-
A compositional simulation framework for Abstract State Machine models of Discrete Event Systems Form. Asp. Comput. (IF 1.0) Pub Date : 2024-03-16 Silvia Bonfanti, Angelo Gargantini, Elvinia Riccobene, Patrizia Scandurra
Modeling complex system requirements often requires specifying system components in separate models, which can be validated and verified in isolation from each other, and then integrating all components’ behavior in order to validate the operation of the whole system. If models are executable, as for state-based formal specifications, engines to orchestrate the simulation of separate component operational
-
The universality of functions in the sciences at large and in computing Form. Asp. Comput. (IF 1.0) Pub Date : 2024-03-06 Raymond Boute
Universality of a concept here means wide conceptual and practical usefulness in mathematics and applications. The function concept owes its universality to simplicity, generality and powerful algebraic properties. Advantages proven in the sciences at large significantly benefit computing science as well. Universality critically depends on the definitional choices. The first half of this paper shows
-
Modeling and Verification of Natural Language Requirements based on States and Modes Form. Asp. Comput. (IF 1.0) Pub Date : 2024-02-05 Yinling Liu, Jean-Michel Bruel
The relationship between states (status of a system) and modes (capabilities of a system) used to describe system requirements is often poorly defined. The unclear relationship could make systems of interest out of control because of the out of boundaries of the systems caused by the newly added modes. Formally modeling and verifying requirements can clarify the relationship, making the system safer
-
The concept of class invariant in object-oriented programming Form. Asp. Comput. (IF 1.0) Pub Date : 2024-01-24 Bertrand Meyer, Alisa Arkadova, Alexander Kogtenkov
Class invariants — consistency constraints preserved by every operation on objects of a given type — are fundamental to building, understanding and verifying object-oriented programs. For verification, however, they raise difficulties, which have not yet received a generally accepted solution. The present work introduces a proof rule meant to address these issues and allow verification tools to benefit
-
iStar Goal Model to Z Formal Model Translation and Model Checking of CBTC Moving Block Interlocking System Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-27 Lokanna Kadakolmath, Umesh D. Ramu
The reliability and safety of complex software systems are provided by extracting safety requirements from regulations and operational environments and later specifying these requirements precisely. At the early stage, these extracted safety requirements are informal. Typically, they cope with non-functional requirements. Analysis of early requirements using traditional methods is inadequate because
-
Explanatory Denotational Semantics for Complex Event Patterns Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-20 Bartosz Zieliński
Recent years brought popularity and importance of complex event processing (CEP) and associated query languages. CEP systems can be hard to understand. It is often non-trivial to determine streams of events matched by a query, and sometimes we may not notice important edge cases. Hence, the desirability of formal semantics permitting reasoning about resulting complex events and checking if actual matchings
-
Refinement-based Specification and Analysis of Multi-core ARINC 653 Using Event-B Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-21 Feng Zhang, Leping Zhang, Yongwang Zhao, Yang Liu, Jun Sun
ARINC 653 as the de facto standard of partitioning operating systems has been applied in many safety-critical domains. The multi-core version of ARINC 653, ARINC 653 Part 1-4 (Version 4), provides support for services to be utilized with a module that contains multiple processor cores. Formal specification and analysis of this standard document could provide a rigorous specification and uncover concealed
-
FVF-AKA: A Formal Verification Framework of AKA Protocols for Multi-server IoT Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-20 Yuan Fei, Huibiao Zhu, Jiaqi Yin
As IoT in a multi-server environment increases resources’ utilization, more and more problems of IoT authentication and key agreement are being revealed. The Authentication and Key Agreement (AKA) protocol plays an important role in solving these problems. Many AKA protocols have been proposed, and some of them support their own verifications. However, a unifying verification framework for multi-server
-
Toward Verifying Cooperatively Scheduled Runtimes Using CSP Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-21 Jan Bækgaard Pedersen, Kevin Chalmers
In this article, we present the novel verification of synchronous channel communication and channel alternation (choice) by considering the environment within which our primitives are executing. Our work is in exploring development of a multi-threaded scheduler for a cooperatively scheduled process-oriented language, ProcessJ. We use communicating sequential processes to produce formal specifications
