The Boyer-Moore Prover and Nuprl: an experimental comparison
Logical frameworks
The Z notation: a reference manual
The Z notation: a reference manual
Formal hardware verification methods: a survey
Formal Methods in System Design - Special issue on computer-aided verification: general methods
The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
CSP-OZ: a combination of object-Z and CSP
FMOODS '97 Proceedings of the IFIP TC6 WG6.1 international workshop on Formal methods for open object-based distributed systems
Refinement and Verification of Concurrent Systems Specified in Object-Z and CSP
ICFEM '97 Proceedings of the 1st International Conference on Formal Engineering Methods
Isabelle/HOL: a proof assistant for higher-order logic
Isabelle/HOL: a proof assistant for higher-order logic
Extensible Universes for Object-Oriented Data Models
ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
An Extensible Encoding of Object-oriented Data Models in hol
Journal of Automated Reasoning
Hi-index | 0.00 |
We report on a case study in using HOL-Z, an embedding of Z in higher-order logic, to specify and verify a security architecture for administering digital signatures. We have used HOL-Z to formalize and combine both data-oriented and process-oriented architectural views. Afterwards, we formalized temporal requirements in Z and carried out verification in higher-order logic. The same architecture has been previously verified using the SPIN model checker. Based on this, we provide a detailed comparison of these two different approaches to formalization (infinite state with rich data types versus finite state) and verification (theorem proving versus model checking). Contrary to common belief, our case study suggests that Z is well suited for temporal reasoning about process models with rich data. Moreover, our comparison highlights the advantages of this approach and provides evidence that, in the hands of experienced users, theorem proving is neither substantially more time-consuming nor more complex than model checking.