The ProB Animator and Model Checker for B
|
|
- Alannah Knight
- 2 years ago
- Views:
Transcription
1 The ProB Animator and Model Checker for B A Tool Description Michael Leuschel and Michael Butler Department of Electronics and Computer Science University of Southampton Highfield, Southampton, SO17 1BJ, UK Abstract. We present ProB, an animation and model checking tool for the B method. ProB s animation facilities allow users to gain confidence in their specifications, and unlike the animator provided by the B-Toolkit, the user does not have to guess the right values for the operation arguments or choice variables. ProB contains a temporal and a state-based model checker, both of which can be used to detect various errors in B specifications. ProB enables users to uncover errors that are not easily discovered by existing tools. 1 Introduction The B-method, originally devised by J.-R. Abrial [1], is a theory and methodology for formal development of computer systems. It is used by industries in a range of critical domains, most notably railway control. B is based on the notion of abstract machine and the notion of refinement. The variables of an abstract machine are typed using set theoretic constructs such as sets, relations and functions. Typically these are constructed from basic types such as integers and given types from the problem domain. The invariant of a machine is specified using predicate logic. Operations of a machine are specified as generalised substitutions, which allow deterministic and nondeterministic assignments to be specified. In B refinement, a machine may be refined by another machine in which the state is represented by data structures that are more concrete and/or in which operations are more deterministic and imperative. There are two main proof activities in B: consistency checking, which is used to show that the operations of a machine preserve the invariant, and refinement checking, which is used to show that one machine is a valid refinement of another. These activities are supported by industrial strength tools, such as Atelier-B [8] and the B-toolkit [2]. A B-tool generates a list of predicate logic proof obligations (POs). If each of these POs is proved, then the machine is consistent (or a correct refinement in the case of refinement checking). The B-tools have an automatic prover and an interactive prover. Typically the more complex POs are not proved automatically and need to be proved interactively. The tools also provide automatic translation of low level B into executable code. The ProB tool presented here currently supports automated consistency checking of B machines via model checking [4] and constraint-based checking
2 [5]. For exhaustive model checking, the given sets must be restricted to small finite sets, and integer variables must be restricted to small numeric ranges. This allows the checking to traverse all the reachable states of the machine. ProB can also be used non-exhaustively to explore the state space and find potential problems. The user can set an upper bound on the number of states to be traversed or can interrupt the checking at any stage. ProB will generate and graphically display counter-examples when it discovers a violation of the invariant. ProB detects attempts to evaluate undefined expressions, such as the application of a partial function to an argument outside its domain. ProB can also be used as an animator of a B specification. So, the model checking facilities are still useful for infinite state machines, not as a verification tool, but as a sophisticated debugging and testing tool. 2 Brief Overview of the system The ProB system has been developed mainly in SICStus Prolog, with a graphical user interface implemented in Tcl/Tk. ProB uses the JBTools package developed by Tatibouet [9] and the Pillow package [3] to that effect. The JBTools package permits translation of abstract machine notation (AMN) [1] specifications into XML, while the Pillow package allows the conversion of XML files into a Prolog term representation. The ProB front end then postprocesses the general Prolog term tree representation of the Pillow library output into a more structured representation which will serve as the input to the interpreter. The ProB interpreter recurses through this structured representation of B machines and makes call to the ProB kernel, which implements support for the basic datatypes and operations of the B-language. The ProB kernel itself is written in SICStus Prolog with co-routining and constraints. The ProB animator and the two model checkers all make use of the ProB interpreter in various ways, as will be explained below. 3 ProB in Action The ProB animator was developed using the Tcl/Tk library of SICStus Prolog 3.10 and builds upon our earlier animator for CSP [7]. Our animator supports (backtrackable) step-by-step animation of the B-machines. As can be seen in Figure 1 it presents the user with a description of the current state of the machine, the history that has led the user to reach the current state, and a list of the enabled operations, along with proper argument instantiations. Thus, unlike the animator provided by the B-Toolkit, the user does not have to guess the right values for the operation arguments. The same holds for choice variables in Any statements, the user does not have to find values which satisfy the Any condition. If the number of enabled operations becomes larger, one could envisage a better interface were not all options are immediately displayed to the user. The ProB animator also provides visualization of the state space that has been explored so far, and provides visual feedback on which states have been
