|
COMP 204 Model Checker in ML
The model checker is for version 0.93 of Standard ML of NJ
Here is the source code for the model checker. It
requires getModel.ml to be in the same directory to
operate.
It can be run on a Sun from /afs/cs.unc.edu/home/salomon/public_html/class_projects/COMP
204/ModelChecker
To run the program use the "use" command to load mc.ml into sml and then
type:
check(model,query);
where model is the file name of the model and query is a CTL question you would
like to ask.
It accepts the full CTL format but in pre-fix notation and with parens (for
my parsing ease).
CTL syntax is as follows:
| x |
a single predicate |
| T |
true |
| F |
false |
| (AND x y) |
x and y |
| (IMP x y) |
x implies y |
| (NOT x) |
~x |
| (OR x y) |
x or y |
| (AX x) |
x for all next states |
| (EX x) |
x for at least one next state |
| (AU x y) |
x until y for all paths |
| (EU x y) |
x until y for at least one path |
| (AF x) |
x holds along each path in the future |
| (EF x) |
x holds along at least one path in the future |
| (AG x) |
x holds always holds on all paths |
| (EG x) |
x holds always on at least one path |
For the assignment I used the state machine representing a meeting with a
moderator, meet.fsm.
All queries are assumed to be relevant to the state labeled 0. Bad
input produces undefined behavior.
Here are the formulas required for the assignment:
1a. (EF (AND Pspeak TgetFloor)) Result: false
b. (AND (AG (IMP Pspeak (NOT TgetFloor))) (AG (IMP TgetFloor (NOT Pspeak))))
Result: true
2. (AG (IMP (NOT Pmoderate) Phold)) Result: true
3. (AG (IMP Phold (AX (AF (NOT Phold))))) Result: false
I supplemented these with the following:
4. Is it possible for there to be more than one person suspended?
(EF (AND Pwait Tsusp)) Result: true
5. Is there always someone talking if there are people listening?
(AG (IMP Pspeak Plisten)) Result: false
6. Can everyone but the moderator be suspended?
(EF (AND Pmoderate (AND (NOT Ppool) (AND (NOT Pspeak) (AND
(NOT Plisten) (NOT Phold)))))) Result: true
| 
