Lecture Outline 1. The lecturer 2. Introduction to Formal Methods DD2452 Formal Methods 3. Course syllabus 4. Course objectives Introductory Lecture 5. Course organization 1. Lecturer 2. Formal Methods • Name: Dilian Gurov • Formal methods : • E-mail: dilian@csc.kth.se collection of formal notations and techniques (i.e. based on discrete • Phone: 08-790 81 98 (office) mathematics and mathematical logic) for • Visiting address: modelling and analysis of program Osquars backe 2, floor 4, room 4417 behaviour. • Research interests: • Common goal : – Analysis of program behaviour The design of correct systems. – Correctness: logics, compositionality Why Formal Methods? Formal Verification • Only formal methods can capture • Two possibilities : correctness precisely . Basis for tools . – correctness by design: transformation • But: formal techniques are expensive – establishing correctness: verification • Most needed for: – safety-critical systems • Three ingredients : – commercially-critical systems (security) M M – model ψ • Most succesful for: ”small” systems S φ φ – specification – embedded systems ╞ M ≈ S M ╞ φ ╞ ψ → φ – verification – communication protocols 1
Main Challenge Abstraction • Real systems are large and complex • Key technique for handling complexity! • Only restricted problems are decidable , separation of concerns; buidling models i.e. algorithmically solvable • Key questions: • Scalablity requires efficient solutions, – What are the important properties? – What is the ”right” abstraction level? i.e. tractability – How does the abstract model relate to the concrete system? (”modelling gap”) What do we do? – How to interpret the results of the analysis? Main Schools 3. Course Syllabus • Hoare Logic Part I. Hoare Logic and • Process Algebra Program Verification • Model Checking Goal: Correctness of data manipulation • Theorem Proving Models: Source code (Java) Specs: Hoare Logic (JML) We will focus on the first and the third of Method: Proof tableaux; VCG + ATP these approaches. Tool: ESC/Java2 Course Syllabus 4. Course Objectives • Aim : provide working familiarity with main Part II. Temporal Logic and methods and tools, in theory and in practice. Model Checking • Grading : to pass the course, a student has to Goal: Correctness of state sequences demonstrate the ability to apply the methods Models: Promela discussed in the course; for the highest grade Specs: Temporal logic formulas (LTL) he/she has also to be proficient in the Method: Model checking theoretical foundations of these methods. Tool: SPIN 2
Course Objectives 5. Course Organization After the course, you should be able to: • 17 one-hour lectures/tutorials: mixed • 2 lab sessions: for reporting only! 1. Independently select a suitable modelling • 1 written exam: 5 hours, open-book approach for a given problem; 2. Argue informally and formally for the soundness • Course web page : and limitations of the chosen approach; www.csc.kth.se/DD2452/form09/ 3. Identify, specify and verify important system • Course board: sv. ”kursnämnd” properties using suitable automated tools; volunteers? 4. Correctly interpret and evaluate the results of the analysis. Course Literature Labs • Course book : • ESC/Java2 lab : ” Logic in Computer Science ” correctness of an ADT implementation by Huth and Ryan (see Kårbokhandeln) • SPIN lab : • Additional material: on the web page correctness of a communication protocol don’t print without need! Tools • ESC/Java2 : module add escjava escjava2 • SPIN lab : module add spin xspin 3
Recommend
More recommend
