1 / 84

Emmanuel Fleury Kim Guldstrand Larsen and Jan Tretmans

Test & Verification. Emmanuel Fleury Kim Guldstrand Larsen and Jan Tretmans. Semantic Models concurrency, mobility, objects real-time, hybrid systems. Validation & Verification algorithms & tools. Construction real-time & network systems.

hakeem-knox
Download Presentation

Emmanuel Fleury Kim Guldstrand Larsen and Jan Tretmans

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Test & Verification Emmanuel FleuryKim Guldstrand LarsenandJan Tretmans

  2. Semantic Models concurrency, mobility, objects real-time, hybrid systems Validation & Verification algorithms & tools Construction real-time & network systems Research ProfileDistributed Systems & Semantics Unit

  3. BRICS Machine Basic Research in Computer Science, 1993-2006 30+40+40 Millkr 100 100 Tools Other revelvant projects CISS, ARTIST, AMETIST Aarhus Aalborg

  4. Tools andBRICS Applications visualSTATE UPPAAL SPIN PVS HOL ALF TLP • Semantics • Concurrency Theory • Abstract Interpretation • Compositionality • Models for real-time • & hybrid systems • Algorithmic • (Timed) Automata Theory • Graph Theory • BDDs • Polyhedra Manipulation • Logic • Temporal Logic • Modal Logic • MSOL

  5. A very complex system Klaus Havelund, NASA

  6. Rotterdam Storm Surge Barrier

  7. Spectacular Bugs • ARIANE-5 • INTEL Pentium II floating-point division 470 Mill US $ • Baggage handling system, Denver 1.1 Mill US $/day for 9 months • Mars Pathfinder • Radiation theraphy, Therac-25 • ……. More in JPK, CW

  8. Embedded Systems • 80% of all existing software is embedded in interacting devices. • Demand on increasing functionality with minimal resources.

  9. A simple program Int x Process INC do :: x<200 --> x:=x+1 od Process DEC do :: x>0 --> x:=x-1 od Process RESET do :: x=200 --> x:=0 od fork INC; fork DEC; fork RESET Which values may x take ? Questions/Properties: E<>(x>100) E<>(x>200) A[](x<=200) E<>(x<0) A[](x>=0) Possibly Always

  10. Introducing, Detecting and Repairing Errors Liggesmeyer 98

  11. Introducing, Detecting and Repairing Errors Liggesmeyer 98

  12. Suggested Solution? Model based validation, verfication and testing of software and hardware

  13. Verification & Validation Analysis Design Model • Specification Implementation Testing

  14. Verification & Validation Analysis Validation Design Model • Specification Verification & Refusal UML SDL Implementation Testing

  15. Verification & Validation Analysis Validation Design Model • Specification Verification & Refusal UML Model Extraction SDL Automatic Code generation Implementation Testing

  16. Verification & Validation Analysis Validation Design Model • Specification Verification & Refusal UML Model Extraction SDL Automatic Test generation Automatic Code generation Implementation Testing

  17. How? Unified Model=State Machine! b? y! a Output ports x Input ports b? y b a? x! Control states

  18. Tamagotchi C A B ALIVE Passive Feeding Light Meal A B A Health:= Health-1 B A Snack Care Clean A Health=0 or Age=2.000 A A Medicine Discipline Play DEAD Tick A A Health:=Health-1; Age:=Age+1

  19. SYNCmaster

  20. Digital Watch

  21. The SDL Editor The SDL Editor Process level

  22. SPIN, Gerald Holzmann AT&T

  23. visualSTATE VVS w Baan Visualstate, DTU (CIT project) • Hierarchical state systems • Flat state systems • Multiple and inter-related state machines • Supports UML notation • Device driver access

  24. ESTEREL

  25. UPPAAL

  26. ‘State Explosion’ problem M2 M1 a 1 2 b c 3 4 M1 x M2 1,a 4,a 1,b 2,b 1,c 2,c 3,a 4,a 3,b 4,b 3,c 4,c Provably theoretical intractable All combinations = exponential in no. of components

