Documenting SMV Assignments for COMP 408

The SMV files that I provide for doing exercises may contain bugs which have been placed there deliberately. Please do not post to the newsgroup asking whether there is a bug in a file. If you spot a bug in a file, try to locate the property that would have caught the error (see the second part of "what to turn in" below). Do not simply correct the file, as the ability to find and interpret errors is one of the skills I want you to develop in this course.
Document your properties with an English description (not a direct CTL translation -- for example, if the property is "AG (p -> AF q)", I want descriptions like "whenever p is true, q is eventually true", not "for all states on all paths, if p is true then on all paths there is a future state in which q is true"). Put these descriptions in as comments in the SMV file, with each description located just before the corresponding SPEC. If you have a group of related properties (for example, if you need to verify that the same general property holds of each of three pairs of variables), you can write one English comment for the entire group.

Analyzing an error track consists of three steps:

Summarize the information you got out of the error track (ie, describe the sequence of events that lead to the error). Your goal here should be to summarize only the information that is relevant to the error; SMV will give you a trace of all variables, not all of which actually matter for the property you are verifying.
Try to explain the cause of the error (ie, the property failed to consider the case where X happens, I had misunderstood that the system could do Y, a typo was made when entering the formula, etc).
Describe briefly what you need to do to fix the error (ie, I need to add condition X to the property, I need to add a FAIRNESS assumption, etc).

A printout of the final version of the SMV file for the problem.
If you found errors in the state machine definitions, provide an error track analysis for any one error track that lead you to finding such a bug in the design. Describe the change you had to make. If I had provided you with the original SMV file, describe to me where you made changes to the original file.
Error track analysis for one property that failed because the property was incorrectly stated. Pick a property that did not verify on the first try (presumably you won't get them all right on the first try, though if by chance you did, say so explicitly). Write up analyses of two iterations of debugging this property (ie, write up the first error track, change the property according to the error, then write up the next error track you get for that same property). If you had only one iteration of errors on all properties, just write up that one iteration for any one property. If you had more than two iterations of errors, you don't have to submit anaylses for the remaining errors.