CS 6110 – Formal Methods in System Design – Spring 2011

LATEST-LECTURE

Contents

• 1  Webpage Update history
• 2  HANDOUTS, WEEKLY SCHEDULE
• 3  PROJECTS
  • 3.1  Calendar for Remainder of Semester
  • 3.2  Project Group 1-1 Meetings, and Meeting Order
  • 3.3  Final Project Presentations
  • 3.4  Final Project Reports
• 4  Learning Objectives
• 5  Reading and other Reference Material
• 6  Possible Projects and Tools
• 7  Background Assumed
• 8  General Course Info
• 9  FAQs
• 10  Grading
• 11  College of Engineering Guidelines and ADA Policies

1  Webpage Update history

• I have placed a tidied-up Assignment 5 handout under Week7.
• Distributed Locking Protocol - description, and Promela/Murphi models added under Week7

2  HANDOUTS, WEEKLY SCHEDULE

You are required to read the indicated chapters ahead of time, at least cursorily, to get an idea of what will be covered.

• Week1
  • 1/11, L1
    • L1: Introduction to Formal Methods
    • Background written quiz given in class
    • Example of buggy binary search
    • Example of corrected binary search
    • Example of correct Peterson protocol
    • Lecture-1 slides pptx and pdf.
    • Background quiz pdf

  • 1/13, L2
    • Notes on model checking to be kept online
    • Read the references online to brush up on FOL; I’ll keep more notes soon.
    • Lecture slides pptx and pdf.
    • Results of the background quiz; individualized recommendations mailed.
    • L2: Review of the basics
    • Assignment 1 pdf. Also the tex file: tex.
    • Examples to look at: two-bytes.m – illustration2
• Week2
  • 1/18, L3
    • Lecture-3 slides pptx and pdf.
    • Link to Excerpts from Shavit and Herlihy’s book describing locking protocols.

  • 1/20, L4
    • Slides covering Flowchart Program (Binary Search) verification: Please go through the course modules of THIS VERIFICATION COURSE I once taught at Intel. Specifically, look at module3.pdf.
    • Lecture-4 slides pptx and pdf.
    • Assignment 2 pdf. Also the tex file: tex. SOLUTIONs:
      • pdf
      • My solution to the ’man/wolf/goat/cabbage’ problem.
      • My solution to the Bakery protocol
    • Reading: the DDHY92 paper
    • Reading: Multiple Promela files are kept here
• Week3
  • 1/25, L5
    • Lecture-5 reading material includes Chapter 21 of my book, and this: pdf and tex.

  • 1/27, L6
    • Notes in .txt format
• Week4
  • Lecture 7 [.tex] and [.pdf]
  • Assignment 3 [.tex] and [.pdf]
  • Solutions for Assignment 3
  • Possible projects [.txt]
  • Lecture 8 outline [.txt]
  • Gordon’s Program Verifier in Lisp, improved by Dr. Surya Mantha in 1989 mantha-verif.lsp and test input/output mantha-verif-tests.lsp
• Week5
  • Lecture 9 consists of these Promela examples [pdf] [tex], and Chapter 21, Sec 23.3, and Sec 23.4 from my book.
• Week6
  • Worksheet for this week [pdf] and [tex], and Relevant excerpts from the CGP book.
  • Added some notes on Büchi automaton product construction.
• Week7
  • Assignment 5.
  • Distributed Locking Protocol description in [pdf], model in Promela, and model in Murphi.
  • More Promela and SPIN tricks and insights are here in [.pdf] and [.tex].
• Week8
  • Notes for Lecture 15, Week 8
  • Many protocol models:
    • mutex-unfair.prm
    • mutex-fair.prm
    • dl1.prm
    • dl2.prm
    • dl3.prm
    • dl4.prm
    • dl5.prm
    • dl6.prm
    • fixed-handle-process.txt
  • Notes for Lecture 16 on BDDs, Week 8: [.pdf]
• Week9
  • Continued lecture on BDDs, demo of KLEE
    • Notes for Lecture 16, Week 8: Overview of KLEE-based Analyzers [.pptx] [.pdf]
    • Project overview guidelines [.pdf]
  • Project slide presentations
    • Many of the student project slides were presented
• Week10
  • Tuesday 3/15 - Remaining project presentations. Then
    • See fixed-handle-process.txt for the priority inversion fix.
    • These examples will help you appreciate partial order reduction, and when to expect reductions. The following examples, namely por1.prm, por2.prm, por3.prm, and por4.prm, show how subtle variations can affect the number of visited states of SPIN!
    • Crucial insights into why POR behaves so, and an alternate POR algorithm are described in chdl97-talk.pdf and two-phase-por-algorithm.pdf.
    • Lecture on Z3 (to continue on 3/17 also)
  • Thursday 3/17 -
    • See the following papers: “Satisfiability Modulo Theories: An Appetizer,” and “Z3: Applications, Enablers, Challenges, and Directions,” both available from here.
    • Project meetings. See § 3. You will be graded on the progress demonstrated at each project meeting.