3 Fig. 1. Animation of the E-Travel Agency Case Study fully explored and which ones are still open. One can also find the shortest trace (given the state space explored so far) to the current state. ProB provides two ways of model checking: 1. a temporal model checking which tries to find a sequence of operations that, starting from an initial state, leads to a state which violates the invariant (or exhibits some other error, such as deadlocking or abort conditions); and 2. a state-based model checking, which finds a state of the machine that satisfies the invariant, but where we can apply a single operation to reach a state that violates the invariant (or again exhibits some other error). A counter example found by the temporal model checker thus consists of a sequence of operations (with properly instantiated operation arguments), as shown in Fig. 2. Volvo Vehicle Function We have tried our tool on a case study performed at Volvo on a typical vehicle function. The largest B machine had 15 variables, 550 lines of B specification, and 26 operations. This B specification was developed by Volvo as part of the European Commission IST Project PUSSEE (IST-2000-
4 session={},r_user={},c_user={}, initialise_machine u_state(u1,s0),u_hotel(u1,nohotel),u_rental(u1,nocarrent), u_request(u1,none) login(u1) u_state(u1,s1),u_hotel(u1,nohotel),u_rental(u1,nocarrent), u_request(u1,none) bookcar(u1) u_state(u1,s5),u_hotel(u1,nohotel),u_rental(u1,nocarrent), u_request(u1,bc) entercard(u1) c_rent(c1a,c1),c_rent(c2a,c2),u_card(u1,valid), u_state(u1,s6),u_hotel(u1,nohotel),u_rental(u1,nocarrent), u_request(u1,bc) response(u1) r_user={},session(sess1,u1),respons(u1,done), c_rent(c2a,c2),u_card(u1,valid),u_state(u1,s7), again(u1) c_rent(c2a,c2),u_card(u1,unknown),u_state(u1,s1), u_hotel(u1,nohotel),u_rental(u1,nocarrent),u_request(u1,none), bookcar(u1) c_rent(c2a,c2),u_card(u1,unknown),u_state(u1,s5), entercard(u1) c_rent(c2a,c2),u_card(u1,valid),u_state(u1,s6), response(u1) r_user={},session(sess1,u1),respons(u1,done), c_rent(c2a,c2),u_card(u1,valid),u_state(u1,s7),,c_user(c2a,u1) Fig. 2. Counter example for the E-Travel Agency Example 30103). Animation using ProB worked very well and we have then used ProB to verify the B-machine using the temporal model checker. ProB managed to explore the entire state space of the B-machine in a few minutes, thereby proving the absence of invariant violations and deadlocks. However, ProB managed to identify a slight anomaly in the B machines behaviour: a crucial operation was only enabled very rarely. This shows that ProB might be used to identify problems that would otherwise only emerge at implementation time. E-TravelAgency Within our ABCD 1 project we have developed various B models for a distributed online travel agency, through which users can make hotel and car rental bookings. The models were developed jointly with a Java/JSP 1 Automated validation of Business Critical systems using Component-based Design, EPSRC grant GR/M91013.
5 implementation. The B model contains about 6 pages of B and, as can be seen in Fig. 1, has 11 variables of complicated type. ProB was very useful in the development of the specification, and was able to properly animate all of our models (see Fig. 1), and discover several problems with various versions of our system. 4 Uses of ProB Animation The animator is very easy to drive, and provides immediate visual feedback about one s specification. On the one hand, this is going to be very useful for people learning B and provides them a good feel for the B language. We plan to use ProB next academic year in our Critical Systems course. On the other hand, it also allows experienced users to more easily find problems with their specifications. Indeed, large specifications are very likely to contain errors, some of which can be identified early by animation. Model Checking The interactive proof process with Atelier-B or the B-Toolkit can be quite time consuming. A typical development involves going through several levels of refinement to code generation before attempting any interactive proof [6]. This is to avoid the expense of reproving POs as the specification and refinements change in order to arrive at a satisfactory implementation. We see the use of ProB as a complement to interactive proof in that errors that result in counterexamples should be eliminated before attempting interactive proof. Further Information More information about the ProB tool can be obtained in the paper to appear in the main conference proceedings of FME 03 and at the web site: mal/systems/prob.html. References 1. J.-R. Abrial. The B-Book. Cambridge University Press, B-Core (UK) Limited, Oxon, UK. B-Toolkit, On-line manual., Available at 3. D. Cabeza and M. Hermenegildo. The PiLLoW Web Programming Library. The CLIP Group, School of Computer Science, Technical University of Madrid, Available at 4. E. M. Clarke, O. Grumberg, and D. Peled. Model Checking. MIT Press, D. Jackson. Alloy: A lightweight object modelling notation. ACM Transactions on Software Engineering and Methodology (TOSEM), 11: , J.-L. Lanet. The use of B for Smart Card. In Forum on Design Languages (FDL02), September M. Leuschel. Design and implementation of the high-level specification language CSP(LP) in Prolog. In I. V. Ramakrishnan, editor, Proceedings of PADL 01, LNCS 1990, pages Springer-Verlag, March Steria, Aix-en-Provence, France. Atelier B, User and Reference Manuals, Available at uk.html. 9. Tatibouet, Bruno. The JBTools Package, Available at en.html.
