共查询到20条相似文献,搜索用时 15 毫秒
1.
Cindy Eisner 《Software and Systems Modeling》2005,4(1):14-31
We describe the experience of modeling and formally verifying a software cache algorithm using the model checker RuleBase. Contrary to prevailing wisdom, we used a highly detailed model created directly from the C code itself, rather than a high-level abstract model. 相似文献
2.
3.
Sven Beyer Christian Jacobi Daniel Kröning Dirk Leinenbach Wolfgang J. Paul 《International Journal on Software Tools for Technology Transfer (STTT)》2006,8(4-5):411-430
In the verified architecture microprocessor (VAMP) project we have designed, functionally verified, and synthesized a processor
with full DLX instruction set, delayed branch, Tomasulo scheduler, maskable nested precise interrupts, pipelined fully IEEE
compatible dual precision floating point unit with variable latency, and separate instruction and data caches. The verification
has been carried out in the theorem proving system PVS. The processor has been implemented on a Xilinx FPGA.
A shorter version of this article with the title “Instantiating uninterpreted functional units and memory system: functional
verification of the VAMP” appeared in [8]. The work reported here was done while all the authors were with Saarland University. 相似文献
4.
Hana Chockler Orna Kupferman Moshe Vardi 《International Journal on Software Tools for Technology Transfer (STTT)》2006,8(4-5):373-386
In formal verification, we verify that a system is correct with respect to a specification. Even when the system is proven
to be correct, there is still a question of how complete the specification is and whether it really covers all the behaviors
of the system. The challenge of making the verification process as exhaustive as possible is even more crucial in simulation-based verification, where the infeasible task of checking all input sequences is replaced by checking a test suite consisting of
a finite subset of them. It is very important to measure the exhaustiveness of the test suite, and indeed there has been extensive
research in the simulation-based verification community on coverage metrics, which provide such a measure. It turns out that no single measure can be absolute, leading to the development of numerous
coverage metrics whose usage is determined by industrial verification methodologies. On the other hand, prior research of
coverage in formal verification has focused solely on state-based coverage. In this paper we adapt the work done on coverage
in simulation-based verification to the formal-verification setting in order to obtain new coverage metrics. Thus, for each
of the metrics used in simulation-based verification, we present a corresponding metric that is suitable for the setting of
formal verification and describe an algorithmic way to check it. 相似文献
5.
Radu I. Siminiceanu Gianfranco Ciardo 《International Journal on Software Tools for Technology Transfer (STTT)》2007,9(1):63-76
The runway safety monitor (RSM) designed by Lockheed Martin is part of NASA’s effort to reduce aviation accidents. We developed
a Petri net model of the RSM protocol and used the model checking functions of our tool (stochastic and model checking analyzer
for reliability and timing) SMART (Stochestic and model checking analyses for seliability and tunnig) to investigate a number
of safety properties for the RSM. To mitigate the impact of state-space explosion, we built a highly discretized model of
the system, obtained by partitioning the monitored runway zone into a grid of smaller volumes and by considering scenarios
involving only two aircraft. The model also assumes that there are no communication failures, such as bad input from radar
or lack of incoming data, thus it relies on a consistent view of reality by all participants. In spite of these simplifications,
we were able to expose potential problems in the conceptual design of RSM. Our findings were forwarded to the design engineers,
who undertook corrective action. Additionally, the results stress the efficiency attained by the new model checking algorithms
implemented in SMART, and demonstrate their applicability to real-world systems. Attempts to verify RSM with similar NuSMV
and SPIN models have failed due to excessive memory consumption.
Work supported in part by the National Aeronautics and Space Administration under grant NAG-1-02095 and by the National Science
Foundation under grants CCR-0219745 and ACI-0203971. 相似文献
6.
In wireless sensor networks, reliable location information is not only necessary to event reports but also crucial to network functionalities such as geographic routing, distributed information storage/retrieval. However, sensors could be compromised by adversaries to claim arbitrary locations to disrupt the normal network operation. Thus, location verification should be carried out for security considerations. Due to the importance of the problem, we propose a highly efficient algorithm that effectively detects false location claims from compromised sensors. Extensive analysis and simulation results demonstrate that our algorithm is energy-efficient and resilient against adversaries. 相似文献
7.
