GUESSING, MODEL CHECKING AND THEOREM PROVING OF STATE MACHINE PROPERTIES – A CASE STUDY ON QLOCK

Faculty Of Information Science, University Of Information Technology, Parami Road, Hlaing Campus, Yangon, Myanmar ,May Thu Aung,Kazuhiro Ogata,Tam Thi Thanh Nguyen

doi:10.15282/ijsecs.4.2.2018.1.0045

Faculty Of Information Science, University Of Information Technology, Parami Road, Hlaing Campus, Yangon, Myanmar , May Thu Aung + Show 2 more

Open Access

https://doi.org/10.15282/ijsecs.4.2.2018.1.0045

Copy DOI

Abstract

It is worth understanding state machines better because various kinds of systems can be formalized as state machines and therefore understanding state machines has something to do with comprehension of systems. Understanding state machines can be interpreted as knowing properties they enjoy and comprehension of systems is interpreted as knowing whether they satisfy requirements. We (mainly the second author) have developed a tool called SMGA that basically takes a finite sequence of states from a state machine and generates a graphical animation of the finite sequence or the state machine. Observing such a graphical animation helps us guess properties of the state machine. We should confirm whether the state machine enjoys the guessed properties because such guessed properties may not be true properties of the state machine. Model checking is one possible technique to do so. If the state machine has a fixed small number of reachable states, model checking is enough. Otherwise, however, it is not. If that is the case, we should use some other techniques to make sure that the system enjoys the guessed properties. Interactive theorem proving is one such technique. The paper reports on a case study in which a mutual exclusion protocol called Qlock is used as an example to exemplify the abovementioned idea or methodology. Keywords: graphical animations of state machines, model checking, theorem proving, invariant properties

Highlights

A state machine is a mathematical structure, which can be used to formalize various kinds of systems, such as concurrent systems, distributed systems and real-time systems
We have developed a tool called SMGA (Nguyen & Ogata, 2017a) that basically takes a finite sequence of states from a state machine and generates a graphical animation of the finite sequence or the state machine, where SMGA stands for State Machine Graphical Animation
We should confirm whether the state machine enjoys the guessed properties because such guessed properties may Guessing, model checking and theorem proving of state machine properties – a case study on qlock not be true properties of the state machine

Summary

INTRODUCTION

A state machine is a mathematical structure, which can be used to formalize various kinds of systems, such as concurrent systems, distributed systems and real-time systems. We use theorem proving to formally verify that the state machine surely enjoys the invariant properties by writing what are called proof scores (Goguen, 1990; Ogata & Futatsugi, 2003) in CafeOBJ (Diaconescu & Futatsugi, 1998), an algebraic specification language and tool. Note that both Maude and CafeOBJ are direct successor of OBJ3 (Goguen, et al, 2000), the most famous algebraic specification language and tool, and are sibling languages and tools.

RELATED WORK

CONCLUSION