Verification of Abstract State Machines

Gurevich’s Abstract State Machines (ASMs) are widely used for the specification of software, hardware and algorithms and for the semantics of programming languages. When Gurevich introduced its Abstract State Machines [1], he designed them to be not only a specification method but also a computational model. He claimed that, with ASMs, one can express each algorithm at its natural level of abstraction. In other words, for each algorithm, one can build an ASM so that one step in the algorithm corresponds to one step on the ASM (this is the so-called Gurevich Thesis). Our goal is to develop a logic for ASMs in order to prove properties of them (e.g., consistency, invariants, equivalence, sequentialization). Unlike other authors who have proposed logics mainly based on an extension of dynamic logic, we are working with a new approach, described in [2]. Before we present our logic, we give a light introduction to ASMs. The notion of abstract state is the classical notion of a mathematical structure A for a vocabulary Σ consisting of a nonempty set |A| with the interpretation of the function names of Σ in |A|. The terms and first-order formulas are interpreted in the usual way. The simplest atomic change for an abstract state is to update a function f at a point x. In an ASM, the functions are classified in two types: the static functions, that do not change; and the dynamics functions, that can be updated. A transition from an abstract state to another is given by a rule. The typical form of a rule is