s1_logic - Alloy Analyzer 4 Tutorial Session 1: Intro and...

Info iconThis preview shows pages 1–17. Sign up to view the full content.

View Full Document Right Arrow Icon
Alloy Analyzer 4 Tutorial Session 1: Intro and Logic Greg Dennis and Rob Seater Software Design Group, MIT
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
agenda M.C. Escher break lunch Session 3: Static Modeling break Session 4: Dynamic Modeling
Background image of page 2
trans-atlantic analysis Oxford, home of Z Pittsburgh, home of SMV notation inspired by Z sets and relations uniformity but not easily analyzed analysis inspired by SMV billions of cases in seconds counterexamples not proofs but not declarative
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
why declarative design? I conclude there are two ways of constructing a software design. One way is to make it so simple there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. – Tony Hoare [Turing Award Lecture, 1980]
Background image of page 4
why automated analysis? The first principle is that you must not fool yourself, and you are the easiest person to fool. – Richard P. Feynman
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
alloy case studies Multilevel security (Bolton) Multicast key management (Taghdiri) Rendezvous (Jazayeri) Firewire (Jackson) Intentional naming (Khurshid) Java views (Waingold) Access control (Zao) Proton therapy (Seater, Dennis) Chord peer-to-peer (Kaashoek) Unison file sync (Pierce) Telephone switching (Zave)
Background image of page 6
four key ideas . . . 1) everything is a relation 2) non-specialized logic 3) 4) analysis by SAT
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
1) everything's a relation Alloy uses relations for all data types – even sets, scalars, tuples structures in space and time key operator is dot join relational join field navigation function application s1
Background image of page 8
why relations? There is no problem in computer science that cannot be solved by an extra level of indirection. – David Wheeler easy to understand binary relation is a graph or mapping easy to analyze first order (tractable) uniform Wheeler
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2) non-specialized logic No special constructs for state machines, traces, synchronization, concurrency . . .
Background image of page 10
testing: a few cases of arbitrary size scope-complete: all cases within a small bound observations about design analysis: most assertions are wrong most flaws have small counterexamples
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4) analysis by SAT Stephen Cook Eugene Goldberg Sharad Malik Henry Kautz SAT, the quintessential hard problem (Cook 1971) SAT is hard, so reduce SAT to your problem SAT, the universal constraint solver (Kautz, Selman, . .. 1990's) SAT is easy, so reduce your problem to SAT .. Yakov Novikov
Background image of page 12
Moore's Law
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
SAT performance
Background image of page 14
SAT trophies
Background image of page 15

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
install the Alloy Analyzer Requires Java 5 runtime environment http://java.sun.com/ download the Alloy Analyzer 4 http://alloy.mit.edu/alloy4/ run the Analyzer double click alloy4.jar or execute java -jar alloy4.jar at the command line this bullet indicates something you should do
Background image of page 16
Image of page 17
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/24/2012 for the course CSE 503 taught by Professor Davidnotikin during the Spring '11 term at University of Washington.

Page1 / 44

s1_logic - Alloy Analyzer 4 Tutorial Session 1: Intro and...

This preview shows document pages 1 - 17. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online