“Sometimes” and “not never” revisited: on branching versus linear time temporal logic
Journal of the ACM (JACM) - The MIT Press scientific computation series
Automatic verification of finite-state concurrent systems using temporal logic specifications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Characterizing finite Kripke structures in propositional temporal logic
Theoretical Computer Science - International Joint Conference on Theory and Practice of Software Development, P
Reasoning about systems with many processes
Journal of the ACM (JACM)
Introduction to HOL: a theorem proving environment for higher order logic
Introduction to HOL: a theorem proving environment for higher order logic
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An Industrial Strength Theorem Prover for a Logic Based on Common Lisp
IEEE Transactions on Software Engineering
A note on reliable full-duplex transmission over half-duplex links
Communications of the ACM
Expressing interesting properties of programs in propositional temporal logic
POPL '86 Proceedings of the 13th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
"Sometime" is sometimes "not never": on the temporal logic of programs
POPL '80 Proceedings of the 7th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Combining Model Checking and Deduction for I/O-Automata
TACAS '95 Proceedings of the First International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Simple Characterization of Stuttering Bisimulation
Proceedings of the 17th Conference on Foundations of Software Technology and Theoretical Computer Science
Specification and verification of concurrent systems in CESAR
Proceedings of the 5th Colloquium on International Symposium on Programming
Experiments in Theorem Proving and Model Checking for Protocol Verification
FME '96 Proceedings of the Third International Symposium of Formal Methods Europe on Industrial Benefit and Advances in Formal Methods
Construction of Abstract State Graphs with PVS
CAV '97 Proceedings of the 9th International Conference on Computer Aided Verification
CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic
Logic of Programs, Workshop
Correctness of Pipelined Machines
FMCAD '00 Proceedings of the Third International Conference on Formal Methods in Computer-Aided Design
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Refinement and theorem proving
SFM'06 Proceedings of the 6th international conference on Formal Methods for the Design of Computer, Communication, and Software Systems
Specification and Verification of Concurrent Programs Through Refinements
Journal of Automated Reasoning
| Hi-index | 0.00 |
We present an approach to verification that combines the strengths of model-checking and theorem proving. We use theorem proving to show a bisimulation up to stuttering on a--potentially infinite-state--system. Our characterization of stuttering bisimulation allows us to do such proofs by reasoning only about single steps of the system. We present an on-the-fly method that extracts the reachable quotient structure induced by the bisimulation, if the structure is finite. If our specification is a temporal logic formula, we model-check the quotient structure. If our specification is a simpler system, we use an equivalence checker to show that the quotient structure is stuttering bisimilar to the simpler system. The results obtained on the quotient structure lift to the original system, because the quotient, by construction, is refined by the original system. We demonstrate our methodology by verifying the alternating bit protocol. This protocol cannot be directly model-checked because it has an infinite-state space; however, using the theorem prover ACL2, we show that the protocol is stuttering bisimilar to a small finite-state system, which we model-check. We also show that the alternating bit protocol is a refinement of a non-lossy system.