Event-Based Approach to Modelling Dynamic Architecture: Application to Mobile Ad-hoc Network
Event-Based Approach to Modelling Dynamic Architecture: Application to Mobile Ad-hoc Network Christian Attiogbé LINA - UMR CNRS 6241 - University of Nantes F-44322 Nantes Cedex, France Christian.Attiogbe@univ-nantes.fr
Software Engineering
Software Engineering Lecture 04: The B Specification Method Peter Thiemann University of Freiburg, Germany SS 2013 Peter Thiemann (Univ. Freiburg) Software Engineering SWT 1 / 50 The B specification method
Introducing Formal Methods. Software Engineering and Formal Methods
Introducing Formal Methods Formal Methods for Software Specification and Analysis: An Overview 1 Software Engineering and Formal Methods Every Software engineering methodology is based on a recommended
Improving Railway Data Validation with ProB
Chapter 1 Improving Railway Data Validation with ProB Jérôme Falampim, Hung Le-Dang, Michael Leuschel, Mikael Mokrani, Daniel Plagge Abstract In this chapter, we describe the successful application of
A Framework for the Semantics of Behavioral Contracts
A Framework for the Semantics of Behavioral Contracts Ashley McNeile Metamaxim Ltd, 48 Brunswick Gardens, London W8 4AN, UK ashley.mcneile@metamaxim.com Abstract. Contracts have proved a powerful concept
Who watches the watchers: Validating the ProB Validation Tool
Who watches the watchers: Validating the ProB Validation Tool Jens Bendisposto Sebastian Krings Michael Leuschel Institut für Informatik, Heinrich-Heine Universität Düsseldorf Universitätsstr. 1, D-4225
HECTOR a software model checker with cooperating analysis plugins. Nathaniel Charlton and Michael Huth Imperial College London
HECTOR a software model checker with cooperating analysis plugins Nathaniel Charlton and Michael Huth Imperial College London Introduction HECTOR targets imperative heap-manipulating programs uses abstraction
Tableaux Modulo Theories using Superdeduction
Tableaux Modulo Theories using Superdeduction An Application to the Verification of B Proof Rules with the Zenon Automated Theorem Prover Mélanie Jacquel 1, Karim Berkani 1, David Delahaye 2, and Catherine
Model Checking: An Introduction
Announcements Model Checking: An Introduction Meeting 2 Office hours M 1:30pm-2:30pm W 5:30pm-6:30pm (after class) and by appointment ECOT 621 Moodle problems? Fundamentals of Programming Languages CSCI
Formal Verification Coverage: Computing the Coverage Gap between Temporal Specifications
Formal Verification Coverage: Computing the Coverage Gap between Temporal Specifications Sayantan Das Prasenjit Basu Ansuman Banerjee Pallab Dasgupta P.P. Chakrabarti Department of Computer Science & Engineering
Static Program Transformations for Efficient Software Model Checking
Static Program Transformations for Efficient Software Model Checking Shobha Vasudevan Jacob Abraham The University of Texas at Austin Dependable Systems Large and complex systems Software faults are major
Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification
Introduction Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification Advanced Topics in Software Engineering 1 Concurrent Programs Characterized by
Coverability for Parallel Programs
2015 http://excel.fit.vutbr.cz Coverability for Parallel Programs Lenka Turoňová* Abstract We improve existing method for the automatic verification of systems with parallel running processes. The technique
Introduction to Formal Methods. Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm
Introduction to Formal Methods Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm Outline Introduction Formal Specification Formal Verification Model Checking Theorem Proving Introduction Good papers to
The Model Checker SPIN
The Model Checker SPIN Author: Gerard J. Holzmann Presented By: Maulik Patel Outline Introduction Structure Foundation Algorithms Memory management Example/Demo SPIN-Introduction Introduction SPIN (Simple(
T-79.186 Reactive Systems: Introduction and Finite State Automata
T-79.186 Reactive Systems: Introduction and Finite State Automata Timo Latvala 14.1.2004 Reactive Systems: Introduction and Finite State Automata 1-1 Reactive Systems Reactive systems are a class of software
System modeling. Budapest University of Technology and Economics Department of Measurement and Information Systems
System modeling Business process modeling how to do it right Partially based on Process Anti-Patterns: How to Avoid the Common Traps of Business Process Modeling, J Koehler, J Vanhatalo, IBM Zürich, 2007.
