Formal Description Automated Verification formal semantics divide a

正規描述與自動驗證 Formal Description & Automated Verification 王 凡 國立台灣大學 電機 程系

瞭解電腦系統的formal semantics divide (a, b) { while (a > 0) a = a-b; if (a == 0) return 1; else return 0; } Is this program correct How? do I know it isif a is It what checks supposed to do divisible by b. ? I doubt it! What happens Well, when b = 0 ? sometimes happens!

瞭解電腦系統的formal semantics divide (a, b) { while (a > 0) a = a-b; if (a == 0) return 1; else return 0; } Seriously, what does “a=a-b; ” means ? What does this `if’ statement means ?

瞭解電腦系統的formal semantics l l When we say a program is correct, what is the behavior model of the program ? What is the mathematics of program behaviors ?

瞭解電腦系統的formal semantics state, possible world a>0 (②, 10, 3) ①divide (a, b) { (③, 10, 3) a=a-b; ② while (a > 0) (②, -2, 3) (②, 7, 3) ¬a>0 a=a-b; ③ a = a-b; Kripke structure (④, -2, 3) ④ if (a == 0) return 1; (③, 1, 3) ¬a==0 (③, 7, 3) a=a-b; (⑤, -2, 3) a>0 ⑤ else return 0; (②, 4, 3) (②, 1, 3) ⑥} a>0 a=a-b; (③, 4, 3)

瞭解電腦系統的formal semantics - an attempt c! ti e m h t i r a p(k): the statement at state k; n r ①divide (a, b) { a e c d r s o l a(k): the value of at at state k; t o s o c i t r the d f ② while (a > 0) Fib(k): e o value of b at state k; r t p o l u s o A r y o i ③ a = a-b; p. v l a e m h h a r e g b e ro ④ if (a == 0) returnth 1; p e h t of ⑤ else return 0; k 0(p(k)== ③ a(k+1)==a(k)-b(k)) ⑥}

Some incomputable problems (1/2) The validity of 1 st-order logic formula (Hilbert’s 2 nd problem) x y z(single(x) (parent(y, x) worried(y)) l Mortal matrix problem Given 15 3 3 matrices, M 1, …, M 15, are there Mi 1 … Mim = 0 ? l CFL ambiguity problem l 12 -11

Some incomputable problems (2/2) l Multivariable polynomial equations (Hilbert’s 10 th problem) Incomputable for degree 4. Incomputable for 36 real variables. Incomputable for 11 integer variables. 12 -12

學習電腦輔助驗證的理論與製作 Goedel’s incompleteness theorem: l 任何有限規則系統，都有一個無法證明的事實。 State-space explosion problem ? l l When a and b are both 32 bits long, # states 232 The safety analysis problem of Boolean program is PSPACEcomplete. The satisfiability problem of LTL is PSPACE-complete. The satisfiability problem of 1 st-order logics is undecidable! – l No algorithm exists! The safety analysis problem of algorithm is undecidable!

Things to learn in the course l State-transition models of computer systems – l l l Only with mathematical models, you can build EDA tools. Mathematical model construction Verification algorithms Practical techniques to overcome the complexity!

Things to learn in the course State-transition models of computer systems l Kripke structures

Things to learn in the course Mathematical model construction l With REDLIB packages l for automata with dense-time clocks

Things to learn in the course Verification algorithms l BDD manipulation algorithm for propositional logics l Automata (regular expression) learning l Linear temporal logic satisfiability checking l Automata safety and liveneness analysis l CTL model checking l Automata simulation checking

Things to learn in the course Practical techniques to overcome the complexity! l BDD-based techniques

Course plan： l Basic understanding of the knowledge of computer verification l Three projects – – – use REDLIB to solve board games use REDLIB to construct system model and making verification for untimed systems use REDLIB to do model-based testing for timed systems

Course schedule 1. 9/14 2. 9/21 3. 9/28 4. 5. 6. 7. 8. Introduction （教師請假，待補課） Propositoinal Logic & BDD technology 1 st project announcement 10/5 Propositoinal Logic & BDD technology 10/12 State Machines & Learning 10/19 State Machines 10/26 State Machines 1 st project report, 2 nd project announcement 11/2 State Machines

Course schedule (continued) 9. 10. 12. 13. 11/9 11/16 11/23 11/30 Temporal Logics & Symbolic Model-Checking Midterm Exam Temporal Logics & Symbolic Model-Checking 2 nd project report, 3 rd project announcement. 14. 12/7 Embedded Systems 15. 12/14 Simulation & Bisimulation 15. 12/21 Game theories 16. 12/28 Model-based Testing 17. 1/4 3 rd project report 18. 1/11 Final exam 9 am-11: 50 am

課程網頁 http: //cc. ee. ntu. edu. tw/~farn/courses/FMV/ 助教：何宗諭 travisho 0014@gmail. com Tuesday p. m. 2: 00~3: 00, 明達館 631

Evaluation Two scenarios Without paper presentation midterm: 30%, final: 30%, projects: 30%, homework: 10%

參考資料： l l l Handbook of Logic in Computer Science: Vol. 1 -2, edited by S. Abramsky (1993), Oxford. Handbook of Theoretical Computer Science, Vol. A & B, edited by J. van Leeuwen, Elsevier. Model Checking, E. Clarke, O. Grumberg, D. Peled, MIT Press Formal Methods for Real-Time Systems edited by C. Heitmeyer, D. Mandrioli, Wiley 重要論文