Prověřování v přípravném řízení / Verification Procedure in Preliminary Proceeding

Čičatková, Simona

January 2019

This thesis deals with the verification procedure, which is the first part of the preliminary proceeding and thus part of criminal proceedings. The introductory part of the thesis briefly covers basic instruments of the preliminary proceeding including the investigation phase whose knowledge is key to realize the position and importance of the verification procedure in the overall structure of the criminal proceedings. Bodies that are involved in the criminal proceedings are discussed including their definition, organization and determination of their competence in the verification procedure. The core of the thesis is divided into several parts that deal with the analysis of the verification procedure as well as activities that precede the formal beginning of the criminal proceedings. The ways are discussed by which bodies become aware of offences as well as the first steps of the police authority in the unofficial phase that precedes the criminal proceedings. The core part of the thesis also looks at the prosecutor's and especially police authority's powers that are typical of this phase and whose records are not directly admissible as evidence before court. On the other hand, exceptional cases are also discussed where the evidence must be executed in this phase with specific focus on the...

An Axiomatic Semantics for Functional Reactive Programming

King, Christopher T.

29 April 2008

Functional reactive programming (FRP) is a paradigm extending functional languages with primitives which operate on state. Typical FRP systems contain many dozens of such primitives. This thesis aims to identify a minimal subset of primitives which captures the same set of behavior as these systems, and to provide an axiomatic semantics for them using first-order linear temporal logic, with the aim of utilizing these semantics in formal verification of FRP programs. Furthermore, we identify several important properties of these primitives and prove that they are satisfied using the Coq proof assistant.

coq

monads

functional reactive programming

formal verification

Functional programming languages

User Evaluation Framework for Model Finding Research

Danas, Ryan

31 August 2016

"We report the results of a series of crowd-sourced user studies in the formal-methods domain. Specifically, we explore the efficacy of the notion of "minimal counterexample" -- or more colloquially, "minimal bug report" -- when reasoning about logical specifications. Our results here suggest that minimal counterexamples are beneficial some specific cases, and harmful in others. Furthermore, our analysis leads to refined hypotheses about the role of minimal counterexamples that can be further evaluated in future studies. User-based evaluation has little precedent in the formal methods community. Therefore, as a further contribution, we discuss and analyze our research methodology, and offer guidelines for future user studies in formal methods research. "

case studies

user studies

user evaluation

model finders

verification

formal methods

model finding

logic

Feature-Oriented Specification of Hardware Bus Protocols

Freitas, Paul Michael

29 April 2008

Hardware engineers frequently create formal specification documents as part of the verification process. Doing so is a time-consuming and error-prone process, as the primary documents for communications and standards use a mixture of prose, diagrams and tables. We would like this process to be partially automated, in which the engineer's role would be to refine a machine-generated skeleton of a specification's formal model. We have created a preliminary intermediate language which allows specifications to be captured using formal semantics, and allows an engineer to easily find, understand, and modify critical portions of the specification. We have converted most of ARM's AMBA AHB specification to our language; our representation is able to follow the structure of the original document.

hardware verification

language

timing diagrams

aspect-oriented programming

Electronic data processing documentation

Specification writing

Towards justifying computer algebra algorithms in Isabelle/HOL

Li, Wenda

January 2019

As verification efforts using interactive theorem proving grow, we are in need of certified algorithms in computer algebra to tackle problems over the real numbers. This is important because uncertified procedures can drastically increase the size of the trust base and under- mine the overall confidence established by interactive theorem provers, which usually rely on a small kernel to ensure the soundness of derived results. This thesis describes an ongoing effort using the Isabelle theorem prover to certify the cylindrical algebraic decomposition (CAD) algorithm, which has been widely implemented to solve non-linear problems in various engineering and mathematical fields. Because of the sophistication of this algorithm, people are in doubt of the correctness of its implementation when deploying it to safety-critical verification projects, and such doubts motivate this thesis. In particular, this thesis proposes a library of real algebraic numbers, whose distinguishing features include a modular architecture and a sign determination algorithm requiring only rational arithmetic. With this library, an Isabelle tactic based on univariate CAD has been built in a certificate-based way: external, untrusted code delivers solutions in the form of certificates that are checked within Isabelle. To lay the foundation for the multivariate case, I have formalised various analytical results including Cauchy's residue theorem and the bivariate case of the projection theorem of CAD. During this process, I have also built a tactic to evaluate winding numbers through Cauchy indices and verified procedures to count complex roots in some domains. The formalisation effort in this thesis can be considered as the first step towards a certified computer algebra system inside a theorem prover, so that various engineering projections and mathematical calculations can be carried out in a high-confidence framework.

