1 / 15

SAT/SMT-Based Verification of Concurrent Systems

SAT/SMT-Based Verification of Concurrent Systems. Tatsuhiro Tsuchiya Osaka University. Summary. Topic SAT/SMT-based model checking of concurrent systems Problem The standard interleaving semantics leads to formula size blow up. Solution We propose a different semantics. ATVA 2004.

palmer
Télécharger la présentation

SAT/SMT-Based Verification of Concurrent Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SAT/SMT-Based Verification of Concurrent Systems Tatsuhiro Tsuchiya Osaka University

  2. Summary • Topic • SAT/SMT-based model checking of concurrent systems • Problem • The standard interleaving semantics leads to formula size blow up. • Solution • We propose a different semantics. • ATVA 2004

  3. A System • Variables: x • Initial Condition: I := x = 0 • Actions: • A1 := x  3  x’ = x + 1 • A2 := x  3  x’ = x x=0 x=1 x=2 x=3 x=4 x=5 x=6

  4. Bounded Reachability Analysis • Initial Condition: I := x = 0 • Actions: • A1 := x  3  x’ = x + 1 • A2 := x  3  x’ = x • Transition Relation: T := A1  A2 I<x/x0> T<x,x’/x0,x1>  …  T <x,x’/xk-1,xk>  P<x/xk> = x0 = 0  (x0 3  x1 = x0 + 1  x0 > 3  x1 = x0)  …  (xk-1 3 xk = xk-1 + 1  xk-1 > 3 xk = xk-1)  P(xk) • Satisfying valuation of x0,x1,x2,x3,… xk = Trace that reaches a state in P in k steps. • x0 = 0, x1 = 1, x2 = 2, …

  5. What if there are many concurrent actions? • Actions: • A1 := PC0 = 0  R0 = F  PC0’ = 1  R0’ = T  PC1’ = PC1  R1’ = F • A2 := PC0 = 1  R1 = F  PC0’ = 2  R1’ = T  PC1’ = PC1  R1’ = F • …. • Transition Relation: T = A1  A2  …  An • n is the number of actions. • A large disjunction is required to represent only a single step.

  6. Interleaving Semantics Action 1, Action 2, Action 3, or Action n Si Si+1 T := A1  A2  …  An A large disjunction is required to represent only a single step.

  7. Proposed Execution Semantics • Macro step= n Micro Steps • n : Number of Actions • Micro Step i • Action i or a stuttering step takes place. Action 1 or Stuttering Action 2 or Stuttering Action n or Stuttering S0 S1 = S2 Sn-1 Sn

  8. Correspondence between Traces under the Two Semantics Action 2 Action 4 • Stuttering Equivalence • LTLX is preserved. Interleaving Semantics Stutter Action 2 Stutter Action 4 NewSemantics = =

  9. Advantage: Concise Representation of the Transition Relation Action 1, Action 2, or Action n Interleaving Semantics Si Si+1 A1  A2  …  An NewSemantics Action 1 or Stuttering Action 2 or Stuttering Action n or Stuttering S0 S1 = S2 Sn-1 Sn A1  (S = S’) A2  (S = S’) An  (S = S’)

  10. States Explored • 12 Actions (Bakery Algorithm) • Explicit-state reachability analysis was used to measure the number of states. New Number of States Interleaving k

  11. Runtime • Yices SMT Solver Interleaving Time(Sec) New k

  12. Other Semantics • Step semantics Toni Jussila, Keijo Heljanko, Ilkka Niemelä: BMC via on-the-fly determinization. STTT 7(2): 89-101 (2005).

  13. Comparison(Runtime) • Andy Jingquin Yu, Gianfranco Ciardo, and Gerald Lüttgen, STTT, 117-131 (2009). • Deadlock Detection of Petri Nets • Zchaff SAT Solver

  14. Summary • Topic • SAT/SMT-based model checking of concurrent systems • Problem • The standard interleaving semantics leads to formula size blow up. • Solution • We propose a different semantics. • ATVA 2004

  15. Future Work • LTL model checking • Networks of timed automata • Systems with unbounded integer variables • K-induction

More Related