cda 5416 cav
play

CDA 5416 : CAV Symbolic CTL Model Checking Hao Zheng Department of - PowerPoint PPT Presentation

Sep 26, 2022 •385 likes •660 views

CDA 5416 : CAV Symbolic CTL Model Checking Hao Zheng Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu Phone: (813)974-4757 Fax: (813)974-5456 Hao Zheng ( Department of

  1. CDA 5416 : CAV Symbolic CTL Model Checking Hao Zheng Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu Phone: (813)974-4757 Fax: (813)974-5456 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 1 / 18

  2. Switching Functions 1 Symbolic Encoding 2 Symbolic Model Checking Algorithms 3 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 2 / 18

  3. Explicit Algorithms • Transition systems are stored as graphs using hash tables. • States are labeled with appropriate AP/subformlas. • Complexity of model checking algorithms is linear in the structure sizes. • Structure size can be exponential! • Problems • Demand of large amount of memory. • Low performance. Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 3 / 18

  4. Symbolic CTL Model Checking • Idea: reformulate model-checking in a symbolic way. • Concept: represent sets of states and transitions symbolically. • Approach: binary encoding of states + switching functions for sets. • Compact representation of switching functions is possible using binary decision diagrams (BDDs). • Alternative representation is the conjunctive normal form which is the basis for SAT-based model checking. Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 4 / 18

  5. Contents Switching Functions 1 Symbolic Encoding 2 Symbolic Model Checking Algorithms 3 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 5 / 18

  6. Switching Functions • Let Var = { z 1 , . . . , z m } be a finite set of Boolean variables, m ≥ 0. • An evaluation is a function η : Var → { 0 , 1 } . • Let Eval ( z 1 , . . . , z m ) denote the set of evaluations for z 1 , . . . , z m . • Shorthand [ z 1 = b 1 , . . . , z m = b m ] for η ( z 1 ) = b 1 , . . . , η ( z m ) = b m . • f : Eval ( Var ) → { 0 , 1 } is a switching function for Var = { z 1 , . . . , z m } . • Can be defined by Boolean expressions, i.e. ( z 1 ∨ ¬ z 2 ) ∧ z 3 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 6 / 18

  7. Switching Functions: Definitions • f 1 ∧ f 2 = min { f 1 , f 2 } • f 1 ∨ f 2 = max { f 1 , f 2 } • f | z i = b i ( z 1 , . . . , z i , . . . , z m ) = f ( z 1 , . . . , b i , . . . , z m ) ( cofactor ). • f | z i = b i ,..., z k = b k = (( f | z i = b i ) . . . ) | z k = b k ( iterated cofactor ). • If f | z i =0 � = f | z i =1 then z i is an essential variable . • f = ( ¬ z ∧ f | z =0 ) ∨ ( z ∧ f | z =1 ) ( Shannon expansion ). • ∃ z . f = f | z =0 ∨ f | z =1 ( existential quantification ). • ∀ z . f = f | z =0 ∧ f | z =1 ( universal quantification ). • f { z ← y } ( s ) = f ( s { y ← z } ) ( rename operator ). Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 7 / 18

  8. Switching Functions: Examples Let f ( z 1 , z 2 , z 3 ) = z 1 ∧ ( ¬ z 2 ∨ z 3 ) • f | z 1 =1 = ¬ z 2 ∨ z 3 , and f | z 1 =0 = 0. • z 1 is essentail for f . • Quantification ∃ z 1 . f = f | z 1 =0 ∨ f | z 1 =1 = ¬ z 2 ∨ z 3 ∀ z 1 . f f | z 1 =0 ∧ f | z 1 =1 = 0 = Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 8 / 18

  9. Switching Functions: Examples Let f ( z 1 , z 2 , z 3 ) = z 1 ∧ ( ¬ z 2 ∨ z 3 ) • Shannon expansion f = ( ¬ z 1 ∧ f | z 1 =0 ) ∨ ( z 1 ∧ f | z 1 =1 ) z 1 z 2 z 2 z 3 z 3 z 3 z 3 1 0 1 1 0 0 0 0 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 9 / 18

  10. Contents Switching Functions 1 Symbolic Encoding 2 Symbolic Model Checking Algorithms 3 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 10 / 18

