Explicit State Reachability Analysis for Model Checking: Algorithms and Case Study, Study notes of Computer Science

An overview of reachability analysis, a central technique in model checking for verifying properties of finite-state machines. Both forward and backward reachability algorithms, their differences, and their applications. The document also includes a case study of nasa's pathfinder rover on mars, where reachability analysis helped identify a priority inversion problem and provide a counterexample for fixing the bug.

Typology: Study notes

Pre 2010

Uploaded on 07/23/2009

koofers-user-bzi-1
koofers-user-bzi-1 🇺🇸

9 documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
9/22/2008
1
CS6910: Testing/Verification
of Concurrent Programs
Explicit State Reachability Analysis
Overview
How to analyze properties of a model?
Today: Explicit state model checking
Reachability Analysis
Reachability
Analysis
(In between, certain graph traversal
algorithms)
Model Checking
So far, we have seen ways to specify
the properties.
Model checking addresses (efficient)
Model
checking
addresses
(efficient)
algorithms to decide whether the
system satisfies the property.
First approach: Explicit state model
checking
Reachability in Finite-State
Machines
Reachability analysis
Central in model checking
Safet
y
p
ro
p
erties
yp p
“Can a set of states ever
be reached starting from
the initial states?”
Usually interested in
reachability of unsafe or
“bad” states.
Algorithm: Reachability in
FSMs Algorithm: Reachability in
FSMs
pf3
pf4
pf5

Partial preview of the text

Download Explicit State Reachability Analysis for Model Checking: Algorithms and Case Study and more Study notes Computer Science in PDF only on Docsity!

CS6910: Testing/Verification

of Concurrent Programs

Explicit State Reachability Analysis

Overview

„ How to analyze properties of a model?

„ Today: Explicit state model checking

„„ Reachability AnalysisReachability Analysis

„ (In between, certain graph traversal

algorithms)

Model Checking

„ So far, we have seen ways to specify

the properties.

„„ Model checking addresses (efficient)Model checking addresses (efficient)

algorithms to decide whether the

system satisfies the property.

„ First approach: Explicit state model

checking

Reachability in Finite-State

Machines

„ Reachability analysis

„ Central in model checking

„ Safety propertiesy p p

„ “Can a set of states ever

be reached starting from

the initial states?”

„ Usually interested in

reachability of unsafe or

“bad” states.

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Algorithm: Reachability in

FSMs

Computing Counterexamples

„ Reachability algorithm implementations: DFS or BFS „ DFS –Depth-First Search „ Stack content represents counterexample from initial state to unsafe state „ No additional information needs to be stored to computeNo additional information needs to be stored to compute counterexample „ Memory efficient „ BFS –Breadth-First Search „ Finds a shortest counterexample „ Requires additional information to compute counterexample „ Needs to store for each reachable state which its predecessor is

Computing Counterexamples

using DFS

Computing Counterexamples

using DFS

Computing Counterexamples

using DFS

Computing Counterexamples

using DFS

Computing Counterexamples

using DFS

Computing Counterexamples

using DFS

Case Study: NASA’s PathFinder

on Mars, 1997

Case Study: NASA’s PathFinder

on Mars, 1997

„ Design fault caused rover to loose contact

with earth

„ Priority inversion problem caused intermittent deadlockdeadlock „ Global real-time operating system would discover malfunction and initiate system reset „ Bug was traced through logging mechanism and fixed with software update from earth

„ Problem description presented here highly

simplified

„ Based on Holzmann: “The Spin Model Checker”, chapter 5.

Modeling NASA’s Pathfinder

Problem

Modeling NASA’s Pathfinder

Problem