      In lieu of physical 1-1s, I am expecting an email from each project group, so that I can lecture on SMT solvers. In this email, I am expecting:

      • feasibility data: what tools and methods will you use?
      • background data: what papers/resources have you found?
      • project partitioning: who will do what in your project group?
• Week11
  • Tuesday 3/29 - Lecture on Z3 continued.
  • Thursday 3/31 - See § 3. Project groups to present to me their progress over the Spring break.
• Week12
  • Tuesday 4/5 - Ganesh away. Greg available for consultations.
  • Thursday 4/7 - See § 3. Meetings conducted by Greg. Project groups to present to Greg their continued progress.
• Week13
  • Tuesday 4/12 - Ganesh away. Greg available for consultations.
  • Thursday 4/14 - See § 3. Meetings conducted by Greg. Project groups to present to Greg their continued progress.
• Week14
  • Tuesday 4/19 - Lecture
  • Thursday 4/21 - See § 3.
• Week15
  • Tuesday 4/26 - Project presentations. See § 3.3.
  • Last day of classes is 4/27, Wednesday.
  • Thursday 5/5 - Final reports due. See § 3.4.

3  PROJECTS

3.1  Calendar for Remainder of Semester

3.2  Project Group 1-1 Meetings, and Meeting Order

I am allowing 5 mins for 1-person projects, 7 mins for 2-person projects, and 9 mins for 3-person projects. The project meetings will be held in our class room (LCR) itself. The projects and the students are as follows.

By the midnight of 3/17/11, each group is required to send me two URLs for their project:

• The first should be a public link that I’ll link into the class website to advertise your work and help other groups see what you are up to, and perhaps share references and general ideas, tool findings, etc.
• The other should be a private link that I won’t link in. It is only for my own and Greg’s private use for monitoring progress. You may also want to keep things here that you don’t want to share.

3.3  Final Project Presentations

The final project presentations are to be made on April 26th. The presentation order is the same as with regular project 1-1 meeings. The project presentations will be held in our class room (LCR).

3.4  Final Project Reports

Your final project report must be formatted as per Springer LNCS guidelines. You may obtain Latex or Word files from the Springer site.

A significant percentage of your project grades will depend on how well written this paper is, and how much information/detail it reveals. It should also clearly document what each project member did (in a multi-person project). Please turn in the final project reports via handin to “project-reports.”

4  Learning Objectives

This course will cover several topics fundamental to computing, and illustrate them in realistic situations:

• Basics of writing specifications for sequential and concurrent hardware/software systems.
• Writing specifications that contain quantifications (first order logic).
• Creating models of systems, and showing the models to be correct (consistent).
• Verifying models versus the actual code/implementations.

