Discharging Assumptions
Explain the term Discharging Assumptions in Program Model Checking?
Expert
Environment assumptions (or filters) capture the knowledge about the usage of software units and they help to refine a naively generated environment. These assumptions need to be subsequently checked against implementations of the missing components (that represent the environment) in order to make sure that the entire system satisfies the desired properties. For example, you need to check assert(!empty()) whenever remove is invoked by a client application that uses IntSet.
Assumptions can be encoded in a variety of forms, such as predicates (!empty(), in the set example), finite-state machines, temporal logical formulas, or regular expressions that encode patterns of component operations that the environment may execute.
Checking component property (P) under environment assumptions (A) forms the assume guarantee paradigm, and it is the basis of many formal frameworks for modular verification (Jones 1983; Pnueli 1984): P is the guarantee that the component provides under assumption A. When A and P are temporal logical formulas, then it is possible to model check directly A => P on the unit closed with the universal environment; here “=>” denotes logical implication: P is checked only on the behaviors that satisfy (i.e., are filtered by) A. Alternatively, as discussed for the set example, you can encode the assumptions directly into the environment (in which case A is eliminated from the formula to be model checked).
Regular expressions are a familiar formal notation to many developers, and often easier to use than temporal logics for specifying environment assumptions. Regular expressions defined over the alphabet of unit operations describe a language of operations that can be initiated by the environment. As an example, java.util.Iterator presents a standard interface for generating the elements stored in a Java container such as a set. This interface assumes that for each instance i of a class implementing the Iterator, all client applications will call methods in an order that is consistent with the following regular expression assumption:
(i.hasNext; i.next(); i.remove()?)*
This expression encodes sequencing (a call to hasNext() must precede a call to next(), otherwise a runtime exception may be thrown if the iteration has no more elements) and also optional calls (remove()) that can be repeated 0 or more times (*). This assumption can be easily translated into code to encode a driver or the Iterator, or into an LTL formula that can then be used to be discharged with SPIN.
Normal 0 false false
Depict the requirement of a WAP gateway is necessarily or not?
You are to identify and research 3 different Requirements Management Tools. You will write a 3 page paper containing the following components: 1. For each RM tool, describe its major characteristics (or capabilities). 2.
Linker: Linker executes the linking of libraries with the object code to build the object code into an executable machine code.
What is meant by population explosion? Discuss the Indian scenario.
18,76,764
1928936 Asked
3,689
Active Tutors
1460893
Questions Answered
Start Excelling in your courses, Ask an Expert and get answers for your homework and assignments!!