CSE4213 Lecture Notes
CSE4213 Lecture Notes Introduction to B Tools Computer Science and Software Engineering Monash University 20070226 / Lecture 1 ajh 1/15 1 Outline 2 3 4 5 ajh 2/15 In this course we will be introducing
Investigating a File Transfer Protocol Using CSP and B
Noname manuscript No. (will be inserted by the editor) Investigating a File Transfer Protocol Using CSP and B Neil Evans, Helen Treharne Department of Computer Science, Royal Holloway, University of London
Formal verification of contracts for synchronous software components using NuSMV
Formal verification of contracts for synchronous software components using NuSMV Tobias Polzer Lehrstuhl für Informatik 8 Bachelorarbeit 13.05.2014 1 / 19 Problem description and goals Problem description
ML for the Working Programmer
ML for the Working Programmer 2nd edition Lawrence C. Paulson University of Cambridge CAMBRIDGE UNIVERSITY PRESS CONTENTS Preface to the Second Edition Preface xiii xv 1 Standard ML 1 Functional Programming
Specification and Analysis of Contracts Lecture 1 Introduction
Specification and Analysis of Contracts Lecture 1 Introduction Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo SEFM School, Oct. 27 - Nov.
Software Verification: Infinite-State Model Checking and Static Program
Software Verification: Infinite-State Model Checking and Static Program Analysis Dagstuhl Seminar 06081 February 19 24, 2006 Parosh Abdulla 1, Ahmed Bouajjani 2, and Markus Müller-Olm 3 1 Uppsala Universitet,
Formal Verification of Software
Formal Verification of Software Sabine Broda Department of Computer Science/FCUP 12 de Novembro de 2014 Sabine Broda (DCC-FCUP) Formal Verification of Software 12 de Novembro de 2014 1 / 26 Formal Verification
Tool Support for Model Checking of Web application designs *
Tool Support for Model Checking of Web application designs * Marco Brambilla 1, Jordi Cabot 2 and Nathalie Moreno 3 1 Dipartimento di Elettronica e Informazione, Politecnico di Milano Piazza L. Da Vinci,
http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86
Atlantic Electronic http://aejm.ca Journal of Mathematics http://rema.ca Volume 1, Number 1, Summer 2006 pp. 69 86 AUTOMATED RECOGNITION OF STUTTER INVARIANCE OF LTL FORMULAS Jeffrey Dallien 1 and Wendy
Formal Methods for Software Engineering
Formal Methods for Software Engineering Virendra Singh Computer Design and Test Lab Indian Institute of Science Bangalore Email: virendra@computer.org Introduction Problems in software development Formal
A Logic Approach for LTL System Modification
A Logic Approach for LTL System Modification Yulin Ding and Yan Zhang School of Computing & Information Technology University of Western Sydney Kingswood, N.S.W. 1797, Australia email: {yding,yan}@cit.uws.edu.au
Debugging Prolog Programs. Contents The basic Prolog debugger Tracing program execution Spying on problem predicates
Debugging Prolog Programs Prof. Geraint A. Wiggins Centre for Cognition, Computation and Culture Goldsmiths College, University of London Contents The basic Prolog debugger Tracing program execution Spying
Tool Support for Model-Based Database Design with Event-B
Tool Support for Model-Based Database Design with Event-B Ahmed Al-Brashdi, Michael Butler, Abdolbaghi Rezazadeh, and Colin Snook University of Southampton, Southampton, UK {azab1g14,mjb,ra3,cfs}@ecs.soton.ac.uk
Software Engineering Reference Framework
Software Engineering Reference Framework Michel Chaudron, Jan Friso Groote, Kees van Hee, Kees Hemerik, Lou Somers, Tom Verhoeff. Department of Mathematics and Computer Science Eindhoven University of
InvGen: An Efficient Invariant Generator
InvGen: An Efficient Invariant Generator Ashutosh Gupta and Andrey Rybalchenko Max Planck Institute for Software Systems (MPI-SWS) Abstract. In this paper we present InvGen, an automatic linear arithmetic
MICHIGAN TEST FOR TEACHER CERTIFICATION (MTTC) TEST OBJECTIVES FIELD 050: COMPUTER SCIENCE