I will examine concrete situations to drive points home, with focus on formal specification, formal testing, and verification. Possible discussion topics include sequential software, concurrent software, pipelined execution units (CPUs, including multicore), GPU kernels, and CPU/GPU interactions, threaded programs, and communicating (message passing) processes.

5  Reading and other Reference Material

This course will require you to program in Ocaml, as well as learn a fair amount of mathematical logic. It will also involve the use of several tools. Helpful references are attached:

• You are invited to read EXCERPTS from my book to learn about model checking, recursion, and a whole lot of facts about quantification.
• A book on Ocaml by Prof. Jason Hickey.
• A textbook “Calculus of Computations” by Profs. Bradley and Manna covering mathematical logic and decision procedures. A Springer link helps you take a look at this book. I highly recommend buying this book.
• Lecture notes on Automated Deduction by Prof. Barrett.
• A textbook by Prof. Michael J.C. Gordon covering several concepts from logic and verification.
• Murphi references are available from these sources:
  • Ulrich Stern’s dissertation in PS in PDF.
• Possible tools used in this course (one or more of these will be used):
  • Murphi verifier (most likely only cmurphi). We strongly encourage you to try and install cmurphi on your own machine.
  • We have placed a copy of cmurphi 5.4.4 on the CADE machines HERE. Also, an executable (machine-specific) which is normally located at cmurphi/src/mu is has been placed at ~cs6110/bin, so please include that in your Unix path.
  • KLEE
  • PiVC verifier
  • Yices SMT solver
  • Z3 SMT solver

6  Possible Projects and Tools

Here are possible projects and tools involved:

• Sequential C program correctness (SMT tools, KLEE, Hoare Logic provers, BDD/SAT based bounded model checking)
• Concurrent program checkers (various C and concurrent C verification and dynamic analysis tools, model checking tools such as Murphi and SPIN)
• Pipelined (out-of-order execution) processors (BAT, SMT tools, PVS)
• Graphical Processing Unit Kernels (PUG, SMT tools)
• MPI programs (ISP, DAMPI, TASS, GEM, and various others)

7  Background Assumed

A thorough understanding of Boolean algebra and basics of NFA, DFA, and Regular Expressions will be assumed. I hope to teach everything else through lectures and/or assigned readings (whose extent can vary depending on your background). If you don’t have a good computer science background, you will find functional programming and mathematical logic to be quite challenging. I am assuming enthusiasm to learn these topics, despite the hardships.

8  General Course Info

• Class Website: http://www.eng.utah.edu/~cs6110
• Class Room: MEB 3147 (Large Conference Room or LCR)
• Lecture Hours: TH 12:25 to 1:45
• Instructor: Ganesh Gopalakrishnan
• Instructor Email: firstname at utah edu cs backwards
• Instructor Office Hours: By email appointment
• Instructor Office Location: 3428 MEB
• TAs: None (but my RAs will generally help)

9  FAQs

(faq URL) – (faq.pdf)

10  Grading

Grading will be based on class participation, assignments, and class projects. 10% is for class participation which includes regular attendance (please let me know if you have a reason to miss a lecture). 50% is for the class project. Class projects are to be done in groups of size 3 (smaller groups are allowed upon approval). Each group member must keep a record of their individual contributions.

I will be asking questions either to the class at large, or choose to ask questions to specific individuals, but in an encouraging way. I will make sure to remind you of previous material you have studied and lead you to the answer. I am sorry, this is the only way to make sure that you are participating in the class, and that is why I am announcing it during the first lecture itself.

40% is for assignments. Discussions are encouraged; however, unless otherwise indicated, your final submissions must be based on original effort. Please ask me if you think that you are exceeding the limits of “reasonable collaboration.”

There will also be many questions designed to be solved as a group. You are therefore encouraged to form your project groups early. Again, for each group solution, you should individually document your role.

11  College of Engineering Guidelines and ADA Policies

Please read this link: http://www.eng.utah.edu/~cs6110/COE Guidelines Spring 2011.pdf.

This document was translated from L^AT_EX by H^EV^EA.