Tutorial 1: |
Testing, Optimization, and Games
(by Mihalis Yannakakis)
Yannakakis_ATVA2006_Tutorial.pdf
|
|
We will discuss algorithmic problems arising
in the testing of reactive systems
(i.e. systems that interact with their environment),
modeled by various types of state machines.
The goal is to design test sequences so
that we can deduce desired information about the given system
under test, such as whether it conforms to a given
specification model, or whether it satisfies
given requirement properties.
Test generation can be approached from different points
of view - as an optimization problem of minimizing cost
and maximizing the effectiveness of the tests; as a game
between tester and system under test; or as a learning problem.
We touch on some of these aspects and related algorithmic questions. |
Tutorial 2: |
Introduction to Generalized Symbolic Trajectory Evaluation (by Jin Yang)
Yang_ATVA2006_Tutorial.pdf
|
|
Generalized Symbolic Trajectory Evaluation (GSTE) is a symbolic model checking
approach that combines the high capacity of STE with the expressive power of
traditional symbolic model checking. It has been successfully applied
to the formal verification of complex Intel micro-processor designs with
tens of thousands of state elements.
GSTE uses an operational style specification for describing a functional
property of a hardware circuit. Model checking in GSTE is based on a form of
symbolic simulation with a
tightly integrated dynamic quaternary abstraction mechanism that explores
the shape of the
specification to achieve high verification capacity.
As such, the complexity of model
checking in GSTE mostly depends on the complexity of
the specification rather than the
complexity of the circuit under verification.
A brief introduction to some of the key aspects of GSTE is to be given. |
Tutorial 3: |
Secrets of SLAM (by Thomas Ball)
Ball_ATVA2006_Tutorial.pdf
|
|
Model checking is a technique to find bugs in systems by
systematically exploring their state spaces. Due to state space explosion,
model checkers typically operate on a manually constructed finite-state
abstraction of the system. The goal of the SLAM project is to model check
software written in common programming languages directly. SLAM has been
successfully used to find and fix errors in Windows device drivers
written in the C language.
SLAM operates by automatically constructing and refining model-checkable
abstractions (called Boolean Programs) of a C program. The first part of
this tutorial will describe how the SLAM project has combined and extended
results from the areas of program analysis, model checking and
theorem proving to analyze critical properties of systems software
written in the C language. The second half of the tutorial will present some
of the engineering "secrets" we applied to the basic SLAM process to
improve its performance on Windows device drivers. |