Week 3: Promela II

Question 1

In which two categories do the properties of LTL fall?

Answer 1

• Safety properties
• Liveness properties

Question 2

What do safety properties specify?

Answer 2

That something bad never happens

Question 3

What do liveness properties specify?

Answer 3

That something good eventually happens

Question 4

In which way are the Symbolic names (introduced through mtype) numbered?

Answer 4

In reverse order of their definition declarations

Question 5

What does the typedef declarator do?

Answer 5

Creates user-defined types

Question 6

What are the two rules for typedef?

Answer 6

• They cannot be self-referential
• They must be global

Question 7

What is _pid?

Answer 7

It is a pre-defined, local, read-only variable of type pid that carries the unique ID of a process

Question 8

What is the value of _pid of init?

Answer 8

0

Question 9

What does the run primitive do?

Answer 9

Dynamically creates new instances of processes (defined using proctype) during the execution of the model.

Question 10

What does the assert statement accept as input?

Answer 10

An invariant

Question 11

What is an invariant?

Answer 11

A condition that must remain true throughout the entire system

Question 12

What happens when an invariant is evaluated as false?

Answer 12

The execution of the assert statement reports a violation of the invariant, and system execution terminates.

Question 13

What needs to be done to ensure the invariant is interleaved with the execution of other statements from other processes?

Answer 13

The assert statement has to be entered in its own process

Question 14

What is the advantage of placing the assert statement in its own process?

Answer 14

System-wide non-determinism

Question 15

What is the disadvantage of assertions?

Answer 15

They don’t check invariants exhaustively