Graph transformation has recently become more and more popular as a general, rule-based visual specification paradigm to formally capture (a) requirements or behavior of user models (on the model-level), and (b) the operational semantics of modeling languages (on the meta-level) as demonstrated by benchmark applications around the Unified Modeling Language (UML). The current paper focuses on the model checking-based automated formal verification of graph transformation systems used either on the model-level or meta-level. We present a general translation that inputs (i) a metamodel of an arbitrary visual modeling language, (ii) a set of graph transformation rules that defines a formal operational semantics for the language, and (iii) an arbitrary well-formed model instance of the language and generates a transitions system (TS) that serve as the underlying mathematical specification formalism of various model checker tools. The main theoretical benefit of our approach is an optimization technique that projects only the dynamic parts of the graph transformation system into the target transition system, which results in a drastical reduction in the state space. The main practical benefit is the use of existing back-end model checker tools, which directly provides formal verification facilities (without additional efforts required to implement an analysis tool) for many practical applications captured in a very high-level visual notation. The practical feasibility of the approach is demonstrated by modeling and analyzing the well-known verification benchmark of dining philosophers both on the model and meta-level. 相似文献
8.
In this paper we show that statistical properties of the transition graph of a system to be verified can be exploited to improve memory or time performances of verification algorithms.We show experimentally that protocols exhibit transition locality. That is, with respect to levels of a breadth-first state space exploration, state transitions tend to be between states belonging to close levels of the transition graph. We support our claim by measuring transition locality for the set of protocols included in the Mur verifier distribution .We present a cache-based verification algorithm that exploits transition locality to decrease memory usage and a disk-based verification algorithm that exploits transition locality to decrease disk read accesses, thus reducing the time overhead due to disk usage. Both algorithms have been implemented within the Mur verifier.Our experimental results show that our cache-based algorithm can typically save more than 40% of memory with an average time penalty of about 50% when using (Mur) bit compression and 100% when using bit compression and hash compaction, whereas our disk-based verification algorithm is typically more than ten times faster than a previously proposed disk-based verification algorithm and, even when using 10% of the memory needed to complete verification, it is only between 40 and 530% (300% on average) slower than (RAM) Mur with enough memory to complete the verification task at hand. Using just 300 MB of memory our disk-based Mur was able to complete verification of a protocol with about 109 reachable states. This would require more than 5 GB of memory using standard Mur . 相似文献
9.
10.
铁路联锁系统设计通常采用梯形逻辑进行建模。为了实现对铁路联锁系统进行形式化验证的目的,根据梯形逻辑的状态变迁语义,将梯形逻辑表示的联锁系统模型转换成模型检测工具NuSMV的语言,并将铁路联锁系统的安全需求表示为计算树逻辑(CTL),最后实现基于NuSMV的铁路联锁系统设计模型的形式化验证。 相似文献
11.
Yael Abarbanel-Vinov Neta Aizenbud-Reshef Ilan Beer Cindy Eisner Daniel Geist Tamir Heyman Iris Reuveni Eran Rippel Irit Shitsevalov Yaron Wolfsthal Tali Yatzkar-Haham 《Formal Methods in System Design》2001,19(1):35-44
We examine IBM's exploitation of formal verification using RuleBase—a formal verification tool developed by the IBM Haifa Research Laboratory. The goal of the paper is methodological. We identify an integrated methodology for the deployment of formal verification which involves three complementary modes: architectural verification, block-level verification, and design exploration. 相似文献
12.
13.
14.
针对安全协议的形式化验证问题,运用模型检测方法,以一种改进的入侵者Promela语义模型,对双方密钥分配中心协议进行Spin模型检测,验证发现其不满足线性时序逻辑( LTL)公式描述的安全性,得到了原协议的安全漏洞。针对该漏洞,提出了一种协议改进方案,并针对改进后的协议,给出新的Promela语义模型的建模方法。改进的入侵者模型建模方法比起原方法:模型检测过程中的存储状态数减少,使模型复杂度降低约40';迁移状态数减少,使验证效率提升约44'。 相似文献
15.
