STeP: The Stanford Temporal Prover

We describe the Stanford Temporal Prover (STeP), a system being developed to support the computer-aided formal verification of concurrent and reactive systems based on temporal specifications. Unlike systems based on model-checking, STeP is not restricted to finite-state systems. It combines model checking and deductive methods to allow the verification of a broad class of systems, including programs with infinite data domains, N-process programs, and N-component circuit designs, for arbitrary N. In short, STeP has been designed with the objective of combining the expressiveness of deductive methods with the simplicity of model checking. The verification process is for the most part automatic. User interaction occurs mostly at the highest, most intuitive level, primarily through a graphical proof language of verification diagrams. Efficient simplification methods, decision procedures, and invariant generation techniques are then invoked automatically to prove resulting first-order verification conditions with minimal assistance. We describe the performance of the system when applied to several examples, including the N-process dining philosopher''s program, Szymanski''s N-process mutual exclusion algorithm, and a distributed N-way arbiter circuit.

[1]  Alain J. Martin The Design of a Self-timed Circuit for Distributed Mutual Exclusion , 1983 .

[2]  Zohar Manna,et al.  Beyond Model Checking , 1994, CAV.

[3]  Edward Y. Chang Compositional Verification of Reactive and Real-time Systems , 1993 .

[4]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[5]  Zohar Manna,et al.  The deductive foundations of computer programming - a one-volume version of "The logical basis for computer programming" , 1993 .

[6]  Michael R. Lowry,et al.  Deductive Composition of Astronomical Software from Subroutine Libraries , 1994, CADE.

[7]  Hansong Zhang,et al.  Implementing the Davis-Putnam Algorithm by Tries , 1994 .

[8]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[9]  Hantao Zhang,et al.  Contextual Rewriting in Automated Reasoning , 1995, Fundam. Informaticae.

[10]  Leslie Lamport,et al.  Verification of a Multiplier: 64 Bits and Beyond , 1993, CAV.

[11]  Misao Nagayama,et al.  An NQTHM mechanization of An Exercise in the Verification of Multi-Process Programs , 1991 .

[12]  William McCune,et al.  OTTER 3.0 Reference Manual and Guide , 1994 .

[13]  Robert S. Streett,et al.  Propositional Dynamic Logic of Looping and Converse Is Elementarily Decidable , 1982, Inf. Control..

[14]  Greg Nelson,et al.  Fast Decision Procedures Based on Congruence Closure , 1980, JACM.

[15]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[16]  Zohar Manna,et al.  An exercise in the verification of multi-process programs , 1990 .

[17]  José M. Vidal,et al.  Automatic Verification of a Class of Symmetric Parallel Programs , 1994, IFIP Congress.

[18]  David L. Dill,et al.  Trace theory for automatic hierarchical verification of speed-independent circuits , 1989, ACM distinguished dissertations.

[19]  Frank Thomson Leighton,et al.  Trace Theory for Automatic Hierarchical Verification of Speed-Independent Circuits , 1988 .

[20]  Zohar Manna,et al.  Completing the Temporal Picture , 1991, Theor. Comput. Sci..

[21]  Hardi Hungar Combining Model Checking and Theorem Proving to Verify Parallel Processes , 1993, CAV.

[22]  Zohar Manna,et al.  Temporal Verification of Reactive Systems , 1995, Springer New York.

[23]  Z. Manna,et al.  Tools and rules for the practicing verifier , 1990 .

[24]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[25]  W. Bledsoe A new method for proving certain Presburger formulas , 1975, IJCAI 1975.

[26]  Robert E. Shostak,et al.  A Practical Decision Procedure for Arithmetic with Function Symbols , 1979, JACM.

[27]  Jean H. Gallier,et al.  Logic for Computer Science: Foundations of Automatic Theorem Proving , 1985 .

[28]  Vigyan Singhal,et al.  Edge-Streett/Edge-Rabin Automata Environment for Formal Verification Using Language Containment , 1994 .

[29]  Greg Nelson,et al.  Simplification by Cooperating Decision Procedures , 1979, TOPL.

[30]  Robert S. Boyer,et al.  A computational logic handbook , 1979, Perspectives in computing.

[31]  Z. Manna,et al.  Temporal Veri cation of Simulation andRe nement ? , 1994 .

[32]  Z. Manna,et al.  Temporal Veri cation Diagrams ? , 1994 .

[33]  Zohar Manna,et al.  Temporal Verification of Simulation and Refinement , 1993, REX School/Symposium.

[34]  Robert S. Boyer,et al.  Integrating decision procedures into heuristic theorem provers: a case study of linear arithmetic , 1988 .

[35]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[36]  Boleslaw K. Szymanski A simple solution to Lamport's concurrent programming problem with linear wait , 1988, ICS '88.

[37]  Zohar Manna,et al.  Temporal Verification Diagrams , 1994, TACS.

[38]  Zohar Manna,et al.  A Decision Algorithm for Full Propositional Temporal Logic , 1993, CAV.