Design, vérification et implémentation de systèmes à composants / Design, verification and implementation of systems of components

Quinton, Sophie

21 January 2011

Nous avons étudié dans le cadre de cette thèse le design, la vérification et l'implémentation des systèmes à composants. Nous nous sommes intéressés en particulier aux formalismes exprimant des interactions complexes, dans lesquels les connecteurs servent non seulement au transfert de données mais également à la synchronisation entre composants. 1. DESIGN ET VÉRIFICATION Le design par contrat est une approche largement répandue pour développer des systèmes lorsque plusieurs équipes travaillent en parallèle. Les contrats représentent des contraintes sur les implémentations qui sont préservées tout au long du développement et du cycle de vie d'un système. Ils peuvent donc servir également à la phase de vérification d'un tel système. Notre but n'est pas de proposer un nouveau formalisme de spécification, mais plutôt de définir un ensemble minimal de propriétés qu'une théorie basée sur les contrats doit satisfaire pour permettre certains raisonnements. En cela, nous cherchons à séparer explicitement les propriétés spécifiques à chaque formalisme de spécification et les règles de preuves génériques. Nous nous sommes attachés à fournir des définitions suffisamment générales pour exprimer un large panel de langages de spécification, et plus particulièrement ceux dans lesquels les interactions sont complexes, tels que Reo ou BIP. Pour ces derniers, raisonner sur la structure du système est essentiel et c'est pour cette raison que nos contrats ont une partie structurelle. Nous montrons comment découle de la propriété nommée raisonnement circulaire une règle pour prouver la dominance sans composer les contrats, et comment cette propriété peut être affaiblie en utilisant plusieurs relations de raffinement. Notre travail a été motivé par les langages de composants HRC L0 et L1 définis dans le projet SPEEDS. 2. IMPLÉMENTATION Synthétiser un contrôleur distribué imposant une contrainte globale sur un système est dans le cas général un problème indécidable. On peut obtenir la décidabilité en réduisant la concurrence: nous proposons une méthode qui synchronise les processus de façon temporaire. Dans les travaux de Basu et al., le contrôle distribué est obtenu en pré-calculant par model checking la connaissance de chaque processus, qui reflète dans un état local donné toutes les configurations possibles des autres processus. Ensuite, à l'exécution, le contrôleur local d'un processus décide si une action peut être exécutée sans violer la contrainte globale. Nous utilisons de même des techniques de model checking pour pré-calculer un ensemble minimal de points de synchronisation au niveau desquels plusieurs processus partagent leur connaissance au court de brèves périodes de coordination. Après chaque synchronisation, les processus impliqués peuvent de nouveau progresser indépendamment les uns des autres jusqu'à ce qu'une autre synchronisation ait lieu. Une des motivations pour ce travail est l'implémentation distribuée de systèmes BIP. / In this thesis, we have studied how component-based systems are designed, verified and then implemented. We have focused in particular on formalisms involving complex interactions, where connectors are not only used to transfer data but also play a role in the synchronization of components. 1. DESIGN AND VERIFICATION Contracts are emerging as a concept of choice when systems are designed by teams working independently. They are design constraints for implementations which are maintained throughout the development and life cycle of the system, thus being also useful for verification. Our goal is not to propose a new design framework but rather to define a minimal set of properties which a given contract theory should satisfy to offer some reasoning rules. In that sense, we aim at a separation of concerns between framework-dependent properties and generic proof rules. We have focused on finding definitions expressive enough to encompass a great variety of existing specification formalisms, and in particular those in which interaction is complex, like Reo and BIP. For those, reasoning about the structure of the system is essential and this is why our contracts have a structural part. We show how so-called circular reasoning entails a rule for proving dominance (refinement between contracts) without composing contracts and how it can be relaxed by combining several refinement relations. Our work has a practical motivation in the component frameworks HRC L0 and L1 defined in the SPEEDS IP project. 2. IMPLEMENTATION The problem of synthesizing a distributed controller that imposes some global constraint on a system is, in general, undecidable. One can achieve decidability at the expense of reducing concurrency: we propose a method that synchronizes processes temporarily. In Basu et al., distributed control is achieved by first using model checking to precalculate the knowledge of each process, which reflects in a given local state all the possible situations of the other processes. Then, at runtime, the local controller of a process decides whether an action of that process can be executed without violating the imposed constraint. We use model checking techniques as well to precalculate a minimal set of synchronization points, where joint knowledge, i.e., knowledge common to several processes, can be achieved during short coordination phases. After each synchronization, the participating processes can again progress independently until a further synchronization is called for. One practical motivation for this work is the distributed implementation of BIP systems.