MICHIGAN TEST FOR TEACHER CERTIFICATION (MTTC) TEST OBJECTIVES Subarea Educational Computing and Technology Literacy Computer Systems, Data, and Algorithms Program Design and Verification Programming Language
On strong fairness in UNITY
On strong fairness in UNITY H.P.Gumm, D.Zhukov Fachbereich Mathematik und Informatik Philipps Universität Marburg {gumm,shukov}@mathematik.uni-marburg.de Abstract. In [6] Tsay and Bagrodia present a correct
An Integrated Collection of Tools for Continuously Improving the Processes by Which Health Care is Delivered: A Tool Report
An Integrated Collection of Tools for Continuously Improving the Processes by Which Health Care is Delivered: A Tool Report Leon J. Osterweil, Lori A. Clarke, George S. Avrunin Department of Computer Science
A Security Domain Model for Static Analysis and Verification of Software Programs
A Security Domain Model for Static Analysis and Verification of Software Programs Alan B. Shaffer Naval Postgraduate School Computer Science Dept Monterey, CA, USA abshaffe@nps.edu Abstract- Unauthorized
CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing
CS Master Level Courses and Areas The graduate courses offered may change over time, in response to new developments in computer science and the interests of faculty and students; the list of graduate
Formal Verification by Model Checking
Formal Verification by Model Checking Natasha Sharygina Carnegie Mellon University Guest Lectures at the Analysis of Software Artifacts Class, Spring 2005 1 Outline Lecture 1: Overview of Model Checking
Building Confidence in the Quality and Reliability of Critical Software
Building Confidence in the Quality and Reliability of Critical Software Jay Abraham, MathWorks Jon Friedman, MathWorks Abstract. Software in critical civilian and military aerospace applications, including
Data Model Bugs. Ivan Bocić and Tevfik Bultan
Data Model Bugs Ivan Bocić and Tevfik Bultan Department of Computer Science University of California, Santa Barbara, USA bo@cs.ucsb.edu bultan@cs.ucsb.edu Abstract. In today s internet-centric world, web
A Classification of Model Checking-Based Verification Approaches for Software Models
Volt Second Workshop on Verification Of Model Transformations, 2013, A Classification of Model Checking-Based Verification Approaches for Software Models Sebastian Gabmeyer a Petra Brosch a Martina Seidl
Automated Model-Based Testing of Embedded Real-Time Systems
Automated Model-Based Testing of Embedded Real-Time Systems Jan Peleska jp@tzi.de University of Bremen Bieleschweig Workshop 7 2006-05-05 Outline Technologie-Zentrum Informatik Objectives Basic concepts
Juhan Ernits Inst. of Cybernetics / Dept. of Comp Sci. Tallinn University of Technology Tallinn, Estonia
Model Based Testing with NModel Juhan Ernits Inst. of Cybernetics / Dept. of Comp Sci. Tallinn University of Technology Tallinn, Estonia Who is this guy? Occupation: a researcher at the Institute of Cybernetics
Toward Model-Based Verification of Adaptive Allocation Managers
Toward Model-Based Verification of Adaptive Allocation Managers William Leal, Frank Drews, Chang Liu, Lonnie Welch Ohio University { leal@cs.ohiou.edu, drews@ohiou.edu, changliu@cs.ohiou.edu, welch@ohio.edu
Software Modeling and Verification
Software Modeling and Verification Alessandro Aldini DiSBeF - Sezione STI University of Urbino Carlo Bo Italy 3-4 February 2015 Algorithmic verification Correctness problem Is the software/hardware system
Run-Time Monitoring of Goal-Oriented Requirements Specifications
Department of Computer Science University College London University of London Run-Time Monitoring of Goal-Oriented Requirements Specifications Andrew Ross Dingwall-Smith Submitted for the degree of Doctor
UML Models. Lecture 10, Part 1: Verification and Validation. UML Models [2] Non-UML models. Verification and Validation.
