model-checking

问题 I'm working with CUDD (https://github.com/ivmai/cudd) to use bdd and zdd functionality for model checking, and am wondering how i can quantify over zdds. For bdds there are the functions bddExistAbstract and bddUnivAbstract (see http://web.mit.edu/sage/export/tmp/y/usr/share/doc/polybori/cudd/cuddAllDet.html#Cudd_bddUnivAbstract). The manual says that the functions universally and existentially abstracts out the given variables from the bdd (in cover form). I dont quite know what they mean

问题 I'm working with CUDD (https://github.com/ivmai/cudd) to use bdd and zdd functionality for model checking, and am wondering how i can quantify over zdds. For bdds there are the functions bddExistAbstract and bddUnivAbstract (see http://web.mit.edu/sage/export/tmp/y/usr/share/doc/polybori/cudd/cuddAllDet.html#Cudd_bddUnivAbstract). The manual says that the functions universally and existentially abstracts out the given variables from the bdd (in cover form). I dont quite know what they mean

问题 I'm working with CUDD (https://github.com/ivmai/cudd) to use bdd and zdd functionality for model checking, and am wondering how i can quantify over zdds. For bdds there are the functions bddExistAbstract and bddUnivAbstract (see http://web.mit.edu/sage/export/tmp/y/usr/share/doc/polybori/cudd/cuddAllDet.html#Cudd_bddUnivAbstract). The manual says that the functions universally and existentially abstracts out the given variables from the bdd (in cover form). I dont quite know what they mean

问题 Following is the code causing this. if :: ((fromProc[0] == MSG_SLEEP) && nempty(proc2clk[0])) -> proc2clk[0] ? fromProc[0]; // Woke up :: (!(fromProc[0] == MSG_SLEEP) && !(fromProc[0] == MSG_FIN)) -> clk2proc[0] ! 0; ::else -> time = time + 1; // just for debugging fi; If I remove the nempty call in the first condition, the error is gone. From what I've read, you can not use the else statement, if you use a receive or send statement in a condition, but from what I know, nempty is not a

问题 I downloaded NuSMV source code for mac and started installing using the README. However, there is a step which asks me to build using 'cmake..' when I run that I get the issue The source directory does not appear to contain CMakeLists.txt. Any help please? 回答1: The NuSMV binaries certainly do not need to be compiled, so I conclude that you downloaded the sources package of NuSMV . The file CmakeLists.txt is contained in ..../NuSMV-<version>/NuSMV . Check again that you created the build

问题 We use NFA to model BadPrefixes for the safety property.I want to understand for a given Safety property , how to model the NFA. The following images are for reference. For instance, for safety property P2 ,Can someone explain how to know how many states are required(solution has 4) and which logic to use on the edges, how in Fig.,3 and Fig.4 , the edges are selected to satisfy the badprefixes P1 and P2.Thanks. 回答1: We have several definitions and notations here, let's go through these first:

问题 I'm doing an CTL exercise, I'm trying to check if the following formulas are equivalent or not. But I'm not sure if I'm doing right. EF (p or q) = EF(p) or EF(q) ? AF(p or q) = AF(p) or AF(q) ? A(p U ( A(q U r) )) = A(A(p U q) U r) ? Firt formula: Equivalent Second formula: Equivalent Third formula: Equivalent Is it right? If are wrong could you give me one of possible counter-examples in Kripke model? Thanks in advance. 回答1: I'll try to use the semantics of CTL defined here: Wikipedia about

问题 I am trying to figure out how SPIN chooses the order in which to execute and terminate processes in the following example. I realize that a main focus of SPIN is analyzing concurrent processes, but for my purposes I am just interested in simple linear execution. In the following example I just want step1() then step2() to be executed in that order. int globA; int globB; proctype step1() { atomic { globA = 1; } } proctype step2() { atomic { globB = 2; } } init { atomic { run step1(); run step2

问题 I need some help according to follow problem which I have to implemented it using jSpin and promela language. A home alarm system can be activated and deactivated using a personal ID key or password, after activation the system enters a waiting period of about 30 seconds, time that allows users to evacuate the secured area after which the alarm is armed, also when an intrusion is detected the alarm has a built in waiting period or delay of 15 seconds to allow the intruder to enter the

问题 please i am a biginner on tihs domain how can i convert a classical example FIFO written in systemC code to PROMELA language with properties in LTL satisfy the following three properties: Mutual exclusion: The producer and consumer processes never access the shared buffer simultaneously. Non-starvation: The consumer accesses the buffer infinitely often. (You may assume that the producer never runs out of data to supply, and the consumer never stops attempting to read new data.) Producer