CS 525V (S02) : Introduction to Computer-Aided Verification

Assignment Goals

This assignment is designed to assess:

• Your ability to digest technical papers on verification,
• Your skills at asking and answering questions on verification papers, and
• Your ability to contrast new verification approaches to ones you've already studied.

Collaboration Policy

You must do this assignment entirely on your own, without consulting other students or resources (other papers, web pages, etc). You may discuss the assignment with me.

The Assignment

In 1998, Clarke, Biere, and others proposed Bounded Model Checking. This assignment considers bounded model checking in the broader context of verification.

1. How does bounded model checking compare to standard LTL/CTL model checking?

2. How does bounded model checking compare to Alloy?

3. The file staterel.als provides an Alloy spec for a simple state machine. In order to deepen the comparison between Alloy and bounded model checking, do the following exercises:

   1. Using the semantics/technique given in Jackson's Automating First-Order Relational Logic paper [PDF | PS ], translate the staterel model into a boolean formula. Show both the intermediate representation and the final formula.

      Document your translation thoroughly! If you simply give me one long, uncommented formula, I won't read it. Use intermediate variable names in your formulas for clarity. For example (the info in the comments is made up for demo purposes only -- don't try to make sense out of the details):

        ;; A is the set of all objects -- comes from line 3 of Figure 1
        A = a + b + c
        ;; D is the set of choices -- comes from line 16-18 of the model
        D = d + e
        ;; F is the full formula
        F = A * D
      

   2. Use Alloy to get a concrete example of a state machine that satisfies staterel.als. Using the technique in the bounded model checking paper, translate the concrete state machine into boolean formulas. (Follow the same documentation guidelines as in the previous question. Also provide a description (picture fine) of the concrete machine you are using for this problem).

4. Propose and answer up to eight questions about bounded model checking. Your questions and answers should be sufficient in scope and depth that someone trained in verification could use them to decide whether to try bounded model checking.

   This question asks whether you understand what matters in verification, both in theory and in practice. Keep your answers clean and crisp -- I'm looking for quality, not quantity. Excessive writing may count against you. Turn in no more than 3 pages on this part of the assignment.