The University of Auckland

Department of Electrical, Computer and Software Engineering COMPSYS 705 Formal Methods for Safety Critical Software Test, 17 October 2023

NOTE

1. Answer ALL questions. Part I (Partha’s part) covers 70 marks, while Part II (Avinash’s Part) covers 30 marks in this test.

2. Questions 1-4 are foAr Padrt dI anWd theeresCt arhe Paartt IIp.

3. The maximum score on this test is 100 marks.

4. Weighting is 50%.

5. Show all code for Questions 5 and 6.

6. Write answer in the box provided.

7. Answers should be legible.

er.com owcoder

1. Answer the following questions related to the process algebra CCS (20 Marks):

   1. Consider two processes P, Q shown in Figure 1. Are these processes bisimilar, weakly bisimilar, similar or there is no relationship between them? Justify your selection mat- hematically by either finding the corresponding relation or showing the absence of any such relation. (5 Marks)

      o

      a

      1

      b

      c

      

      2

      3

      4

      a

      b

      

      

      5

      a a a

      6 7 8

      b

       b c 

      9 10 11 12 13

      b a

      a

      Figure 1: Two CCS Processes

   2. Consider two processes P and Q defined using system of Equations 1 and Equations 2 respectively. Draw the label transition system (LTS) corresponding to these two pro- cesses and then draw the LTS corresponding to P||Q (draw only up to the second-level suc

      P 4

      = a.P1 + b.c.P2

      =

      =

      P2 4 b.P

      Q 4

      = a.Q1

      =

      Q1 4 a.Q

      (1)

      (2)

   3. Which is stronger: simulation or bisimulation and why? Justify using a suitable example. (5 Marks)

      Answer box for Q1

      Answer box for Q1 continued

2. Temporal logic and model checking (20 Marks)

   1. Show all the steps of model checking the formula AF(¬P1 A ¬P2) VP3 over the model shown in Figure 2. Does, the model satisfy this property? (10 Marks)

      P1, P2 P3

      3

      P1, P2 P3

      4

      P2

      6

      P1,P2

      P1, P2

      P1, P2

      2

      5

      7

      

      P3

      P1,P2

      P3

      1

      0

      Figure 2: An example Kripke model

   2. Ide onvert the

      vali quate sets.

      Here, = { , , } and the converted formulae can only include temporal operators

      EX, EG, EU . (10 Marks)

      • (AG(p1 ⇒hAtXt(pp1 Asp:2/)/))

      • AF(p1 ⇒ FG(p1U p2))

        • ((AF p ⇒AEGqd)UdEFWp)

      • AF(p1 ⇒ AX p2)