17,870 research outputs found
A Dual-Engine for Early Analysis of Critical Systems
This paper presents a framework for modeling, simulating, and checking
properties of critical systems based on the Alloy language -- a declarative,
first-order, relational logic with a built-in transitive closure operator. The
paper introduces a new dual-analysis engine that is capable of providing both
counterexamples and proofs. Counterexamples are found fully automatically using
an SMT solver, which provides a better support for numerical expressions than
the existing Alloy Analyzer. Proofs, however, cannot always be found
automatically since the Alloy language is undecidable. Our engine offers an
economical approach by first trying to prove properties using a
fully-automatic, SMT-based analysis, and switches to an interactive theorem
prover only if the first attempt fails. This paper also reports on applying our
framework to Microsoft's COM standard and the mark-and-sweep garbage collection
algorithm.Comment: Workshop on Dependable Software for Critical Infrastructures (DSCI),
Berlin 201
Proof-Pattern Recognition and Lemma Discovery in ACL2
We present a novel technique for combining statistical machine learning for
proof-pattern recognition with symbolic methods for lemma discovery. The
resulting tool, ACL2(ml), gathers proof statistics and uses statistical
pattern-recognition to pre-processes data from libraries, and then suggests
auxiliary lemmas in new proofs by analogy with already seen examples. This
paper presents the implementation of ACL2(ml) alongside theoretical
descriptions of the proof-pattern recognition and lemma discovery methods
involved in it
An Efficient Algorithm for Monitoring Practical TPTL Specifications
We provide a dynamic programming algorithm for the monitoring of a fragment
of Timed Propositional Temporal Logic (TPTL) specifications. This fragment of
TPTL, which is more expressive than Metric Temporal Logic, is characterized by
independent time variables which enable the elicitation of complex real-time
requirements. For this fragment, we provide an efficient polynomial time
algorithm for off-line monitoring of finite traces. Finally, we provide
experimental results on a prototype implementation of our tool in order to
demonstrate the feasibility of using our tool in practical applications
Formally based semi-automatic implementation of an open security protocol
International audienceThis paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization of the protocol at an abstract level. This model is then formally proved to fulfill the desired secrecy and authentication properties by using the ProVerif prover. Finally, a sound Java implementation is semi-automatically derived from the verified model using an enhanced version of the Spi2Java framework. The resulting implementation correctly interoperates with third party servers, and its execution time is comparable with that of other manually developed Java SSH-TLP client implementations. This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation
Affine functions and series with co-inductive real numbers
We extend the work of A. Ciaffaglione and P. Di Gianantonio on mechanical
verification of algorithms for exact computation on real numbers, using
infinite streams of digits implemented as co-inductive types. Four aspects are
studied: the first aspect concerns the proof that digit streams can be related
to the axiomatized real numbers that are already axiomatized in the proof
system (axiomatized, but with no fixed representation). The second aspect
re-visits the definition of an addition function, looking at techniques to let
the proof search mechanism perform the effective construction of an algorithm
that is correct by construction. The third aspect concerns the definition of a
function to compute affine formulas with positive rational coefficients. This
should be understood as a testbed to describe a technique to combine
co-recursion and recursion to obtain a model for an algorithm that appears at
first sight to be outside the expressive power allowed by the proof system. The
fourth aspect concerns the definition of a function to compute series, with an
application on the series that is used to compute Euler's number e. All these
experiments should be reproducible in any proof system that supports
co-inductive types, co-recursion and general forms of terminating recursion,
but we performed with the Coq system [12, 3, 14]
- …