12

Formal Methods

Jos Baeten, TU/e

12Formal methods

Is the mathematics of software engineering.

Modeling, calculation.

12Formal Methods

Research in Formal Methods is a systematic and scientific study of issues in computer science, based on solid mathematical principles.

Formal Methods apply to systems and constructions used in computer science.

These constructions are described exactly in a formal syntax and are supplied with a formal semantics whenever appropriate.

12

Formal Methods increase understanding of systems, increase clarity of description and help solve problems and remove errors. Use of Formal Methods increases dependability and usability of constructions and systems in computer science.

Why Formal Methods?

12Why Formal Methods?

Software (+ hardware) Engineering is craft, not science.

- Complex- No margin of error- Local action has global consequences- Discrete

- (no intra-, extrapolation, some statistics possible)

12

Quality control

Process

Product

Quality assurance

safety + liveness

12Formal Methods

Specification - descriptive

Verification - analysis

12Specification

Communication between designers.

Control and data.

“What” over “how”.

Reactive, parallel, distributed systems.

12Verification

Not pde but discrete math calculation.

Logic and deduction.

All behaviours. Parameters.

Hierarchy of abstraction.

Model needs to be validated against reality.

12Issues and choices

Selection:

- Level of formality: 1. Math. argument

2. Formal spec. 3. Verif. system

- Part of system, selected components

- Selected properties

- Part of lifecycle

- Level of abstraction

12Specification: varieties

• Model-oriented: operational. Z.

• Property-oriented: logical. CTL/LTL.

• Concurrency. Process algebra.

12Verification: varieties.

• Consistency analysis and type checking

• Validation: animation, challenges.

• Predicting behaviour and verifying refinement– State space exploration, model

checking, language inclusion– Theorem proving, proof checking

12Certification of critical systems

Can never achieve failure rate of 10-9.

12User

req. def.

Sw. req. def.

Arch.design

Detailed design

Code

Acceptance tests

System tests

Integration tests

Unit testsDocs

Verif.

12Alexander

theory

EREA,PVS

ADL

SDL, MSC,Spin, PVS, Z

Invariants,PVS

RPA

Spin, PVS,TTCN, TorXDocs

Verif.

12Advantages of FM

Precision engineering

Complexity engineering

Correctness engineering

Automation engineering

12History1956 Noam Chomsky models language

1957 John Backus defines Fortran syntax

1958 Haskel Curry and Robert Feys describe propositions-as-types analogy

1960 Peter Naur applies BNF to ALGOL60

1968 Adriaan van Wijngaarden defines ALGOL68, experiments with , 2 l. grammar

1968 Donald Knuth invents attribute grammars

12History1968 Dana Scott denotational sem. for 1969 Tony Hoare axiomatic semantics1970 N.G. de Bruijn Automath1972 IBM Vienna: FM for PL/I design1974 Goguen Thatcher init. alg. sem. data types1977 Joseph Stoy book denotational sem.1978 Dines Bjørner, Cliff Jones VDM1979 Philips Brussels CHILL design

12History1980 Robin Milner CCS

1980 Jean-Raymond Abrial Z

1980-1990 Gerard Holzmann SPIN

1983 Jan Bergstra ACP

1985 Ed Brinksma LOTOS

1985-1995 ESPRIT: CIP, OBJ, PLUSS, ASL, Larch, SDL, ExSpect, ADJ, ASF, SDF, PSF, PVS, COLD, SPRINT, ERAE, CLEAR, …

12History1993 VDM Europe becomes FME

1997 Intel establishes FM group after Pentium

1999 FM World

Commercial firms offering FM (Verum, FDR)

FMICS, IFM

12IngredientsSyntax States

Logic Transitions

Proof Execution

Data types Communication

Modularisation Abstraction

Type system Timing

Object orientation Hybrid systems

12Semantics

Denotational

De Bakker, Rozenberg

Operational

Axiomatic - assertional

Kuiper, Jonkers, De Boer

12Varieties

LogicLogic: thm proving PVS, COQ

Hooman, Poll, Barendregt, Hesselink

Temporele logica: CTL, LTL: Kuiper

Game theory: v.d. Herik, De Bruin

Categories, co-algebras: Rutten, Jacobs

Multi-agent systems: Renardel

12Varieties

EquationalEquational: -calculus Barendregt

term rewriting Klop, v. Oostrom, Zantema

type theory: Barendregt, Swierstra

ASF+SDF: Klint

Program derivation: Meertens

Process algebra: Bergstra, Fokkink, Baeten, Groote, Brinksma

12Varieties

OperationalOperational: sequential: Z, VDM, LarchSOS Fokkink, ReniersI/O automata VaandragerPetri nets Van Hee, Van der AalstModel checking Larsen KatoenGraphs Rozenberg Rensink RoodaTorX Tretmans

12VarietiesVisualVisual: MSC, Petri nets

12ApplicationsSoftware Engineering,

in particular components, coordinationEmbedded Systems (hybrid systems)Business ProcessesBiological ProcessesSecurityWeb services & grid computingAgents, games, quantum & relativistic

comput.