Using the B-toolkit to ensure safety in SCR specifications

SCR (Software Cost Reduction) specifications are useful for specifying event-driven systems. To use SCR effectively for critical applications, automated verification of safety properties is important. The fact that model checking approaches are sometimes problematic motivates us to further examine the alternative approach of theorem proving. Theorem proving, in general, is a difficult task; however the regular structure of the proof obligations generated from SCR specifications suggests that relatively unsophisticated theorem provers can discharge many of these obligations. As a feasibility study, we use the B-Toolkit to detect safety violations in an example SCR specification. The B-Toolkit is a good choice because it is commercially available and Supports verified refinement to executables in a commercial programming language (C). We convert the mode transition table in the example SCR specification to an AMN (Abstract Machine Notation) specification and analyze the result with the B-Toolkit. The B-Toolkit generates 120 proof obligations of which 113 are automatically discharged by the theorem prover. The remaining 7 proof obligations are, in fact, not theorems and correspond to the 3 problems in the SCR specification detected by the model checking approaches. For the corrected SCR specification, the B-Toolkit automatically discharges all proof obligations. The example shows that even simple theorem provers are a viable approach to automated analysis for SCR specifications.

[1]  David Lorge Parnas,et al.  Documentation of requirements for computer systems , 1993, [1993] Proceedings of the IEEE International Symposium on Requirements Engineering.

[2]  Zhenyi Jin Deriving mode invariants from SCR specifications , 1996, Proceedings of ICECCS '96: 2nd IEEE International Conference on Engineering of Complex Computer Systems (held jointly with 6th CSESAW and 4th IEEE RTAW).

[3]  Natarajan Shankar,et al.  Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS , 1995, IEEE Trans. Software Eng..

[4]  Joanne M. Atlee,et al.  State-Based Model Checking of Event-Driven System Requirements , 1993, IEEE Trans. Software Eng..

[5]  Constance L. Heitmeyer,et al.  Automated consistency checking of requirements specifications , 1996, TSEM.

[6]  Shankar Natarajan,et al.  Analyzing Tabular and State-Transition Requirements Specifications in PVS , 1997 .

[7]  M. Browne Automatic verification of finite state machines using temporal logic , 1989 .

[8]  E. Clarke,et al.  Automatic Veriication of Nite-state Concurrent Systems Using Temporal-logic Speciications. Acm , 1993 .

[9]  Constance L. Heitmeyer,et al.  Abstract requirements specification: A new approach and its application , 1983, IEEE Transactions on Software Engineering.

[10]  K. Lano,et al.  Testing and Safety Analysis of AM (Abstract Machine) Specifications , 1994, Refine.

[11]  Kathryn L. Heninger Specifying Software Requirements for Complex Systems: New Techniques and Their Application , 2001, IEEE Transactions on Software Engineering.

[12]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[13]  David J. Duke,et al.  Towards a Semantics for Object-Z , 1990, VDM Europe.

[14]  John Gannon,et al.  State-based model checking of event-driven system requirements , 1991, SIGSOFT '91.

[15]  L. Finneran,et al.  Experience applying the CoRE method to the Lockheed C-130J software requirements , 1994, Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance.

[16]  J. B. Wordsworth Software Engineering with B , 1996 .

[17]  Edmund M. Clarke,et al.  Automatic Verification of Sequential Circuits Using Temporal Logic , 1986, IEEE Transactions on Computers.

[18]  Jane Sinclair,et al.  Introduction to formal specification and Z , 1991, Prentice Hall International Series in Computer Science.

[19]  Mark Blackburn,et al.  Automatic generation of test vectors for SCR-style specifications , 1997, Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance.

[20]  L. HeningerK. Specifying Software Requirements for Complex Systems , 1980 .

[21]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[22]  Joanne M. Atlee,et al.  Feasibility of model checking software requirements: a case study , 1996, Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.

[23]  Joanne M. Atlee,et al.  A logic-model semantics for SCR software requirements , 1996, ISSTA '96.

[24]  Howard P. Haughton,et al.  A Strategy for the Production of Verifiable Code Using the B Method , 1994, FME.

[25]  L HeitmeyerConstance,et al.  Automated consistency checking of requirements specifications , 1996 .

[26]  ProcessingK,et al.  Using B to Design and Verify Controllers forChemical , 1996 .