Lectures 1 and 2 were devoted to the overview of the course
Dates: 9/6/00 and 9/8/00.
In lecture 3 we covered model checking basics.
Here is a document about
model checking basics.
is an interesting site on specification patterns.
In lecture 4 we continued with model checking basics. We did some
more examples of CTL* specifications. We also covered CTL and LTL.
Duality equations were also discussed.
Here is a note describing a the
In lectures 5 and 6 we continued model checking. We covered
fixed-points semantics of CTL and also discussed Binary
Dates: 9/15/00, 9/18/00.
Lecture 9 was devoted to the model checker SPIN. We
discussed the fundamentals in class. For additional
details refer to the following paper:
The Model Checker SPIN, G.J. Holzmann, IEEE Transactions
on Software Engineering, Vol 23, No 5, May 1997.
Lectures 10 and part of lecture 11 were devoted to
Verisoft. We discussed the fundamentals in class. I recommend
you reading papers available on the Verisoft site.
Dates: 10/4/00 and part of 10/6/00.
Part of lecture 11, lecture 12, part of lecture 13, were devoted
to model checking real time systems. We introduced real-time CTL and
discussed min/max delay algorithms.
Dates: 10/6/00, 10/9/00, and 10/11/00.
Part of lecture 13 was devoted to nitpick, a relation language for
expressing software designs. We also discussed why model checking is
not suitable for proving properties about data structures.
A note about nitpick
Lectures 14, 15, 16 were devoted to nitpick. We also discussed
how relational languages might be useful for object modeling. This
is a setup for Alloy.
Dates: 10/16/00, 10/18/00, 10/23/00.
In lecture 17 we finished up nitpick. We started discussing Alloy.
Here is the phone example in nitpick
Please run this example using nitpick.
Lecture 18 was devoted to Alloy. We discussed an abstract model
of a File System. Please download Alloy and run the file-system
In lecture 19 we discussed data flow analysis. Some concepts from
data flow analysis will be used in white-box testing. We also explored
connections between data flow analysis and model checking.
In lecture 20 we discussed various steps in the software process.
We also discussed various types of testing (unit, function, and system testing)
and how they relate to various steps in the software process. We also
discussed other testing terminology, such as white-box and black-box testing.
Lectures 20 and 21 were devoted various coverage criteria used in
white-box testing. Some coverage criteria that were discussed are
statement, decision, condition, multipl-condition coverage. White-box
testing based on data flow analysis was discussed in great detail.
Dates: 11/8/00 and 11/10/00.
Recommended Paper: Selecting Software Test Data Using Data
Flow Information, S. Rapps and E.J. Weyuker, IEEE Transactions on Software
Engineering, Vol SE-11, NO 4, April 1985.
Lectures 22 and 23 were devoted to Markov chains and there use in
Date: 11/13/00 and 11/15/00.
Recommended Paper: Markov Analysis of Software Specifications,
J.A. Whittaker and J.H. Poore, ACM Transactions on Software Engineering
and Methodology, Vol 2, No 1, January 1993.