Administrative Information
Instructor : Moonzoo Kim
- Office: 2434 (located at the east wing)
- Phone: 042-869-3543
- E-mail: moonzoo@cs.kaist.ac.kr
- Lecture hour : Tuesday and Thursday 10:30 AM - Noon
- Office hour : Tuesday and Thursday 1:30 PM - 3:00 PM
- Classroom : 3444
- Grade policy:
- Seminar presentations (2 times) 50% (talk should be given in English)
- Midterm exam : 30%
- Homework (2~3 times) : 20%
- Prerequisite: CS322 Formal language and automata
- Note: The official language of this class is English
Syllabus
Background
As more and more computing systems are deployed as embedded systems in our daily life, the correctness of these systems is becoming a crucial issue. Unfortunately, current status of research on formal nature of computing systems is not mature enough for realizing ubiquitous computing without risk. Formal verification can increase the reliability of computing systems with rigorous modeling and complete verification. This class focuses on application of formal verification for software systems.
Topics covered during the first half of the class
First, we will cover model-oriented approach as a starting point. We will handle Calculus of Communicating Systems (CCS) and Promela for this purpose. Process algebra CCS has its advantage in concise syntax and clear semantics and serves as a basic framework of formal verification. In contrast, Promela is a comparatively rich language similar to C. Thus, Promela is more suitable to modeling real systems.
Topics covered during the second half of the class
Then, we will study currently available code-oriented approaches such as BLAST and Java Pathfinder. In these frameworks, a key is how to extract a formal model from a complex code through sound abstraction. In addition, we study the Esterel framework which generates C codes from a correctness-proven formal model. Thus, it can serve as a total framework from design to implementation, but with limited expressiveness.
Course Schedule
- Wk 1~3 (Sep 5 ~ Sep 21) : Process algebraic approach - CCS and concurrent workbench
- Wk 4~6 (Sep 26 ~ Oct 12) : Programming language modeling approach - Promela and SPIN
- Wk 7 (Oct 17 ~ Oct 19): Q&A session and mid-term exam
- Wk 8~13 (Oct 24 ~ Nov 30): Code-based verification frameworks
- Wk 14~15 (Dec 5 ~ Dec 14): (optional) Esterel - WYPWYE framework (What You Prove is What You Execute)
Reading Materials
Main texts of the class are published papers. Reading list will be announced soon. In addition:
- Process Algebra by R.Cleaveland and S.A.Smolka
- The Spin Model Checker (Spin home page)
- The Esterel v5 Language Primer ver. 5.91 by G. Berry (Ch2- Ch4)
- Concurrency Workbench of the New Century (CWB-NC) (You are required to download and use CWB-NC for HW#1.)
- Reader/Writer Program by M.Kim and I.Kang
- The Linear Time-Branching Time Spectrum I by R.J. van Glabbeek
- JSpin (user interface for SPIN)
The following tools/projects are central to the second half of the class:
Lecture Slides
- Sep 5 : Background on Formal Methods
- Sep 7 : Intro. to Process Algebra
- Sep 12 : Formal Semantics of CCS
- Sep 14 : Equivalence Semantics of CCS
- Sep 19 : Case study of multiple reader/writer system
- Sep 21 : Equivalence hierarchy
- Sep 26 : Linear Temporal Logic
- Sep 28 : Algebra of Communicating Shared Resources (ACSR)
- Oct 10 : Model checking - Spin (1/3)
- Oct 12 : Model checking - Spin (2/3)
- Oct 17 : Model checking - Spin (3/3)
- Oct 19 : Case study - High availability protocol
- Oct 24 : No class
- Oct 26 : MID-TERM WRITTEN EXAM 10:30 - noon
- Nov 1 : MID-TERM PRACTICE EXAM 7 - 10 pm
- Counter Example Analysis
- Oct 31 : Error Explanation and Fault Localization in Testing "Isolating Cause-Effect Chains from Computer Programs" A.Zeller ACM FSE 2002 by Yoonra Choi (slides)
- Nov 2 : Error Explanation and Fault Localization in Model Checking "Error explanation with distance metrics" A.Groce, S.Chake, D.Kroening, O.Strichman, IJTTT vol 8#3 by Yoonra Choi (slides)
- BLAST
- Nov 7 : "Lazy Abstraction" T.A.Henzinger et al, POPL 02 by Jinseong Jeon (slides)
- Nov 9: "Thread-modular Abstraction Refinement" T.A.Henzinger et al, CAV 03 by SeongGun Kim (slides)
- Nov 14 : "Generating Tests from Counterexamples" Dirk B. et al, ICSE '04 by Jinseong Jeon (slides)
- Nov 16 : "Checking Memory Safety with BLAST" D.Beyer, et all, FASE '05 by SeongGun Kim (slides)
- SLAM
- Nov 21 : SLAM overview by Sangwoon Park - "Automatically Validating Temporal Safety Properties of Interface", T.Ball, S.K.Rajamani, POPL 2002 (slides)
- Nov 23 : c2bp (model creation) by Sangwoon Park - Automatic Predicate Abstraction of C Programs, T.Ball, R.Majumdar, T.Milstein, S.K.Rajamani, PLDI 2001 (slides)
- Nov 28 : bebop (model checking) by Yoonkyung Ahn - "Bebop: A Symbolic Model Checker for Boolean Programs" , T.Ball, S.K.Rajamani, SPIN 2000 (slides)
- Nov 30 : newton(model refinement) by Yoonkyung Ahn - "Generating Abstract Explanations of Spurious Counterexamples in C Programs", T.Ball, S.K.Rajamani (slides)
- Java PathFinder
- Dec 5 : "Model Checking Programs", W.Visser, et al, Automated SE journal vol10#2 2003 by Heejin Ahn
- Dec 7 : "Addressing Dynamic Issues of Program Model Checking", F.Lerda and W.Visser, SPIN 2001 by HyunIk Na
- Dec 12 : "Test Input Generation with Java PathFinder", W.Visser, et al, ISSTA 2004 by Heejin Ahn
- Simplify Theorem Prover
- Dec 14 : "Simplify: A Theorem Prover for Program Checking", D.Detlefs, G.Nelson, J.B. Saxe by Joseph Kwon