-
Rooted Divergence-Preserving Branching Bisimilarity is a Congruence for Guarded CCS Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-20 Quan Sun, David N. Jansen, Xinxin Liu, Wei Zhang
Branching bisimilarity is a well-known equivalence relation for labelled transition systems. Based on this equivalence relation, with an additional simple rootedness condition, a congruence relation for calculus of communication system (CCS) processes can be obtained. However, neither branching bisimilarity nor the corresponding congruence relation preserves divergence, and it is still a question whether
-
RoboWorld: Verification of Robotic Systems with Environment in the Loop Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-20 James Baxter, Gustavo Carvalho, Ana Cavalcanti, Francisco Rodrigues Júnior
A robot affects and is affected by its environment, so that typically its behaviour depends on properties of that environment. For verification, we need to formalise those properties. Modelling the environment is very challenging, if not impossible, but we can capture assumptions. Here, we present RoboWorld, a domain-specific controlled natural language with a process algebraic semantics that can be
-
State machines for large scale computer software and systems Form. Asp. Comput. (IF 1.0) Pub Date : 2023-11-22 Victor Yodaiken
The behavior and architecture of large scale discrete state systems found in computer software and hardware can be specified and analyzed using a particular class of primitive recursive functions. This paper begins with an illustration of the utility of the method via a number of small examples and then via longer specification and verification of the ”Paxos” distributed consensus algorithm[26]. The
-
Kaki: Efficient Concurrent Update Synthesis for SDN Form. Asp. Comput. (IF 1.0) Pub Date : 2023-10-06 Nicklas S. Johansen, Lasse B. Kær, Andreas L. Madsen, Kristian Ø. Nielsen, Jiří Srba, Rasmus G. Tollund
Modern computer networks based on the software-defined networking (SDN) paradigm are becoming increasingly complex and often require frequent configuration changes in order to react to traffic fluctuations. It is essential that forwarding policies are preserved not only before and after the configuration update but also at any moment during the inherently distributed execution of such an update. We
-
Introduction to the Special Collection from iFM 2022 Form. Asp. Comput. (IF 1.0) Pub Date : 2023-09-26 Rosemary Monahan, Maurice H. ter Beek
This special collection arose from the 17th International Conference on integrated Formal Methods (iFM) held in beautiful Lugano, Switzerland, hosted by the Software Institute of USI Università della Svizzera italiana.
-
Compositional Analysis of Probabilistic Timed Graph Transformation Systems Form. Asp. Comput. (IF 1.0) Pub Date : 2023-09-13 Maria Maximova, Sven Schneider, Holger Giese
The analysis of behavioral models is of high importance for cyber-physical systems, as the systems often encompass complex behavior based on, e.g., concurrent components with mutual exclusion or probabilistic failures on demand. The rule-based formalism of Probabilistic Timed Graph Transformation Systems (PTGTSs) is a suitable choice when the models representing states of the system can be understood
-
Bit-Vector Typestate Analysis Form. Asp. Comput. (IF 1.0) Pub Date : 2023-09-13 Alen Arslanagić, Pavle Subotić, Jorge A. Pérez
Static analyses based on typestates are important in certifying correctness of code contracts. Such analyses rely on Deterministic Finite Automata (DFAs) to specify properties of an object. We target the analysis of contracts in low-latency environments, where many useful contracts are impractical to codify as DFAs and/or the size of their associated DFAs leads to sub-par performance. To address this
-
Termination and Expressiveness of Execution Strategies for Networks of Bidirectional Model Transformations Form. Asp. Comput. (IF 1.0) Pub Date : 2023-09-13 Heiko Klare, Joshua Gleitze
When developers describe a software system with multiple models, such as architecture diagrams, deployment descriptions, and source code, these models must represent the system in a uniform way, i.e., they must be and stay consistent. One means to automatically preserve consistency after changes to models are model transformations, of which bidirectional transformations that preserve consistency between
-
Formal Specification and Verification of JDK’s Identity Hash Map Implementation Form. Asp. Comput. (IF 1.0) Pub Date : 2023-09-13 Martin De Boer, Stijn De Gouw, Jonas Klamroth, Christian Jung, Mattias Ulbrich, Alexander Weigl
Hash maps are a common and important data structure in efficient algorithm implementations. Despite their wide-spread use, real-world implementations are not regularly verified. In this article, we present the first case study of the IdentityHashMap class in the Java JDK. We specified its behavior using the Java Modeling Language (JML) and proved correctness for the main insertion and lookup methods
-
