Proving Invariances

# Temporal Verification of Reactive Systems: Safety

• Notes
• davidvictor
• 10

This preview shows pages 1–4. Sign up to view the full content.

CS256/Winter 2007 — Lecture #6 Zohar Manna Chapter 1 Invariance: Proof Methods For assertion q and SPL program P show P q 0 q (i.e., q is P -invariant) 6-1 Proving Invariances Definitions Recall: the variables of assertion : free (flexible) system variables V = Y ∪ { π } where Y are the program variables and π is the control variable quantified (rigid) specification variables q 0 is the primed version of q , obtained by replacing each free occurrence of a system variable y V by its primed version y 0 . ρ τ is the transition relation of τ , expressing the re- lation holding between a state s and any of its τ - successors s 0 τ ( s ) . 6-2 Verification Conditions (proof obligations) standard verification condition For assertions ϕ, ψ and transition τ , { ϕ } τ { ψ } (“Hoare triple”) stands for the state formula ρ τ ϕ ψ 0 “Verification condition (VC) of ϕ and ψ relative to transition τ ϕ τ ψ p p j j + 1 6-3 Verification Conditions (Con’t) Example: ρ τ : x 0 y 0 = x + y x 0 = x ϕ : y = 3 ψ : y = x + 3 Then { ϕ } τ { ψ } : x 0 y 0 = x + y x 0 = x | {z } ρ τ y = 3 | {z } ϕ y 0 = x 0 + 3 | {z } ψ 0 6-4

This preview has intentionally blurred sections. Sign up to view the full version.

Verification Conditions (Con’t) for τ ∈ T in P { ϕ } τ { ψ } : ρ τ ϕ ψ 0 τ leads from ϕ to ψ in P for T in P { ϕ }T { ψ } : { ϕ } τ { ψ } for every τ ∈ T T leads from ϕ to ψ in P Claim (Verification Condition) If { ϕ } τ { ψ } is P -state valid, then every τ -successor of a ϕ -state is a ψ -state. 6-5 Verification Conditions (Con’t) Special Cases while, conditional ρ τ : ρ t τ ρ f τ { ϕ } τ t { ψ } : ρ t τ ϕ ψ 0 { ϕ } τ f { ψ } : ρ f τ ϕ ψ 0 { ϕ } τ { ψ } : { ϕ } τ t { ψ } ∧ { ϕ } τ f { ψ } idle { ϕ } τ I { ϕ } : ρ τ I ϕ ϕ 0 always valid, since ρ τ I v 0 = v for all v V , so ϕ 0 = ϕ. 6-6 Verification Conditions (Con’t) Substituted Form of Verification Condition Transition relation can be written as ρ τ : C τ ( V 0 = E ) where C τ : enabling condition V 0 : primed variable list E : expression list The substituted form of verification condition { ϕ } τ { ψ } : C τ ϕ ψ [ E /V ] where ψ [ E /V ] : replace each variable v V in ψ by the corresponding e E Note : No primed variables! The substituted form of a verification condition is P -state valid iff the standard form is 6-7 Verification Conditions (Con’t) Example: ρ τ : x 0 y 0 = x + y x 0 = x ϕ : y = 3 ψ : y = x + 3 Standard x 0 y 0 = x + y x 0 = x | {z } ρ τ y = 3 | {z } ϕ y 0 = x 0 + 3 | {z } ψ 0 Substituted x 0 | {z } C τ y = 3 | {z } ϕ x + y = x + 3 | {z } ψ [ E /V ] 6-8
Verification Conditions (Con’t) Example: ϕ : x = y ψ : x = y + 1 ρ τ : x 0 | {z } C τ ( x 0 , y 0 ) | {z } V 0 = ( x + 1 , y ) | {z } E The substituted form of { ϕ } τ { ψ } is x 0 | {z } C τ x = y | {z } ϕ ( x = y + 1)[( x + 1 , y ) / ( x, y )] | {z } ψ [ E /V ] or equivalently x 0 x = y x + 1 = y + 1 6-9 Simplifying Control Expressions move ( L 1 , L 2 ): L 1 π π 0 = ( π - L 1 ) L 2 e.g., for L 1 = { 1 } , L 2 = { 2 } move ( 1 , ‘ 2 ): 1 π π 0 = ( π - { 1 } ) ∪ { 2 } Consequences implied by move ( L 1 , L 2 ): for every [ ] L 1 at - = t (i.e., [ ] π ) for every [ ] L 2 at 0 - = t (i.e., [ ] π 0 ) for every [ ] L 1 - L 2 at - = t (i.e., [ ] π

This preview has intentionally blurred sections. Sign up to view the full version.

This is the end of the preview. Sign up to access the rest of the document.
• '
• NoProfessor
• formal methods, invariant, L1 family, 3 j, Initiality

{[ snackBarMessage ]}

### What students are saying

• As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

Kiran Temple University Fox School of Business ‘17, Course Hero Intern

• I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

Dana University of Pennsylvania ‘17, Course Hero Intern

• The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

Jill Tulane University ‘16, Course Hero Intern