How to check whether a given state is reachable?

  12. Coding in nuSMV

  13. Coding in SMV (cont.) • SMV quickly finds a solution (rrddlluurrddlluurrddlluurrdd)

  14. Another Toy Example • gibts vielleicht noch besser (color)

  15. Verification Model of Shift Register

  16. Non-toy Examples • Software verification: Correctness of aerospace and train computers, automobile controllers, nontrivial search problems, ... • Hardware verification: ALUs, PLAs, memory controllers, complete chip design, ... • For safety-critical systems formal validation is mandatory, for widely deployed systems highly recommended

  17. Calculation of BDDs

  18. The Influence of Variable Ordering • Heuristics: keep dependent variables close together!

  19. Transitive Closure • Each finite (transition) relation can be represented as a boolean formula / BDD • The transitive closure of a relation R is defined recursively by • Thus, transitive closure be calculated by an iteration on BDDs • Logical operations (, , ) can be directly performed on BDDs

  20. Reachability • State s is reachable iff s0R*s, where s0S0 is an initial state and R is the transition relation • Reachability is one of the most important properties in verification • most safety properties can be reduced to it • in a search algorithm, is the goal reachable? • Can be arbitrarily hard • for infinite state systems undecidable • Can be efficiently calculated with BDDs

  21. Intuitively, xR*y iff there is a sequence w0 w1 ... wn of nodes connecting x with y • In a finite model, this sequence must be smaller than the number of states. • In practice, usually a few dozen steps are sufficient

More Related