JMLKelinci+: Detecting Semantic Bugs and Covering Branches with Valid Inputs using Coverage-Guided Fuzzing and Runtime Assertion Checking Form. Asp. Comput. (IF 1.0) Pub Date : 2023-08-05 Amirfarhad Nilizadeh, Gary T. Leavens, Corina S. Păsăreanu, Yannic Noller
Testing to detect semantic bugs is essential, especially for critical systems. Coverage-guided fuzzing (CGF) and runtime assertion checking (RAC) are two well-known approaches for detecting semantic bugs. CGF aims to generate test inputs with high code coverage. However, while CGF tools can be equipped with sanitizers to detect a fixed set of semantic bugs, they can otherwise only detect bugs that
-
Sound Runtime Assertion Checking for Memory Properties via Program Transformation Form. Asp. Comput. (IF 1.0) Pub Date : 2023-07-31 Dara Ly, Nikolai Kosmatov, Frédéric Loulergue, Julien Signoles
Runtime Assertion Checking (RAC) for expressive specification languages is a non-trivial verification task, that becomes even more complex for memory-related properties of imperative languages with dynamic memory allocation. It is important to ensure the soundness of RAC verdicts, in particular when RAC reports the absence of failures for execution traces. This paper presents a formalization of a program
-
Multi-objective ω-Regular Reinforcement Learning Form. Asp. Comput. (IF 1.0) Pub Date : 2023-07-18 Ernst Moritz Hahn, Mateo Perez, Sven Schewe, Fabio Somenzi, Ashutosh Trivedi, Dominik Wojtczak
The expanding role of reinforcement learning (RL) in safety-critical system design has promoted ω-automata as a way to express learning requirements—often non-Markovian—with greater ease of expression and interpretation than scalar reward signals. However, real-world sequential decision making situations often involve multiple, potentially conflicting, objectives. Two dominant approaches to express
-
Towards Verifying Cooperatively-Scheduled Runtimes using CSP Form. Asp. Comput. (IF 1.0) Pub Date : 2023-07-12 Jan Bækgaard Pedersen, Kevin Chalmers
In this paper we present the novel verification of synchronous channel communication and channel alternation (choice) by considering the environment within which our primitives are executing. Our work is in exploring development of a multi-threaded scheduler for a cooperatively scheduled process-oriented language, ProcessJ. We use CSP to produce formal specifications for the implementation of the various
-
Explanatory Denotational Semantics for Complex Event Patterns Form. Asp. Comput. (IF 1.0) Pub Date : 2023-07-10 Bartosz Zieliński
Recent years brought popularity and importance of complex event processing (CEP) and associated query languages. CEP systems can be hard to understand. It is often non-trivial to determine streams of events matched by a query, and sometimes we may not notice important edge cases. Hence, the desirability of formal semantics permitting reasoning about resulting complex events and checking if actual matchings
-
On Lexicographic Proof Rules for Probabilistic Termination Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-23 Krishnendu Chatterjee, Ehsan Kafshdar Goharshady, Petr Novotný, Jiří Zárevúcky, Đorđe Žikelić
We consider the almost-sure (a.s.) termination problem for probabilistic programs, which are a stochastic extension of classical imperative programs. Lexicographic ranking functions provide a sound and practical approach for termination of non-probabilistic programs, and their extension to probabilistic programs is achieved via lexicographic ranking supermartingales (LexRSMs). However, LexRSMs introduced
-
Identifying Overly Restrictive Matching Patterns in SMT-based Program Verifiers (Extended Version) Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-24 Alexandra Bugariu, Arshavir Ter-Gabrielyan, Peter Müller
Universal quantifiers occur frequently in proof obligations produced by program verifiers, for instance, to axiomatize uninterpreted functions and to statically express properties of arrays. SMT-based verifiers typically reason about them via E-matching, an SMT algorithm that requires syntactic matching patterns to guide the quantifier instantiations. Devising good matching patterns is challenging
-
Mechanised Operational Reasoning for C11 Programs with Relaxed Dependencies Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-23 Daniel Wright, Sadegh Dalvandi, Mark Batty, Brijesh Dongol
Verification techniques for C11 programs have advanced significantly in recent years with the development of operational semantics and associated logics for increasingly large fragments of C11. However, these semantics and logics have been developed in a restricted setting to avoid the thin-air-read problem. In this article, we propose an operational semantics that leverages an intra-thread partial
-
Kaki: Efficient Concurrent Update Synthesis for SDN Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-23 Nicklas S. Johansen, Lasse B. Kær, Andreas L. Madsen, Kristian Ø. Nielsen, Jiří Srba, Rasmus G. Tollund
Modern computer networks based on the software-defined networking (SDN) paradigm are becoming increasingly complex and often require frequent configuration changes in order to react to traffic fluctuations. It is essential that forwarding policies are preserved not only before and after the configuration update but also at any moment during the inherently distributed execution of such an update. We
