Systems Simulation & Modeling
Systems Simulation & Modeling CS 6910
Popular in Course
Popular in ComputerScienence
This 8 page Class Notes was uploaded by Lisette Hodkiewicz on Wednesday September 30, 2015. The Class Notes belongs to CS 6910 at Western Michigan University taught by Zijiang Yang in Fall. Since its upload, it has received 9 views. For similar materials see /class/216880/cs-6910-western-michigan-university in ComputerScienence at Western Michigan University.
Reviews for Systems Simulation & Modeling
Report this Material
What is Karma?
Karma is the currency of StudySoup.
Date Created: 09/30/15
9162008 Properties CS6910 TestingVerification g of Concurrent Programs Temporal Logic 1996 Turing Award menh AG5lop s AF 1mm mac1 1mm IMPLEMENYAYION MODEL l Physical 5pquot malt may Pamela Hutinflow POI tochEIm mm l Safety Property Liveness Property Safety property Liveness property Something bad must not happenquot Something good must happenquot Eg System should not crash Eg Every packet sent must be received Eg Mutual exclusive use ofa shared at quot3 damnation rsource Eg A bus resource allocamr will Error trace is nite eventually grant the use of the bus Error trace is in nite g Propositional Logic Used to reason about static situations Problem with Propositional Logic Propositional logic is good for escribing static situations M Formulas are bUIIt usmg ato Pholdsonlyin 50am 5 t I re ositions and I re ositional o erators Hova to describe dynamic behaviors 39 39 SLIC ES Atounc ploposmonp 6 AP wii qevenmally happen7 Negatigu vw l palways napperw v 3 Dynamic behavior is important COWU JCHOHP A 1 Security protocols I Hardwaesoftwae DISJIIUCHOH p vq bee ng MEWS Implication p a q 9162008 1 Temporal Logic Originats from philosophy Used to reason about properties with a qualitative notion of time Formulas are built using Standard propositional operators such as 39I v Temporal operatnrs suc alwa eventually unui I Atomic State Properties Boolean formula over state variables req req ack g Temporal Operator Always Gp Gstands for globally or always p GR is true fora path ifpholds at all states points of time along the path p EC 4 O O 739 O O O O 1234 GLOOOOOOO i i i i i i i i i 6 g Temporal Operator Eventually Fp stands foreventually p Fpis true fora th ifp holds at some state point In time a ong the path p p O n g Temporal Operator Next Xp stands for next Xp is true for a path ifp holds at the next state point in time along the path p 4 v J g Temporal Operator Until p qutands forpuntil q p Uq is true for a path ifqholds at some state alon the path and p is true in all stats be re that state wQ o qo 0 9162008 Temporal Operators and Relationships g Examples in Temporal Logic The temporal operators 6 E XandU 39 No more than one Processor in a 239 processor system should have a cache line In express properties along smgle write mode39 wrl wr2 are res ectivel true if rocessor 1 2 has the line in write mode The grant signal must be asserted at some time after the request signal is asserted Signals grant req computation paths Can you express Gp purely in terms of E pand propositional operators 39 can you express Fp in terms 0f U and A request signal must receive an propositional operators acknowledge and the request should stay asserted until the acknowledge signal is race ve Signals req ack Path Quantifiers in Temporal Logic Infinite Computation Tree 0 Using the temporal operators so far we can only express properties over a single computation path Linear Temporal Logic LTL Path quantifiers allow us to reason over a tree of possible executions Computation Tree Logic CTL Path Quantifiers Specifying Safety Properties A Gp stands for p holds globally on all paths Two additional operators A all and E St A Gp is true for a state if property p holds globally exi s I Corresponding properties hold in states not along all computation paths starting from the sta e paths SJ mpcnr A p Property p holds along all computation ummg 11 Li W 39 i 6quot paths starting from the state in which A p m I k mm mum 17 holds mum Liriiliiltwk39jililmkl 1 Alix E p Property p holds along at least one path I m m quotI I 397 starting from the state in which Ep holds H k K 39i I 39 c 0 OK A c ltgt c g Specifying Liveness Properties A Fpstands for p holds eventually on all paths A Fp is true for a state if property p holds evenmally along all computation paths starting from the state i xam iclliiil lexkl iill liippt39u i39il its villm39vim r sauw nmw iu naming m happlns invarianb cg can Livenn meow sem hina qua hipptni plums Placmellce Dmnemes ma omlrinn 5 mm n a mm mm m am a vequesls