Introduction to Alloy

Similar documents
Mapping a course for Pocket Caddy

Breaking Up is Hard to Do: An Investigation of Decomposition for Assume-Guarantee Reasoning

Handicapping Process Series Part 6 of 6: Wrapping It Up

The Cooperative Cleaners Case Study: Modelling and Analysis in Real-Time ABS

Using MATLAB with CANoe

April 2008, Number 49 ALL-WAYS TM NEWSLETTER

Introduction to Pattern Recognition

A Proof-Producing CSP Solver 1

Fencing Time Version 4.3

How to Optimize the Disposal System With Staggered Analysis Using BLOWDOWN Technology. Jump Start Guide

Become Expert at Something

WORKSHOP SAFE ENGINEERING

CASE STUDY. Compressed Air Control System. Industry. Application. Background. Challenge. Results. Automotive Assembly

An STPA Tool. Dajiang Suo, John Thomas

Mapping a Magnetic Field. Evaluation copy. Figure 1: Detecting the magnetic field around a bar magnet

February 2018 METRO TRANSIT RIDERSHIP AUDIT PROGRAM EVALUATION AND AUDIT

International olympiads in Informatics in Kazakhstan. A. Iglikov Z. Gamezardashvili B. Matkarimov

Combination Analysis Tutorial

ORG. Application example. Special Grippers O-ring Assembly Gripper. Weight 1.35 kg. Ring diameter O.D. Assembly appr.ø 5 mm.. ø 160 mm.

Diver-Office. Getting Started Guide. 2007, Schlumberger Water Services

Slide 1 - Welcome to an Overview of the Student Center and New Titan Online

Jackpot Rodeo - A Tutorial

The three steps for biomechanical assessment are the following: > Periodically verify the results and the efficacy of treatment

Basic STPA Tutorial. John Thomas

It is often said in sports that records are made to be

uemis CONNECT: Synchronisation of the SDA with myuemis

The Safety Case. The safety case

- 2 - Companion Web Site. Back Cover. Synopsis

Guidelines on Surveys for Dynamic Positioning System

Distributed Systems [Fall 2013]

CSM Pre-Test. 3) Who is responsible for achieving a Sprint Goal? A) ScrumMaster B) Product Owner C) Project Manager D) Scrum Development Team

Microsoft Excel To Model A Tennis Match

COLREGS Based Collision Avoidance of Unmanned Surface Vehicles

Autonomous blimp control with reinforcement learning

Touch Screen Guide. OG-1500 and OG Part # T011

The system design must obey these constraints. The system is to have the minimum cost (capital plus operating) while meeting the constraints.

FOUNDATIONS OF ECONOMICS BY ANDREW GILLESPIE DOWNLOAD EBOOK : FOUNDATIONS OF ECONOMICS BY ANDREW GILLESPIE PDF

PowerStroke TM Operating Instructions. November 2015 PROTECTED BY ONE OR MORE OF THE FOLLOWING US PATENTS 7,387,029; 7,377,180; D528,451

Introduction to Pattern Recognition

Transform Your Classroom and Construct Learning with Geometry Golf

July 2007, Number 46 ALL-WAYS TM NEWSLETTER

CS 528 Mobile and Ubiquitous Computing Lecture 7a: Applications of Activity Recognition + Machine Learning for Ubiquitous Computing.

Modeling of Hydraulic Hose Paths

Dealing with Dependent Failures in Distributed Systems

Daniel Matichuk Makarius Wenzel, Toby Murray

Schematic operators. Principles of AI Planning 4. PDDL. Schematic operators: example. Bernhard Nebel and Robert Mattmüller October 23rd, 2017

Mascot Distiller - the key to automation ASMS 2003

Boyle s Law: Pressure-Volume Relationship in Gases. PRELAB QUESTIONS (Answer on your own notebook paper)

Timing By Mary Calmes

S-CURVE DOCUMENTATION AND TUTORIAL FOR THE S-CURVE ON THE COOL MUSCLE

Analysis of the Article Entitled: Improved Cube Handling in Races: Insights with Isight

Pedestrian Dynamics: Models of Pedestrian Behaviour

D-Case Modeling Guide for Target System

Diver Training Options

Principles of AI Planning

Sailwave Scoring Instructions for Thursday Night Races 2017

Master s Project in Computer Science April Development of a High Level Language Based on Rules for the RoboCup Soccer Simulator

