Mercurial > hg > Members > kono > Proof > automaton

annotate a13/lecture.ind @ 394:d860e357fe5f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
...
author Shinji KONO <kono@ie.u-ryukyu.ac.jp>
date Mon, 31 Jul 2023 10:02:46 +0900
parents bee86ee07fff
children b85402051cdb
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
127
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
1 -title: モデル検査とSAT
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
2
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
3 --モデル検査
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
4
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
5 --SAT
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
6
164
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
7 Boolean Formula の satisfiabity を調べるツール
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
8
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
9 時間は入ってない
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
10
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
11 <a href="https://github.com/msoos/cryptominisat"> cryptominisat </a>
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
12
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
13 --Spin
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
14
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
15 <a href="https://github.com/nimble-code/Spin"> Spin </a>
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
16
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
17 Promela という言語で仕様を記述するモデル検査
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
18
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
19 比較的大きな仕様まで検証できる
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
20
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
21 --JavaPathfinder
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
22
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
23 Javaのモデル検査器。Thread を見てくれる。
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
24
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
25 --CPAcheker
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
26
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
27 Cで書いたプログラムを検証してくれる
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
28
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
29 <a href="https://cpachecker.sosy-lab.org/doc.php"> CPachecker</a>
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
30
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
31 --mCRL2
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
32
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
33 独自言語
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
34
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
35 <a href="https://www.mcrl2.org/web/user_manual/index.html"> mCRL2 </a>
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
36
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
37 --PRISM
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
38
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
39 確率付きオートマトン
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
40
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
41 <a href="http://www.prismmodelchecker.org/people.php"> PRISM </a>
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
42
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
43 --TLA+
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
44
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
45 <a href="http://lamport.azurewebsites.net/tla/toolbox.html"> TLA+ </a>
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents: 127
diff changeset
46
127
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
47 --nuXmv
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
48
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
49 <a href="https://nuxmv.fbk.eu">nuXmv </a> <br>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
50
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
51 <a href="http://nusmv.fbk.eu/NuSMV/tutorial/index.html"> tutorial </a> <br>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
52
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
53 a か b のどちらかを非決定的に取る automaton を考える。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
54
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
55 MODULE main
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
56 VAR
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
57 state : {a, b};
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
58 ASSIGN
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
59 init(state) := a;
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
60 next(state) := {a, b};
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
61
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
62 状態 a から始まって、任意のaとb の木構造な可能な実行がある。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
63
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
64 それぞれの可能な実行を path という。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
65
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
66 --CTL
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
67
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
68 A はすべてのpath、E はあるpath について成り立つ。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
69
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
70 G はすべての時間(□)、F はいつか(<>)。これの組み合わせになる。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
71
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
72 a U b は、b になるまでずーっとa 。b になる必要はある。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
73
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
74 SPEC AG state=a
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
75 SPEC EG state=a
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
76 SPEC AF state=a
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
77 SPEC EF state=a
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
78 SPEC A [ state=a U state=b ]
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
79 SPEC E [ state=a U state=b ]
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
80
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
81 --LTL
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
82
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
83 一つの時間軸についてだけの様相論理。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
84
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
85 G はすべての時間(□)、F はいつか(<>)。これの組み合わせになる。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
86
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
87 a U b は、b になるまでずーっとa 。b になる必要はある。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
88
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
89 nuXmv は false になる可能性を調べる。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
90
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
91 LTLSPEC G state=a
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
92 LTLSPEC F state=a
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
93 LTLSPEC G [ state=a U state=b ]
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
94 LTLSPEC F [ state=a U state=b ]
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
95
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
96 --smv example
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
97
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
98 <center><img src="fig/semaphore.svg"></center>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
99
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
100 このセマフォは、critical にずーっと入れるので成り立たない性質がある。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
101
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
102
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
103 % nuXmv -int test7.smv
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
104
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
105 <a href="smv/test7.smv"> test7.smv </a>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
106
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
107 % nuXmv test8.smv
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
108
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
109 <a href="smv/test8.smv"> test8.smv </a>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
110
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
111 % nuXmv test9.smv
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
112
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
113 <a href="smv/test9.smv"> test9.smv </a>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
114
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
115 % nuXmv test10.smv
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
116
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
117 % nuXmv -bmc -bmc_length 4 test10.smv
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
118
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
119 <a href="smv/test10.smv"> test10.smv </a>
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
120
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
121 --その他の例題
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
122
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
123 <a href="http://nusmv.fbk.eu/examples/examples.html"> http://nusmv.fbk.eu/examples/examples.html
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
124
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
125 ---問題13.1
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
126
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
127 Turing machine の停止性のように、プログラムの正しさは原理的に証明することはできない。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
128 それにも関わらずシステムの信頼性を高めるにはどうすれば良いか? 定理証明やモデル検査器
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
129 に触れつつ800文字程度で考察せよ。
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
130
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
131 <a href=""> 例題 </a> <!--- Exercise 13.1 --->
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
132
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
133
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
134
0e8a0e50ed26 add some files
Shinji KONO <kono@ie.u-ryukyu.ac.jp>
parents:
diff changeset
135