Systèmes à composants

Contrats

Vérification incrémentale

Contrôle distribué

Systems of components

Contracts

Incremental verification

Distributed control

Inspection methods in programming

Rich, Charles

January 1980

Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1980. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Bibliography: leaves 294-297. Includes index. / by Charles Rich. / Ph.D.

Computer programming

Problem solving

Computer programs Verification

Vérification formelle des systèmes cyber-physiques dans le processus industriel de la conception basée sur modèle / Formal Verification of Cyber-Physical Systems in the Industrial Model-Based Design Process

Kekatos, Nikolaos

17 December 2018

Les systèmes cyber-physiques sont une classe de systèmes complexe, de grande échelle, souvent critiques de sûreté, qui apparaissent dans des applications industrielles variées. Des approches de vérification formelle sont capable de fournir des garanties pour la performance et la sûreté de ces systèmes. Elles nécessitent trois éléments : un modèle formel, une méthode de vérification, ainsi qu’un ensemble de spécifications formelles. En revanche, les modèles industriels sont typiquement informels, ils sont analysés dans des environnements de simulation informels et leurs spécifications sont décrits dans un langage naturel informel. Dans cette thèse, nous visons à faciliter l’intégration de la vérification formelle dans le processus industriel de la conception basé sur modèle.Notre première contribution clé est une méthodologie de transformation de modèle. A partir d’un modèle de simulation standard, nous le transformons en un modèle de vérification équivalent, plus précisément en un réseau d’automates hybrides. Le processus de transformation prend en compte des différences de syntaxes, sémantique et d’autres aspects de la modélisation. Pour cette classe de modèle formel, des algorithmes d’atteignabilité peuvent être appliqués pour vérifier des propriétés de sûreté. Un obstacle est que des algorithmes d’atteignabilité se mettent à l’échelle pour des modèles affines par morceaux, mais pas pour des modèles non linéaires. Pour obtenir des surapproximations affines par morceaux des dynamiques non linéaires, nous proposons une technique compositionnelle d’hybridisation syntaxique. Le résultat est un modèle très compact qui retient la structure modulaire du modèle d’origine de simulation, tout en évitant une explosion du nombre de partitions.La seconde contribution clé est une approche pour encoder des spécifications formelles riches de façon à ce qu’elles peuvent être interprétées par des outils d’atteignabilité. Nous prenons en compte des spécifications exprimées sous forme d’un gabarit de motif (pattern template), puisqu’elles sont proche au langage naturel et peuvent être compris facilement par des utilisateurs non experts. Nous fournissons (i) des définitions formelles pour des motifs choisis, qui respectent la sémantique des automates hybrides, et (ii) des observateurs qui encodes les propriétés en tant qu’atteignabilité d’un état d’erreur. En composant ces observateurs avec le modèle formel, les propriétés peuvent être vérifiées par des outils standards de vérification qui sont automatisés.Finalement, nous présentons une chaîne d’outils semi-automatisée ainsi que des études de cas menées en collaboration avec des partenaires industriels. / Cyber-Physical Systems form a class of complex, large-scale systems of frequently safety-critical nature in various industrial applications. Formal verification approaches can provide performance and safety guarantees for these systems. They require three elements: a formal model, a formal verification method, and a set of formal specifications. However, industrial models are typically non-formal, they are analyzed in non-formal simulation environments, and their specifications are described in non-formal natural language. In this thesis, we aim to facilitate the integration of formal verification into the industrial model-based design process.Our first key contribution is a model transformation methodology. Starting with a standard simulation model, we transform it into an equivalent verification model, particularly a network of hybrid automata. The transformation process addresses differences in syntax, semantics, and other aspects of modeling. For this class of formal models, so-called reachability algorithms can be applied to verify safety properties. An obstacle is that scalable algorithms exist for piecewise affine (PWA) models, but not for nonlinear ones. To obtain PWA over-approximations of nonlinear dynamics, we propose a compositional syntactic hybridization technique. The result is a highly compact model that retains the modular structure of the original simulation model and largely avoids an explosion in the number of partitions.The second key contribution is an approach to encode rich formal specifications so that they can be interpreted by tools for reachability. Herein, we consider specifications expressed by pattern templates since they are close to natural language and can be easily understood by non-expert users. We provide (i) formal definitions for select patterns that respect the semantics of hybrid automata, and (ii) monitors which encode the properties as the reachability of an error state. By composing these monitors with the formal model under study, the properties can be checked by off-the-shelf fully automated verification tools.Furthermore, we provide a semi-automated toolchain and present results from case studies conducted in collaboration with industrial partners.

