An Exercise in Invariant-based Programming with Interactive and Automatic Theorem Prover Support

Invariant-Based Programming (IBP) is a diagram-based correct-by-construction programming methodology in which the program is structured around the invariants, which are additionally formulated before the actual code. Socos is a program construction and verification environment built specifically to support IBP. The front-end to Socos is a graphical diagram editor, allowing the programmer to construct invariant-based programs and check their correctness. The back-end component of Socos, the program checker, computes the verification conditions of the program and tries to prove them automatically. It uses the theorem prover PVS and the SMT solver Yices to discharge as many of the verification conditions as possible without user interaction. In this paper, we first describe the Socos environment from a user and systems level perspective; we then exemplify the IBP workflow by building a verified implementation of heapsort in Socos. The case study highlights the role of both automatic and interactive theorem proving in three sequential stages of the IBP workflow: developing the background theory, formulating the program specification and invariants, and proving the correctness of the final implementation.Comment: In Proceedings THedu'11, arXiv:1202.453

Prototype solar power satellite options

The choice of options for the prototype solar power satellite is addressed relative to risk and cost. Emphasis is placed on the reduction of the risk of failure. Risk is the program cost multiplied by the reduction in probability of program success due to the risky action. Four classes of risk are identified. It is suggested that prototyping would reduce the technical risk as well as reduce the effects of the other three types of risk by allowing them to be quantified earlier. Prototype demonstration requirements addressed include electromagnetic power link feasibility demonstration, component integration verification, construction technology verification, and cost performance verification. Specific prototype requirements are listed and prototyping options are given in tabular form

Procedure-modular specification and verification of temporal safety properties

This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application

Space station structures and dynamics test program

The design, construction, and operation of a low-Earth orbit space station poses challenges for development and implementation of technology. One specific challenge is the development of a dynamics test program for defining the space station design requirements, and identifying and characterizing phenomena affecting the space station's design and development. The test proposal, as outlined, is a comprehensive structural dynamics program to be launched in support of the space station (SS). Development of a parametric data base and verification of the mathematical models and analytical analysis tools necessary for engineering support of the station's design, construction, and operation provide the impetus for the dynamics test program. The four test phases planned are discussed: testing of SS applicable structural concepts; testing of SS prototypes; testing of actual SS structural hardware; and on-orbit testing of SS construction

Modules and Logic Programming

We study conditions for a concurrent construction of proof-nets in the framework developed by Andreoli in recent papers. We define specific correctness criteria for that purpose. We first study closed modules (i.e. validity of the execution of a logic program), then extend the criterion to open modules (i.e. validity during the execution) distinguishing criteria for acyclicity and connectability in order to allow incremental verification