  11. Symbolic Representation of TS • Let TS = ( S , → , I , AP , L ) be a “large” finite transition system. Note: the set of actions is irrelevant and has been omitted, i.e., →⊆ S × S . • For n ≥ ⌈ log | S |⌉ , let injective function enc : S → { 0 , 1 } n . Note: enc ( S ) = { 0 , 1 } n is no restriction, as all elements { 0 , 1 } n \ enc ( S ) can be treated as the encoding of pseudo states that are unreachable. • Identify: • The states s ∈ S = enc − 1 ( { 0 , 1 } n ) with enc ( s ) ∈ { 0 , 1 } n . • B ⊆ S by its characteristic function χ B : { 0 , 1 } n → { 0 , 1 } , that is χ B ( enc ( s )) = 1 if and only if s ∈ B . • → ⊆ S × S by the Boolean function ∆ : { 0 , 1 } 2 n → { 0 , 1 } , such that ∆ ( enc ( s ) , enc ( s ′ )) = 1 if and only if s → s ′ . Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 11 / 18

  12. Symbolic Representation of TS: Example a 0 / s 0 s 1 s 3 s 2 b { a , b } • Four states: two Boolean variables needed for encoding, i.e. x 1 , x 2 . Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 12 / 18

  13. Symbolic Representation of TS: Example a 0 / s 0 s 1 s 3 s 2 b { a , b } • State encoding: f S = 1 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 12 / 18

  14. Symbolic Representation of TS: Example a 0 / s 0 s 1 s 3 s 2 b { a , b } • Switching function: ∆( x 1 , x 2 , x ′ 1 , x ′ ) = 1 if and only if s → s ′ 2 � �� � � �� � s s ′ ∆( x 1 , x 2 , x ′ 1 , x ′ ( ¬ x 1 ∧ ¬ x 2 ∧ ¬ x ′ 1 ∧ x ′ 2 ) = 2 ) ∨ ( ¬ x 1 ∧ ¬ x 2 ∧ x ′ 1 ∧ x ′ 2 ) ∨ ( ¬ x 1 ∧ x 2 ∧ x ′ 1 ∧ ¬ x ′ 2 ) ∨ . . . ∨ ( x 1 ∧ x 2 ∧ x ′ 1 ∧ x ′ 2 ) Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 12 / 18

  15. Another Encoding Example MODULE main VAR request : boolean; state : {ready, busy}; ASSIGN init(state) := ready; next(state) := case state = ready & request = 1 : busy; 1 : {ready, busy}; esac; • Boolean variables, x 1 , x 2 . • x 1 ↔ ( request = 1), ¬ x 1 ↔ ( request = 0), x 2 ↔ ( state = ready ), ¬ x 2 ↔ ( state = busy ) Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 13 / 18

  16. Another Encoding Example MODULE main VAR request : boolean; state : {ready, busy}; ASSIGN init(state) := ready; next(state) := case state = ready & request = 1 : busy; 1 : {ready, busy}; esac; • Initial state: ( x 1 ∨ ¬ x 1 ) ∧ x 2 = x 2 . Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 13 / 18

  17. Another Encoding Example MODULE main VAR request : boolean; state : {ready, busy}; ASSIGN init(state) := ready; next(state) := case state = ready & request = 1 : busy; 1 : {ready, busy}; esac; • Transition relation: ( state=ready ∧ request=1 → state ′ = busy ) ∧ ∆( � x , � x ′ ) = ( ¬ ( state=ready ∧ request=1 ) → (( state ′ = ready ) ∨ ( state ′ = busy )) Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 13 / 18

  18. Another Encoding Example MODULE main VAR request : boolean; state : {ready, busy}; ASSIGN init(state) := ready; next(state) := case state = ready & request = 1 : busy; 1 : {ready, busy}; esac; • Transition relation: ( x 2 ∧ x 1 → ¬ x ′ 2 ) ∧ ( ¬ ( x 2 ∧ x 1 ) → ( x ′ 2 ∨ ¬ x ′ ∆( � x , � x ′ ) = 2 )) = ( x 2 ∧ x 1 → ¬ x ′ 2 ) ∧ ( ¬ ( x 2 ∧ x 1 )) ( x 2 ∧ x 1 → ¬ x ′ = 2 ) Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 13 / 18

  19. Contents Switching Functions 1 Symbolic Encoding 2 Symbolic Model Checking Algorithms 3 Hao Zheng ( Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu CDA 5416 : CAV 14 / 18

More recommend