Concurrent Programming and Verification: Outline1.122004/07/19 10:58:38 GMT-52007/04/07 16:45:25.534 GMT-5IanBarlandibarland@radford.eduJohnGreinergreiner@cs.rice.eduMosheVardivardi@cs.rice.eduIanBarlandibarland@radford.eduJohnGreinergreiner@cs.rice.eduConcurrencyLogicTemporal LogicVerification of Concurrent Programs
How can we know whether our programs have bugs?
This is the pre-eminent question in software engineering today.
Test suites are important, but no
amount of tests can conclusively show a program to be bug-free.
In concurrent programs in particular, bugs can be difficult to find
and replicate through trial (and error).
Ideally we would prove that
a program meets certain specs.
How to meet this goal routinely has been a
long-standing goal in computer science.
Historically, there have been significant difficulties in
making such proofs practical,
but verification technology is significantly improving.
In this module, we look at some of the issues involved —
how to describe, reason about, and verify properties —
specifically as applied to concurrency.
We will look at two related ways to understand concurrent programs.
First, we write small programs in Promela,
a language with a familiar C-like syntax,
but suited for concurrent programs.
We use Promela's partner tool, SPIN, to
verify various properties our program's behavior.
Second, we introduce
state-based transition systems —
an equivalent model for concurrent programs,
but one which is more suitable for reasoning about their behavior.
Together, Promela and SPIN are
designed to easily let us check for
many common concurrency behaviors.
Historically, SPIN allowed only a collection of
special-purpose checks.
More generally, however, we can use temporal logic to
express our own properties for SPIN to check.
We will look at this special kind of logic
and see how to apply it to verification.
This module is meant to be taught within the context of a
concurrent programming course,
or an operating systems course covering the basics of
concurrent programming.
As such, this will not cover concurrent programming techniques.
However, we will quickly review the necessary background.
OutlineBasic issues —
an optional review of the necessary background
(with
exercises)
Modeling —
an overview of modeling and verifying concurrency,
using Promela and transition systems
(with
exercises)
Temporal Logic —
for specifying other concurrent behaviors
(with
exercises)
Other references:
The SPIN home page
The
SPIN
book.
Several examples in our notes are inspired by this book.
On-line
manuals for Promela and SPIN.
Installing
SPIN
jspin, SpinSpider: Tools for Teaching Concurrency with Spin