Course Material Caltech 2011

Logic Model Checking, Caltech 2011, Winter Term

Course Material CS 118, TThu, 1:00-2:25pm, 107 Annenberg

Logic Model Checking

This course offers an introduction to the theory and practice of logic model checking as an aid in the formal verification of concurrent and multi-threaded software systems. The specific focus is on the automata-theoretic verification method, on the formalization of properties in linear temporal logic, and the use of the Spin model checker.
Towards the end of the course we will also cover model-driven verification techniques and swarm-based verification methods using grids or shared-memory machines.

Assignments: The course consists of 18 lectures, 7 assignments, and self-paced work with the Spin model checker. Some of the assignments will require significant labtime/home-work, working on finding abstractions for problems such that verification becomes tractable. The last two assignments are most important and each count for 25% of the grade. The first five assignments count for 10% of the final grade each. All assignments require individual work (there are no team assignments). The maximum score for each assignment is 100 points. If you send in your solutions late, 10 points are deducted for every 24 hour period or part thereof. (I.e., at the start of the 10th day late, zero points remain.)

A letter grade for the course is derived from the following ranges for the weighted average score on all assignments:

	95 - 100  = A+
	85 - 94   = A
	80 - 84   = B+
	70 - 80   = B
	65 - 69   = C+
	55 - 64   = C

Labtime/Homework: In the first week of the course you will be asked to download and install the latest version of Spin model checker on your preferred system. Throughout the course you are expected to experiment with it to learn in more detail about concepts explained in the lectures.
You are encouraged to try small examples to develop and fine-tune model building, abstraction, and verification skills, and to develop insight in the verification strategies that are typically used with model checkers. Self-paced lab work is required and all students are encouraged and expected to ask questions about this work in class throughout the course.

At the end of the course you should have a good fundamental insight into the theory of logic model checking based on automata-theoretic verification, and the direction in which the research in this area is evolving. At this point you should be able to handle significant real-world software verification problems, especially of systems involving concurrency.

Lectures

You are strongly encouraged to attend the lectures, to ask questions, to start discussions.

Assignments and Exercises

All assignments and exercises are posted here, with their due dates.
Solutions to the assignments must be send in by the due date, and count for the final grade.
Excercises are for you to gain experience with key concepts and need not be handed in.
Solutions to the assignments and exercises are not posted here, but only discussed in class.

Exercises

by January 6:

Install Spin version 6.0.1 on your system.
Download the full source distribution, compile it (you must have gcc or equivalent on you system) and install it on your system. If using a PC, make sure you can compile the code correctly (see make_pc in the Spin/Src6.0.1 directory from the distribution). Try the test-cases from the Spin/Test directory.
Install the Spin GUI ispin Version 6.0.3 (you must have tcl/tk and graphiz/dot installed on your system). If needed, follow the online instructions.
Note: if you downloaded and installed this before, you may need to install the latest version (6.0.3), which is dated January 4, 2011. (There was a glitch in the earlier versions of iSpin.)

by January 11:

Read Chapters 1-3 of the course textbook.
Do exercises 1a through 1h from: exercises

by February 3:

Read Chapters 4-5 and Appendix B.
Take a look at the first two links below under Background material.

By February 22:

Chapters 6, 7, and Appendix A.

By February 29:

Chapters 8, 9, and 14.

By March 8:

Chapters 10 and 17

Assignments

#	posted	due	noon	pdf
1	January 11	Tuesday	January 18	PDF
2	January 18	Tuesday	January 25	PDF
3	January 25	Thursday	February 3	PDF
4	February 8	Tuesday	February 15	PDF
5	February 15	Tuesday	February 22	PDF
6	February 22	Tuesday	March 1	PDF
7	March 1	Thursday	March 10	PDF

Instructor

Gerard Holzmann, gholzmann [at] acm.org

Teaching Assistant

Mihai Florian, MC 305-16, ph: 626-395-5987, mflorian [at] cs.caltech.edu

Course Website

you found it: http://spinroot.com/cs118/

Background material

New ACM Paper on out-of-order execution on modern processors
New Spin model based on this paper, showing the bug in Peterson's mutual exclusion algorithm when executed on a modern processor
How many CPUs are there in a Mercedes S-class car? (50!)
NIST report on economic impact of faulty software
Standish survey of software projects
Model Checking overview by Stephan Merz
Wiki entry on formal verification
IEEE Spectrum: Why software fails
Wired: History's Worst Software Bugs
CNN/Money: Prius hybrids dogged by software
Computerworld: Buggy software costs $60B annually
Embedded.com: Automotive industry software bugs

Course Textbook

Required:

The Spin Model Checker: Primer and Reference Manual.
Gerard Holzmann. Addison-Wesley, 2004.

Optional:

Principles of Spin,
Moti Ben-Ari, Springer Verlag, Jan. 2008.
Principles of Model Checking,
Cristel Baier, Joost-Pieter Katoen, Kim Larsen, MIT Press, May 2008.
Principles of concurrent and Distributed Programming,
Moti Ben-Ari, Addison-Wesley, 2006, 2nd Edition, based on Spin.
Model Checking,
Ed Clarke, Orna Grumberg, and Doron Peled. MIT Press, 1999.
Systems and Software Verification: Model-Checking Techniques and Tools,
Beatrice Berard, Michel Bidoit, Alain Finkel, et al, Springer Verlag, 2001.
Logic in Computer Science: Modelling and Reasoning about Systems,
Michael Huth and Mark Ryan, Cambridge Univ. Press, 1999.
Introduction to Automata Theory, Languages, and Computation (2nd Edition),
John Hopcroft, Rajeev Motwani, Jeff Ullman, Addison-Wesley, 2000.
Verification of reactive systems,
Klaus Schneider, Springer-Verlag 2004.
Formale Modelle der Softwareentwicklung (in German),
Stephan Kleuker, Vieweg-Teubner Verlag, 2009. Covering Spin, Uppaal, and Petri Nets.

For more on mutual exclusion algorithms, and design of distributed algorithms in general, consider also:

Algorithms for Mutual Exclusion, Michel Raynal, MIT Press, 1986.
Distributed Algorithms and Protocols, Michel Raynal, Wiley&Sons, 1988.
Topics in Distributed Algorithms, Gerard Tel, Cambridge Univ. Press, 1991.

Spin homepage