Discharging Assumptions
Explain the term Discharging Assumptions in Program Model Checking?
Expert
Environment assumptions (or filters) capture the knowledge about the usage of software units and they help to refine a naively generated environment. These assumptions need to be subsequently checked against implementations of the missing components (that represent the environment) in order to make sure that the entire system satisfies the desired properties. For example, you need to check assert(!empty()) whenever remove is invoked by a client application that uses IntSet.
Assumptions can be encoded in a variety of forms, such as predicates (!empty(), in the set example), finite-state machines, temporal logical formulas, or regular expressions that encode patterns of component operations that the environment may execute.
Checking component property (P) under environment assumptions (A) forms the assume guarantee paradigm, and it is the basis of many formal frameworks for modular verification (Jones 1983; Pnueli 1984): P is the guarantee that the component provides under assumption A. When A and P are temporal logical formulas, then it is possible to model check directly A => P on the unit closed with the universal environment; here “=>” denotes logical implication: P is checked only on the behaviors that satisfy (i.e., are filtered by) A. Alternatively, as discussed for the set example, you can encode the assumptions directly into the environment (in which case A is eliminated from the formula to be model checked).
Regular expressions are a familiar formal notation to many developers, and often easier to use than temporal logics for specifying environment assumptions. Regular expressions defined over the alphabet of unit operations describe a language of operations that can be initiated by the environment. As an example, java.util.Iterator presents a standard interface for generating the elements stored in a Java container such as a set. This interface assumes that for each instance i of a class implementing the Iterator, all client applications will call methods in an order that is consistent with the following regular expression assumption:
(i.hasNext; i.next(); i.remove()?)*
This expression encodes sequencing (a call to hasNext() must precede a call to next(), otherwise a runtime exception may be thrown if the iteration has no more elements) and also optional calls (remove()) that can be repeated 0 or more times (*). This assumption can be easily translated into code to encode a driver or the Iterator, or into an LTL formula that can then be used to be discharged with SPIN.
Define the term Asymmetric Encryption?
Normal 0 false false
Multimedia: It is simply multiple forms of media integrated together. Media can be graphics, text, audio, video, animation, data, etc.
Specify into how many types of the antigen-antibody reactions are broadly categorized?
What are the Characteristics of Electronic Communications? Explain briefly.
Explain what do you mean by the Cardiomyopathy? Describe in detail.
Implications/Issues in adapting Layered Model: The entire structure has to be divided in layers with every layer able to communicate with layers above it. In layered model many interfaces are requ
During the 1930's, there were several climatic occurrences in the American Great Plains known collectively as the Dust Bowl. During this period of 5 to 7 years, severe dust storms and drought caused agricultural and ecological damage in the Plains.
18,76,764
1940511 Asked
3,689
Active Tutors
1439167
Questions Answered
Start Excelling in your courses, Ask an Expert and get answers for your homework and assignments!!