UML Models Lecture 10, Part 1: and Jennifer Campbell CSC340 - Winter 2007 Activity diagrams capture business processes involving concurrency and synchronization good for analyzing dependencies between
Industrial Use of THE B METHOD
Industrial Use of THE B METHOD introducing B n a formal method Ë specification method based on a mathematical formalism to build models n with refinement Ë to structure a model step by step from abstract
Abstract Data Types in Event-B An Application of Generic Instantiation
Abstract Data Types in Event-B An Application of Generic Instantiation David Basin 1, Andreas Fürst 1, Thai Son Hoang 1, Kunihiko Miyazaki 2, and Naoto Sato 2 1 Institute of Information Security, ETH Zurich
Testing LTL Formula Translation into Büchi Automata
Testing LTL Formula Translation into Büchi Automata Heikki Tauriainen and Keijo Heljanko Helsinki University of Technology, Laboratory for Theoretical Computer Science, P. O. Box 5400, FIN-02015 HUT, Finland
A Generic Visualization Platform for CP
A Generic Visualization Platform for CP Helmut Simonis and Paul Davern and Jacob Feldman and Deepak Mehta and Luis Quesada and Mats Carlsson 2 Cork Constraint Computation Centre Department of Computer
Verifying Semantic of System Composition for an Aspect-Oriented Approach
2012 International Conference on System Engineering and Modeling (ICSEM 2012) IPCSIT vol. 34 (2012) (2012) IACSIT Press, Singapore Verifying Semantic of System Composition for an Aspect-Oriented Approach
A Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation
PLDI 03 A Static Analyzer for Large Safety-Critical Software B. Blanchet, P. Cousot, R. Cousot, J. Feret L. Mauborgne, A. Miné, D. Monniaux,. Rival CNRS École normale supérieure École polytechnique Paris
An Approach for Generating Concrete Test Cases Utilizing Formal Specifications of Web Applications
An Approach for Generating Concrete Test Cases Utilizing Formal Specifications of Web Applications Khusbu Bubna RC Junit concrete test cases suitable for execution on the implementation. The remainder
Automated Program Behavior Analysis
Automated Program Behavior Analysis Stacy Prowell sprowell@cs.utk.edu March 2005 SQRL / SEI Motivation: Semantics Development: Most engineering designs are subjected to extensive analysis; software is
Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder
Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder Matt Department of Computer Science and Engineering University of Minnesota staats@cs.umn.edu Abstract We present
11-QA 1 11-QA. Increased cost to distribute modifications Technical reviews. Increased customer support Document reviews
Software Qualities Quality Assurance Maintainer Go Documentation Readable Ce Go Design Functionality Ease of use Ease of learning User Reliability Correctness Efficiency Low Cost Portability Increased
Formal System Modelling Using Abstract Data Types in Event-B
The final publication is available at link.springer.com. http://dx.doi.org/10.1007/978-3-662-43652-3 20 Formal System Modelling Using Abstract Data Types in Event-B Andreas Fürst 1, Thai Son Hoang 1, David
DiPro - A Tool for Probabilistic Counterexample Generation
DiPro - A Tool for Probabilistic Counterexample Generation Husain Aljazzar, Florian Leitner-Fischer, Stefan Leue, and Dimitar Simeonov University of Konstanz, Germany Abstract. The computation of counterexamples
Automated Theorem Proving - summary of lecture 1
Automated Theorem Proving - summary of lecture 1 1 Introduction Automated Theorem Proving (ATP) deals with the development of computer programs that show that some statement is a logical consequence of
Using B as a High Level Programming Language in an Industrial Project: Roissy VAL
Using B as a High Level Programming Language in an Industrial Project: Roissy VAL ClearSy and Siemens Transportation Systems Abstract. In this article we would like to go back on B used to design software,
Formal Software Testing. Terri Grenda, CSTE IV&V Testing Solutions, LLC www.ivvts.com
Formal Software Testing Terri Grenda, CSTE IV&V Testing Solutions, LLC www.ivvts.com Scope of Testing Find defects early Remove defects prior to production Identify Risks Unbiased opinion When Should Testing
Introducing Formal Methods into Industry using Cleanroom and CSP
Guy H. Broadfoot, Chief Technical Director, Verum Consultants. TOOLS Introducing Formal Methods into Industry using Cleanroom and CSP In this paper, we present an overview of our observations and experiences
Rigorous Development of Automated Inconsistency Checks for Digital Evidence Using the B Method
Rigorous Development of Automated Inconsistency Checks for Digital Evidence Using the B Method Pavel Gladyshev School of Computer Science and Informatics University College Dublin, Ireland Andreas Enbacka
Fundamental Computer Science Concepts Sequence TCSU CSCI SEQ A
Fundamental Computer Science Concepts Sequence TCSU CSCI SEQ A A. Description Introduction to the discipline of computer science; covers the material traditionally found in courses that introduce problem
Verification of Component-Based Software Application Families
Verification of Component-Based Software Application Families Fei Xie 1 and James C. Browne 2 1 Dept. of Computer Science, Portland State Univ., Portland, OR 97207 xie@cs.pdx.edu 2 Dept. of Computer Sciences,
8.7 Mathematical Induction
8.7. MATHEMATICAL INDUCTION 8-135 8.7 Mathematical Induction Objective Prove a statement by mathematical induction Many mathematical facts are established by first observing a pattern, then making a conjecture
Chapter 12. THE ADAPTIVE CRUISE CONTROLLER CASE STUDY Visualisation, Validation, and Temporal Verification 1. INTRODUCTION
Chapter 12 THE ADAPTIVE CRUISE CONTROLLER CASE STUDY Visualisation, Validation, and Temporal Verification Alexander Krupp 1, Ola Lundkvist 2, Tim Schattkowsky 1 and Colin Snook 3 1 Paderborn University;
Validation of Regulation Documents by Automated Analysis of Formal Models
800 Regulations Modelling and their Validation and Verification Validation of Regulation Documents by Automated Analysis of Formal Models Didier Bert 1, Fabrice Bouquet 2, Yves Ledru 1, and Sylvie Vignes
Formal Specification and Verification
Formal Specification and Verification Stefan Ratschan Katedra číslicového návrhu Fakulta informačních technologíı České vysoké učení technické v Praze 2. 5. 2011 Stefan Ratschan (FIT ČVUT) PI-PSC 4 2.
