A computational logic handbook
A computational logic handbook
Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS
IEEE Transactions on Software Engineering
Mathematical Notation in Formal Specification: Too Difficult for the Masses?
IEEE Transactions on Software Engineering
An Industrial Strength Theorem Prover for a Logic Based on Common Lisp
IEEE Transactions on Software Engineering
Reaching Agreement in the Presence of Faults
Journal of the ACM (JACM)
The Byzantine Generals Problem
ACM Transactions on Programming Languages and Systems (TOPLAS)
PVS: A Prototype Verification System
CADE-11 Proceedings of the 11th International Conference on Automated Deduction: Automated Deduction
An Introduction to Requirements Capture Using PVS: Specification of a Simple Autopilot
An Introduction to Requirements Capture Using PVS: Specification of a Simple Autopilot
Verifying the Interactive Convergence Clock Synchronization algorithm Using the Boyer-Moore Theorem Prover
Formal Verification of an Oral Messages Algorithm for Interactive Consistency
Formal Verification of an Oral Messages Algorithm for Interactive Consistency
An Industrial Strength Theorem Prover for a Logic Based on Common Lisp
IEEE Transactions on Software Engineering
Systematic Formal Verification for Fault-Tolerant Time-Triggered Algorithms
IEEE Transactions on Software Engineering
| Hi-index | 0.00 |
Achieving interactive consistency among processors in the presence of faults is an important problem in fault tolerant computing, first cleanly formulated by Lamport, Pease, and Shostak and solved in selected cases with their Oral Messages (OM) algorithm. Several machine-supported verifications of this algorithm have been presented, including a particularly elegant formulation and proof by John Rushby using EHDM and PVS. Rushby proposes interactive consistency as a benchmark problem for specification and verification systems. We present a formalization of the OM algorithm in the ACL2 logic and compare our formalization and proof to his. We draw some conclusions concerning the range of desirable features for verification systems. In particular, while higher-order functions, strong typing, lambda abstraction, and full quantification have some value they come with a cost; moreover, many uses of such features can be easily translated into simpler logical constructs, which facilitate more automated proof discovery. We offer a cautionary note about comparing systems with respect to a small set of problems in a limited domain.