A CSC2108F Conference on Automated Verification

Preliminary Program

The aim of this conference is to bring together students and faculty interested in application of formal methods to specification and verification of software systems.  The conference will consist of a series of presentations by students of CSC2108, Fall'00.  The presentations are based on projects that the students worked on between 12/2000-2/2001 either on their own or in groups of two.  Projects done by one person will be presented in 30 minutes followed by a 15-minute question period.  Two-person projects will be presented in 40 minutes followed by a 20-minute question period.  The program below gives the schedule of these talks and their abstracts.  Everyone is welcome to attend.  Proceedings of this conference will be published as a DCS technical report.

Program

Abstracts of the Talks

In this paper we study the relationship between one kind of approach of model-checking -- automata-theoretic approach -- and one kind of powerful description language -- situation calculus which can be used to model dynamic systems.  By developing basic action theory for any given Buchi automaton, we merge automata-theoretic approach into situation calculus and GOLOG.  We also make a few observations of the benefot and reason for doing so.

Congestion control is an important research area in computer networks. Using PROMELA/SPIN, we verified that priority pricing schemes can be used to effectively control network congestion. This is realized through simulation/verification of the propositions that the use of priority pricing (i) results in an equilibrium state in packet allocation, and (ii) effectively controls congestion level through dynamic adjustment of prices. We also extended these propositions in order to verify the convergence property of such an equilibrium. This particular result would be difficult to verify with existing network simulation tools.

Testing in the software industry is, in general, an ad hoc task.  There are guidelines to follow but in most cases they do not cover sufficient portions of the software product.  Recent work has been done to automatically generate test cases such that designers are no longer responsible for desining the test cases but ensuring that the specification of the software is valid.  These formal specifications are then used as inputs into the automatic test generation tool.  The results of the tool would be a set of test cases that do a better job at covering the range of tesets than current non-automated methodologies.  In this paper we survey a few such techniques that use model checking technologys as the test generation engine.  There are two areas of interest we intend to cover.  First is the actual test generation.  We discuss a couple techniques that alter the specification to force the model checker to output counterexamples that are then used as test cases for the software application.  Second we examine a few methods that attack automated generation from a state space perspective/  The specifications that are designed for practical industrial products typically contain far too many states for the model checker to verify to completion.  These methods attempt to reduce the state space while maintaining sufficient details that make test generation still possible.

In the classical logic framework, studies of symbolic LTL (Linear Temporal Logic} model checking has been done. This naturally leads to the extension of  model checking to multi-valued temporal logics. In this paper, we will first review the approach used by classical symbolic LTL model checker and the basic syntax and semantics of multi-valued logics, then explore the multi-valued LTL model checking using similar approach. The resulting algorithm can be  applied to any multi-valued logic whose truth values form a quasi-boolean lattice. We assume that readers are familiar with symbolic model checking.

 

In this paper we survey different graph-based algorithms that can be used to solve the automata-theoretic model-checking problem. We concentrate on existing depth-first search algorithms to locate strongly-connected components, and describe different optimization and approximation techniques that can be utilized in conjunction with them. We also suggesthow a breadth-first search can be used as a replacement to depth-first search in order to minimize the length of the error trace.

 

Model checking analysis can improve the correctness of tabular software specification.  SoftwareSpecification defines what the system does.  This documentation used in each stage of software engineering.  The design of the software will base on what software specification state.  Code development and test evaluate according to the software specifiation.  These usages show the importance of software specification.  The correctness of the specification can affect the quality of the software directly.  Formal method has been introduced to improve the correctness of the software specification.  But, the requirement of most of the formal method technique requires mathematical training or theorem proving skills becomes thebarrier towards practical use.  Tabular motation is introduced to break this barrier.  It tries to abstract the property of what the system does rather than formalize all the information.  This notation requires less mathematical training or theorem proving skills, but the power of formality decrease.  SCR (Software Cost Reductin) is a tabular notation, which have a tool call SCRTool.  This tool has a feature called verifier, which allow the tabular specification convert to formal specification for spin to check safety critical and libeness property.  Thus, the power of formality maintained and practival usability increased.  In this prject, a case study for a two-floor elebator is used to try out this feature.

For more information or to request a copy of conference proceedings, send mail to chechik@cs.toronto.edu.  Information about CSC2108 "Automated Verification" is available at www.cs.toronto.edu/~chechik/courses00/csc2108.