Algorithms, Flowcharts & Program Design. ComPro
Algorithms, Flowcharts & Program Design ComPro Definition Algorithm: o sequence of steps to be performed in order to solve a problem by the computer. Flowchart: o graphical or symbolic representation of
Artificial Intelligence (LISP)
Artificial Intelligence (LISP) Introduction Artificial Intelligence (AI) is a broad field, and means different things to different people. It is concerned with getting computers to do tasks that require
Requirement Traceability in Topcased with the Requirements Interchange Format (RIF/ReqIF)
Requirement Traceability in Topcased with the Requirements Interchange Format (RIF/ReqIF) 1 Overview Submission for First Topcased Days Toulouse 2011 Andreas Graf, Michael Jastram One important step of
StaRVOOrS: A Tool for Combined Static and Runtime Verification of Java
StaRVOOrS: A Tool for Combined Static and Runtime Verification of Java Jesús Mauricio Chimento 1, Wolfgang Ahrendt 1, Gordon J. Pace 2, and Gerardo Schneider 3 1 Chalmers University of Technology, Sweden.
Language-Independent Model Transformation Verification K. Lano, S. Kolahdouz-Rahimi, T. Clark King s College London; University of Middlesex
Language-Independent Model Transformation Verification K. Lano, S. Kolahdouz-Rahimi, T. Clark King s College London; University of Middlesex 1 Language-independent MT verification One hinderance to MT
Extending Semantic Resolution via Automated Model Building: applications
Extending Semantic Resolution via Automated Model Building: applications Ricardo Caferra Nicolas Peltier LIFIA-IMAG L1F1A-IMAG 46, Avenue Felix Viallet 46, Avenue Felix Viallei 38031 Grenoble Cedex FRANCE
Reinforcement Learning
Reinforcement Learning LU 2 - Markov Decision Problems and Dynamic Programming Dr. Martin Lauer AG Maschinelles Lernen und Natürlichsprachliche Systeme Albert-Ludwigs-Universität Freiburg martin.lauer@kit.edu
Formal Verification Methods 3: Model Checking
Formal Verification Methods 3: Model Checking John Harrison Intel Corporation Marktoberdorf 2003 Fri 1st August 2003 (11:25 12:10) This presentation was not given in Marktoberdorf since it mostly duplicates
VeriTech - A Framework for Translating among Model Description Notations
Software Tools for Technology Transfer manuscript No. (will be inserted by the editor) VeriTech - A Framework for Translating among Model Description Notations Orna Grumberg and Shmuel Katz Computer Science
Module 7. Software Engineering Issues. Version 2 EE IIT, Kharagpur 1
Module 7 Software Engineering Issues Version 2 EE IIT, Kharagpur 1 Lesson 34 Requirements Analysis and Specification Version 2 EE IIT, Kharagpur 2 Specific Instructional Objectives At the end of this lesson,
Automated Formal Analysis of Internet Routing Systems
Automated Formal Analysis of Internet Routing Systems Boon Thau Loo University of Pennsylvania [Joint work with Anduo Wang (Penn -> UIUC), Wenchao Zhou (Georgetown), Andre Scedrov (Penn), Limin Jia (CMU),
CMSC 858T: Randomized Algorithms Spring 2003 Handout 8: The Local Lemma
CMSC 858T: Randomized Algorithms Spring 2003 Handout 8: The Local Lemma Please Note: The references at the end are given for extra reading if you are interested in exploring these ideas further. You are
[Refer Slide Time: 05:10]
Principles of Programming Languages Prof: S. Arun Kumar Department of Computer Science and Engineering Indian Institute of Technology Delhi Lecture no 7 Lecture Title: Syntactic Classes Welcome to lecture
The Classes P and NP
The Classes P and NP We now shift gears slightly and restrict our attention to the examination of two families of problems which are very important to computer scientists. These families constitute the
Software safety - DEF-STAN 00-55
Software safety - DEF-STAN 00-55 Where safety is dependent on the safety related software (SRS) fully meeting its requirements, demonstrating safety is equivalent to demonstrating correctness with respect
