Software Specification, Verification and Validation CIS 775

1
Software Specification, Verification and
Validation (CIS 775)

• Elsa L Gunter
• 4303 GITC
• NJIT, http//www.cs.njit.edu/elsa/775-spring2004

2
Buchi Automata

• Buchi Automaton B lt ? ,S, ?, I, L, F gt
• ? alphabet (for us, variable assignments or sets
  of atomic propositions)
• S set of states (eg. mappings of variables to
  values)
• ? ? S ? S called the transition relation
• I ? S the initial states
• F ? S the final states
• L S ? 2? the labeling function,

3
Language of Buchi Automata

• An infinite sequence ?1, ?2, ?3, is in the
  language of B, L(B) if there exists an execution
  (or run) of B, s1, s2, s3, such that
  
• each si ? S and
• each (si, si1) ? ?,
• and ?i ? L(si) for all i
• and i si ? F is infinite

4
Example

• Automaton for ltgt InCritSect
• ? , InCritSect InPrivate
• InCritical,InPrivate
• L(S0) InCritSect,InCritical,InPrivate
• L(S1) ,InPrivate
• F S0

S0
S1
5
Formulae as Labels

• Recall L S ? 2? the labeling function
• ? sets of variable asignments
• L(si) ? shorthand for L(si) models(?)
• Let ?1, ?2, ?3, be infinite sequence of
  assignments
• For sequence to be accepted want ?i
  L(si), i.e. ?i ? models(L(si ))
• Let ?1, ?2, ?3, be sequence of formulae
• Require ?i ? L(si),
• i.e. models(?i) ? models(L(si))

6
A Transition System

• A (finite) set of variables V over some
  domain(s).
• A set of states S
• A state s ? S is an assignment of values to
  variables
• A (finite) set of transitions T, each transition
  e?t has
• an enabling condition e, and
• a transformation t.
• An initial condition p.

7
Buchi Automaton Generated by Transition System

• (V,S, ?,T,p) transition system
• Alphabet assignments over V
• States are the states of the transition system
• Transition relation ? (s,s) ?? e?t ? T.
  s e, t(s) s
• I s ? S s p models(p) ? S
• L(s) s
• F S

8
The state space
9
Buchi Automaton with Propositions

• Alphabet Sets of atomic propositions
• L(s) A A atomic prop, A true is s
• Determined by programmer, or tester, not directly
  calculated from assignment

10
The state space

• CR, NC0, NC1

11
P state predicate or proposition
P
true
12
P ? Q
P ? Q
true
13
P ? Q
true
14
OP true ? OP
true
P
true
15
P U Q Q ? (P ? O(P U Q))
true
16
P V Q Q ? (P ? O(P V Q))

• Q ? (P ? O(P V Q))
• (Q ? P) ? (Q ? O(P V Q))

Q ? P
Q
true
17
PP ? O P
P
18
ltgtP P ? OltgtP
true
19
ltgtP

• ltgtP ltgtP ? OltgtP
• (P ? OltgtP) ? OltgtP
• (P ? OltgtP )? (OltgtP ? OltgtP)
• (P ? OltgtP )? O(ltgtP ? ltgtP)
• (P ? OltgtP )? OltgtP
• (P ? OltgtP )? (true ? OltgtP)

20
ltgtP
21
ltgtP
22
ltgtP
23
ltgtP
P
24
ltgtP
P
25
Combining Automata

• Given two Buchi automata over the same alphabet A
  lt ?,S1, ?1,I1,L1,F1 gt and B lt ?,S2, ?2, I2,
  L2, F2 gt want an automaton A o B whose language
  L(AoB)L(A) ?L(B)