Scribd
Upload
227 views17 pages

Nusmv: Yogananda Jeppu

NuSMV is a model checker that defines system states using variables, assigns initial values, and specifies state transitions. It can model check systems represented in modules. Properties are specified using linear temporal logic (LTL) and model checking verifies if the property holds for all executions.

Uploaded by

AbiramiAbi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
227 views17 pages

Nusmv: Yogananda Jeppu

NuSMV is a model checker that defines system states using variables, assigns initial values, and specifies state transitions. It can model check systems represented in modules. Properties are specified using linear temporal logic (LTL) and model checking verifies if the property holds for all executions.

Uploaded by

AbiramiAbi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

NuSMV

Yogananda Jeppu

Copyright Notice
NuSMV by Yogananda Jeppu is licensed under a

Creative Commons Attribution-NonCommercialShareAlike 3.0 Unported License.

You are free:


to Share to copy, distribute and transmit the work
to Remix to adapt the work
Under the following conditions:

Attribution You must attribute the work in the manner specified by the author or

licensor (but not in any way that suggests that they endorse you or your use of the work).
Noncommercial You may not use this work for commercial purposes.
Share Alike If you alter, transform, or build upon this work, you may distribute the
resulting work only under the same or similar license to this one.
For details please visit the website.

Background
I am Yogananda Jeppu. I have a PhD in safety critical control

system testing. I have 28 years experience in control system


design, 6DOF simulation, Model Based Verification and
Validation, System Testing.
I have worked on the Indian Light Combat Aircraft (LCA)
control system and the Indian SARAS aircraft. I have worked
on model based commercial aircraft flight control law
programs of Boeing, Airbus, Gulfstream and Comac.
Currently I am working at Honeywell Technology Solutions ,
on Formal Methods, and Model Based System Engineering.
3

NuSMV
NuSMV is a reimplementation and extension of SMV

symbolic model checker, the first model checking tool based


on Binary Decision Diagrams (BDDs).(Wiki)
NuSMV has been developed as a joint project between ITCIRST (Istituto Trentino di Cultura in Trento, Italy), Carnegie
Mellon University, the University of Genoa and the
University of Trento.
It can be downloaded from
[Link]

NuSMV Directory

Running NuSMV
Nusmv [Link]
Interactive execution
Nusmv int [Link]
go
check_ltlspec
show_traces -p 2 -o [Link]
quit

NuSMV
NuSMV defines variable states, initial states and their next

states.
This is defined in the main program with the syntax
MODULE main
Keyword VAR is used to define the variables
Keyword ASSIGN is used to assign values to variables
MODULE main
VAR
b0 : boolean;
ASSIGN
init(b0) := FALSE;
next(b0) := !bo;
7

Types
Boolean : FALSE, TRUE
x : boolean;

Enumerative
xe : {ready, steady, get_set, go}; -- the dashes are comments
xi : {2, 7, 10} integers can be enumerative

Bounded integers
bi : -10 .. 10;

Integers
Bi : integer;

Words
unsigned word [3];
8

Types
Arrays

VAR
x : array 0..10 of boolean; -- array of 11 elements
y : array -1..1 of {red, green, orange}; -- array of 3 elements
z : array 1..10 of array 1..5 of boolean; -- array of array
ASSIGN
init(x[5]) := bool(1);
init(y[0]) := {red, green}; -- any value in the set
init(z[3][2]) := TRUE;

Initial States and Next States


init(<variable>) := <simple expression>;
init(x) := FALSE; -- x must be FALSE
init(y) := {1, 2, 3}; -- y can be either 1, 2 or 3

Define Transitions

next(<variable>) := <next expression>;


next(a) := { a, a+1 } ;
next(b) := b + 10;

10

Expressions
arithmetic operators:
+ - * / mod - (unary)

comparison operators:
=, !=, >, <, <=, >=

logic operators:
&, |, xor, ! (not), ->, <->

bitwise operators:
<<, >>

count(b1 + b2 + ... + bn) count number of TRUE

expressions
toint(boolean_var)
11

Case Expressions
a: = case

c1 : e1;
c2 : e2;
...
TRUE : en;
esac;

If c1 then a=e1
Elseif c2 then a=e2

Else
a=en
end

case

C < 6 & C > 4 : next(a) = 5;


C > 2 : next(a) = 10;
TRUE : next(a) = 0;
Esac;
12

Examples
MODULE main

TRANS

VAR

case

sum : -1000 .. 1000;

sg & add3 : (next(sum) = sum - 3) & (next(sum1) = sum1 - 3);

sum1 : -1000 .. 1000;

sg & add5 : (next(sum) = sum - 5) & (next(sum1) = sum1 - 5);

sg : boolean;
add3 : boolean;

sg & add11 : (next(sum) = sum - 11) & (next(sum1) = sum1 11);

add5 : boolean;

add3 : (next(sum) = sum + 3) & (next(sum1) = sum1 + 3);

add11 : boolean;

add5 : (next(sum) = sum + 5) & (next(sum1) = sum1 + 5);


add11 : (next(sum) = sum + 11) & (next(sum1) = sum1 + 11);

ASSIGN

TRUE : (next(sum) = sum + 0) & (next(sum1) = sum1 + 0);

init(sum) :=0;

esac;

init(sum1) :=0;

13

Modules
MODULE counter(in)
VAR out: 0..9;
...
MODULE main
VAR m1 : counter([Link]);
m2 : counter([Link]);
...

14

Linear Temporal Logic


a is TRUE now

a
Xa

a is true in the neXt state

Fa

a will be true in the Future


a

15

Linear Temporal Logic


Ga

a will be Globally true in the future


a

aUb

a will hold true Until b becomes true


a

LTLSPEC G ([Link] = [Link]);

16

Examples

17

You might also like