Scrum Basics. Prof. Casper Lassenius Aalto University

Performance Analysis of a Helium Turboexpander for Cryogenic Applications with a Process Modeling Tool: Aspen HYSYS

Spacecraft Simulation Tool. Debbie Clancy JHU/APL

Scrum For Newbies: The Amazingly Simple, Plain English Guide To Getting Started With Scrum (Scrum, Agile Project Management, Lean, Scrum Master,

From Bombe stops to Enigma keys

Lecture 04 ( ) Hazard Analysis. Systeme hoher Qualität und Sicherheit Universität Bremen WS 2015/2016

CS 341 Computer Architecture and Organization. Lecturer: Bob Wilson Cell Phone: or

Identifying the Impact of Tidal Level Variation on River Basin Flooding

The FA Guide To Training And Coaching By Allen Wade

Parametric Ball Toss TEACHER NOTES MATH NSPIRED. Math Objectives. Vocabulary. About the Lesson. TI-Nspire Navigator System

January 2007, Number 44 ALL-WAYS TM NEWSLETTER

Air Ball! Evaluation copy

Technology. In the My Files [My Files] submenu you can store all the programs that you have made on the NXT or downloaded from your computer.

Electronic Recording Using FieldLynx Grade 2 ERD Skills

Robust Task Execution: Procedural and Model-based. Outline. Desiderata: Robust Task-level Execution

(Lab Interface BLM) Acceleration

COACHING THE MODERN DIAMOND SOCCER FORMATION: TACTICS & TRAINING EXERCISES BY MARCUS DIBERNARDO

ADVANCED. CATIA V5 Workbook. Knowledgeware and Workbenches. Release 16. Knowledgeware. Workbenches. Richard Cozzens. Southern Utah University

overview 60s inspired top

ibike Newton TM PowerStroke TM Operating Instructions Newton OS 3.0 and higher Isaac SW 2.0 and higher June 2013

if all agents follow RSS s interpretation then there will be zero accidents.

Do Now 10 Minutes Topic Speed and Velocity

[MYLAPS INTEGRATION]

PZN-plus. Application example. Pneumatic 3-Finger Centric Gripper Universal Gripper. Sizes Gripping force 580 N..

Excel 2013 Pivot Table Calculated Field Greyed Out

July 2010, Number 58 ALL-WAYS TM NEWSLETTER

SLIDES LINK -> PROJEKTOWANIE OPROGRAMOWANIA SYSTEMÓW

Section 10 - Hydraulic Analysis

Finite Element Modal Analysis of Twin Ball Screw Driving Linear Guide Feed Unit Table

The Safety Case. Structure of Safety Cases Safety Argument Notation

Tutorial 2 Time-Dependent Consolidation. Staging Groundwater Time-dependent consolidation Point query Line query Graph Query

DUTCH5 USER GUIDE February 2013

Advanced PMA Capabilities for MCM

Evaluating chaff fire pattern algorithms in a simulation environment. JP du Plessis Institute for Maritime Technology South Africa

INSTRUCTOR RESOURCES

Axis Camera with VaxALPR On Camera software: License key

Copyright Winningmore.com 2008

Eager Evaluation Considered Harmful

HONORS PHYSICS One Dimensional Kinematics

Quintic Automatic Putting Report

Weems & Plath Expanding Square SAR Course Identifier #113

T-937 lead-free reflow oven user manual

Pressure Vessel Calculation for Yavin Thruster

Transcription:

Introduction to Alloy L. Dillon CSE 814 Overview of Alloy 1

Acknowledgements Excerpted (mostly) and adapted from:! One day tutorial at http://alloy.mit.edu/fm06/! SBMF/ICGT 2006 keynote at http:// people.csail.mit.edu/dnj/talks/brazil06/brazil06.pdf! Lipari talk at http://people.csail.mit.edu/dnj/talks/! SAIL Tutorial at http://alloy.mit.edu/alloy/tutorials/day-course/! CSE 814 Overview of Alloy 2

Trans-atlantic analysis! Notation inspired by Z declarative and uniform sets and relations but not easily analyzed Oxford, home of Z! Analysis inspired by SMV billions of cases in seconds counterexamples not proofs but not declarative Pittsburgh, home of SMV CSE 814 Overview of Alloy 3