-
Compositional Reasoning for Non-multicopy Atomic Architectures Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-23 Nicholas Coughlin, Kirsten Winter, Graeme Smith
Rely/guarantee reasoning provides a compositional approach to reasoning about concurrent programs. However, such reasoning traditionally assumes a sequentially consistent memory model and hence is unsound on modern hardware in the presence of data races. In this article, we present a rely/guarantee-based approach for non-multicopy atomic weak memory models, i.e., where a thread’s stores are not simultaneously
-
From Non-punctuality to Non-adjacency: A Quest for Decidability of Timed Temporal Logics with Quantifiers Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-23 Shankara Narayanan Krishna, Khushraj Madnani, Manuel Mazo Jr., Paritosh Pandya
Metric Temporal Logic (MTL) and Timed Propositional Temporal Logic (TPTL) are prominent real-time extensions of Linear Temporal Logic (LTL). In general, the satisfiability checking problem for these extensions is undecidable when both the future (Until, U) and the past (Since, S) modalities are used (denoted by MTL[U,S] and TPTL[U,S]). In a classical result, the satisfiability checking for Metric Interval
-
Benchmarking Combinations of Learning and Testing Algorithms for Automata Learning Form. Asp. Comput. (IF 1.0) Pub Date : 2023-06-21 Bernhard K. Aichernig, Martin Tappler, Felix Wallner
Automata learning enables model-based analysis of black-box systems by automatically constructing models from system observations, which are often collected via testing. The required testing budget to learn adequate models heavily depends on the applied learning and testing techniques. Test cases executed for learning (1) collect behavioural information and (2) falsify learned hypothesis automata.
-
FVF-AKA: A Formal Verification Framework of AKA Protocols for Multi-server IoT Form. Asp. Comput. (IF 1.0) Pub Date : 2023-05-25 Yuan Fei, Huibiao Zhu, Jiaqi Yin
As IoT in multi-server environment increases resources utilization, more and more problems of IoT authentication and key agreement are revealed. Authentication and Key Agreement (AKA) protocol plays an important role in solving these problems. Many AKA protocols have been proposed, and some of them support their own verifications. However, there lacks a unifying verification framework for multi-server
-
Formal Specification and Verification of JDK’s Identity Hash Map Implementation Form. Asp. Comput. (IF 1.0) Pub Date : 2023-05-18 Martin de Boer, Stijn de Gouw, Jonas Klamroth, Christian Jung, Mattias Ulbrich, Alexander Weigl
Hash maps are a common and important data structure in efficient algorithm implementations. Despite their wide-spread use, real-world implementations are not regularly verified. In this paper, we present the first case study of the IdentityHashMap class in the Java JDK. We specified its behavior using the Java Modeling Language (JML) and proved correctness for the main insertion and lookup methods
-
Bit-Vector Typestate Analysis Form. Asp. Comput. (IF 1.0) Pub Date : 2023-05-17 Alen Arslanagić, Pavle Subotić, Jorge A. Pérez
Static analyses based on typestates are important in certifying correctness of code contracts. Such analyses rely on Deterministic Finite Automata (DFAs) to specify properties of an object. We target the analysis of contracts in low-latency environments, where many useful contracts are impractical to codify as DFAs and/or the size of their associated DFAs leads to sub-par performance. To address this
-
A Deep Reinforcement Learning Framework with Formal Verification Form. Asp. Comput. (IF 1.0) Pub Date : 2023-03-15 Zakaryae Boudi, Abderrahim Ait Wakrime, Mohamed Toub, Mohamed Haloua
Artificial Intelligence (AI) and data are reshaping organizations and businesses. Human Resources (HR) management and talent development make no exception, as they tend to involve more automation and growing quantities of data. Because this brings implications on workforce, career transparency, and equal opportunities, overseeing what fuels AI and analytical models, their quality standards, integrity
-
A Case in Point: Verification and Testing of a EULYNX Interface Form. Asp. Comput. (IF 1.0) Pub Date : 2023-03-16 Mark Bouwman, Djurre van der Wal, Bas Luttik, Mariëlle Stoelinga, Arend Rensink
We present a case study on the application of formal methods in the railway domain. The case study is part of the FormaSig project, which aims to support the development of EULYNX — a European standard defining generic interfaces for railway equipment — using formal methods. We translate the semi-formal SysML models created within EULYNX to formal mCRL2 models. By adopting a model-centric approach
-
Review on Logical Analysis of Hybrid Systems By André Platzer Springer, 2010, 426 pages, ISBN 978-3-642-14508-7link.springer.com/book/10.1007/978-3-642-14509-4 Form. Asp. Comput. (IF 1.0) Pub Date : 2023-01-29 Gabriele Paveri Fontana
No abstract available.
