1 / 19

Formal Methods of Systems Specification Logical Specification of Hard- and Software

Formal Methods of Systems Specification Logical Specification of Hard- and Software. Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik. Recap: Propositional Logic.

rhoda-villarreal
Download Presentation

Formal Methods of Systems Specification Logical Specification of Hard- and Software

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Formal Methods of Systems SpecificationLogical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

  2. Recap: Propositional Logic • Syntax PL ::= Ρ |  | (PL  PL) • Semantics • Propositional Model M: (U,I); Interpretation I: Ρ↦ U • Validation relation M ⊨  • M ⊨ p if I(p)=true • M ⊭  • M ⊨ () if M ⊨  implies M ⊨  • Validity (⊨), Satifiability(SAT()) • Calculus • axiom schemes: weakening, distribution, excluded middle • rule: modus ponens

  3. Q.: exponential blowup? (rs) = ((rs)  (sr)) (q(rs)) = ((q(rs))  ((rs)q)) = ((q ((rs)  (sr)))  (((rs)  (sr)) q)) (p(q(rs))) = (p(q(rs)))  ((q(rs))p) = (p((q((rs)  (sr)))  (((rs)  (sr))q)))  (((q((rs)  (sr)))  (((rs)  (sr))q))p) p  (q  r)  (¬q  s) q  (t  u) p  ((t  u)  r)  (¬ (t  u)  s) logarithmic reduction by introduction of abbreviations?

  4. Boolean Quantification QPL ::= Ρ |  | (QPL  QPL) |  Ρ QPL • intuitively, p (p) means p is „hidden“ • M ⊨ p  if there is an M‘= (U,I‘) such that I‘(q)=I(q) for all qp and M‘ ⊨  • ⊨ p   ((p:=)  (p:=Τ)) • ∀p  = ¬p ¬; ⊨∀p   ((p:=)  (p:=Τ))

  5. Conciseness and Complexity • Quantified formulae can be logarithmically more concise •  = [… ((rs)t) … ((rs)t) … ((rs)t) …] •   (p(p ((rs)t))  [… p … p … p …]) • Quantified formulae can be exponentially harder to analyze • SAT(PL) is NP-hard, SAT(QPL) is PSPACE-hard • To check whether p  holds one has to check both alternatives

  6. Boolean Normal Forms • DNF (disjunctive normal form) • each formula is equivalent to a disjunction of conjunction of literals e.g. ((p¬ qr)  (¬pq¬r)  (p¬q¬r)) • obtained by truth table • CNF (conjunctive normal form) • de Morgan dual of DNF • used in PLAs (programmable logic arrays) • NAND-, NOR-normal form • (p|q)=(p¬q); ¬p=(p|p); (pq)=(p|¬q) • used for gate arrays • Algebraic normal form • XOR of conjunction of (positive) propositions • used in linear feedback shift registers

  7. next week: tree normal form • (ordering of variables)

  8. Boolean Modelling of Reactive Systems • Many modelling formalisms are being used • Transition systems • Parallel and hierarchical transition systems, statecharts • Shared variables programs • UML diagrams • Abstract state machines • ...

  9. Transition Systems • Transition system TS=(,S, , S0), where •  is a nonempty finite alphabet • S is a nonempty finite set of states •  S  S is the transition relation, and • S0 S is the set of initial states • similar to a nondeterministic finite automaton, with many initial states but without finite states • transition system generates a (finite or infinite) word w0w1w2... iff there are states s0s1s2s3... such that s0 S0 and each (si,wi,si+1) Δ

  10. off tape play dn up up up dn dn memory dn Example • ={up, dn} • S={off, tape, memory, play} • ={(off,dn,tape), (tape,up,off), (tape,dn,memory), (memory,up,off), (memory,dn,play), (play,dn,tape), (play,up,off)} • S0={off}

  11. Parallel Transition Systems • Parallel transition system T=(T1,…,Tn) • each Ti is a transition system • SiSj= • interleaving semantics • on its private alphabet, each Ti can make an independent move • synchronization is via common events • example: power switch and camcorder mode

  12. play tape camera switch on but_hi but_lo off dn memory dn,pwr_res dn up up,pwr_fail dn dn on dn Example • T=(switch, camera) • {pwr_fail, pwr_res} are private to camera • synchronization alphabet {up,dn} • how big is the state space?

  13. The global transition system T associated with a parallel transition system (T1,…,Tn) is defined as T=(, S, , S0), where • = i • S= S1 … Sn • S0 = S1,0 … Sn,0, and • ((s1,…,sn),a,(s1‘,…,sn‘)) iff for all Ti • if ai, then ((s i),a,(s i‘))i, and • if ai, then s i=s i‘.

  14. Shared Variables • A shared variables program is given by a tuple (V,D,T,s0), where • V=(v1,…,vn) is a set of program variables • D=(D1,…,Dn) is a tuple of corresponding finite domains Di={di1,…,dim} • TDD is a transition relation, and • s0 = (d11,…,dn1) is the initial state

  15. Example (1) • A request granting algorithm • V={request,state} • D=({true, false}, {ready, busy}) • T=(((true, ready), (true, busy)), ((false, ready), (false, ready)), ((true, busy), (true, busy)), ((true, busy), (true, ready)), …)

  16. Example (2) • Euclidean algorithm gcd(a, b) if a = 0 return b while b ≠ 0 if a > b then a := a − b else b := b − a return a • Shared variables program • V=(a,b) • D=(Nat, Nat) (finite?) • T={((0,0),(0,0)), ((7,4),(3,4)), ((3,4),(3,1)), …} • s0=D

  17. Transition Systems and Programs • For every (parallel) transition system there is an equivalent shared variables program of the same order of size. • The translation in the other direction may cause an exponential blowup. • Exercise: describe the translations!In which sense are the translations equivalent?

  18. Transition Relation as Boolean Formula • State=(d1,…,dn) (diDi) • Transition relation T can be defined by a propositional formula T • atomic propositions: let V‘={v1‘,…,vn‘}P={(x=y) | x,y (VV‘Di)} • Any propositional formula T in this alphabet defines a transition relation via the following convention If s=(d1,…,dn) and s‘=(d1‘,…dn‘), then (s,s‘) T iff M⊨ T, where I(vi)=di and I(vi‘)=di‘.

  19. Example • request granting algorithm • V={request,state} • D=({true, false}, {ready, busy}) • T=((request=true)(state=ready)(state‘=busy)) • „Propositional logic as a programming language“ • Used in model checkers such as nuSMV

More Related