Why declarative design? I conclude there are two ways of constructing a software design. One way is to make it so simple there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. Tony Hoare [Turing Award Lecture, 1980] CSE 814 Overview of Alloy 4

Imperative v.s. declarative " The more you add, the less happens " Good for partial descriptions " Good for incremental modeling CSE 814 Overview of Alloy 5

Why automated analysis? Software development needs " Simple, expressive and precise notations " Deep and automatic analysis, especially in the early stages The first principle is that you must not fool yourself, and you are the easiest person to fool. Richard P. Feynman CSE 814 Overview of Alloy 6

Four key ideas... 1) everything is a relation 2) non-specialized logic 3) counterexamples & scope 4) analysis by SAT CSE 814 Overview of Alloy 7

Everything is a relation! Alloy uses relations for all datatypes: sets, scalars, tuples, graphs, etc. structures in space and time! key operator is dot join relational join, field navigation, function application,... CSE 814 Overview of Alloy 8

Non-specialized logic! No special constructs for state machines traces synchronization concurrency... CSE 814 Overview of Alloy 9

Non-specialized logic Use constraints for describing models: Subtypes & classification Declarations & multiplicity Invariants, operations & traces Assertions, including temporal ones... CSE 814 Overview of Alloy 10

Counterexamples & scope! observations about design analysis: most assertions are wrong most flaws have small counterexamples testing: a few cases of arbitrary size scope-complete: all cases within a small bound CSE 814 Overview of Alloy 11

Analysis by SAT! SAT, the quintessential hard problem (Cook 1971) SAT is hard, so reduce SAT to your problem! SAT, the universal constraint solver (Kautz, Selman, 1990's) SAT is easy, so reduce your problem to SAT solvers: Chaff (Malik), Berkmin (Goldberg & Novikov),... Stephen Cook Eugene Goldberg Henry Kautz Sharad Malik Yakov Novikov CSE 814 Overview of Alloy 12

Moore s Law CSE 814 Overview of Alloy 13

SAT Performance CSE 814 Overview of Alloy 14

Download Alloy Run the Alloy Analyzer http://alloy.mit.edu/alloy4/ run the Analyzer! double click alloy.jar or! execute java -jar alloy.jar at the command line Open example (In top toolbar) File => Open Sample Models => Examples => Toys => ceilingsandfloors.als CSE 814 Overview of Alloy 15

ceilings and floors example sig Platform {} there are Platform things sig Man {ceiling, floor: Platform} each Man has a ceiling and a floor Platform pred Above(m, n: Man) {m.floor = n.ceiling Man m is above Man n if m's floor is n's ceiling fact PaulSimon {all m: Man some n: Man n.above[m]} "One Man's Ceiling Is Another Man's Floor" CSE 814 Overview of Alloy 16

Checking BelowToo assert BelowToo { all m: Man some n: Man m.above[n] } "One Man's Floor Is Another Man's Ceiling check BelowToo for 2 check "BelowToo" in models with no more than two platforms and no more than two men Execute finds a counterexample CSE 814 Overview of Alloy 17

Counterexample to BelowToo McNaughton CSE 814 Overview of Alloy 18

Checking BelowToo pred Geometry {no m: Man m.floor = m.ceiling} no man s floor and ceiling are the same assert BelowToo { Geometry => (all m: Man some n: Man m.above[n]) } if no man s floor and ceiling are the same, then "One Man's Floor Is Another Man's Ceiling check BelowToo' for 2 expect 0 it is true for up to 2 men and 2 platforms check BelowToo' for 3 expect 1 but not for up to 3 men and 3 platforms CSE 814 Overview of Alloy 19

Checking BelowToo pred NoSharing { no m,n: Man m!=n && (m.floor = n.floor m.ceiling = n.ceiling) } assert BelowToo'' { NoSharing => (all m: Man some n: Man m.above[n]) } check BelowToo'' for 6 expect 0 check BelowToo'' for 10 expect 0 CSE 814 Overview of Alloy 20

Alloy Case Studies CSE 814 Overview of Alloy 21

Alloy = logic + language + analysis logic first order logic + relational calculus language syntax for structuring specifications in the logic analysis bounded exhaustive search for counterexample to a claimed property using SAT CSE 814 Overview of Alloy 22

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback