When Abstraction Fails
نویسنده
چکیده
Reasoning about programs is mostly deduction: the reasoning from the abstract model to the concrete run. Deduction is useful because it allows us to predict properties of future runs—up to the point that a program will never fail its specification. However, even such a 100% correct program may still show a problem: the specification itself may be problematic, or deduction required us to abstract away some relevant property. To handle such problems, deduction is not the right answer—especially in a world where programs reach a complexity that makes them indistinguishable from natural phenomena. Instead, we should enrich our portfolio by methods proven in natural sciences, such as observation, induction, and in particular experimentation. In my talk, I will show how systematic experimentation automatically reveals the causes of program failures—in the input, in the program state, or in the program code.
منابع مشابه
Abstraction, desalination and recharge method to control seawater intrusion into unconfined coastal aquifers
In this study, abstraction, desalination and recharge method and SEAWAT numerical model are used to investigate seawater intrusion repulsion in a hypothetical two-dimensional coastal aquifer to understand the relation of seawater intrusion with abstraction, desalination and recharge parameters (i.e. abstraction/recharge rate, wells distance and depth). Abstraction, desalination and recharge con...
متن کاملModular Ranking Abstraction
Predicate abstraction has become one of the most successful methodologies for proving safety properties of programs. Recently, several abstraction methodologies have been proposed for proving liveness properties. This paper studies “ranking abstraction” where a program is augmented by a non-constraining progress monitor based on a set of ranking functions, and further abstracted by predicate-ab...
متن کاملRanking Abstraction as a Companion to Predicate Abstraction,
Predicate abstraction has become one of the most successful methodologies for proving safety properties of programs. Recently, several abstraction methodologies have been proposed for proving liveness properties. This paper studies “ranking abstraction” where a program is augmented by a nonconstraining progress monitor, and further abstracted by predicate-abstraction, to allow for automatic ver...
متن کاملRanking Abstraction as Companion to Predicate Abstraction
Predicate abstraction has become one of the most successful methodologies for proving safety properties of programs. Recently, several abstraction methodologies have been proposed for proving liveness properties. This paper studies “ranking abstraction” where a program is augmented by a non-constraining progress monitor, and further abstracted by predicate-abstraction, to allow for automatic ve...
متن کاملCombining Predicate Abstraction with Fixpoint Approximations
In this paper we consider combining two techniques that have been effective in analyzing infinite-state systems: predicate abstraction and fixpoint approximations. Using a carefully crafted model of Airport Ground Network Control, we show that when predicate abstraction in a CEGAR loop fails to verify temporal logic properties of an infinite-state transition system, a combination of predicate a...
متن کاملStrategic Refinements in Abstraction Based Supervisory Control of Hybrid Systems
A common approach to hybrid control problems is to alternate refinement of a plant abstraction with trial controller synthesis performed on the current abstraction. These steps are repeated until a solution to the control problem can be found, or computational resources are exhausted. In this contribution we use a temporal decomposition of the control problem in order to gain relevant diagnosti...
متن کامل