vzuvm mums wotDrums Msllmp ion on processs schnull gmpmalily puuiee simng xairmss Property Monitors P g p Gp Fp 9162008 Temporal Logic Examples From any state it is possible to get to the reset state along some path Signal reset For any state it must hold that the grant signal always be asserted some time after the request signal was asserted Signals grant req From Temporal Logic LTL to Monitors A monitor for a linear temporal logic formula is a nite state machine accepts exactly those behaviors that satisfy the temporal logic formula Accepts means that the accepting state is visimd in nime often eason Behaviors or traces of systems can have in nite Ien d1 Such automata are called B chi wtomaba is often used to specify properties instead Specifying Correctness g Properties Summary Temporal Logic Useful for reasoning about bghavior of an LTS using a qualitative notion time Formulas are formed by using Standard Boolean operators and amp or not Temporal operators always eventually next time until Form ilas are interpreted on sequencestrees Ime Linear Temporal Logic LTL In nite sequence is consi er starting from the initial state Computation Tree Logic CTL In nite tree of computations is considered starting from the initial state 982008 CS6910 TestingVerification of Concurrent Programs All computers are parallel The only question is whether your program is g Need for concurrent programs Hardware 9 multioore architectu Software 9 parallel multithreaded cods for software developers Challenge to Write Concurrent Prog rams Problem Let fbe a function from integers to integers with a zero Write a concurrent program Zero that nds such zero Idea Solve the problem by spitting it into two subproblen39s t at can be solved independently Solution 1 found fase fwnd false Y1 while found while Hound x x Y Y39 i found fx0 found fy0 ZERO1 s1sz Solution 2 I Y1 while found While Wound Solution 3 I Y1 while found while Hound xx1 Y y 1 yy found rxo found rm 0 if mono if mum found true found true ZERO2 ZERO3 foundfalse foundfalse 51 52 SIIISZ 982008 SI Solution 4 I Solution 5 x0 W1 We W1 wnie Wound Wniie iiound wnie Wound Wniie iiound awaitturn1 awaittiiin2 awaitturn awaittiiin2 then turn e 2 nen m men turn 1 gtlt1 1 v v71 W rxeo W rxeo if fv0 found lIue und lIue found We ER tum 2 Tim 1 turn1 foundfalse ZERO39S 51 I 3952 turn1 foundfalse rs1II521 5i Solution 5 g Solution 6 x0 W1 We W1 wnie Wound Wniie iiound wnie Wound Wniie iiound awaittum awaittum2 1 W6 mmq he mm dnen tur tur x1 xgtlt1 VV391y W fx0 W fx0 if f 0 found true found oue found 7 We m I m turn 1 ZERO5 ZERO6 turn1 foundfalse turn1 foundfalse rs1II521 rs1II521 Why to make sure software is I correct I Ariane 5 1996 l After all engineering is not science 39 ax 39d Ema E6533 in Ariane 4 I oa Ingpoln I In ger always room for 39mpmvemen generated conversion an over ow m 3 2 n m n n 93 m c u i Wh t is the big deal if my windows ystem 5h application stops responding Backup systems failed for same 5 I plenty of examples Rocket veered off course I Control system decided to abort 39 Result Rocket selfdesk Cost 400 million payload 982008 yl Pentium 1994 rst re ease 0 Intel Pentium chip 0 Mistakes when dividing floatingpoint numbers that occur within a specific range 0 Estimated 3 million to 5 million defective h39p i c s 0 Cost 475 million g Mars Climate Orbiter 1999 0 One development team used poundsecond in their code while the other used Newtonsecond 0 Values passed from one module to another without conversion 0 Result Loss of the craft 0 Cost 125 million Failing Computer System I Costs Lives Potential problems are obvious Software used to oontrol nuclmr power plants Airtraf c control systen39s Spacecraft launch vehicle control I Testing Seems Easy Just do the following designing test inputs producing test values running test scripts analyzing results asznnx 666LFaii2nnx g Reality Seems Different I Cost of software bugs to US economy in 2002 6OBillion 80 of software development cost is in debugging Testing Effective in discovering bugs in early stages Expensive and not exhaustive Tesitiggm ring spaig gEven More Difficult Testing Concurrent Programs Testing multithreaded program is difficult Nondeterministic scheduler gt1U59 interleavings for 3 threads each with 50 lines of code Nonreproducible rsults Scheduler in Testing and 982008 An Example II m an m w mm mu 1 Assertion St39 an Immature Research Area No textbook We will rad rsearch papers Ideal for MS studenls who want to pursue Ph PhD studenls who look for research projecls Not ideal ifyou want to be an expert in concurrent programming Want to learn mature