CSE584: Software EngineeringLecture 3: Requirements & Specification (B)

1/16/01

Click here to start

Table of Contents

CSE584: Software EngineeringLecture 3: Requirements & Specification (B)

Last week & this week

Two NASA failures:each over $100 millionhttp://www.nasa.gov/newsinfo/marsreports.html

Specification errors?

Specifications thread

Classic examples

A snippet of cruise control

More cruise control

Statecharts: “review”

Key idea: hierarchy

Parallel AND-machines

A few statechart features

Variants on statecharts

Sample transitions

Standard answers include

An alternative: model checking

State Transition Graph

A computation tree

Temporal formulae

Mutual exclusion example

How does model checking work? (in brief!)

Symbolic model checking

Binary decision diagrams (BDDs)

BDD-based model checking

BDD-based successes in HW

Software model checking

Why might it fail?

Our approach at UW—try it!

TCAS specification

TCAS—high-level structure

Iterative process

Use of non-determinism

Translating RSML to SMV

Non-deterministic transitions

Checking properties

Property checking

Deterministic transitions

Function consistency

Display_Model_Goal

Output agreement

Output agreement check

Whence formulae?

Whence formulae?

What about infinite state?

Model checking wrap up

I know this was quick

It’s show time!

Author: David Notkin

Email: notkin@cs.washington.edu

Home Page: http://www.cs.washington.edu/education/courses/584

Download presentation source