- Author:
- Jerry Robert Burch
Verification methodologies for real-time systems can be classified according to whether they are based on a continuous time model or a discrete time model. Continuous time often provides a more accurate model of physical reality, while discrete time can be more efficient to implement in an automatic verifier based on state exploration techniques. Choosing a model appears to require a compromise between efficiency and accuracy.
We avoid this compromise by constructing discrete time models that are conservative approximations of appropriate continuous time models. Thus, if a system is verified to be correct in discrete time, then it is guaranteed to also be correct in continuous time. We also show that models with explicit simultaneity can be conservatively approximated by models with interleaving semantics.
Proving these results requires constructing several different domains of agent models. We have devised a new method for simplifying this task, based on abstract algebras we call trace algebra and trace structure algebra. A trace algebra has a set of traces as its carrier, along with operations of projection and renaming on traces. A trace can be any mathematical object that satisfies certain simple axioms, so the theory is quite general. A trace structure consists, in part, of a subset of the set of traces from some trace algebra. In a trace structures algebra, operations of parallel composition, projection and renaming are defined on trace structures, in terms of the operations on traces. General methods for constructing conservative approximations are described and are applied to several specific real-time models. We believe that trace algebra is a powerful tool for unifying many models of concurrency and abstraction beyond the particular ones described in this thesis.
We also describe an automatic verifier based on the theory, and give examples of using it to verify speed-dependent asynchronous circuits. We analyze how several different delay models, including a new model called chaos delay, affect the verification results. The circuits and their specifications are represented in discrete time, but because of our conservative approximations, circuits that are verified correct are also correct in continuous time.
Cited By
Tschudin C (2019). A Broadcast-Only Communication Model Based on Replicated Append-Only Logs, ACM SIGCOMM Computer Communication Review, 49:2, (37-43), Online publication date: 21-May-2019.- Passerone R, Burch J and Sangiovanni-Vincentelli A Conservative approximations for heterogeneous design Proceedings of the 4th ACM international conference on Embedded software, (155-164)
- Edwards S, Lavagno L, Lee E and Sangiovanni-Vincentelli A Design of embedded systems Readings in hardware/software co-design, (86-107)
- Aagaard M, Jones R, Kaivola R, Kohatsu K and Seger C Formal verification of iterative algorithms in microprocessors Proceedings of the 37th Annual Design Automation Conference, (201-206)
- Hulgaard H and Burns S (2019). Bounded Delay Timing Analysis of a Class of CSP Programs, Formal Methods in System Design, 11:3, (265-294), Online publication date: 1-Oct-1997.
- Beerel P, Burch J and Meng T Efficient verification of determinate speed-independent circuits Proceedings of the 1993 IEEE/ACM international conference on Computer-aided design, (261-267)
Index Terms
- Trace algebra for automatic verification of real-time concurrent systems
Recommendations
Succinct Representation of Concurrent Trace Sets
POPL '15: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming LanguagesWe present a method and a tool for generating succinct representations of sets of concurrent traces. We focus on trace sets that contain all correct or all incorrect permutations of events from a given trace. We represent trace sets as HB-Formulas that ...
Efficient Verification of Sequential and Concurrent C Programs
There has been considerable progress in the domain of software verification over the last few years. This advancement has been driven, to a large extent, by the emergence of powerful yet automated abstraction techniques such as predicate abstraction. ...