89 research outputs found
Automatic Verification Of TLA+ Proof Obligations With SMT Solvers
International audienceTLA+ is a formal specification language that is based on ZF set theory and the Temporal Logic of Actions TLA. The TLA+ proof system TLAPS assists users in deductively verifying safety properties of TLA+ specifications. TLAPS is built around a proof manager, which interprets the TLA+ proof language, generates corresponding proof obligations, and passes them to backend verifiers. In this paper we present a new backend for use with SMT solvers that supports elementary set theory, functions, arithmetic, tuples, and records. Type information required by the solvers is provided by a typing discipline for TLA+ proof obligations, which helps us disambiguate the translation of expressions of (untyped) TLA+, while ensuring its soundness. Preliminary results show that the backend can help to significantly increase the degree of automation of certain interactive proofs
Encoding TLA+ set theory into many-sorted first-order logic
We present an encoding of Zermelo-Fraenkel set theory into many-sorted
first-order logic, the input language of state-of-the-art SMT solvers. This
translation is the main component of a back-end prover based on SMT solvers in
the TLA+ Proof System
Verifying Safety Properties With the TLA+ Proof System
TLAPS, the TLA+ proof system, is a platform for the development and
mechanical verification of TLA+ proofs written in a declarative style requiring
little background beyond elementary mathematics. The language supports
hierarchical and non-linear proof construction and verification, and it is
independent of any verification tool or strategy. A Proof Manager uses backend
verifiers such as theorem provers, proof assistants, SMT solvers, and decision
procedures to check TLA+ proofs. This paper documents the first public release
of TLAPS, distributed with a BSD-like license. It handles almost all the
non-temporal part of TLA+ as well as the temporal reasoning needed to prove
standard safety properties, in particular invariance and step simulation, but
not liveness properties
TLA+ Proofs
TLA+ is a specification language based on standard set theory and temporal
logic that has constructs for hierarchical proofs. We describe how to write
TLA+ proofs and check them with TLAPS, the TLA+ Proof System. We use Peterson's
mutual exclusion algorithm as a simple example to describe the features of
TLAPS and show how it and the Toolbox (an IDE for TLA+) help users to manage
large, complex proofs.Comment: A shorter version of this article appeared in the proceedings of the
conference Formal Methods 2012 (FM 2012, Paris, France, Springer LNCS 7436,
pp. 147-154
BEval: A Plug-in to Extend Atelier B with Current Verification Technologies
This paper presents BEval, an extension of Atelier B to improve automation in
the verification activities in the B method or Event-B. It combines a tool for
managing and verifying software projects (Atelier B) and a model
checker/animator (ProB) so that the verification conditions generated in the
former are evaluated with the latter. In our experiments, the two main
verification strategies (manual and automatic) showed significant improvement
as ProB's evaluator proves complementary to Atelier B built-in provers. We
conducted experiments with the B model of a micro-controller instruction set;
several verification conditions, that we were not able to discharge
automatically or manually with AtelierB's provers, were automatically verified
using BEval.Comment: In Proceedings LAFM 2013, arXiv:1401.056
Harnessing SMT Solvers for TLA+ Proofs
International audienceTLA+ is a language based on Zermelo-Fraenkel set theory and linear temporal logic designed for specifying and verifying concurrent and distributed algorithms and systems. The TLA+ proof system TLAPS allows users to interactively verify safety properties of these systems. At the core of TLAPS, a proof manager interprets the proof language, generates corresponding proof obligations and passes them to backend provers. We recently developed a backend that relies on a typing discipline to encode (untyped) TLA+ formulas into multi-sorted first-order logic for SMT solvers. In this paper we present a different encoding of TLA+ formulas that does not require explicit type inference for TLA+ expressions. We also present a number of techniques based on rewriting in order to simplify the resulting formulas
Towards certification of TLA+ proof obligations with SMT solvers
International audienceTLA+ is a formal specification language that is based on Zermelo-Fränkel set theory and the Temporal Logic of Actions TLA. The TLA+ proof system TLAPS assists users in deductively verifying safety properties of TLA+ specifications. TLAPS is built around a proof manager, which interprets the TLA+ proof language, generates corresponding proof obligations, and passes them to backend verifiers. In this paper we present a new backend for use with SMT solvers that supports elementary set theory, functions, arithmetic, tuples, and records. We introduce a typing discipline for TLA+ proof obligations, which helps us to disambiguate the translation of expressions of (untyped) TLA+, while ensuring its soundness. Our work is a first step towards the certification of proofs generated by proof-producing SMT solvers in Isabelle/TLA+, which is intended to be the only trusted component of TLAPS
Extending ACL2 with SMT Solvers
We present our extension of ACL2 with Satisfiability Modulo Theories (SMT)
solvers using ACL2's trusted clause processor mechanism. We are particularly
interested in the verification of physical systems including Analog and
Mixed-Signal (AMS) designs. ACL2 offers strong induction abilities for
reasoning about sequences and SMT complements deduction methods like ACL2 with
fast nonlinear arithmetic solving procedures. While SAT solvers have been
integrated into ACL2 in previous work, SMT methods raise new issues because of
their support for a broader range of domains including real numbers and
uninterpreted functions. This paper presents Smtlink, our clause processor for
integrating SMT solvers into ACL2. We describe key design and implementation
issues and describe our experience with its use.Comment: In Proceedings ACL2 2015, arXiv:1509.0552
Encoding TLA+ into unsorted and many-sorted first-order logic
International audienceTLA+ is a specification language designed for the verification of concurrent and distributed algorithms and systems. We present an encoding of a non-temporal fragment of TLA+ into (unsorted) first-order logic and many-sorted first-order logic, the input languages of first-order automated theorem provers. The non-temporal subset of TLA+ is based on untyped set theory and includes functions, arithmetic expressions, and Hilbert's choice operator. The translation, based on encoding techniques such as boolification, injection of unsorted expressions into sorted languages, term rewriting, and abstraction, is the core component of a back-end prover based on first-order theorem provers and SMT solvers for the TLA+ Proof System
- …