-
A Refinement-based Formal Development of Cyber-physical Railway Signalling Systems Form. Asp. Comput. (IF 1.0) Pub Date : 2023-01-12 Yamine Aït-Ameur, Sergiy Bogomolov, Guillaume Dupont, Alexei Iliasov, Alexander Romanovsky, Paulius Stankaitis
For years, formal methods have been successfully applied in the railway domain to formally demonstrate safety of railway systems. Despite that, little has been done in the field of formal methods to address the cyber-physical nature of modern railway signalling systems. In this article, we present an approach for a formal development of cyber-physical railway signalling systems that is based on a refinement-based
-
Compositional Verification of Railway Interlocking Systems Form. Asp. Comput. (IF 1.0) Pub Date : 2023-01-12 Anne Elisabeth Haxthausen, Alessandro Fantechi
Model checking techniques have often been applied to the verification of railway interlocking systems, responsible for guiding trains safely through a given railway network. However, these techniques fail to scale to the interlocking systems controlling large stations, composed of hundreds and even thousands of controlled entities, due to the state space explosion problem. Indeed, interlocking systems
-
Compositional Analysis of Probabilistic Timed Graph Transformation Systems Form. Asp. Comput. (IF 1.0) Pub Date : 2022-11-30 Maria Maximova, Sven Schneider, Holger Giese
The analysis of behavioral models is of high importance for cyber-physical systems, as the systems often encompass complex behavior based on e.g. concurrent components with mutual exclusion or probabilistic failures on demand. The rule-based formalism of Probabilistic Timed Graph Transformation Systems (PTGTSs) is a suitable choice when the models representing states of the system can be understood
-
A Debugging Game for Probabilistic Models Form. Asp. Comput. (IF 1.0) Pub Date : 2022-09-20 Hichem Debbi
One of the major advantages of model checking over other formal methods is its ability to generate a counterexample when a model does not satisfy is its specification. A counterexample is an error trace that helps to locate the source of the error. Therefore, the counterexample represents a valuable tool for debugging. In Probabilistic Model Checking (PMC), the task of counterexample generation has
-
Fast Automated Abstract Machine Repair Using Simultaneous Modifications and Refactoring Form. Asp. Comput. (IF 1.0) Pub Date : 2022-09-20 Cheng-Hao Cai, Jing Sun, Gillian Dobbie, Zhé Hóu, Hadrien Bride, Jin Song Dong, Scott Uk-Jin Lee
Automated model repair techniques enable machines to synthesise patches that ensure models meet given requirements. B-repair, which is an existing model repair approach, assists users in repairing erroneous models in the B formal method, but repairing large models is inefficient due to successive applications of repair. In this work, we improve the performance of B-repair using simultaneous modifications
-
Formal Verification of Transcendental Fixed- and Floating-point Algorithms using an Automatic Theorem Prover Form. Asp. Comput. (IF 1.0) Pub Date : 2022-09-19 Samuel Coward, Lawrence Paulson, Theo Drane, Emiliano Morini
We present a method for formal verification of transcendental hardware and software algorithms that scales to higher precision without suffering an exponential growth in runtimes. A class of implementations using piecewise polynomial approximation to compute the result is verified using MetiTarski, an automated theorem prover, which verifies a range of inputs for each call. The method was applied to
-
Probabilistic Bigraphs Form. Asp. Comput. (IF 1.0) Pub Date : 2022-09-19 Blair Archibald, Muffy Calder, Michele Sevegnani
Bigraphs are a universal computational modelling formalism for the spatial and temporal evolution of a system in which entities can be added and removed. We extend bigraphs to probabilistic bigraphs, and then again to action bigraphs, which include non-determinism and rewards. The extensions are implemented in the BigraphER toolkit and illustrated through examples of virus spread in computer networks
-
Algebra-Based Reasoning for Loop Synthesis Form. Asp. Comput. (IF 1.0) Pub Date : 2022-07-21 Andreas Humenberger, Daneshvar Amrollahi, Nikolaj Bjørner, Laura Kovács