Vérification

Surveillance

Systèmes hybrides

Hybridisation

Véhicules autonomes

Monitoring

Verification

Hybrid systems

Hybridization

Autonomous vehicles

004

Security and Verification of Unmanned Vehicles

James M. Goppert (5929706)

17 January 2019

This dissertation investigates vulnerabilities in unmanned vehicles and how to successfully detect and counteract them. As we entrust unmanned vehicles with more responsibilities (e.g. fire-fighting, search and rescue, package delivery), it is crucial to ensure their safe operation. These systems often have not been designed to protect against an intelligent attacker or considering all possible interactions between the physical dynamics and the internal logic. Robust control strategies can verify that the system behaves normally under bounded disturbances, and formal verification methods can check that the system logic operates normally under ideal conditions. However, critical vulnerabilities exist in the intersection of these fields that are addressed in this work. Due to the complex nature of this interaction, only trivial examples have previously been pursued. This work focuses on efficient real-time methods for verification and validation of unmanned vehicles under disturbances and cyberattacks. The efficiency of the verification and validation algorithm is necessary to run it onboard an unmanned vehicle, where it can be used for self diagnosis. We begin with simple linear systems and step to more complex examples with non-linearities. During this progression, new methods are developed to cope with the challenges introduced. We also address how to counter the threat of unmanned aerial systems (UASs) under hostile control by developing and testing an estimation and control scheme for an air-to-air counter UAS system.<br>

Aerospace Engineering

verification

validation

security

UAS

UAV

cyberattack

cybersecurity

model checking

lyapunov

Specification and verification of quantitative properties : expressions, logics, and automata / Spécification et vérification de propriétés quantitatives : expressions, logiques et automates

