MCP - 272: Software Engineering Fall 2008 Instructor:...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
272: Software Engineering Fall 2008 Instructor: Tevfik Bultan Lectures 8 and 9: Model Checking Programs
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Transformational vs. Reactive Systems Transformational systems get input; compute something; return result; Reactive systems while (true) { receive some input, send some output } Transformational view follows from the initial use of computers as advanced calculators: A component receives some input, does some calculation and then returns a result. Nowadays, the reactive system view seems more natural: components which continuously interact with each other and their environment without terminating
Background image of page 2
Transformational vs. Reactive Systems Transformational systems get input; {pre-condition} compute something; {post-condition} return result; Reactive systems while (true) { receive some input, send some output } Earlier work in verification uses the transformational view: halting problem Hoare logic pre and post-conditions partial vs. total correctness For reactive systems: termination is not the main issue pre and post-conditions are not enough dealing with concurrency is important
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Reactive Systems: A Very Simple Model A reactive system generates a set of execution paths An execution path is a concatenation of the states (configurations) of the system, starting from some initial state There is a transition relation which specifies the next-state relation, i.e., given a state what are the states that can follow that state We need an example
Background image of page 4
A Mutual Exclusion Protocol Process 1: while (true) { out: a := true; turn := true; wait: await (b = false or turn = false); cs: a := false; } || Process 2: while (true) { out: b := true; turn := false; wait: await (a = false or turn); cs: b := false; } Two concurrently executing processes are trying to enter a critical section without violating mutual exclusion
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
State Space The state space of a program can be captured by the valuations of the variables and the program counters For our example, we have two program counters: pc1, pc2 domains of the program counters: {out, wait, cs} three boolean variables: turn, a, b boolean domain: {True, False} Each state of the program is a valuation of all the variables
Background image of page 6
State Space Each state can be written as a tuple (pc1,pc2,turn,a,b) Initial states: {(o,o,F,F,F), (o,o,F,F,T), (o,o,F,T,F), (o,o,F,T,T), (o,o,T,F,F), (o,o,T,F,T), (o,o,T,T,F), (o,o,T,T,T)} initially: pc1=o and pc2=o How many states total? 3 * 3 * 2 * 2 * 2 = 72 exponential in the number of variables and the number of concurrent components
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Transition Relation Transition Relation specifies the next-state relation, i.e., given a state what are the states that can come after that state For example, given the initial state (o,o,F,F,F) Process 1 can execute: out: a := true; turn := true; or Process 2 can execute: out: b := true; turn := false; If process 1 executes, the next state is (w,o,T,T,F) If process 2 executes, the next state is
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 10/04/2011 for the course CEN 5016 taught by Professor Workman,d during the Spring '08 term at University of Central Florida.

Page1 / 55

MCP - 272: Software Engineering Fall 2008 Instructor:...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online