Provably correct software is one of the key challenges of our software-driven society. Program synthesis—the task of constructing a program satisfying a given specification—is one strategy for achieving this. The result of this task is then a program that is correct by design. As in the domain of program verification, handling loops is one of the main ingredients to a successful synthesis procedure
-
Verification of Crashsafe Caching in a Virtual File System Switch Form. Asp. Comput. (IF 1.0) Pub Date : 2022-07-05 Stefan Bodenmüller, Gerhard Schellhorn, Wolfgang Reif
When developing file systems, caching is a common technique to achieve a performant implementation. Integrating write-back caches is not primarily a problem for functional correctness, but is critical for proving crash safety. Since parts of written data are stored in volatile memory, special care has to be taken when integrating write-back caches to guarantee that a power cut during a running operation
-
A Survey of Practical Formal Methods for Security Form. Asp. Comput. (IF 1.0) Pub Date : 2022-07-05 Tomas Kulik, Brijesh Dongol, Peter Gorm Larsen, Hugo Daniel Macedo, Steve Schneider, Peter W. V. Tran-Jørgensen, James Woodcock
In today’s world, critical infrastructure is often controlled by computing systems. This introduces new risks for cyber attacks, which can compromise the security and disrupt the functionality of these systems. It is therefore necessary to build such systems with strong guarantees of resiliency against cyber attacks. One way to achieve this level of assurance is using formal verification, which provides
-
The Development and Deployment of Formal Methods in the UK Form. Asp. Comput. (IF 1.0) Pub Date : 2022-07-05 Cliff B. Jones, Martyn Thomas
In addition to the major UK contributions to research underpinning formal approaches to the specification and development of computer systems—and perhaps as a consequence of this—some significant attempts to deploy the ideas into practical environments have taken place in the United Kingdom. The authors of this article have been involved in formal methods for many years and both had contact with a
-
Probabilistic Bigraphs Form. Asp. Comput. (IF 1.0) Pub Date : 2022-06-25 Blair Archibald, Muffy Calder, Michele Sevegnani
Bigraphs are a universal computational modelling formalism for the spatial and temporal evolution of a system in which entities can be added and removed. We extend bigraphs to probabilistic bigraphs, and then again to action bigraphs, which include non-determinism and rewards. The extensions are implemented in the BigraphER toolkit and illustrated through examples of virus spread in computer networks
-
Formal Verification of Transcendental Fixed and Floating Point Algorithms using an Automatic Theorem Prover Form. Asp. Comput. (IF 1.0) Pub Date : 2022-06-13 Samuel Coward, Lawrence Paulson, Theo Drane, Emiliano Morini
We present a method for formal verification of transcendental hardware and software algorithms that scales to higher precision without suffering an exponential growth in runtimes. A class of implementations using piecewise polynomial approximation to compute the result is verified using MetiTarski, an automated theorem prover, which verifies a range of inputs for each call. The method was applied to
-
A Debugging Game for Probabilistic Models Form. Asp. Comput. (IF 1.0) Pub Date : 2022-05-15 Hichem Debbi
One of the major advantages of model checking over other formal methods is its ability to generate a counterexample when a model does not satisfy is its specification. A counterexample is an error trace that helps to locate the source of the error. Therefore, the counterexample represents a valuable tool for debugging. In Probabilistic Model Checking (PMC), the task of counterexample generation has
-
Fast Automated Abstract Machine Repair Using Simultaneous Modifications and Refactoring Form. Asp. Comput. (IF 1.0) Pub Date : 2022-05-14 Cheng-Hao Cai, Jing Sun, Gillian Dobbie, Zhé Hóu, Hadrien Bride, Jin Song Dong, Scott Uk-Jin Lee
