This document is a tutorial introduction to a toolset for translating ada source code to the input format of the spin model checker i. Spin is a model checker for the verification of software. Gerard holzmann phd california institute of technology. Uninterpreted c code can be used as part of promela model. Spin is an explicit model checker state space represented as a directed graph can also perform random simulation promela is the modeling language for spin a model is a set of sequential processes communicating over global variables for modeling shared memory structures channelsfor modeling distributed structures.
The verifier can check, for instance, if user specified system. Model checking exercises in ispin aalborg universitet. This toolset provides completely automated translation for most steps in the process of generating a safely approximating state transition model of a software systems runtime behavior. We describe an extension of the spin model checker that allows us to take advantage of the increasing number of cpucores. The spin model checker metodi di verifica del software andrea corradini lezione 1 20 slides liberamente adattate da logic model checking, per gentile concessione di gerard j. This paper describes a new symbolic model checker, called nusmv, developed as part of a joint project between cmu and irst. The third example is a standard flow control protocol, as given in 71. Spin is an opensource software verification tool that was originally developed starting in 1980 in the computing science research center of bell labs the unix group. A tutorial overview stephan merz institut fur informatik, universit. Friday, september 2002 spin 2002 workshop, grenoble, 11 april 2002 3 thursday 11apr2002 theo c. For a tutorial introduction to the way in which design models such as these can be.
It is often considered the most widely used formal verification tool. Included below are some verification exercises that can help you get acquainted with the spin model checker. In verification mode, spin generates a c program that constructs an implementation of the ltl modelchecking algorithm for the given model. The system is described in a modeling language called promela process meta language.
Note that statespace construction and error checking happen at the same time. Spin an efficient logic model checker for the verification of multithreaded code. Nusmv is the result of the reengineering, reimplementation, and, to a. We survey principles of model checking techniques for the automatic analysis of reactive systems.