Modeling and formal verification of embedded systems based on a Petri net representation 总被引:2,自引:0,他引:2
In this paper we concentrate on aspects related to modeling and formal verification of embedded systems. First, we define a formal model of computation for embedded systems based on Petri nets that can capture important features of such systems and allows their representation at different levels of granularity. Our modeling formalism has a well-defined semantics so that it supports a precise representation of the system, the use of formal methods to verify its correctness, and the automation of different tasks along the design process. Second, we propose an approach to the problem of formal verification of embedded systems represented in our modeling formalism. We make use of model checking to prove whether certain properties, expressed as temporal logic formulas, hold with respect to the system model. We introduce a systematic procedure to translate our model into timed automata so that it is possible to use available model checking tools. We propose two strategies for improving the verification efficiency, the first by applying correctness-preserving transformations and the second by exploring the degree of parallelism characteristic to the system. Some examples, including a realistic industrial case, demonstrate the efficiency of our approach on practical applications. 相似文献
16.
Xiao-Qi Ma Xiao-Chun Cheng Department of Computer Science The University of Reading Reading RG AY UK 《国际自动化与计算杂志》2005,2(2):155-162
This paper describes the formal verification of the Merchant Registration phase of the Secure Electronic Transactions (SET) protocol, a realistic electronic transaction security protocol which is used to protect the secrecy of online purchases. A number of concepts, notations, functions, predicates, assumptions and rules are introduced. We describe the knowledge of all legal participants, and a malicious spy, to assess the security of the sub-protocol. Avoiding search in a large state space, the method converges very quickly. We implemented our method in the Isabelle/Isar automated reasoning environment, therefore the whole verification process can be executed mechanically and efficiently. 相似文献
17.
Theo C. Ruys Ed Brinksma 《International Journal on Software Tools for Technology Transfer (STTT)》2003,4(2):246-259
In this paper we take a closer look at the automated analysis of designs, in particular of verification by model checking.
Model checking tools are increasingly being used for the verification of real-life systems in an industrial context. In addition
to ongoing research aimed at curbing the complexity of dealing with the inherent state space explosion problem – which allows
us to apply these techniques to ever larger systems – attention must now also be paid to the methodology of model checking,
to decide how to use these techniques to their best advantage. Model checking “in the large” causes a substantial proliferation
of interrelated models and model checking sessions that must be carefully managed in order to control the overall verification
process. We show that in order to do this well both notational and tool support are required. We discuss the use of software
configuration management techniques and tools to manage and control the verification trajectory. We present Xspin/Project,
an extension to Xspin, which automatically controls and manages the validation trajectory when using the model checker Spin.
Published online: 18 June 2002 相似文献
18.
Proving the equivalence of successive, closely related versions of a program has the potential of being easier in practice than functional verification, although both problems are undecidable. There are three main reasons for this claim: (i) it circumvents the problem of specifying what the program should do; (ii) the problem can be naturally decomposed and hence is computationally easier; and (iii) there is an automatic invariant that enables to prove equivalence of loops and recursive functions in most practical cases. Theoretical and practical aspects of this problem are considered. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献
19.
Franjo Ivančić Zijiang Yang Malay K. Ganai Aarti Gupta Pranav Ashar 《Theoretical computer science》2008
This paper discusses our methodology for formal analysis and automatic verification of software programs. It is applicable to a large subset of the C programming language that includes pointer arithmetic and bounded recursion. We consider reachability properties, in particular whether certain assertions or basic blocks are reachable in the source code, or whether certain standard property violations can occur. We perform this analysis via a translation to a Boolean circuit representation based on modeling basic blocks. The program is then analyzed by a back-end SAT-based bounded model checker, where each unrolling is mapped to one step in a block-wise execution of the program. 相似文献
20.
We apply a formal method based on assertions to specify and verify an atomic broadcast protocol. The protocol is implemented by replicating a server process on all processors in a network. We show that the verification of the protocol can be done compositionally by using specifications in which timing is expressed by local clock values. First the requirements of the protocol are formally described. Next the underlying communication mechanism, the assumptions about local clocks, and the failure assumptions are axiomatized. Also the server process is represented by a formal specification. Then we verify that parallel execution of the server processes leads to the desired properties by proving that the conjunction of all server specifications and the axioms about the system implies the requirements of the protocol. 相似文献