Embed Size (px)
DESCRIPTION
Tools for Verification of Specification Given by Basic Protocols. Oleksandr Letychevskyi, Ph.D. Glushkov Institute of Cybernetics of Ukrainan Academy of Sciences email: [email protected] Telephone: +38(044)200-84-24. VRS Tools. Algebraic Programming System. - PowerPoint PPT Presentation
Citation preview
1INTAS Meeting, Moscow
Tools for Verification of Specification Given by Basic Protocols
Oleksandr Letychevskyi, Ph.D.Glushkov Institute of Cybernetics of Ukrainan Academy of
Sciences
email: [email protected]
Telephone: +38(044)200-84-24
28-Aug-07
2INTAS Meeting, Moscow
VRS Tools
Algebraic Programming System
Verification of Requirements System (academic version)
Verification of Requirements System (business version)
Client
Client (academic version)
28-Aug-07
3INTAS Meeting, Moscow
Basic Protocols – Input of Verification System
I1 I2
S
R
Process
Precondition
Postcondition
Basic protocol in MSC form
x S(x)->A(x) . R(x)Action A will be performed if S is true and then condition R will be true after A
28-Aug-07
4INTAS Meeting, Moscow
Example of industrial formalization
28-Aug-07
5INTAS Meeting, Moscow
Wimax (802.16 protocol) specifications are very close to basic protocols and could be converted easily
Basic protocol format
Transition system specifications
Environment description
Formalization of Wimax requirements
28-Aug-07
6INTAS Meeting, Moscow
Some basic protocols for 802.16 protocol
28-Aug-07
7INTAS Meeting, Moscow
Basic Protocols Technology
Concrete Trace Generator
Symbolic Trace Generator
Static Requirements Checker
Formalized requirements
Verdict, set of traces
28-Aug-07
8INTAS Meeting, Moscow
Concrete Simulation
Concrete Trace Generator (CTG) simulates system behavior which is restricted by set of basic protocols and filters.
Simulation is performed by checking of PRE conditions and applying POST conditions.
During simulation CTG detects deadlocks, non-determinisms, safety violations, unreachable requirements, usage of uninitialized attributes and admitted region attribute overflow.
CTG generates counterexamples for detected inconsistencies and set of traces correspondingly to filter settings.
28-Aug-07
9INTAS Meeting, Moscow
Symbolic Generation
Symbolic Trace Generator (STG) simulates set of basic protocol by applying of possible protocols that present behavior of system without computing of concrete environment state.
Simulation is performed by proving of existing of solution of formula in PRE-condition. If solution does not exist – the corresponded counterexample with symbolic values will be presented.
During simulation STG shall detect deadlocks, safety violations, and non-determinisms without initial values of attributes.
STG shall generate counterexamples by means of backward generation for inconsistencies that were detected by static requirements checking. These inconsistencies may be not reached by concrete trace generation.
28-Aug-07
10INTAS Meeting, Moscow
Common Scheme of Symbolic ModelingEnvironment DescriptionSet of Basic ProtocolInitial State of EnvironmentSafety Condition
Checking of Basic Protocol Applicability Proving Machine
If applicable: Change State of Environment
Selection of Basic Protocol
If not applicable
Checking of Properties (safety, reachability)
Trace Creating
New Trace Set of TracesVerdict
28-Aug-07
11INTAS Meeting, Moscow
Backward Trace Generation
Initial state
Inconsistency or safety violation
Initial state
Inconsistency or safety violation
Inconsistency or incompleteness could be unreachable by means of direct trace generation
If we’ll use backward trace generation we could reach initial state by means of deductive tools
28-Aug-07
12INTAS Meeting, Moscow
Static Requirements Checking
Static Requirements Checker proves the following properties:> Consistency;
> Completeness;
> User-defined safety conditions;
28-Aug-07
13INTAS Meeting, Moscow
Piloting and verification by VRS (CDMA)
Attribute Value Comment
Pages 971 Total number of pages in the source documentation
Requirements 6000 Total number of all requirements in the source documentation
Behavioral Requirements
1800 The number of behavioral requirements in the source documentation
Requirement Coverage
80% Percentage of the behavioral requirements which were formalized and then verified Formalization is still not completed due to a huge amount of findings detected
Basic Protocols 558 Total number of basic protocols developed from the covered behavioral requirements
Considered Trace Space
7*109 Total number of traces originated from the developed basic protocols and considered during the verification process
Findings 87 0:Low; 42:Medium; 45:High
Document errors 116 12:Low; 104:Medium; 0:High
Piloting Statistics
28-Aug-07
14INTAS Meeting, Moscow
Piloting and verification by VRS (CDMA)
Efforts Spent and Defects Found
Defects Found
Accepted 170
Rejected 29
Still uncertain 4
Total: 203
Effort in Staff-weeks Spent for
Studying documentation 1.8
Developing basic protocols 8.35
Trace generation 1.0
Trace analysis 0.05
Creating Verification Report 0.2
Total: 11.4
2.2 hours per defect; 3.2 hours per accepted defect
22% of defects are of HIGH
severity!
