Introduction to Model-Checking Techniques

June 14-25, Politecnico di Milano

Michal Young [email: michal@cs.uoregon.edu]

Jump to: Home | Schedule | Lectures

Schedule

Module 1: Introduction to Finite-State Verification

Read before first class:

Gerard Holzmannn, "The Model Checker Spin"

Tuesday, June 15; 2 hours

Origins of FSV
When is FSV needed? When is it possible?
Automating state exploration

Exercise: Parking garage model

Module 2: Properties

Read before class:

Lamport, "A Simple Approach to Specifying Concurrent Programs"

Wednesday, June 16; 3 hours

Simple safety properties (invariants)
Sequencing properties
A first look at temporal logic
Safety vs. liveness
Sequencing properties that are still safety properties
Liveness properties
Fairness properties
Temporal logic
Linear time temporal logic (LTL)
Branching time temporal logic (CTL)
Complexity and expressiveness

Exercise: Discuss solutions to garage exercise. Code solutions in Promela and verify with Spin.

Module 3: Model checking algorithms

Read before Thursday class. It may be best to skip the portion on fairness, at least until the rest makes sense.

Clarke, Emerson, Sistla, "Automatic Verification of Finite-State Concurrent Systems Using Temporal Logic Specifications"

Read before Friday class. A lot of this will be unfamiliar and difficult to absorb at first; just try to get the main ideas of the approach if you can.

Biere, Cimatti, Clarke, Fujita, and Zhu, "Symbolic Model Checking using SAT Procedures Instead of BDDs," Proc. 36th ACM/IEEE Conference on Design Automation, pp 317-320, New Orleans, Louisiana, USA, 1999.

 

Thursday, June 17; 3 hours

Explicit model checking with CTL
Explicit model checking with LTL (as in Spin)

Friday, June 18, 2 hours

Implicit approaches
Symbolic model checking with BDDs
Symbolic model checking with SAT-solvers
Constraint-based approaches: INCA, FLAVERS

Exercise: Coffee machine model

Module 4: Modeling other properties

Read before Tuesday's class:

Jackson, "Alloy: A Lightweight Object Modeling Notation"

Tuesday, June 22; 2 hours


Data modeling with alloy

Exercise: Alloy exercise

Wednesday, June 23; 3 hours

Alloy continued
Data flow analysis
Type and effect systems

Module 5: Relating models to systems


Read before class Thursday:

Corbett et al: "Bandera: Extracting Finite-State Models from Program Source Code"

Read before class Friday:

Hallem et al: , "A System and Language for Building System Specific, Static Analyses"

Thursday, June 24; 3 hours

Abstraction and model extraction
Specification patterns
Architecture analysis
Conformance testing

Friday, June 25; 2 hours

Direct analysis of code (e.g. Metal)
What's really needed? Little theorems about big programs (shallow, global analysis)?
Big theorems about just the tricky parts? Handbooks of verified patterns?
Wrapping up

 

Michal Young / michal@cs.uoregon.edu / $Id: schedule.html,v 1.7 2004/06/23 09:28:54 michal Exp $