  27. Train Simulator VVS visualSTATE 1421 machines 11102 transitions 2981 inputs 2667 outputs 3204 local states Declare state sp.: 10^476 BUGS ? Our techniuqes has reduced verification time with several orders of magnitude (ex 14 days to 6 sec)

  28. Modelling and Analysis Software Model A No! Debugging Information TOOL Yes, Prototypes Executable Code Test sequences RequirementF Tools:UPPAAL, visualSTATE, ESTEREL, SPIN, Statemate, FormalCheck, VeriSoft, Java Pathfinder,…

  29. Modelling and Analysis BRICS Software Model A No! Debugging Information Semantics TOOL Yes, Prototypes Executable Code Test sequences RequirementF Algorithmics Logic Tools:UPPAAL, visualSTATE, ESTEREL, SPIN, Statemate, FormalCheck, VeriSoft, Java Pathfinder,…

  30. Most fundamentae model in Computer Science: Kleene og Moore Finite State Machines • Language versus behaviour • Determinism versus non-determinism • Composition and operations • Variants of state machines Moore, Mealy, IO automater, UML ….

  31. State Machines • Model of Computation • Set of states • A start state • An input-alfabet • A transition funktion, mapping input symbols and state to next state • One ore more accept states. • Computation starts from start state with a given input string (read from left to right) Modulo 3 counter inc dec inc dec inc dec  inc inc dec inc inc dec inc inc inc dec inc dec inc dec inc  input string

  32. State Machines inputstreng Variants Machines may have actions/output associated with state– Moore Machines. inc inc dec inc inc dec inc inc 1 0 dec inc dec inc dec 2 0 1 2 1 2 0 2 1 outputstreng

  33. State Machines inputstreng Varianter Machines may have actions/output associated with med transitions – Mealy Maskiner. Transitions unconditional of af input (nul-transitions). Several transitions for given for input and state (non-determinisme). inc inc dec inc inc dec inc inc/1 dec/0 inc/2 dec/2 inc/0 dec/1 1 2 1 2 0 2 1 outputstreng

  34. State Machines Variants Symbols of alphabet patitioned in input- and output-actions (IO-automata) inc? 1! 0! dec? inc? dec? inc? dec? 2! 0! 0! 0! inc? inc? 2! 2! dec? 1! interaction

  35. Bankbokskode To open a bank box the code most contain at least 2 To open a bank box the code most end with ? To open a bank box the code most end with or with To open a bank box the code most end with a palindrom e.g:. O B G ……..

  36. Fundamental Results • Every FSM may be determinized accepting the same language (potential explosion in size). • For each FSM there exist a language-equivalent minimal deterministic FSM. • FSM’s are closed under Å and [ • FSM’s may be described as regular expressions (and vise versa)

  37. Composition M2 M1 a 1 2 b c 3 4 M1 x M2 1,a 4,a 1,b 2,b 1,c 2,c 3,a 4,a 3,b 4,b 3,c 4,c All combinations= exponential in no of machines

  38. CompositionFSM, Moore & Mealy A AX X I I I B Y BY

  39. CompositionFSM, Moore & Mealy A AX X I I I O1 O O2 O1+O2 B Y BY

  40. CompositionFSM, Moore & Mealy A AX X I !Y,Z I A I Z O1 O O2 O1+O2 B Y BY

  41. CompositionFSM, Moore & Mealy A AX X I Y,Z I A O1 O O2 B Y BY

  42. CompositionIO Automater (2-vejs synkronisering) A AX X h! h? B Y BY

  43. CompositionIO Automater A AX X k! h? k! h! C B Y CX BY

  44. Mutual Exclusion Token

  45. Mutual Exclusion Semafor

  46. Automatisk Error Detection • Reachability • Generic properties

  47. Udforskning af Tilstandsrum Erklæret tilstandsrum 1 2 Reachable 3 4 a b c Start tilstand

  48. Udforskning af tilstandrum Erklæret tilstandsrum Erklæret tilstandsrum mål start Forlæns iteration Baglæns iteration

  49. Gensidig Udelukkelse Token

  50. Gensidig udelukkelseForward Reachability I1 I2 0 Token

More Related