Monmege, Benjamin

24 October 2013

La vérification automatique est aujourd'hui devenue un domaine central de recherche en informatique. Depuis plus de 25 ans, une riche théorie a été développée menant à de nombreux outils, à la fois académiques et industriels, permettant la vérification de propriétés booléennes - celles qui peuvent être soit vraies soit fausses. Les besoins actuels évoluent vers une analyse plus fine, c'est-à-dire plus quantitative. L'extension des techniques de vérification aux domaines quantitatifs a débuté depuis 15 ans avec les systèmes probabilistes. Cependant, de nombreuses autres propriétés quantitatives existent, telles que la durée de vie d'un équipement, la consommation énergétique d'une application, la fiabilité d'un programme, ou le nombre de résultats d'une requête dans une base de données. Exprimer ces propriétés requiert de nouveaux langages de spécification, ainsi que des algorithmes vérifiant ces propriétés sur une structure donnée. Cette thèse a pour objectif l'étude de plusieurs formalismes permettant de spécifier de telles propriétés, qu'ils soient dénotationnels - expressions régulières, logiques monadiques ou logiques temporelles - ou davantage opérationnels, comme des automates pondérés, éventuellement étendus avec des jetons. Un premier objectif de ce manuscript est l'étude de résultats d'expressivité comparant ces formalismes. En particulier, on donne des traductions efficaces des formalismes dénotationnels vers celui opérationnel. Ces objets, ainsi que les résultats associés, sont présentés dans un cadre unifié de structures de graphes. Ils peuvent, entre autres, s'appliquer aux mots et arbres finis, aux mots emboîtés (nested words), aux images ou aux traces de Mazurkiewicz. Par conséquent, la vérification de propriétés quantitatives de traces de programmes (potentiellement récursifs, ou concurrents), les requêtes sur des documents XML (modélisant par exemple des bases de données), ou le traitement des langues naturelles sont des applications possibles. On s'intéresse ensuite aux questions algorithmiques que soulèvent naturellement ces résultats, tels que l'évaluation, la satisfaction et le model checking. En particulier, on étudie la décidabilité et la complexité de certains de ces problèmes, en fonction du semi-anneau sous-jacent et des structures considérées (mots, arbres...). Finalement, on considère des restrictions intéressantes des formalismes précédents. Certaines permettent d'étendre l'ensemble des semi-anneau sur lesquels on peut spécifier des propriétés quantitatives. Une autre est dédiée à l'étude du cas spécial de spécifications probabilistes : on étudie en particulier des fragments syntaxiques de nos formalismes génériques de spécification générant uniquement des comportements probabilistes. / Automatic verification has nowadays become a central domain of investigation in computer science. Over 25 years, a rich theory has been developed leading to numerous tools, both in academics and industry, allowing the verification of Boolean properties - those that can be either true or false. Current needs evolve to a finer analysis, a more quantitative one. Extension of verification techniques to quantitative domains has begun 15 years ago with probabilistic systems. However, many other quantitative properties are of interest, such as the lifespan of an equipment, energy consumption of an application, the reliability of a program, or the number of results matching a database query. Expressing these properties requires new specification languages, as well as algorithms checking these properties over a given structure. This thesis aims at investigating several formalisms, equipped with weights, able to specify such properties: denotational ones - like regular expressions, first-order logic with transitive closure, or temporal logics - or more operational ones, like navigating automata, possibly extended with pebbles. A first objective of this thesis is to study expressiveness results comparing these formalisms. In particular, we give efficient translations from denotational formalisms to the operational one. These objects, and the associated results, are presented in a unified framework of graph structures. This permits to handle finite words and trees, nested words, pictures or Mazurkiewicz traces, as special cases. Therefore, possible applications are the verification of quantitative properties of traces of programs (possibly recursive, or concurrent), querying of XML documents (modeling databases for example), or natural language processing. Second, we tackle some of the algorithmic questions that naturally arise in this context, like evaluation, satisfiability and model checking. In particular, we study some decidability and complexity results of these problems depending on the underlying semiring and the structures under consideration (words, trees...). Finally, we consider some interesting restrictions of the previous formalisms. Some permit to extend the class of semirings on which we may specify quantitative properties. Another is dedicated to the special case of probabilistic specifications: in particular, we study syntactic fragments of our generic specification formalisms generating only probabilistic behaviors.

Vérification formelle

Spécification quantitative

Automates à poids

Formal verification

Quantitative specification

Weighted automata