Automated model repair techniques enable machines to synthesise patches that ensure models meet given requirements. B-repair, which is an existing model repair approach, assists users in repairing erroneous models in the B formal method, but repairing large models is inefficient due to successive applications of repair. In this work, we improve the performance of B-repair using simultaneous modifications
-
A Case in Point: Verification and Testing of a EULYNX Interface Form. Asp. Comput. (IF 1.0) Pub Date : 2022-05-10 Mark Bouwman, Djurre van der Wal, Bas Luttik, Mariëlle Stoelinga, Arend Rensink
We present a case study on the application of formal methods in the railway domain. The case study is part of the FormaSig project, which aims to support the development of EULYNX — a European standard defining generic interfaces for railway equipment — using formal methods. We translate the semi-formal SysML models created within EULYNX to formal mCRL2 models. By adopting a model-centric approach
-
Tight Error Analysis in Fixed-point Arithmetic Form. Asp. Comput. (IF 1.0) Pub Date : 2022-05-04 Stella Simić, Alberto Bemporad, Omar Inverso, Mirco Tribastone
We consider the problem of estimating the numerical accuracy of programs with operations in fixed-point arithmetic and variables of arbitrary, mixed precision and possibly non-deterministic value. By applying a set of parameterised rewrite rules, we transform the relevant fragments of the program under consideration into sequences of operations in integer arithmetic over vectors of bits, thereby reducing
-
Algebra-Based Reasoning for Loop Synthesis Form. Asp. Comput. (IF 1.0) Pub Date : 2022-04-07 Andreas Humenberger, Daneshvar Amrollahi, Nikolaj Bjørner, Laura Kovács
Provably correct software is one of the key challenges of our software-driven society. Program synthesis – the task of constructing a program satisfying a given specification – is one strategy for achieving this. The result of this task is then a program which is correct by design. As in the domain of program verification, handling loops is one of the main ingredients to a successful synthesis procedure
-
Verification of Crashsafe Caching in a Virtual File System Switch Form. Asp. Comput. (IF 1.0) Pub Date : 2022-03-26 Stefan Bodenmüller, Gerhard Schellhorn, Wolfgang Reif
When developing file systems, caching is a common technique to achieve a performant implementation. Integrating write-back caches is not primarily a problem for functional correctness, but is critical for proving crash safety. Since parts of written data are stored in volatile memory, special care has to be taken when integrating write-back caches to guarantee that a power cut during a running operation
-
The development and deployment of formal methods in the UK Form. Asp. Comput. (IF 1.0) Pub Date : 2022-03-23 Cliff B. Jones, Martyn Thomas
In addition to the major UK contributions to research underpinning formal approaches to the specification and development of computer systems –and perhaps as a consequence of this– some significant attempts to deploy the ideas into practical environments have taken place in the UK. The authors of this paper have been involved in formal methods for many years and both had contact with a significant
-
A Survey of Practical Formal Methods for SecurityJust Accepted Form. Asp. Comput. (IF 1.0) Pub Date : 2022-03-15 Tomas Kulik, Brijesh Dongol, Peter Gorm Larsen, Hugo Daniel Macedo, Steve Schneider, Peter W. V. Tran-Jørgensen, James Woodcock
In today’s world, critical infrastructure is often controlled by computing systems. This introduces new risks for cyber attacks, which can compromise the security and disrupt the functionality of these systems. It is therefore necessary to build such systems with strong guarantees of resiliency against cyber attacks. One way to achieve this level of assurance is using formal verification, which provides
-
Editorial Form. Asp. Comput. (IF 1.0) Pub Date : 2021-12-21 Wolfgang Ahrendt, Silvia Lizeth Tapia Tarifa, Heike Wehrheim
No abstract available.
-
Editorial Form. Asp. Comput. (IF 1.0) Pub Date : 2021-12-21 Alessandro Fantechi, Anne E. Haxthausen, Jim Woodcock
No abstract available.
-
Editorial Form. Asp. Comput. (IF 1.0) Pub Date : 2021-12-21 Jordi Cabot, Heike Wehrheim, Eerke Boiten
No abstract available.