There are basically two approaches to the veriication of reactive systems, the algorithmic approach on one hand and the deductive approach on the other hand. The algorithmic approach is based on the computation of x-points, on eeective representations of sets of states, and on decision procedures to solve the inclusion problem of sets of states. For example the backward procedure is an instance of this approach. To prove that a set of states P is an invariant of a system S, the backward procedure computes the largest set Q of states satisfying Q P and Q wp(; Q), for every transition 2 T of S. Here wp(; Q) is the weakest precondition of with respect to Q. Then, P is an invariant of S if and only if every initial state of S satisses Q. In general, the algorithmic approach is based on an eeective representation R for sets of states, eeective boolean operations, a procedure for deciding inclusion in R, eeective predicate transformers to guarantee recursiveness of the method, and convergence of x-points to guarantee completeness. In general, in case of innnite state systems, rst-order logic with Peano arithmetic is considered as representation R. In fact, it can be proved that any weaker logic is not expressive enough (e.g. 7]), when the considered system contains variables that range over innnite domains. Thus, one has eeective boolean operations and can deene predicate transformers, but inclusion is undecidable. Moreover, convergence of x-points is not guaranteed. Consequently, the algorithmic approach cannot be applied in general to innnite state systems. On the other hand, the deductive approach is very powerful and gives a complete method even for innnite state systems. It relies upon nding auxiliary invariants and proving validity of rst-order formulas, called veriication conditions. The deductive approach is, however, in contrast to the algorithmic approach, diicult to apply. Indeed, it is in general a hard task to nd suitable auxiliary invariants and time consuming to discharge all generated veriication conditions. Therefore, there is a strong need for tools that support both tasks. InVeSt is such a tool as it supports the veriication of invariance properties of innnite state systems. The salient feature of InVeSt is that it combines the algorithmic with the deductive approaches to program veriication in two diierent ways: 1. It integrates the principles underlying the algorithmic (e.g. 3, 18]) and the deductive methods (e.g. 14]) in the sense that …
[1]
Edward Y. Chang,et al.
STeP: The Stanford Temporal Prover
,
1995,
TAPSOFT.
[2]
Orna Grumberg,et al.
Abstract interpretation of reactive systems : abstractions preserving ..
,
1994
.
[3]
Sérgio Vale Aguiar Campos,et al.
Symbolic Model Checking
,
1993,
CAV.
[4]
Jozef Hooman.
Verifying Part of the ACCESS.bus Protocol Using PVS
,
1995,
FSTTCS.
[5]
Joseph Sifakis,et al.
Property preserving abstractions for the verification of concurrent systems
,
1995,
Formal Methods Syst. Des..
[6]
Zohar Manna,et al.
Temporal verification of reactive systems - safety
,
1995
.
[7]
Joseph Sifakis,et al.
Specification and verification of concurrent systems in CESAR
,
1982,
Symposium on Programming.
[8]
Hassen Saïdi,et al.
Powerful Techniques for the Automatic Generation of Invariants
,
1996,
CAV.
[9]
J. W. de Bakker,et al.
Mathematical theory of program correctness
,
1980,
Prentice-Hall international series in computer science.
[10]
N. Shankar,et al.
Pvs: Combining Speciication, Proof Checking, and Model Checking ? 1 Combining Theorem Proving and Typechecking
,
1996
.
[11]
Dennis Dams,et al.
Abstract interpretation and partition refinement for model checking
,
1996
.
[12]
Orna Grumberg,et al.
Abstract Interpretation of Reactive Systems: Abstractions Preserving 'I1CTL *. 3CTL * and CTL *
,
1994
.
[13]
Natarajan Shankar,et al.
Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS
,
1995,
IEEE Trans. Software Eng..
[14]
Edmund M. Clarke,et al.
Model checking and abstraction
,
1994,
TOPL.
[15]
Natarajan Shankar,et al.
Experiments in Theorem Proving and Model Checking for Protocol Verification
,
1996,
FME.