Model Checking II Temporal Logic Model Checking
1/32 Model Checking II Temporal Logic Model Checking Edmund M Clarke, Jr School of Computer Science Carnegie Mellon University Pittsburgh, PA 15213 2/32 Temporal Logic Model Checking Specification Language:
Quick Start Guide. June 3, 2012
The ERIGONE Model Checker Quick Start Guide Mordechai (Moti) Ben-Ari Department of Science Teaching Weizmann Institute of Science Rehovot 76100 Israel http://stwww.weizmann.ac.il/g-cs/benari/ June 3, 2012
Chapter II. Controlling Cars on a Bridge
Chapter II. Controlling Cars on a Bridge 1 Introduction The intent of this chapter is to introduce a complete example of a small system development. During this development, you will be made aware of the
More Abstract Information. More Concrete Information
Abstract Interpretation Sorin Lerner June 4, 2001 1 Introduction The work surveyed in class so far was not concerned with proving correctness of dataflow analyses. We saw algorithms for computing properties
CPSC 211 Data Structures & Implementations (c) Texas A&M University [ 313]
CPSC 211 Data Structures & Implementations (c) Texas A&M University [ 313] File Structures A file is a collection of data stored on mass storage (e.g., disk or tape) Why on mass storage? too big to fit
Reinforcement Learning
Reinforcement Learning LU 2 - Markov Decision Problems and Dynamic Programming Dr. Joschka Bödecker AG Maschinelles Lernen und Natürlichsprachliche Systeme Albert-Ludwigs-Universität Freiburg jboedeck@informatik.uni-freiburg.de
An Automated Development Process for Interlocking Software that. Cuts Costs and Provides Improved Methods for Checking Quality.
An Automated Development Process for Interlocking Software that Cuts Costs and Provides Improved Methods for Checking Quality and Safety Authors: Claes Malmnäs Prover Technology Rosenlundsgatan 54 118
Division of Mathematical Sciences
Division of Mathematical Sciences Chair: Mohammad Ladan, Ph.D. The Division of Mathematical Sciences at Haigazian University includes Computer Science and Mathematics. The Bachelor of Science (B.S.) degree
Formal Methods in Security Protocols Analysis
Formal Methods in Security Protocols Analysis Li Zhiwei Aidong Lu Weichao Wang Department of Computer Science Department of Software and Information Systems University of North Carolina at Charlotte Big
Verification of Imperative Programs in Theorema
Verification of Imperative Programs in Theorema Laura Ildikó Kovács, Nikolaj Popov, Tudor Jebelean 1 Research Institute for Symbolic Computation, Johannes Kepler University, A-4040 Linz, Austria Institute
6.080/6.089 GITCS Feb 12, 2008. Lecture 3
6.8/6.89 GITCS Feb 2, 28 Lecturer: Scott Aaronson Lecture 3 Scribe: Adam Rogal Administrivia. Scribe notes The purpose of scribe notes is to transcribe our lectures. Although I have formal notes of my
AUTOMATIC PROTOCOL CREATION FOR INFORMATION SECURITY SYSTEM
AUTOMATIC PROTOCOL CREATION FOR INFORMATION SECURITY SYSTEM Mr. Arjun Kumar arjunsingh@abes.ac.in ABES Engineering College, Ghaziabad Master of Computer Application ABSTRACT Now a days, security is very
Chapter 4 Software Lifecycle and Performance Analysis
Chapter 4 Software Lifecycle and Performance Analysis This chapter is aimed at illustrating performance modeling and analysis issues within the software lifecycle. After having introduced software and
Today s Agenda. Automata and Logic. Quiz 4 Temporal Logic. Introduction Buchi Automata Linear Time Logic Summary
Today s Agenda Quiz 4 Temporal Logic Formal Methods in Software Engineering 1 Automata and Logic Introduction Buchi Automata Linear Time Logic Summary Formal Methods in Software Engineering 2 1 Buchi Automata
Formal Verification and Linear-time Model Checking
Formal Verification and Linear-time Model Checking Paul Jackson University of Edinburgh Automated Reasoning 21st and 24th October 2013 Why Automated Reasoning? Intellectually stimulating and challenging