The way of the lazy
- Autores: Marc Solé Simó
- Directores de la Tesis: Enrique Pastor Llorens (dir. tes.)
- Lectura: En la Universitat Politècnica de Catalunya (UPC) ( España ) en 2009
- Idioma: inglés
- Tribunal Calificador de la Tesis: Jordi Cortadella Fortuny (presid.), Cristina Barrado (secret.), Alex Yakovlev (voc.), Robert Clarisó Viladrosa (voc.), Marco Antonio Peña Basurto (voc.)
- Materias:
- Texto completo no disponible (Saber más ...)
- Resumen
This PhD belongs to the field of formal verification, Formal verification uses mathematical reasoning to determine if a real system (either software, hardware, a protocol, etc.) satisfies some given properties. To be able to accomplish such task, both the system and the properties have to be translated into mathematical formalisms that are afterwards manipulated to obtain an answer. In this work we focus on the verification of discrete systems using Boolean equations.
There are many different types of systems and, depending on their specific characteristics, different verification methods exist. An important characteristic of the systems is if their correct operation depends crucially on the delay of its components. If this is not the case, they are called untimed systems, otherwise they are referred as timed systems. This thesis makes contributions for the verification of both types of systems.
For the untimed systems one of the most elemental (yet effective) techniques is to generate the complete state space of the system, and then check if properties are satsfied in each one of the states. Many of the interesting systems have prohibitively large state spaces, so usually symbolic techniques are used to represent them. That is, using, for instance, formulas to represent the whole set instead of storing each state individually. One of our contributions is to investigate methods in which the generation of states is as fast as possible while keeping a representation size as small as possible.
Finding an exact solution to this problem is highly complex, thus our approximation necessarily has to be based on the use of heuristics. In our case we do consider the causality relations between events to decide which is the best order in which the state space can be explored. Results show that the performance of our methods is good when compared to standard techniques.
The complexity of generating the state space for timed systems is even higher (PSPACE) than for untimed system. One way to avoiding such complexity is to use iterative refinement methodologies. Firstly, time is abstracted from the model, resulting in an untimed system. If there is no failure in its state space, then the system is correct regardless of the delays of its component and we are done. Otherwise, we obtain a trace to a failure (a sequence of events leading from the initial state to a failure state).
If the trace is consistent with the delays of the system (it is timing consistent), then we have a counterexample showing that the system is incorrect and we are also done. On the other hand, if the trace is timing inconsistent, we analyze it to determine which is the minimum timing information that we must incorporate into the system to avoid generating again such trace. This timing information is added back into the system and its state space is generated again. This process goes on until either the system is proved correct or a timing consistent counterexample is found.
This type of technique has been used by many researchers. Mainly their proposals differ in which timing information is added into the system and how it is incoroporated. Most of them rely on introducing some type of counter to determine when an event might happen.
The approach that we have taken as the basis to develop our work does not introduce such type of counters. Instead, it analyzes in which situations a given event has to happen before another and then modifies the system so that these events are fired in the right order in these situations. This technique, based on the relative timing between events has some limitations on the type of systems it can analyze. On the other hand, it usually uses less space than techniques using counters.
Most of this thesis is devoted to explaining and analyzing this technique. Because it is a complex methodology, first we introduce the basics of the method and then more complex aspects are considered. In particular we point out problems previously unrealized and we provide methods to solve them. All this elements converge in the proposal of a verification methodology that has been implemented and compared agains other state-of-the-art verification tools, as well as other iterative refinement techniques.
When compared to the original methodology that introduced the use of relative timing, performance gains are considerable. Even if performance would have been the same, still the methodology would have to be considered successful, since new methodology works with more types of systems and to correctly operate more checkings are required. However the tool implementing the original methodology was experimental and cannot be considered tuned for performance as other state-of-the-art applications.
In comparison with these other tools, results show that our technique achieves very good results in many examples, but that in some cases other approaches are more suitable. In general its performance is comparable to state-of-the-art applications, a promising result taking into account the nature of our tool and that, because of its complexity, has many steps in which there is room for improvement.
The majority of the abovementioned tools compute the exact timed state space of the system (or a conservative approximation in some cases). To be able to compare with some other iterative refinement approaches, we have implemented some using a combination of techniques to update them to state-of-the-art technology, since some of them were proposed many years ago. Results in this case are also usually favorable to our methodology.
